[PHP] Is there a GoTo Page Function?
As a complete newbie to PHP, and relative novice to html, this one has me stumped. Rather than wade through volumes of documentation, I thought I'd risk asking it here. After inserting variables from a fill-out html form into my database, I would like the form to goto the next html page, but I cannot figure out how to do this basic function. I assume that when one clicks a Submit button, the info is sent to the server, but how do you call a new page? [In my old Paradox PAL days, this was accomplished very easily. I cannot find a corresponding function either in PHP or html.] (I.e: Once a person clicks on Input type=submit value=Accept Is there a function that can redirect the form to a new form?) Any help here would be greatly appreciated (or pointers to a good working tutorial that covers this area!) Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the suffering souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet -- http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Is there a GoTo Page Function?
On Tuesday 05 March 2002 16:15, you wrote: Andre Dubuc wrote: As a complete newbie to PHP, and relative novice to html, this one has me stumped. Rather than wade through volumes of documentation, I thought I'd risk asking it here. After inserting variables from a fill-out html form into my database, I would like the form to goto the next html page, but I cannot figure out how to do this basic function. I assume that when one clicks a Submit button, the info is sent to the server, but how do you call a new page? [In my old Paradox PAL days, this was accomplished very easily. I cannot find a corresponding function either in PHP or html.] (I.e: Once a person clicks on Input type=submit value=Accept Is there a function that can redirect the form to a new form?) Any help here would be greatly appreciated (or pointers to a good working tutorial that covers this area!) Usually people will do one of two things: Make the action of the form tag point to the new page directly. That page would take care of any form data processing that needed to happen. OR Have the form call itself, then when it's done, use a HEADER tag with location: to redirect header(Location: newpage.php); Hope that helps. Michael Kimsal http://www.phphelpdesk.com 734-480-9961 Thanks Michael, Again, my 'newbieness' is going to be very apparent. For the first option you referenced the 'action of the form tag' -- what is that? Do you mean, as in 'form action=demo.php method=get'? Your second suggestion sounds like what I want to achieve, but I'm not clear as to what you mean or refer to: have the form call itself -- How do I do that? And secondly, where would I put the header tag: with the calling form or the called form? Oh, it's so embarassing to know so little :) Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the suffering souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet -- http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Is there a GoTo Page Function?
On Tuesday 05 March 2002 17:43, you wrote: On Tuesday, March 5, 2002, at 04:06 PM, Andre Dubuc wrote: After inserting variables from a fill-out html form into my database, I would like the form to goto the next html page, but I cannot figure out how to do this basic function. I assume that when one clicks a Submit button, the info is sent to the server, but how do you call a new page? When the submit button is hit, the form executes the script located at the URL specified in the action attribute of the form tag. So do this: $script_target = ./nameofscript.php; print form method=get action=$script_target. ; in your PHP. If you're new to this, don't worry about using PHP_SELF to call the same script, just make a new page with the code that handles the first page's data. But eventually you'll probably want to clean up your style and use switch() statements or if statements to keep it all in one page. (Right now I'm working on a 700-line monster that doesn't even include any HTML!) Erik Erik Price Web Developer Temp Media Lab, H.H. Brown [EMAIL PROTECTED] Hi Eric, Now that makes sense. I'm getting a better idea of how it works together. I figured there must be a way to control the Submit button's behaviour, but I didn't know where to look. Thanks again, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the suffering souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet -- http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Is there a GoTo Page Function?
Hi Hugh, Thanks - I can access the next page now. But I've got a new problem: even if the fields are all empty, a carriage return sends me off to the next form [Bad! Bad, form - that's not what I want you to do!] Where would you insert: if (!isset($name)) die (You need to fill in your name. Use the browser's back button and input this information.); I tried in the php database storage code (didn't work). Tried it after the appropriate 'Name' code in the form's html document. Didn't work. I know that it should work somewhere . . . . Somehow, I don't think the Submit function is working as it should (especially if a carriage return or Enter can override everything). Is there some code that will defeat this undesirable activity? Oh this is so much fun :) -- I love the long days and even longer nights. I'm glad I've got four months to put this new site together. Any insights and help will be greatly appreciated! Tia, Andre On Tuesday 05 March 2002 16:50, you wrote: Andre, Have your form action point to a page that has your database storage code, and nothing else (no screen output at all!). Have this page start with the ?php tag with nothing above the tag (no html and no blank lines either!). Once your storage is complete, then use the header(location: somepageyouname) to go to the page you have next in line. Oh, and make sure to use the ? to end your php code. Once you get the above to work, then you can add decision statements which will help qualify your data. (e.g. if (!isset($name)) die (You need to fill in your name. Use the browser's back button and input this information.);). Hope this helps, Hugh - Original Message - From: Michael Kimsal [EMAIL PROTECTED] To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Tuesday, March 05, 2002 1:15 PM Subject: [PHP] Re: Is there a GoTo Page Function? Andre Dubuc wrote: As a complete newbie to PHP, and relative novice to html, this one has me stumped. Rather than wade through volumes of documentation, I thought I'd risk asking it here. After inserting variables from a fill-out html form into my database, I would like the form to goto the next html page, but I cannot figure out how to do this basic function. I assume that when one clicks a Submit button, the info is sent to the server, but how do you call a new page? [In my old Paradox PAL days, this was accomplished very easily. I cannot find a corresponding function either in PHP or html.] (I.e: Once a person clicks on Input type=submit value=Accept Is there a function that can redirect the form to a new form?) Any help here would be greatly appreciated (or pointers to a good working tutorial that covers this area!) Usually people will do one of two things: Make the action of the form tag point to the new page directly. That page would take care of any form data processing that needed to happen. OR Have the form call itself, then when it's done, use a HEADER tag with location: to redirect header(Location: newpage.php); Hope that helps. Michael Kimsal http://www.phphelpdesk.com 734-480-9961 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the suffering souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet -- http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Is there a GoTo Page Function?
On Tuesday 05 March 2002 19:20, you wrote: On Tuesday, March 5, 2002, at 07:01 PM, Andre Dubuc wrote: Now that makes sense. I'm getting a better idea of how it works together. I figured there must be a way to control the Submit button's behaviour, but I didn't know where to look. Yep, the submit input tells the form go do your thing, but the form already knew where to go (because you specify where to go in the 'action' attribute). The form also knows how to go -- whether it should be POST or GET. Without realizing it, you'll be learning more about the HTTP protocol itself as you start writing scripts that take advantage of its features. Where would you insert: if (!isset($name)) die (You need to fill in your name. Use the browser's back button and input this information.); I tried in the php database storage code (didn't work). Tried it after the appropriate 'Name' code in the form's html document. Didn't work. I know that it should work somewhere . . . . Somehow, I don't think the Submit function is working as it should (especially if a carriage return or Enter can override everything). Is there some code that will defeat this undesirable activity? Firstly, your browser is what determines how the form is sent -- but usually, it's normal for the Enter key to act as the Submit button (a nice keyboard shortcut that I take advantage myself). It should not act in this fashion if you are typing into a textarea tag, because you might want to enter newlines/cr's in the textarea, but for most other form fields it's normal. If you want to jump from one field to the next with a key press, use tab. Secondly, you're wondering where to check for the presence of the data? How about this: ?php function print_name_form() { print pinput type=\text\ name=\name\ //p; } if (!$_POST['name']) { print pYou need to fill in your name./p; print_name_form(); } else { print pThank you!/p; } ? Why did I define a function in the beginning? Well, this way, if the user didn't enter a name, they don't have to hit back in their browser. The form just appears again. This is much more useful if you have this same function accessible from each page/script you are writing, so that you don't have to waste your time. Later, when you learn how to check for errors in your user's input (such as if the user entered a bunch of numbers instead of a name), this will come in handy so that you can save the user's legitimate values but ask them to re-enter their invalid values. That gets kind of technical, but it's one of the sweet things about functions, that they are reuseable. Erik Hi Erik, And thanks again! I like the 'function print_name_form()' -- I gather you could do this for all the NOT NULL variables that a form requires. Further, would you just change the print_name to 'print_whatever-other-variable' that I would want to check? Is there another way to consolidate the code at this point? Or would I just duplicate the code for each not-null variable? [Btw, I sometimes long for the old Paradox PAL code that seemed so difficult at the time I learnt it -- PHP is very similar, but the syntax seems so much more compact.] While we're on the topic of fields ('input type=text) is there anyway to include a non-printing space in the data entry, say for 'Name, that would not be passed to the database? Thus, on the screen it would appear: Name: [non-printing space]Andre but in the database entry: Name:Andre This isn't a pressing question, and probably is a formatting question, but I wonder if it's possible? Tia, Andre Erik Price Web Developer Temp Media Lab, H.H. Brown [EMAIL PROTECTED] -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the suffering souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet -- http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Is there a GoTo Page Function?
Hugh, Food? What's that? [Btw, my wife would love you. She seems to think I spend too much time in here . . .] Thanks for the help. I sort of figured I'd have to make a php page to call the error codes, then call another for the actual database stuff. At least, I'll be able to find my errors quicker. Later, when I understand things a bit better, I'll clean up that mess! [I've actualy got three forms working now -- I'm amazed!] Gosh, the output is ugly, though! I can't seem to line up the input boxes with those horrible nbsp and since the text name before it varies . . . sigh . . . someday I'll figure that out! Regards, Andre On Tuesday 05 March 2002 23:51, you wrote: Andre, Yes, the html page with your input form effectively ends with the /form tag so any decision statements on that page past that tag would miss the form input. So, put any decision statements on the php page where you've put your database code. I'm sure someone will educate me on the above statements, and I'll likely deserve it. When you eventually use the $php_self call, you can put everything on one page above the form start. You can have as many ?php ? calls on an html page as is needed to complete your tasks. However, I use php to do some rather complex math (it's complex to me at least), so I got in the habit of using php throughout a page without breaking out for html. For me it is more readable. My $00.02 on books, I bought a Sams 24 hour book on php for $25, and it got me off the ground. The online manuals for php and mysql have also been invaluable. Save your money, buy food instead. Hope this helps, Hugh - Original Message - From: Andre Dubuc [EMAIL PROTECTED] To: hugh danaher [EMAIL PROTECTED] Sent: Tuesday, March 05, 2002 6:35 PM Subject: Re: [PHP] Is there a GoTo Page Function? Hi Hugh, Well, actually my next question you've sort of answered: Where do I put this code? With all the new information coming at me, I haven't had time to think it through -- but I gather from your response, the answer would be: 'Put it before the database code rather than in the html page.' Am I correct? One other question: I gather it's OK to have multiple instances of ?php ? on the same html page or in the same php page? I realize that these are pretty fundamental questions. As soon as I can scrape up eighty dollars I'll buy a book on PHP and another on HTML. In the meantime, I would greatly appreciate it if you could clear up these basic assumptions for me. Thanks for your help! Tia, Andre On Tuesday 05 March 2002 20:36, you wrote: Andre, My note on decision lines was in anticipation of your next question/problem of How do I handle things if the user doesn't fill in his name, address, whatever? My solution is check to see if the cell is filled and if not then quit the database storage and tell the person to fill in the info. I first check to see if the data is set and if not, send a message. This would come before wasting your time storing anything. There are many other methods to check user input but I learned the if (!isset($something)) die() method first, and to me it's the most straight forward. Hope this helps, Hugh - Original Message - From: Andre Dubuc [EMAIL PROTECTED] To: Erik Price [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Tuesday, March 05, 2002 4:56 PM Subject: Re: [PHP] Is there a GoTo Page Function? On Tuesday 05 March 2002 19:20, you wrote: On Tuesday, March 5, 2002, at 07:01 PM, Andre Dubuc wrote: Now that makes sense. I'm getting a better idea of how it works together. I figured there must be a way to control the Submit button's behaviour, but I didn't know where to look. Yep, the submit input tells the form go do your thing, but the form already knew where to go (because you specify where to go in the 'action' attribute). The form also knows how to go -- whether it should be POST or GET. Without realizing it, you'll be learning more about the HTTP protocol itself as you start writing scripts that take advantage of its features. Where would you insert: if (!isset($name)) die (You need to fill in your name. Use the browser's back button and input this information.); I tried in the php database storage code (didn't work). Tried it after the appropriate 'Name' code in the form's html document. Didn't work. I know that it should work somewhere . . . . Somehow, I don't think the Submit function is working as it should (especially if a carriage return or Enter can override everything). Is there some code that will defeat this undesirable activity? Firstly, your browser is what determines how the form is sent
Re: [PHP] Is there a GoTo Page Function?
Thanks Jim, Now that looks better. New problem: in one of the almost identical tables I've used it in, the title for each row is in black and not the color that the page text is set for. The other table is correctly set. Any idea what would cause the discrepancy? Tia, Andre On Wednesday 06 March 2002 00:43, you wrote: Whack your text and input boxes in different cells of a table,.. use align (or nowadays an appropriate style setting) and that should get your things lined up :-) Andre Dubuc [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hugh, Food? What's that? [Btw, my wife would love you. She seems to think I spend too much time in here . . .] Thanks for the help. I sort of figured I'd have to make a php page to call the error codes, then call another for the actual database stuff. At least, I'll be able to find my errors quicker. Later, when I understand things a bit better, I'll clean up that mess! [I've actualy got three forms working now -- I'm amazed!] Gosh, the output is ugly, though! I can't seem to line up the input boxes with those horrible nbsp and since the text name before it varies . . . sigh . . . someday I'll figure that out! Regards, Andre On Tuesday 05 March 2002 23:51, you wrote: Andre, Yes, the html page with your input form effectively ends with the /form tag so any decision statements on that page past that tag would miss the form input. So, put any decision statements on the php page where you've put your database code. I'm sure someone will educate me on the above statements, and I'll likely deserve it. When you eventually use the $php_self call, you can put everything on one page above the form start. You can have as many ?php ? calls on an html page as is needed to complete your tasks. However, I use php to do some rather complex math (it's complex to me at least), so I got in the habit of using php throughout a page without breaking out for html. For me it is more readable. My $00.02 on books, I bought a Sams 24 hour book on php for $25, and it got me off the ground. The online manuals for php and mysql have also been invaluable. Save your money, buy food instead. Hope this helps, Hugh - Original Message - From: Andre Dubuc [EMAIL PROTECTED] To: hugh danaher [EMAIL PROTECTED] Sent: Tuesday, March 05, 2002 6:35 PM Subject: Re: [PHP] Is there a GoTo Page Function? Hi Hugh, Well, actually my next question you've sort of answered: Where do I put this code? With all the new information coming at me, I haven't had time to think it through -- but I gather from your response, the answer would be: 'Put it before the database code rather than in the html page.' Am I correct? One other question: I gather it's OK to have multiple instances of ?php ? on the same html page or in the same php page? I realize that these are pretty fundamental questions. As soon as I can scrape up eighty dollars I'll buy a book on PHP and another on HTML. In the meantime, I would greatly appreciate it if you could clear up these basic assumptions for me. Thanks for your help! Tia, Andre On Tuesday 05 March 2002 20:36, you wrote: Andre, My note on decision lines was in anticipation of your next question/problem of How do I handle things if the user doesn't fill in his name, address, whatever? My solution is check to see if the cell is filled and if not then quit the database storage and tell the person to fill in the info. I first check to see if the data is set and if not, send a message. This would come before wasting your time storing anything. There are many other methods to check user input but I learned the if (!isset($something)) die() method first, and to me it's the most straight forward. Hope this helps, Hugh - Original Message - From: Andre Dubuc [EMAIL PROTECTED] To: Erik Price [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Tuesday, March 05, 2002 4:56 PM Subject: Re: [PHP] Is there a GoTo Page Function? On Tuesday 05 March 2002 19:20, you wrote: On Tuesday, March 5, 2002, at 07:01 PM, Andre Dubuc wrote: Now that makes sense. I'm getting a better idea of how it works together. I figured there must be a way to control the Submit button's behaviour, but I didn't know where to look. Yep, the submit input tells the form go do your thing, but the form already knew where to go (because you specify where to go in the 'action' attribute). The form also knows how to go --
[PHP] Selecting a Queried Row
As a newbie at PHP (and relative newcomer to HTML and web design) I've been wading through documentation trying to accomplish various tasks. However, I'm stumped on how to proceed with the following: I would like a web vistor to be able to select a row from a table that has been generated from a query. The problem is I don't know how to code a paricular column (using the present td . . /td syntax of the table) so that each cell would have a clickable element (perhaps the 'ID' number). Once that cell is clicked, I would like to code 'onclick=some_function()' Does this sound reasable way of approaching the problem, or is there a better way. [Btw, at present, while learning PHP, I am using global_variables=on, but would like to try $PHP_SELF method to pick up session variables.] Any help would be greatly appreciated, as well as pointers of where to look! Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the suffering souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet -- http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Selecting a Queried Row
Hi Hugh, Thank you so much for the code: it's exactly what I was looking for. Sorry about the delay in replying: we had a major power outage: went out Saturday at 8 p.m. and we finally got it back Monday at 3:15p.m. (with multiple on/offs!). The phone went dead as well. Great fun! Anyway, I'd like to get back to you, once I get some files back in order. that were messed up forrm the crash shutdowns. Thanks again, Andre On Saturday 09 March 2002 21:02, you wrote: Andre, The following code block is from a site I'm developing for a local museum. The site is now located at www.ironorchid.com/museum/ but will move eventually to its own site. In it, I have a list of the landmark trees, with links to a map showing the location of the tree, a link to maps.yahoo.com to get a detailed map of the location and or driving directions, and links to show all the trees in an area of the city. In other words, the table is link crazy--sounded enough like what you want to do that I responded to your question. All of the data in the html table comes from a mysql database with three database tables (heritage, trees, sites). If you use the mysql_fetch_array() command in a WHILE statement, you create an array of the row or rows resultant from your query and have the mysql column titles as your array keys. You can then use the a href= html tag to put a link under the words in your table cells and generate the html code to go to the next row of data. As I said earlier, I have the bad habit of writing everything in php once I need it on a page, so the code block might be a bit hard to read. Let me know if you need further details on what's provide. Hope this helps, Hugh ?php print table align=center bgcolor=white cellspacing=0 cellpadding=4 border=1 ; print tr bgcolor=Cornsilktdh5bID # a href=list.php title=\scientific name\bCommon Name/b/a/h5/tdtdh5bAddress/b/h5/tdtdh5bDistrict/ b /h5/td/tr; $db=some_database; $pass=some_password; $link=mysql_connect(localhost,,$pass); if (! $link) die(Can't log in at this time); mysql_select_db($db,$link) or die (Can't log in at this time); $query=select * from heritage where asset_num'0' order by asset_num; $result=mysql_query($query); if (!$result) die(mysql_error()); while ($heritage=mysql_fetch_array($result)) { $query2=select * from trees where id='.$heritage['plant_num'].' ; $result2=mysql_query($query2); $trees=mysql_fetch_array($result2); $query3=select * from sites where plant_num='.$heritage['plant_num'].' ; $result3=mysql_query($query3); $num=0; while ($sites=mysql_fetch_array($result3)) { $links[$num]=$sites['link']; $num=$num+1; } print trtd valign=top align=leftpa href=mapmastr.php?list1=1tree=1coordinate_x=.$heritage['x'].coordinate _ y=.$heritage['y']. title=\.stripslashes($trees['scientific_name']). native to .$trees['native_to'].\ nbsp;.$heritage['asset_num']. nbsp;.stripslashes($trees['common_name'])./a/p/td td valign=top align=leftpa href=http://maps.yahoo.com/py/maps.py?BFCat=Pyt=TmapnewFL=Use+Address+Bel o waddr=.ereg_replace ( , +, stripslashes($heritage['address'])).csz=.$heritage['zip'].Country=usG e t%A0Map=Get+Map title=\go to maps.yahoo.com to get a map of this address\ nbsp;.stripslashes($heritage['address'])./a/p/td td valign=top align=leftpa href=mapmastr.php?district=.$heritage['town_name']. title=\see the location of all Landmark Trees in the .$heritage['town_name']. District\ nbsp;.$heritage['town_name']./a/td/tr; } mysql_close($link); print /table; ? - Original Message - From: Andre Dubuc [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Saturday, March 09, 2002 4:12 PM Subject: [PHP] Selecting a Queried Row As a newbie at PHP (and relative newcomer to HTML and web design) I've been wading through documentation trying to accomplish various tasks. However, I'm stumped on how to proceed with the following: I would like a web vistor to be able to select a row from a table that has been generated from a query. The problem is I don't know how to code a paricular column (using the present td . . /td syntax of the table) so that each cell would have a clickable element (perhaps the 'ID' number). Once that cell is clicked, I would like to code 'onclick=some_function()' Does this sound reasable way of approaching the problem, or is there a better way. [Btw, at present, while learning PHP, I am using global_variables=on, but would like to try $PHP_SELF method to pick up session variables.] Any help would be greatly appreciated, as well as pointers of where to look! Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the suffering souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet -- http://www.webhart.net/csrb/ -- PHP General Mailing List
[PHP] Using Switch to control form action . .
I'd like to control which php file is called when clicking two buttons on the bottom of a form; one called Add Names, the other Submit I've tried the following with no success: *** form action= switch ($name) { case add: rap.php method get; break; case submit: rap2.php method get; break; } . . . input type=submit name=add value=Add Names input type=submit name=submit value=Submit /form ** I'm still a newbie, and this is the first time I've tried to use a switch statement. I've probably performed an illegal operation by splitting the form action . . statement. Is there any other way of accomplishing a change of action? This seems so clumsy -- and also, since the clicking occurs only after all info is entered, does the info actually get stored anywhere prior to clicking or pressing Enter? Btw, I've also tried putting this switch statement after the input ... code, and also tried if statements. It usually defaults to whatever is loaded, and doesn't respond to the if or switch statements. I'd appreciate any help on this -- or pointers where to look. Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the suffering souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet -- http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Using Switch to control form action . .
Thanks Miguel, I sort of figured I wasn't doing something right. Thanks for setting me straight on switching between html and php. Sort of basic, but I didn't know whether I needed to do that everytime. Sorry for the delay in replying -- just as I received your message, we had company over. Regards, Andre On Friday 15 March 2002 19:41, you wrote: On Fri, 15 Mar 2002, Andre Dubuc wrote: I'd like to control which php file is called when clicking two buttons on the bottom of a form; one called Add Names, the other Submit I've tried the following with no success: *** form action= switch ($name) { case add: rap.php method get; break; case submit: rap2.php method get; break; } . . . input type=submit name=add value=Add Names input type=submit name=submit value=Submit /form ** I'm still a newbie, and this is the first time I've tried to use a switch statement. I've probably performed an illegal operation by splitting the form action . . statement. Yup, you're not switching between HTML and PHP properly. Whenever you switch between literal HTML code (which is processed by the browser at the end of the transmission) and PHP code (which is processed by the server before the transmission), you need to indicate this to the server. Try this: form action=? switch ($name) { case add: ?rap.php? break; case submit: ?rap2.php? break; } ? method=getinput type=submit name=add value=Add Names input type=submit name=submit value=Submit /form Notice that all the PHP code is enclosed between ? and ?. I switched back and forth liberally (normally, for the sake of readability, I'd probably do print 'rap.php;' instead of ?rap.php?) so you could see how it's possible to switch more or less at any moment. miguel -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the suffering souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet -- http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Using Switch to control form action . .
Thanks Justin, It wasn't pseudo code -- I just didn't know what I was doing! : I didn't know I had to brace php code with ?php . . . ?. I like your method as well -- I'll give it a try. Thanks for replying, Regards, Andre On Friday 15 March 2002 19:58, you wrote: I haven't had any experience with switch at all, but I do have forms with multiple submit buttons. I've been running things slightly differently: FORM action=rap.php method=post ... input type=submit name=submit value=Add Names input type=submit name=submit value=Submit /FORM Then rap.php has a basic if statement: ? if($submit == Add names) { ... do this ... } elseif($submit == Submit) { ... do this ... } else { ... they didn't click a button, maybe pressed enter, so there's no submit value ... } ? Otherwise, the code you have below seems to be missing some ? ?'s around the PHP, but it might be psuedo code. Good luck, Justin French Andre Dubuc wrote: I'd like to control which php file is called when clicking two buttons on the bottom of a form; one called Add Names, the other Submit I've tried the following with no success: *** form action= switch ($name) { case add: rap.php method get; break; case submit: rap2.php method get; break; } . . . input type=submit name=add value=Add Names input type=submit name=submit value=Submit /form ** I'm still a newbie, and this is the first time I've tried to use a switch statement. I've probably performed an illegal operation by splitting the form action . . statement. Is there any other way of accomplishing a change of action? This seems so clumsy -- and also, since the clicking occurs only after all info is entered, does the info actually get stored anywhere prior to clicking or pressing Enter? Btw, I've also tried putting this switch statement after the input ... code, and also tried if statements. It usually defaults to whatever is loaded, and doesn't respond to the if or switch statements. I'd appreciate any help on this -- or pointers where to look. Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the suffering souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet -- http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the suffering souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet -- http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Formatting input text?
I wonder whether this is possible? I would like to format a text input so that the first letter of the input (as the user is typing it in) would automatically be converted to Uppercase (capitals). Furthermore, if it is possible, I would like to pre-format the date input type=text so that only numbers or dashes could be entered. I really enjoyted this capablity in Paradox PAL language. Does anything exist that would allow me to do this in PHP? An example: Code tdbSurname/b/td tdinput type=text name=rap/td Screen (and into database) Surname: blackwould be converted as they type to Surname: Black Any suggestions or advice would be greatly appreciated. Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the suffering souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet -- http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Formatting input text?
Hi Edward, If I wanted to avoid Javascript, could I still accomplish this in PHP? Regards, Andre On Saturday 16 March 2002 13:33, you wrote: Just use javascript... (be careful, what works with IE, doesn't automatically work with Netscape)... Greets, Edward - Original Message - From: Andre Dubuc [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Saturday, March 16, 2002 4:44 PM Subject: [PHP] Formatting input text? I wonder whether this is possible? I would like to format a text input so that the first letter of the input (as the user is typing it in) would automatically be converted to Uppercase (capitals). Furthermore, if it is possible, I would like to pre-format the date input type=text so that only numbers or dashes could be entered. I really enjoyted this capablity in Paradox PAL language. Does anything exist that would allow me to do this in PHP? An example: Code tdbSurname/b/td tdinput type=text name=rap/td Screen (and into database) Surname: blackwould be converted as they type to Surname: Black Any suggestions or advice would be greatly appreciated. Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the suffering souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet -- http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the suffering souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet -- http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Trap CR or Enter possible?
In one of my php pages, I have a form that requires the user to click Search for Surname. If however they press Enter, undesirable effects occur. I've successfully trapped if an empty string is in the input type=text, but Enter eludes my efforts to trap it for an appropriate Educational message about following instructions : ie: if ($sname == ) {echo Please enter a Surname and click Search for Surname'., exit;} if (eregi(\r == true) {exit;} // something tells me this isn't correct!! Any ideas how I can accomplish this -- the code is asking for search criteria for a query into PostgreSQL (it's coded between ?php . . . ?) Any ideas, suggestions, or where to look would be appreciated. Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the suffering souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet -- http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Trap CR or Enter possible?
Thanks Martin, I forgot to mention: I would like to accomplish this using PHP since I'm not using Javascript. Will this still work with straight html? regards, Andre On Thursday 21 March 2002 21:39, you wrote: do it in html/javascript like this: form action=http://www.somewhere.com/; method=get onSubmit=return (this.okay.value != 'no'); input type=hidden name=okay value=no input type=text input type=submit onClick=this.form.okay.value = 'yes'; /form -Original Message- From: Andre Dubuc [mailto:[EMAIL PROTECTED]] Sent: Friday, March 22, 2002 1:39 PM To: [EMAIL PROTECTED] Subject: [PHP] Trap CR or Enter possible? In one of my php pages, I have a form that requires the user to click Search for Surname. If however they press Enter, undesirable effects occur. I've successfully trapped if an empty string is in the input type=text, but Enter eludes my efforts to trap it for an appropriate Educational message about following instructions : ie: if ($sname == ) {echo Please enter a Surname and click Search for Surname'., exit;} if (eregi(\r == true) {exit;} // something tells me this isn't correct!! Any ideas how I can accomplish this -- the code is asking for search criteria for a query into PostgreSQL (it's coded between ?php . . . ?) Any ideas, suggestions, or where to look would be appreciated. Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the suffering souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet -- http://www.webhart.net/csrb/ -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the suffering souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet -- http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Adding Text Input in a SELECT drop-down list
I have written, in an html form, a drop-downlist that uses SELECT: i.e. SELECT NAME=state OPTION SELECTEDState OPTIONAL OPTIONAZ OPTION// and so on I would like a text input as the last option so that a user can type in a state (non-USA) and have this variable passed on. Is there any way of accomplishing this using html or php? Any help would be greatly appreciated, Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the suffering souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet -- http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Adding Text Input in a SELECT drop-down list
On Saturday 23 March 2002 19:45, you wrote: On Sat, 23 Mar 2002, Andre Dubuc wrote: I have written, in an html form, a drop-downlist that uses SELECT: i.e. SELECT NAME=state OPTION SELECTEDState OPTIONAL OPTIONAZ OPTION// and so on I would like a text input as the last option so that a user can type in a state (non-USA) and have this variable passed on. Is there any way of accomplishing this using html or php? It's not possible. You'll have to put a separate text input field next to it. miguel \ Thanks Miguel. Too bad, since a few sites seem to have that capability. Oh well . . Regards, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the suffering souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet -- http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Adding Text Input in a SELECT drop-down list
On Saturday 23 March 2002 19:57, you wrote: If you've seen it on other sites (I can't see how, since there's no support for it in the HTML spec), then why not just look at the source? Too bad, since a few sites seem to have that capability. Oh well . . Regards, Andre -- Unfortunately, my bookmarks were lost when I re-installed. It was a major site, and I don't remember which one. Oh well, I'll keep looking . . . Thanks, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the suffering souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet -- http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Switching from Register_Globals=On
To prototype my site, I've used register_globals=on, and track_vars=on. I'm at the point where I would like to switch the globals off', and prepare the site for production use. My problem is that I don't know how to implement the use of $HTTP_SESSION_VARS or $_SESSION in my webapages (or where to put the if (isset($_SESSION . . .) I assumed the logical place would be at the opening page (index.php) that has the menu structure. I put the call the if(isset . . .) right at the top of this page (before the HTML), and the page loads. However, when I call other pages and attempt to call up the database conection, I get an undefined function error [ Btw: everything worked great with globals=on]. What I'm not clear on: if I'm using $HTTP_SESSION_VARS or $_SESSION do I have to put something declaring such on every page that I've written (at this point there are 47 of them)? Or do I declare a session on the opening page? I assumed that by doing so, with track_vars enabled, the vars would automatically be transferred to each new page within the session. Am I missing something here? All my variables are in the form of $sfname or $rcity, and so on. I've read the manual on Session handling functions, but I must have a thick block on this concept . What should I do now that I want to use $HTTP_SESSION_VARS or $_SESSION ? How do I implement it on secondary pages? Will I be facing a major re-write of all my code? [Gulp :] Any help or pointers where to read up would be greatly appreciated. Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Switching from Register_Globals=On
Thanks Matt, Actually, at this point, I've reverted back to register_globals=on until I figure out what's the best way to do this. So far, I have no references to session_register() on any page. In your opinion, should I go with $_SESSION or use the other approach, $HTTP_SESSION_VARS. I gather I've some fun ahead with #3! If I use $HTTP_SESSION_VARS, will I still need to do this? Tia, Andre On Saturday 13 April 2002 07:53 am, you wrote: I've read the manual on Session handling functions, but I must have a thick block on this concept . What should I do now that I want to use $HTTP_SESSION_VARS or $_SESSION ? How do I implement it on secondary pages? Will I be facing a major re-write of all my code? [Gulp :] Yes. 1. You must use session_start() on every page with sessions because session_register() won't work with the associative arrays. 2. Every reference to session_register must come out and replaced with the code to set the session var $_SESSION[]. These two actions are probably at different places in the script, so remove the reference to session_start, and at: 3. Every reference in every script to a global session var will need to be replaced with a reference to $_SESSION['rcity']; 4. You'll also need to change any references to session session_unregister to unset($_SESSION['rcity']). Read the notes in the manual, as you can't mix the use of $_SESSION and session_register(), session_unset(), etc. If you use the arrays, everything must be done with the arrays. I'd suspect the reference to undefined function is caused by a typo and placing a $ in front of a function name such as $session_start(). -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Switching from Register_Globals=On
Thanks Matt. Well, I guess the best time to start is now. I'll use $_SESSION -- sounds like less work. Wish I had used them to begin with . . . but back then, I only had two pages -- I sort of forgot to switch over while coding. Thanks for your advice, Regards, Andre On Saturday 13 April 2002 08:19 am, you wrote: So far, I have no references to session_register() on any page. In your opinion, should I go with $_SESSION or use the other approach, $HTTP_SESSION_VARS. So you'll need to replace the first reference to session_register() with a session_start(); I gather I've some fun ahead with #3! If I use $HTTP_SESSION_VARS, will I still need to do this? Yes, you have a lot of work to do. You should use $_SESSION[] if you're on php 4.1+ because is a magic global and you won't need to global it inside functions. That makes the arrays much easier to use. You should use one or the other arrays and don't mix them. Plus $_SESSION is less typing. The hard part is making sure you find all of the references to the old global session vars. Also, don't forget that the get and post vars won't be globals and you have the reference them through the $_GET/$_POST arrays. -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Modifying the sort order of a query
Apache 1.3.23 + PHP 4.1.2 + PostgreSQL 7.2 I have a query that sorts by name, country, and city, then pages in groups of 30 records. Originally, I had also coded two buttons: Sort by Country', 'Sort by City' since I wanted to offer users the options of these choices. Unfortunately, these buttons work well, but re-select the whole shebang (which I guess is to be expected), destroying any paging that had already started. I've tried all sorts of ways, tried re-arranging the order of execution, but the result is the same. I'm at a loss on how to proceed. I've deleted the choice (for now) and run it as a simple select order by name query.The problem seems to be: I need a sub-query select function that retains the original query, simply re-organizing it according to the new criteria, and retains the original paging. (Perhaps I shouldn't care whether the paging is messed up as long as the results are the same.) I realize that the way it's set up below, it will automatically send a NEW query, which is not what I want. I'd like to work with the results of the original query and modify it with the new criteria Any suggestions how I can achieve this, or whether it's even possible? I would greatly appreciate any assistance or comments. ** Snippet of offending code: ?php //snippet follows: print input type=submit name=submit value=Sort by City; print nbsp;; print input type=submit name=submit value=Sort by Country; // more code if($_POST['submit'] == Sort by Name){ $query = SELECT * FROM rap ORDER BY rsname,rfname,rcountry,rcity,DESC LIMIT 30 OFFSET 30; } elseif($_POST['submit'] == Sort by Country){ $query = SELECT * FROM rap ORDER BY rcountry,rcity,rsname,rfname DESC LIMIT 30 OFFSET 30; } //more code, including paging functions ? Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Modifying the sort order of a query
Thanks Miguel, I haven't tried the sub-query approach yet, but that does seem to be the way to do this. My fear is that it will trash the current paging (which took forever to get working with the current setup). Actually, after trying my original code again in another smaller select function, I'm wondering whether I even need this refined search option -- it might be a case of 'overkill'. Still, it's got my curiosity going. The problem seems to be centered on how I wrote the original code (it's amzing how it's changed!). I think I'll have to re-write using switch functions to clarify exactly what I want it to do. Regards, Andre On Wednesday 05 June 2002 09:43 pm, you wrote: My understanding was that he wanted to see the same 30 rows, but sorted in a different way. For instance, he wanted to see entries 30-60 as sorted by age, but to have those sorted by height when displayed. miguel On Thu, 6 Jun 2002, Bogdan Stancescu wrote: That's at least curious - limiting and offsetting will most certainly affect the results which are then sorted... I don't think that's what he was after. Just my 2c. Bogdan Miguel Cruz wrote: Try a sub-select: SELECT * FROM (SELECT * FROM rap ORDER BY rcountry,rcity,rsname,rfname DESC LIMIT 30 OFFSET 30) ORDER BY whatever; miguel On Wed, 5 Jun 2002, Andre Dubuc wrote: Apache 1.3.23 + PHP 4.1.2 + PostgreSQL 7.2 I have a query that sorts by name, country, and city, then pages in groups of 30 records. Originally, I had also coded two buttons: Sort by Country', 'Sort by City' since I wanted to offer users the options of these choices. Unfortunately, these buttons work well, but re-select the whole shebang (which I guess is to be expected), destroying any paging that had already started. I've tried all sorts of ways, tried re-arranging the order of execution, but the result is the same. I'm at a loss on how to proceed. I've deleted the choice (for now) and run it as a simple select order by name query.The problem seems to be: I need a sub-query select function that retains the original query, simply re-organizing it according to the new criteria, and retains the original paging. (Perhaps I shouldn't care whether the paging is messed up as long as the results are the same.) I realize that the way it's set up below, it will automatically send a NEW query, which is not what I want. I'd like to work with the results of the original query and modify it with the new criteria Any suggestions how I can achieve this, or whether it's even possible? I would greatly appreciate any assistance or comments. *** *** Snippet of offending code: ?php //snippet follows: print input type=submit name=submit value=Sort by City; print nbsp;; print input type=submit name=submit value=Sort by Country; // more code if($_POST['submit'] == Sort by Name){ $query = SELECT * FROM rap ORDER BY rsname,rfname,rcountry,rcity,DESC LIMIT 30 OFFSET 30; } elseif($_POST['submit'] == Sort by Country){ $query = SELECT * FROM rap ORDER BY rcountry,rcity,rsname,rfname DESC LIMIT 30 OFFSET 30; } //more code, including paging functions ? *** * Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Modifying the sort order of a query
Thanks John, That looks promising, but the question remains -- would it affect the current paging? I really don't wnat to spend another day getting that going again! : Further, the actual ID numbers that would populate 'display_ids' . . . 'would be generated from your result set' -- I'm not clear how to achieve this. From the query results, how would I extract that info, for the current page, if my id column is 'rid', and I'm using $_SESSION['rid']? Regards, Andre On Wednesday 05 June 2002 10:15 pm, you wrote: My understanding was that he wanted to see the same 30 rows, but sorted in a different way. For instance, he wanted to see entries 30-60 as sorted by age, but to have those sorted by height when displayed. miguel Maybe you could have a hidden field that lists the 30 IDs that are displayed on the page, as a comma separated list. Then, if the user chooses to resort those 30 results, based on another column, you can use that hidden field in your query to limit the IDs. i.e. input type='hidden' name='display_ids' value='1,4,6,7,8,9' Where the actual numbers would be generated from your result set. Then, use those numbers in your query. SELECT * FROM table WHERE ... AND ID IN($display_ids) ORDER BY new_sort_order Hopefully PG supports IN(). My $0.02, I'm sure there are other ways...or maybe this isn't even what you're looking for. :) ---John Holmes... On Thu, 6 Jun 2002, Bogdan Stancescu wrote: That's at least curious - limiting and offsetting will most certainly affect the results which are then sorted... I don't think that's what he was after. Just my 2c. Bogdan Miguel Cruz wrote: Try a sub-select: SELECT * FROM (SELECT * FROM rap ORDER BY rcountry,rcity,rsname,rfname DESC LIMIT 30 OFFSET 30) ORDER BY whatever; miguel On Wed, 5 Jun 2002, Andre Dubuc wrote: Apache 1.3.23 + PHP 4.1.2 + PostgreSQL 7.2 I have a query that sorts by name, country, and city, then pages in groups of 30 records. Originally, I had also coded two buttons: Sort by Country', 'Sort by City' since I wanted to offer users the options of these choices. Unfortunately, these buttons work well, but re-select the whole shebang (which I guess is to be expected), destroying any paging that had already started. I've tried all sorts of ways, tried re-arranging the order of execution, but the result is the same. I'm at a loss on how to proceed. I've deleted the choice (for now) and run it as a simple select order by name query.The problem seems to be: I need a sub-query select function that retains the original query, simply re-organizing it according to the new criteria, and retains the original paging. (Perhaps I shouldn't care whether the paging is messed up as long as the results are the same.) I realize that the way it's set up below, it will automatically send a NEW query, which is not what I want. I'd like to work with the results of the original query and modify it with the new criteria Any suggestions how I can achieve this, or whether it's even possible? I would greatly appreciate any assistance or comments. ** ** ** Snippet of offending code: ?php //snippet follows: print input type=submit name=submit value=Sort by City; print nbsp;; print input type=submit name=submit value=Sort by Country; // more code if($_POST['submit'] == Sort by Name){ $query = SELECT * FROM rap ORDER BY rsname,rfname,rcountry,rcity,DESC LIMIT 30 OFFSET 30; } elseif($_POST['submit'] == Sort by Country){ $query = SELECT * FROM rap ORDER BY rcountry,rcity,rsname,rfname DESC LIMIT 30 OFFSET 30; } //more code, including paging functions ? ** ** Tia, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Modifying the sort order of a query
Hi John, Sorry about that. I should have explained what I meant. The basic problem that I'm trying (desparately) to skirt around is a troublesome paging problem. The basic query loads all files in the db sorted by name. The first page that displays has a Next 20 button that loads the next page, and so on until the last page which has no Next 20 button, but deadends. The problem I've faced today, is that I originally allowed a Sort by Country button to appear on each page -- thereby messing up the original paging. It, of course, returned to the first page (which didn't know squat about whatever the calling page asked for). Thus, the whole thing froze -- which is to be expected. The resolution, in my mind, is simple: do not have that button anywhere but on the first page (it took me a long time to figure that one out, duhh :). The second solution, is somewhat better: using a sub-query, which will re-paginate all right, but I still need to retain the alpahbetical order of names as well. Perhaps I can't have both. (I think I'll have to try both -- my mind's a bit blitzed from the problems I've resolved today!) So, that's what I'm trying to do. The page I'm working on is a protype for about three other similar ones. Regards, Andre On Wednesday 05 June 2002 10:22 pm, you wrote: What do you mean it'll trash the current paging ?? Can you give a more detailed explanation? Results 30-60 of one result set sorted by a certain column will be totally different than results 30-60 of a result set sorted by a different column. So the paging would have to start over, anyhow. Unless you're looking to maintain the same 30 results in the new result set, like my previous email mentioned... ---John Holmes... -Original Message- From: Andre Dubuc [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 05, 2002 10:19 PM To: Miguel Cruz Cc: [EMAIL PROTECTED] Subject: Re: [PHP] Modifying the sort order of a query Thanks Miguel, I haven't tried the sub-query approach yet, but that does seem to be the way to do this. My fear is that it will trash the current paging (which took forever to get working with the current setup). Actually, after trying my original code again in another smaller select function, I'm wondering whether I even need this refined search option -- it might be a case of 'overkill'. Still, it's got my curiosity going. The problem seems to be centered on how I wrote the original code (it's amzing how it's changed!). I think I'll have to re-write using switch functions to clarify exactly what I want it to do. Regards, Andre On Wednesday 05 June 2002 09:43 pm, you wrote: My understanding was that he wanted to see the same 30 rows, but sorted in a different way. For instance, he wanted to see entries 30-60 as sorted by age, but to have those sorted by height when displayed. miguel On Thu, 6 Jun 2002, Bogdan Stancescu wrote: That's at least curious - limiting and offsetting will most certainly affect the results which are then sorted... I don't think that's what he was after. Just my 2c. Bogdan Miguel Cruz wrote: Try a sub-select: SELECT * FROM (SELECT * FROM rap ORDER BY rcountry,rcity,rsname,rfname DESC LIMIT 30 OFFSET 30) ORDER BY whatever; miguel On Wed, 5 Jun 2002, Andre Dubuc wrote: Apache 1.3.23 + PHP 4.1.2 + PostgreSQL 7.2 I have a query that sorts by name, country, and city, then pages in groups of 30 records. Originally, I had also coded two buttons: Sort by Country', 'Sort by City' since I wanted to offer users the options of these choices. Unfortunately, these buttons work well, but re-select the whole shebang (which I guess is to be expected), destroying any paging that had already started. I've tried all sorts of ways, tried re-arranging the order of execution, but the result is the same. I'm at a loss on how to proceed. I've deleted the choice (for now) and run it as a simple select order by name query.The problem seems to be: I need a sub-query select function that retains the original query, simply re-organizing it according to the new criteria, and retains the original paging. (Perhaps I shouldn't care whether the paging is messed up as long as the results are the same.) I realize that the way it's set up below, it will automatically send a NEW query, which is not what I want. I'd like to work with the results of the original query and modify it with the new criteria Any suggestions how I can achieve this, or whether it's even possible? I would greatly appreciate any assistance or comments
Re: [PHP] Modifying the sort order of a query
Hi John, Oh, my apologies again. I haven't thought this through enough. I'm sorry that I've wasted your time. Is it messing up when you click Next 20? Does it go back to the old sorting, or what? If you're looking at page 4 sorted by name, then you want to sort by country, you can't go back to page 4 . . . Yes, that's what I was attempting to do. Perhaps I was too close to the code to really visualize the basic flow. It went back to the first page, and froze -- that's because the first page had no reference to the new query -- it had no reference to a new query being made since Page 1 has it's own code/query set that did not include the restructuring of the query that Page 4 attemped to do. So, I don't think it's possible to accomplish an in-process sort without re-paginating the whole thing. I'll probably have to do it ONLY on the first page, and not offer a continuous option on every page. [Btw, nothing is public yet . . . I'm still putting the pieces together -- hopefully sometime in September.] Further, I've changed most of the code that I first wrote, attempting to tryout the concepts. Regards, Andre On Wednesday 05 June 2002 11:01 pm, you wrote: I still really don't understand. You have a list of documents, 20 per page. You want to be able to sort it by country or another column, yet still display them in alphabetical order? Maybe an example page would help...is this page public anywhere? Like I said before, if you sort by new columns, then your paging has to start over back at the beginning. You said it already did this, but it still is messing up. Is it messing up when you click Next 20? Does it go back to the old sorting, or what? If you're looking at page 4 sorted by name, then you want to sort by country, you can't go back to page 4 (well, you can, but it's going to be a whole new page four because of the new sort order). Example page will really help here; maybe I'm just slow in visualizing this. We can take this off the list if necessary, too. ---John Holmes... -Original Message- From: Andre Dubuc [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 05, 2002 10:49 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: [PHP] Modifying the sort order of a query Hi John, Sorry about that. I should have explained what I meant. The basic problem that I'm trying (desparately) to skirt around is a troublesome paging problem. The basic query loads all files in the db sorted by name. The first page that displays has a Next 20 button that loads the next page, and so on until the last page which has no Next 20 button, but deadends. The problem I've faced today, is that I originally allowed a Sort by Country button to appear on each page -- thereby messing up the original paging. It, of course, returned to the first page (which didn't know squat about whatever the calling page asked for). Thus, the whole thing froze -- which is to be expected. The resolution, in my mind, is simple: do not have that button anywhere but on the first page (it took me a long time to figure that one out, duhh :). The second solution, is somewhat better: using a sub-query, which will re-paginate all right, but I still need to retain the alpahbetical order of names as well. Perhaps I can't have both. (I think I'll have to try both - - my mind's a bit blitzed from the problems I've resolved today!) So, that's what I'm trying to do. The page I'm working on is a protype for about three other similar ones. Regards, Andre On Wednesday 05 June 2002 10:22 pm, you wrote: What do you mean it'll trash the current paging ?? Can you give a more detailed explanation? Results 30-60 of one result set sorted by a certain column will be totally different than results 30-60 of a result set sorted by a different column. So the paging would have to start over, anyhow. Unless you're looking to maintain the same 30 results in the new result set, like my previous email mentioned... ---John Holmes... -Original Message- From: Andre Dubuc [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 05, 2002 10:19 PM To: Miguel Cruz Cc: [EMAIL PROTECTED] Subject: Re: [PHP] Modifying the sort order of a query Thanks Miguel, I haven't tried the sub-query approach yet, but that does seem to be the way to do this. My fear is that it will trash the current paging (which took forever to get working with the current setup). Actually, after trying my original code again in another smaller select function, I'm wondering whether I even need this refined search option -- it might be a case of 'overkill'. Still, it's got my curiosity going. The problem seems to be centered on how I wrote the original code (it's amzing how it's changed
Re: [PHP] Modifying the sort order of a query
Hi Peter, I've just tried the sub-select approach. Works great on the first page - shows names listed alphabetically sorted by country. However, once I click on 'Next 20' both sorts go bye-bye (neither by name nor country). Going to try what you suggest tomorrow. I think it'll work. Thanks for the advice, Regards, Andre On Wednesday 05 June 2002 11:37 pm, you wrote: Andre Don't know how useful this will be to you .. but was following thru this and thought why wouldn't you include a page with a switch statement or the like into all the pages... so that all pages know about but not always use the queries ... so that you can have it sorted by any and everything you want... any way just a thought cheers Peter -Original Message- From: Andre Dubuc [mailto:[EMAIL PROTECTED]] Sent: Thursday, 6 June 2002 1:27 PM To: [EMAIL PROTECTED] Subject: Re: [PHP] Modifying the sort order of a query Hi John, Oh, my apologies again. I haven't thought this through enough. I'm sorry that I've wasted your time. Is it messing up when you click Next 20? Does it go back to the old sorting, or what? If you're looking at page 4 sorted by name, then you want to sort by country, you can't go back to page 4 . . . Yes, that's what I was attempting to do. Perhaps I was too close to the code to really visualize the basic flow. It went back to the first page, and froze -- that's because the first page had no reference to the new query -- it had no reference to a new query being made since Page 1 has it's own code/query set that did not include the restructuring of the query that Page 4 attemped to do. So, I don't think it's possible to accomplish an in-process sort without re-paginating the whole thing. I'll probably have to do it ONLY on the first page, and not offer a continuous option on every page. [Btw, nothing is public yet . . . I'm still putting the pieces together -- hopefully sometime in September.] Further, I've changed most of the code that I first wrote, attempting to tryout the concepts. Regards, Andre On Wednesday 05 June 2002 11:01 pm, you wrote: I still really don't understand. You have a list of documents, 20 per page. You want to be able to sort it by country or another column, yet still display them in alphabetical order? Maybe an example page would help...is this page public anywhere? Like I said before, if you sort by new columns, then your paging has to start over back at the beginning. You said it already did this, but it still is messing up. Is it messing up when you click Next 20? Does it go back to the old sorting, or what? If you're looking at page 4 sorted by name, then you want to sort by country, you can't go back to page 4 (well, you can, but it's going to be a whole new page four because of the new sort order). Example page will really help here; maybe I'm just slow in visualizing this. We can take this off the list if necessary, too. ---John Holmes... -Original Message- From: Andre Dubuc [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 05, 2002 10:49 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: [PHP] Modifying the sort order of a query Hi John, Sorry about that. I should have explained what I meant. The basic problem that I'm trying (desparately) to skirt around is a troublesome paging problem. The basic query loads all files in the db sorted by name. The first page that displays has a Next 20 button that loads the next page, and so on until the last page which has no Next 20 button, but deadends. The problem I've faced today, is that I originally allowed a Sort by Country button to appear on each page -- thereby messing up the original paging. It, of course, returned to the first page (which didn't know squat about whatever the calling page asked for). Thus, the whole thing froze -- which is to be expected. The resolution, in my mind, is simple: do not have that button anywhere but on the first page (it took me a long time to figure that one out, duhh :). The second solution, is somewhat better: using a sub-query, which will re-paginate all right, but I still need to retain the alpahbetical order of names as well. Perhaps I can't have both. (I think I'll have to try both - - my mind's a bit blitzed from the problems I've resolved today!) So, that's what I'm trying to do. The page I'm working on is a protype for about three other similar ones. Regards, Andre On Wednesday 05 June 2002 10:22 pm, you wrote: What do you mean it'll trash the current paging ?? Can you give a more detailed explanation? Results 30-60 of one result set sorted by a certain column will be totally different than results 30-60 of a result set sorted by a different column. So
Re: [PHP] Modifying the sort order of a query
Thanks Jay, Well, I went back to work on it, and with the combined suggestions from the list, it's working now. I just had to insert the sub-select on the called page as well. That seemed to be the problem. Thanks for your suggestion -- I used part of it. Regards, Andre On Thursday 06 June 2002 07:39 am, you wrote: [snip] I've just tried the sub-select approach. Works great on the first page - shows names listed alphabetically sorted by country. However, once I click on 'Next 20' both sorts go bye-bye (neither by name nor country). [/snip] I am late to the thread but I wanted to offer another suggestion. Retrieve the data results into an array and sort the array. I like Peter's idea though, using a case statement for the appropriate sort order information. You could also set a variable ($lastSortOrder) to 'default', 'country', 'city', 'whatever' and place this variable within the query. Pseudocode follows; $lastSortOrder = default $query = SELECT name, address, city, state, zip FROM table ; $query .= ORDER BY . $lastSortOrder . ; input type=submit name=action value=Sort By Countrybr input type=submit name=action value=Sort By Citybr switch($action){ case Sort By Country: $lastSortOrder = country break; case Sort By City: $lastSortOrder = city break; } I know this isn't complete but I HTH! Jay -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Switching from HTTPS to HTTP using PHP?
After completing most of the coding for my site, I would like to use https for restricted areas that require login. In short tests, I've discovered that, yes, I can engage the encrypted mode while calling these pages, but I've also discovered that it stays in the https mode even when it passes to once non-restricted pages. I'm not sure whether that is a problem, but . . . I gather this is normal behavior since I had requested https. But is it possible to unrequest ? My question is simple: is there a way to get out of or turn off https once it has been initiated -- using PHP? Since I have limited or no experience with https, any pointers, advice, or admonitions would be greatly appreciated. And they say, Ignorance is bliss -- I'm not too sure about that : Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Switching from HTTPS to HTTP using PHP?
Hi Ed, Maybe it's just one of those slow days, brain-wise. But I have a 'problem' with https remaining in that mode even on pages that haven't specifically requested it. That was not my understanding how it worked. Now, if I have to call http on pages that do not need https, then how would I be able to distinguish whether or not the mode is https or not. [I'm thinking of my bank's secure pages -- after I'm finished with the secure stuff, I get booted out of https. I suppose that's what I expected would happen (only pages calling https would be in it.) Sigh . . . more reading to do : Regards, Andre On Monday 10 June 2002 02:28 pm, you wrote: Isn't it just an issue of whether you call http: or https: ? -Original Message- From: Andre Dubuc [mailto:[EMAIL PROTECTED]] Sent: Monday, June 10, 2002 11:27 AM To: [EMAIL PROTECTED] Subject: [PHP] Switching from HTTPS to HTTP using PHP? After completing most of the coding for my site, I would like to use https for restricted areas that require login. In short tests, I've discovered that, yes, I can engage the encrypted mode while calling these pages, but I've also discovered that it stays in the https mode even when it passes to once non-restricted pages. I'm not sure whether that is a problem, but . . . I gather this is normal behavior since I had requested https. But is it possible to unrequest ? My question is simple: is there a way to get out of or turn off https once it has been initiated -- using PHP? Since I have limited or no experience with https, any pointers, advice, or admonitions would be greatly appreciated. And they say, Ignorance is bliss -- I'm not too sure about that : Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Switching from HTTPS to HTTP using PHP?
Thanks Ed, As you mentioned in your last lines, I'll have to specify the http protocol for the ordinary pages -- I hadn't done that yet. I assumed it would default to http; but, if I had thought about it, that wouldn't make sense. Unless told otherwise, https would not know that another protocol was requested. That should fix things, thanks for the explanation. Regards, Andre On Monday 10 June 2002 03:48 pm, you wrote: I'm pretty sure it's just an issue of using HTTPS for encrypted pages and HTTP for unencrypted. For example: http://www.example.com is unencrypted and pulls from port 80 on the web server. Whereas, https://www.example.com would be encrypted and come from port 443 on the web server. You can tell whether you're in encrypted mode or not by checking the variable: $_SERVER['HTTPS'] == on One thing to check, anchors with no protocol specified default to the current protocol. If you're in an encrypted page and have a link like this: a href='/index.php'Home Page/a The protocol will default to https and this may be the source of the problem you're experiencing. -Ed - Hi Ed, Maybe it's just one of those slow days, brain-wise. But I have a 'problem' with https remaining in that mode even on pages that haven't specifically requested it. That was not my understanding how it worked. Now, if I have to call http on pages that do not need https, then how would I be able to distinguish whether or not the mode is https or not. [I'm thinking of my bank's secure pages -- after I'm finished with the secure stuff, I get booted out of https. I suppose that's what I expected would happen (only pages calling https would be in it.) Sigh . . . more reading to do : Regards, Andre *** * This message is intended for the sole use of the individual and entity to whom it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the intended addressee, nor authorized to receive for the intended addressee, you are hereby notified that you may not use, copy, disclose or distribute to anyone the message or any information contained in the message. If you have received this message in error, please immediately advise the sender by reply email and delete the message. Thank you very much. -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Extracting from an Array
I have a db field, type varchar, that is actually a 'date' string formatted as dd-mm-. I used type 'varchar' (rather than type 'date') since I had to accomplish other things with it. Now, however, I do need to extract the Year (the last four digits in the array). I've tried to access the array $_SESSION['expiry'] but I don't know how to explode this array to extract all characters in last item after the last separator : i.e. '-'. I've used - as the separator, but I just get the first number of the last part of the array, i.e.: '-Y'. Is there a way of extracting all characters in that array? I've tried a bunch of combinations, but I obviously don't understand the basic mechanics of array manipulation or 'slicing'. If someone could point me to a good resource, or explain what I'm doing wrong, I would greatly any assistance. Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Extracting from an Array
Thanks Ed, Slight change -- I forgot that the delimiter was a 'space'. Anyway, I still get the first letter of the last part of the array. I guess what I need is something that specifies a range as in something like this: $Year = $Date[3-whatever?]; Seems rather odd that with the string as varchar it does this. I've no problem extracting various parts of a date from type 'date' but this wierd date-thingy. . . how I wish I didn't need it as varchar. Anyway, thanks -- I plug away at it. Regards, Andre On Wednesday 12 June 2002 07:09 pm, you wrote: $sql = select fieldname from tablename; $Results = mysql_query($sql, $DBLink); $Row = mysql_fetch_array($Results); $fieldname = $Row[fieldname]; $Date = explode(-, $fieldname); $Year = $Date[2]; -Original Message- From: Andre Dubuc [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 12, 2002 4:11 PM To: [EMAIL PROTECTED] Subject: [PHP] Extracting from an Array I have a db field, type varchar, that is actually a 'date' string formatted as dd-mm-. I used type 'varchar' (rather than type 'date') since I had to accomplish other things with it. Now, however, I do need to extract the Year (the last four digits in the array). I've tried to access the array $_SESSION['expiry'] but I don't know how to explode this array to extract all characters in last item after the last separator : i.e. '-'. I've used - as the separator, but I just get the first number of the last part of the array, i.e.: '-Y'. Is there a way of extracting all characters in that array? I've tried a bunch of combinations, but I obviously don't understand the basic mechanics of array manipulation or 'slicing'. If someone could point me to a good resource, or explain what I'm doing wrong, I would greatly any assistance. Tia, Andre *** * This message is intended for the sole use of the individual and entity to whom it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the intended addressee, nor authorized to receive for the intended addressee, you are hereby notified that you may not use, copy, disclose or distribute to anyone the message or any information contained in the message. If you have received this message in error, please immediately advise the sender by reply email and delete the message. Thank you very much. -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Extracting from an Array
Hi John, Yup. I know now that I've caused myself all sorts of grief when I set it to varchar. If I recall correctly (and I set this up four months ago when I began coding) I couldn't get it format without the crummy little dashes. So I set it to a string. Much coding later, I realize that I could solve this problem by changing it back to 'date' type, but as i'm writing, I remember that this particular array has only one use - and in a string format it's easier to manipulate. [Bad reason, I guess with hindsight -- perhaps it's a hangover from my Paradox PAL days where I needed to format the string for 'other purposes'.] Your last point is precisely what I'm writing about: it IS all messed up! So, the upshot is - live with it, and don't use it; or change it. Hmmm. I had planned to sort a column by 'Year', but it might be a case of 'overkill' -- the form is already loaded with enough options. Now that being said, this is more a problem of why can't I get ALL of the last part of the array? Suppose I wanted to extarct something that was not a date like: $_SESSION['odd'] which was varchar in the format of Session is closed. Now if I wanted to extract the last part: 'closed' what I've tried wouldn't work. It would give me: c -- how would I get the rest of the characters? Thanks for the advice, Regards, Andre On Wednesday 12 June 2002 08:25 pm, you wrote: What are the possible reasons that you need it to be a varchar ?? Do you realize how much extra work you are creating for yourself? Do you realize that you can have your users enter data in one format, and convert it to another format for MySQL? Do you realize you can use DATE_FORMAT() in your query to re-format the date back to dd-mm- if you want to? Do you realize that if you ever wanted to sort by this column, you'd be all messed up? It'll sort as a string, where 10 is less than 2. Do you realize what I'm trying to say?? ---John Holmes... -Original Message- From: Andre Dubuc [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 12, 2002 8:15 PM To: Lazor, Ed Cc: [EMAIL PROTECTED] Subject: Re: [PHP] Extracting from an Array Thanks Ed, Slight change -- I forgot that the delimiter was a 'space'. Anyway, I still get the first letter of the last part of the array. I guess what I need is something that specifies a range as in something like this: $Year = $Date[3-whatever?]; Seems rather odd that with the string as varchar it does this. I've no problem extracting various parts of a date from type 'date' but this wierd date-thingy. . . how I wish I didn't need it as varchar. Anyway, thanks -- I plug away at it. Regards, Andre On Wednesday 12 June 2002 07:09 pm, you wrote: $sql = select fieldname from tablename; $Results = mysql_query($sql, $DBLink); $Row = mysql_fetch_array($Results); $fieldname = $Row[fieldname]; $Date = explode(-, $fieldname); $Year = $Date[2]; -Original Message- From: Andre Dubuc [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 12, 2002 4:11 PM To: [EMAIL PROTECTED] Subject: [PHP] Extracting from an Array I have a db field, type varchar, that is actually a 'date' string formatted as dd-mm-. I used type 'varchar' (rather than type 'date') since I had to accomplish other things with it. Now, however, I do need to extract the Year (the last four digits in the array). I've tried to access the array $_SESSION['expiry'] but I don't know how to explode this array to extract all characters in last item after the last separator : i.e. '-'. I've used - as the separator, but I just get the first number of the last part of the array, i.e.: '-Y'. Is there a way of extracting all characters in that array? I've tried a bunch of combinations, but I obviously don't understand the basic mechanics of array manipulation or 'slicing'. If someone could point me to a good resource, or explain what I'm doing wrong, I would greatly any assistance. Tia, Andre ** * * This message is intended for the sole use of the individual and entity to whom it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the intended addressee, nor authorized to receive for the intended addressee, you are hereby notified that you may not use, copy, disclose or distribute to anyone the message or any information contained in the message. If you have received this message in error, please immediately advise the sender by reply email and delete the message. Thank you very much. -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory
Re: [PHP] Extracting from an Array
Hi John, ?php /* Using PostgreSQL: it needs $numrows and $row=0 to work. Also set it to choose only one record in db to simplify testing. Date was set to 10 May 1998*/ // $db conect stuff $query = SELECT rexpiry FROM rap WHERE rid = '1024'; $result = pg_exec($db, $query); if (!$result) {printf (ERROR); exit;} $numrows = pg_numrows($result); $row = 0; $Row = pg_fetch_array($result,$row); $rexpiry = $Row['rexpiry']; $Date = explode( , $rexpiry); $Year = $Date[3]; pg_close($db); print $Year; /* 'Year' returns something like 1 */ ? Btw, according to the error message, there's no such function as 'RIGHT' in PostgreSQl. (Sorry about referring to the string as an array in a session variable -- I've extracted the code from some other stuff that I had been working on.) Sigh. I'd like to know why this doesn't work: how I can extract the last few characters from the array. Regards, Andre On Wednesday 12 June 2002 09:34 pm, you wrote: I don't understand why you keep referring to the string as an array in a session variable. Can you show me how you are issuing the query, fetching the result, assigning it to the session, etc... It should be as easy as this: ? $result = MySQL_query(SELECT RIGHT(date_column,4) AS Year FROM tablename); while($row = MySQL_fetch_array($result)) { echo $row['Year']; } ? You know you could write a simple little script to convert this into the correct format for a date column. If you want to do sorting by year, you can try this: SELECT date_column FROM table ORDER BY RIGHT(date_column,4) ASC ---John Holmes... -Original Message- From: Andre Dubuc [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 12, 2002 9:32 PM To: [EMAIL PROTECTED] Subject: Re: [PHP] Extracting from an Array Hi John, Yup. I know now that I've caused myself all sorts of grief when I set it to varchar. If I recall correctly (and I set this up four months ago when I began coding) I couldn't get it format without the crummy little dashes. So I set it to a string. Much coding later, I realize that I could solve this problem by changing it back to 'date' type, but as i'm writing, I remember that this particular array has only one use - and in a string format it's easier to manipulate. [Bad reason, I guess with hindsight -- perhaps it's a hangover from my Paradox PAL days where I needed to format the string for 'other purposes'.] Your last point is precisely what I'm writing about: it IS all messed up! So, the upshot is - live with it, and don't use it; or change it. Hmmm. I had planned to sort a column by 'Year', but it might be a case of 'overkill' - - the form is already loaded with enough options. Now that being said, this is more a problem of why can't I get ALL of the last part of the array? Suppose I wanted to extarct something that was not a date like: $_SESSION['odd'] which was varchar in the format of Session is closed. Now if I wanted to extract the last part: 'closed' what I've tried wouldn't work. It would give me: c -- how would I get the rest of the characters? Thanks for the advice, Regards, Andre On Wednesday 12 June 2002 08:25 pm, you wrote: What are the possible reasons that you need it to be a varchar ?? Do you realize how much extra work you are creating for yourself? Do you realize that you can have your users enter data in one format, and convert it to another format for MySQL? Do you realize you can use DATE_FORMAT() in your query to re-format the date back to dd-mm- if you want to? Do you realize that if you ever wanted to sort by this column, you'd be all messed up? It'll sort as a string, where 10 is less than 2. Do you realize what I'm trying to say?? ---John Holmes... -Original Message- From: Andre Dubuc [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 12, 2002 8:15 PM To: Lazor, Ed Cc: [EMAIL PROTECTED] Subject: Re: [PHP] Extracting from an Array Thanks Ed, Slight change -- I forgot that the delimiter was a 'space'. Anyway, I still get the first letter of the last part of the array. I guess what I need is something that specifies a range as in something like this: $Year = $Date[3-whatever?]; Seems rather odd that with the string as varchar it does this. I've no problem extracting various parts of a date from type 'date' but this wierd date-thingy. . . how I wish I didn't need it as varchar. Anyway, thanks -- I plug away at it. Regards, Andre On Wednesday 12 June 2002 07:09 pm, you wrote: $sql = select fieldname from tablename; $Results = mysql_query($sql, $DBLink); $Row = mysql_fetch_array($Results); $fieldname = $Row[fieldname]; $Date = explode(-, $fieldname); $Year = $Date[2]; -Original Message
Re: [PHP] Extracting from an Array
Hi John, Sorry about the delayed mail. Anyway, I kept at it, and debugged every line with no success. Finally, I rewote it, and it worked?? [Sigh . . . one of those days :] Thanks again for all your help. Regards, Andre On Thursday 13 June 2002 11:28 pm, you wrote: Step through your code. What value does $rexpiry have? What do you see when you do print_r($Date) ?? Troubleshoot... ---John Holmes... -Original Message- From: Andre Dubuc [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 12, 2002 10:36 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: [PHP] Extracting from an Array Hi John, ?php /* Using PostgreSQL: it needs $numrows and $row=0 to work. Also set it to choose only one record in db to simplify testing. Date was set to 10 May 1998*/ // $db conect stuff $query = SELECT rexpiry FROM rap WHERE rid = '1024'; $result = pg_exec($db, $query); if (!$result) {printf (ERROR); exit;} $numrows = pg_numrows($result); $row = 0; $Row = pg_fetch_array($result,$row); $rexpiry = $Row['rexpiry']; $Date = explode( , $rexpiry); $Year = $Date[3]; pg_close($db); print $Year; /* 'Year' returns something like 1 */ ? Btw, according to the error message, there's no such function as 'RIGHT' in PostgreSQl. (Sorry about referring to the string as an array in a session variable -- I've extracted the code from some other stuff that I had been working on.) Sigh. I'd like to know why this doesn't work: how I can extract the last few characters from the array. Regards, Andre On Wednesday 12 June 2002 09:34 pm, you wrote: I don't understand why you keep referring to the string as an array in a session variable. Can you show me how you are issuing the query, fetching the result, assigning it to the session, etc... It should be as easy as this: ? $result = MySQL_query(SELECT RIGHT(date_column,4) AS Year FROM tablename); while($row = MySQL_fetch_array($result)) { echo $row['Year']; } ? You know you could write a simple little script to convert this into the correct format for a date column. If you want to do sorting by year, you can try this: SELECT date_column FROM table ORDER BY RIGHT(date_column,4) ASC ---John Holmes... -Original Message- From: Andre Dubuc [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 12, 2002 9:32 PM To: [EMAIL PROTECTED] Subject: Re: [PHP] Extracting from an Array Hi John, Yup. I know now that I've caused myself all sorts of grief when I set it to varchar. If I recall correctly (and I set this up four months ago when I began coding) I couldn't get it format without the crummy little dashes. So I set it to a string. Much coding later, I realize that I could solve this problem by changing it back to 'date' type, but as i'm writing, I remember that this particular array has only one use - and in a string format it's easier to manipulate. [Bad reason, I guess with hindsight -- perhaps it's a hangover from my Paradox PAL days where I needed to format the string for 'other purposes'.] Your last point is precisely what I'm writing about: it IS all messed up! So, the upshot is - live with it, and don't use it; or change it. Hmmm. I had planned to sort a column by 'Year', but it might be a case of 'overkill' - - the form is already loaded with enough options. Now that being said, this is more a problem of why can't I get ALL of the last part of the array? Suppose I wanted to extarct something that was not a date like: $_SESSION['odd'] which was varchar in the format of Session is closed. Now if I wanted to extract the last part: 'closed' what I've tried wouldn't work. It would give me: c -- how would I get the rest of the characters? Thanks for the advice, Regards, Andre On Wednesday 12 June 2002 08:25 pm, you wrote: What are the possible reasons that you need it to be a varchar ?? Do you realize how much extra work you are creating for yourself? Do you realize that you can have your users enter data in one format, and convert it to another format for MySQL? Do you realize you can use DATE_FORMAT() in your query to re-format the date back to dd-mm- if you want to? Do you realize that if you ever wanted to sort by this column, you'd be all messed up? It'll sort as a string, where 10 is less than 2. Do you realize what I'm trying to say?? ---John Holmes... -Original Message- From: Andre Dubuc [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 12, 2002 8:15 PM
Re: [PHP] Checking for NULL value in Database
Thanks Dan, In the interim, I solved my problem. As you said, the first query needed to be INSERT (that I figured out after spending some 'thoughtful' time with my beloved code :, and I also eliminated the extra pg_connect. After that, it still wouldn't work. Looking at the mess from pgsql (the graphical PostgreSQL interface) I noticed that the row that I was working on hadn't 'moved' [normally it moves to the bottom of the heap as the 'current record'. Seems like the index file was a little 'messed' up and was patiently waiting for me do to a 'vacuum' of the db. Once I cleaned up the database, everything worked as expected. I guess I should vacuum more frequently? Btw, you wouldn't happen to know any 'timer' script that I can program for seconds? Regards, Andre On Tuesday 18 June 2002 03:58 pm, you wrote: On Mon, Jun 17, 2002 at 10:46:27AM -0400, Andre Dubuc wrote: I'm tryiing to append entries in a db textarea field 'rbook'. Everything works fine IF there is an existing entry. However, if no entries exist, it nothing is written to the db. (PostgreSQL 7.2) I'm not familliar with PostgreSQL, but it sure looks like your problem stems from your using UPDATE queries. If a record doesn't exist, there's no record to update. You need to use INSERT queries in that case. Also, you only need one pg_connect() statement. While that's not your problem, it's a waste to have them in there. Just keep the one at the top. Ditch the ones inside your if/else structure. --Dan -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Limiting text inputs by character count?
Is there a way to limit the number of characters that may be inputed into: a) a input type=text . . . input b) a textarea . . . input I would like to control the maximum number of characters for each of these inputs. Any suggestions of where to look, or how to do it, if it's possible, would be greatly appreciated. Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Limiting text inputs by character count?
Thanks Peter, That'll fix it. Regards, Andre On Sunday 23 June 2002 10:04 pm, you wrote: for standard text input use input name=textfield type=text size=10 maxlength=10 that will only allow 10 characters not sure if that will also work for text area's -Original Message- From: Andre Dubuc [mailto:[EMAIL PROTECTED]] Sent: Monday, 24 June 2002 11:53 AM To: [EMAIL PROTECTED] Subject: [PHP] Limiting text inputs by character count? Is there a way to limit the number of characters that may be inputed into: a) a input type=text . . . input b) a textarea . . . input I would like to control the maximum number of characters for each of these inputs. Any suggestions of where to look, or how to do it, if it's possible, would be greatly appreciated. Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Word Count function?
Is there a function that counts the number of words in a string? I checked through the manual and archives using 'word count', and found nothing. I suppose it is possible to generate code that will accomplish this, using 'space' as the delimiting separator. But before I re-invent the wheel . . . Any ideas, suggestions where to look would be appreciated. Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Word Count function?
Thanks Dan, Does the job neatly! Regards, Andre On Monday 24 June 2002 06:01 pm, you wrote: Andre: On Mon, Jun 24, 2002 at 05:29:16PM -0400, Andre Dubuc wrote: Is there a function that counts the number of words in a string? I don't recall there being one. But, you could do this: $array = preg_split('/\s+/', $string); echo count($array); Enjoy, --Dan -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] ./configure with register_globals turned on?
Hi Scott, I've come to this post a little late, but I had exactly the same problem. No matter what I set php.ini, phpinfo() would not show changes. If I recall correctly, the problem sort of 'disappeared' by itself. I finally resolved it by rebooting immediately after setting the new php.ini (this was on Linux-Mandrake 8.2). Further, if I recall, (and this was three months ago) I think I re-installed PHP, but it made no difference. Make sure Apache is 'off' before you attempt to change php.ini. Also, in my config, there was another php.ini hidden in /etc/httpd -- do a 'locate' to see if you have multiple copies! I had a lot quirky things happen while trying to configure PHP 4.1.1. and a few with 4.1.2. For some odd reason, after a few attempts it does work. Try again, would be my advice. It'll work sooner or later : You might want to run a test to see if globals are really 'on' or 'off' -- I really don't trust the phpinfo() output! Not much help, but hth Andre On Friday 05 July 2002 01:36 pm, you wrote: I give up! It still won't turned on! I tried stopping and restarting Apache, rebooting the machine, checked phpinfo to see the php.ini file path is, etc. At least, my boss understand. I'm going to stick to upgrading the website to go without register global. FletchSOD Larry Rosenman [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... On Fri, 2002-07-05 at 10:04, Scott Fletcher wrote: What is the configure option that will turn on the register_globals? This is for ./configure option in UNIX / LINUX. It's in php.ini. Look at the phpinfo() output, and modify to include the register_globals=ON, then restart Apache (assuming it's in an apache module). -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 972-414-9812 E-Mail: [EMAIL PROTECTED] US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] How to set focus in a form field
I have an annoying 'glitch' in the forms on my site: When a page loads, if it has a form on it, I would like the cursor to move to the first field, be 'set' - that is, I should see a cursor or blinking cursor in the first field. As it is now, on some pages, I either have to 'tab' to the first field, or click themouse in that field. Is there anyway to automate this, so that when a page loads it automatically goes to the first field, and 'highlights' the entry area? (Btw, I tried 'tabindex=1' but it still does not do what I'd like it to. Any ideas, suggestions, or admontions gratefully accepted. Tia, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to set focus in a form field
This is JAVASCRIPT problem because it is on the client end. Thanks to everyone who responded. I sort of thought it would be a 'Client-side' problem. Oh well, since I'm not prepared to use any javascript, I guess I'll have to live with it. Sigh . . . Thanks again, Andre -Original Message- From: Andre Dubuc [mailto:[EMAIL PROTECTED]] Sent: Thursday, July 11, 2002 11:26 AM To: [EMAIL PROTECTED] Subject: [PHP] How to set focus in a form field I have an annoying 'glitch' in the forms on my site: When a page loads, if it has a form on it, I would like the cursor to move to the first field, be 'set' - that is, I should see a cursor or blinking cursor in the first field. As it is now, on some pages, I either have to 'tab' to the first field, or click themouse in that field. Is there anyway to automate this, so that when a page loads it automatically goes to the first field, and 'highlights' the entry area? (Btw, I tried 'tabindex=1' but it still does not do what I'd like it to. Any ideas, suggestions, or admontions gratefully accepted. Tia, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Strong Web Hosts in Canada?
Hi Dan, Try http://www.hub.org. Hth, Andre On Wednesday 17 July 2002 02:23 am, you wrote: Hi Folks: A client of mine has a large series of high traffic, PHP/MySQL intensive websites. They're looking for dedicated hosting in Canada. Any recommendations? Enjoy, --Dan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Loading a File into Variable - How??
Hi Monty, I've been trying to do the same thing with no success. Would you be so kind as to show me how you finally did it? I'm not too clear what you meant by: So, if I replace the filesize($filename) command with a hard-coded number, it works. Tia, Andre On Thursday 18 July 2002 04:28 pm, you wrote: I just want to load an entire file into a single string variable. However, I figured out the problem shortly after posting that first message (of course). Because the file being opened is in the include_path, it seems filesize() doesn't see those files. So, if I replace the filesize($filename) command with a hard-coded number, it works. Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Sorting db entries by Year-Month
Apache 1.3.23 + PHP 4.1.2 + PostgreSQl 7.2 I have a guestbook that I would like to display the current month's entries. I can display all the entries before the current month, but i can't seem to figure out how to extract the currrent month's. Although the code below is a db issue, I don't know whether I should write code to extract the info before or after the db connection. Should I: 1. Set up the parameters beforehand in PHP, and then do a query; 2. Within the query itself (as the code I tried [and didn't work] below); 3. Or, somehow in PHP, after I get all the results [obviously without the db WHERE clause]. ?php // lots of code $db = pg_connect(dbname=rap user=postgres); $query = SELECT * FROM guest WHERE pdate = {$_SESSION['pdate'] == date('Y-m'); // pdate is formatted ('Y-m-d') // etc, etc. . . ? I know this is a simple question -- but my mind's totally blotto after a day's coding. Any help, pointers of where to look, or admonitions will be gratefully accepted. Tia, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sorting db entries by Year-Month
Well, that would be nice! Sort of 'completes-my-day' : So, both are vulnerable, eh? Great. Thanks for the warning -- but I'm using them for design only. Once the site is on-line, I'll be sure to use the upgraded versions. From what I read on-list, however, the current 'upgrades' have their problems too. Luckily, I'll be on-line later in the fall, so enough time might pass for the new PHP to stabilize. Regards, Andre On Tuesday 23 July 2002 08:47 pm, you wrote: What do you guys think? Should we tell him he's running a vulnerable version of PHP _and_ of Apache??? On Tuesday 23 July 2002 16:26 pm, Andre Dubuc wrote: Apache 1.3.23 + PHP 4.1.2 + PostgreSQl 7.2 snipped -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sorting db entries by Year-Month
Hi John, further research indicates that for PG I could trysomething like: SELECT EXTRACT(MONTH FROM TIMESTAMP) Big John has offered some advice using: $today = getdate();  $start = $today['year'] . '-' . $today['mon'] . '-' . '01';  $end  =  $today['year'] . '-' . $today['mon'] . '-' . '31'; SELECT * FROM guest WHERE pdate BETWEEN {$start} AND {$end}; but PG doesn't like my format of $pdate as type date, since the result for $start and $end seems to result in type integer. Sigh. What a pain. Such a simple task, and . . . Thanks for your advice. I'll keep hacking away at it, and maybe I'll get it to work. Regards, Andre On Tuesday 23 July 2002 09:52 pm, you wrote: Isn't there a MONTH function in PG? SELECT * FROM your_table WHERE MONTH(NOW()) = MONTH(your_column) ?? Or if PG stores dates in the Unix timestamp format, is the an equivalent to date() that you can extract the month from the column and compare them?? ---John Holmes... -Original Message- From: Andre Dubuc [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 23, 2002 7:26 PM To: [EMAIL PROTECTED] Subject: [PHP] Sorting db entries by Year-Month Apache 1.3.23 + PHP 4.1.2 + PostgreSQl 7.2 I have a guestbook that I would like to display the current month's entries. I can display all the entries before the current month, but i can't seem to figure out how to extract the currrent month's. Although the code below is a db issue, I don't know whether I should write code to extract the info before or after the db connection. Should I: 1. Set up the parameters beforehand in PHP, and then do a query; 2. Within the query itself (as the code I tried [and didn't work] below); 3. Or, somehow in PHP, after I get all the results [obviously without the db WHERE clause]. ?php // lots of code $db = pg_connect(dbname=rap user=postgres); $query = SELECT * FROM guest WHERE pdate = {$_SESSION['pdate'] == date('Y-m'); // pdate is formatted ('Y-m-d') // etc, etc. . . ? I know this is a simple question -- but my mind's totally blotto after a day's coding. Any help, pointers of where to look, or admonitions will be gratefully accepted. Tia, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] RE: Sorting db Entries by Year-Month -- Solved
Thanks to BigDog and John Holmes for their suggestions. I figured it out: it was rather easy, in hindsight, of course: ?php $today = getdate(); $month = $today['mon']; . . . $query = SELECT * FROM guest WHERE pdate ~ '{$month}'; . . . ? Works as expected. Regards, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sorting db entries by Year-Month
Simply wonderful news: But again, for design work, it isn't worth the trouble. I'm using SESSION variables $_POST, $_SESSION, and as long as they don't change, there's little point upgrading until the site is on-line. However, I will inform my IP to use all the latest versions. I'm running Linux-Mandrake 8.2 and the distro's Apache, PHP, and PostgeSQL. I've rolled my own, but the distro's added features persuaded to use them. When the site is finished, I will 'roll-my-own' and upgrade. Unfortunately, PostgreSQL and PHP tend to like spreding themselves all over my hardrive. It took me quite a bit of time to get my first versions working together. So, as long as they haven't changed the functions, the vulnerablities are a moot point at this time. Good to be aware of them, however. Thanks for your concern. Regards, Andre On Tuesday 23 July 2002 10:42 pm, you wrote: Yeah. Apache is vulneralbe to a buffer overflow in the chunked-encoding, and PHP has (i think) a buffer overflow in the multipart/form-data POST form handling. It might be a format string though... that just came out this week. yesterday, i think. For dev you might want to consider using the CVS version- that's what I do. And if you set up a script for the cron-tab or something you could get the latest version overnight... Unfortunatly, Apache CVS is not open to the public. On Tuesday 23 July 2002 17:58 pm, you wrote: Well, that would be nice! Sort of 'completes-my-day' : So, both are vulnerable, eh? Great. Thanks for the warning -- but I'm using them for design only. Once the site is on-line, I'll be sure to use the upgraded versions. From what I read on-list, however, the current 'upgrades' have their problems too. Luckily, I'll be on-line later in the fall, so enough time might pass for the new PHP to stabilize. Regards, Andre On Tuesday 23 July 2002 08:47 pm, you wrote: What do you guys think? Should we tell him he's running a vulnerable version of PHP _and_ of Apache??? On Tuesday 23 July 2002 16:26 pm, Andre Dubuc wrote: Apache 1.3.23 + PHP 4.1.2 + PostgreSQl 7.2 snipped -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Accessing variables: $_POST and $foo
While prototyping my db-driven website using Apache 1.3.23 + PPHP 4.1.2 + PostgreSQL 7.2 under the rpm distribution of Mandrake 8.2, I used the default register_globals=on setting. As I'm nearing the end of protyping, I decided to switch register_globals=off by ediuting the php.ini file. Unfortunately, by doing so, I lost the connection to PostgreSQL: phpinfo() shows no settings for psql. Since it's a pre-packaged rpm, I've no way to change the default setting aside from editing the php.ini which then breaks PostgreSQL connection. I could source the whole mess, but since I'm nearing the end of protyping it seems like a waste of time. I've re-written most of my code to $_SESSION and $_POST to pick up the variables from the various pages. However, in order to test everything I've had to re-load PHP with globals again set to on. Now for the question: I would like to know whether the coding for the variables that I'm using now will work with $_SESSION and $_POST. For some reason, the only way to pick up the variables from a posted page is to use at the beginning of the page (after the initial ?php session_start(); ob_start(); ?) $sfname = $_POST['sfname']; Now, in all the checking code that follows (to check for empty strings, html code, javascript commands, and bad words) I've reverted to: //snippet of code (h5 is formatting for CSS stylesheet) if ($sfname == ) die (h5blah, blah blah/h5); This works with globals=on, and while I had it working (without a functional database connection) with $_POST and but not with $_SESSION (??). My question: will this work in real-time once I get connected again to the db? It's so frustrating having changed all the code to find that I really didn't have to. Btw: can anyone explain why register_globals=on is such a bad thing? I've read the security info, and they never really explained it. Sorry for the long post. I would greatly appreciate any assistance on this. Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Tabs + SELECTED
An interesting problem has surfaced while finishing the coding for an input form. The usual text inputs fields are in place for first name, surname, address etc. However, I've created a drop-down list for state and country. Since these drop-down lists have OPTION SELECTEDIn USA/Canada , tabbing in the form jumps over these drop-downs [simply becuase they're filled]. I would like them to be included in the tabbing. Originally I used tabindex to control the flow over optional fields. I deleted the tabindex since the behavior of the form was erratic and non-logical in flow. Any ideas on how to circumvent the default behavior of OPTION SELECTEDblah, blah , blah? Any assistance will be greatly appreciated, Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Tabs + SELECTED
On Thursday 18 April 2002 02:31 pm, you wrote: On Thursday, April 18, 2002, at 12:33 PM, Andre Dubuc wrote: Since these drop-down lists have OPTION SELECTEDIn USA/Canada , tabbing in the form jumps over these drop-downs [simply becuase they're filled]. I would like them to be included in the tabbing. Originally I used tabindex to control the flow over optional fields. I deleted the tabindex since the behavior of the form was erratic and non-logical in flow. Any ideas on how to circumvent the default behavior of OPTION SELECTEDblah, blah , blah? To the best of my knowledge, this action is out of your control, at least from the perspective of a PHP coder. It's the way the browser handles user input, and nothing your PHP script on the server can do will override this. In my browsers, Mozilla 0.9.9 Mac and IE5.1Mac, I don't get this behavior even when there is a SELECTED option. Although, I use the form option selected=yesblah blah/option. Try your code using this style, which incidentally is XHTML compliant, and maybe your browser will respond differently. Or perhaps there is some JavaScript technique that can help you, if you decide to go this route then you will want to investigate the *focus-related attributes. Erik Erik Price Web Developer Temp Media Lab, H.H. Brown [EMAIL PROTECTED] Thanks Eric, That did the trick! The tabs work in drop-downs now. Btw, I'm using Konqueror with LM 8.2. It seems to have some quirks in it. Mozilla Galeon however don't seem to like my CSS stylesheet colors -- I'll have to figure that one out later. Regards, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Empty $_SESSION and $_POST ??
I've switched register_globals=off and register_argc_argv=off in php.ini to use $_SESSION and/or $_POST. All my code had been written using $var Unfortunately, I cannot seem to access the arrays in either $_SESSION and $_POST. I've set each page to start with ?php session_start(); ob_start(); ? since I'm also processing the variables from an input html form. Below that, on my first page the if (!isset($_SESSION['count'] . . . Everything seems to work OK until I try to access, on my last page, 'confirm-guest.php' which attempts to capture either the session variables or the posted variables from the previous two pages. Whenever I try: print($_SESSION['sfname']); or print($_POST['scity'] I get a parse error expecting 'T_STRING' . . . -- obviously there's nothing in the array or I haven't set it. Problem is how do you set the variables, as in $_POST['sfname'] -- I thought that it would pick them up automatically from the text input. Btw, I retained these satements (which could be the problem): $sfname = $_POST['sfname']; Since when I tried to use $_POST['sfname'] in the scipt I got the same parse error as above. I'm REALLY confused about the whole session thing -- I don't know where else to read up on it -- I've scoured PHP.net, Zend, PHPBuilder -- and I've followed what they said, but . . . Can anyone enlighten me on what I'm doing wrong, or where my thinking is amiss? I'd greatly appreciate any help. Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Empty $_SESSION and $_POST ??
On Friday 19 April 2002 08:13 pm, you wrote: On Fri, 19 Apr 2002, Andre Dubuc wrote: Whenever I try: print($_SESSION['sfname']); or print($_POST['scity'] I get a parse error expecting 'T_STRING' . . . -- obviously there's nothing in the array or I haven't set it. You just have a simple syntax error. You can use any of the following: print $_SESSION['sfname']; print {$_SESSION['sfname']}; print ${_SESSION['sfname']}; But you can't put a bare array dereference inside a quoted string like you tried above. You need to surround it with {curly braces} or take it outside the quoted string. miguel Hi Miguel, I tried all three -- none work. I question whether register_globals is truly off since, earlier when I changed php.ini it dumped my Postgresql and left the phpinfo() unchanged. This time it reported the change, and Postgresql is working. Is there a way I can verify that (a) globals are off and (b) $_SESSION or $_POST are on? This probably what's happening -- I can't access the arrays at all -- so, I think that might be where the problem lies. The $vars still work though throughout all scripts. Any ideas? Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Empty $_SESSION and $_POST ??
I'm running PHP 4.1.2 + Apache 1.3.23 + PostgreSQL 7.2. I've tried reverting back to globals=on, and same problem. Yet, earlier in another script I used $sfname = $_GET['sfname']; to get the value of sfname -- now, it won't work. I'm truly stumped -- I don't know whether it's my code? [I beginning to think it isn't because of the flakiness of the php.ini failing to report changes accurately] I've dumped PHP and re-installed it, but the same problem persists. Now for the big question -- what's wrong with globals=on anyway? Eventually the site will be public, and probably the host won't allow globals on, but what's the security risk? You say $_SESSION[] and $_POST[] are always on -- even if globals are on? Can I verify what all the variables in the array are? Where would I look? By the look of things, I've got a major problem -- but I don't know where to look. Help? Please? Tia, Andre On Friday 19 April 2002 10:17 pm, you wrote: I accidentally deleted your last message. But with current versions of PHP, $_POST, etc., are always on and there's no way to turn them off. Which version are you running? (check phpinfo()). miguel On Fri, 19 Apr 2002, Miguel Cruz wrote: On Fri, 19 Apr 2002, Andre Dubuc wrote: Whenever I try: print($_SESSION['sfname']); or print($_POST['scity'] I get a parse error expecting 'T_STRING' . . . -- obviously there's nothing in the array or I haven't set it. You just have a simple syntax error. You can use any of the following: print $_SESSION['sfname']; print {$_SESSION['sfname']}; print ${_SESSION['sfname']}; But you can't put a bare array dereference inside a quoted string like you tried above. You need to surround it with {curly braces} or take it outside the quoted string. miguel -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: [PHP-INST] can't view PHP
Hi Joey, Don't know whetehr I can help, but I ran into the same problem with my Linux box. In Mozilla et al, I had to change in Preferences Advanced Proxies Manual Proxy Config No proxy for: Localhost. I haven't followed your thead, and I'm no familair with networking, butthta might steer you in a new direction. It worked for me while I'm protyping my site. Hth, Andre On Friday 19 April 2002 11:31 pm, you wrote: yes i've tried that too *sigh* :( i've read the manual over and over again and installed it a few times and added all those lines ppl suggested but still no luck. I'm about to just give up. I know how to work PHP but I just can't find where this problem comes from. Maybe it's a windows thingy who knows, maybe i need IIS on my system which of course doesn't come with Win XP Home Edition. I read something about webpage in management tools in Windows but i don't have that so i can't change things there. I really do appreciate all your reactions and replies. Christoph görgen [EMAIL PROTECTED] wrote in message news:003101c1e77e$c3ca5fc0$0e0a@AGENTUR... Everytime i try to view a php file on my server it prompts me to download the file then opens it up in word pad. I can view any other file just not php. Can anyone help me with this problem please? Already tried to insert these lines into your httpd.conf ... ? #if you use php3# AddType application/x-httpd-php3 .php3 #if u use php4:# AddType application/x-httpd-php3 .php4 .php that should solve your problem after having restarted the webserver good luck chris -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Empty $_SESSION and $_POST ??
On Monday 22 April 2002 09:50 am, you wrote: On Friday, April 19, 2002, at 09:41 PM, Andre Dubuc wrote: Is there a way I can verify that (a) globals are off and (b) $_SESSION or $_POST are on? This probably what's happening -- I can't access the arrays at all -- so, I think that might be where the problem lies. The $vars still work though throughout all scripts. $_SESSION and $_POST and other superglobals are already on all the time if you use PHP 4.1.x or later. Verify that globals are off by writing a script that checks the for the presence or the value of $variable and then pass variable=1 or something on the querystring in your browser. Erik Erik Price Web Developer Temp Media Lab, H.H. Brown [EMAIL PROTECTED] Thanks Eric, Sorry about the delay in replying. I was at a funeral today. I tried what you suggested, and indeed globals are off. Perhaps my problem stems from my use of the $_GET[] with $vars. I guess I don't really understand what I'm doing. If you would take a peek at this code [I think I've introduced a security hole, and I'm mixing up things]: On page 1: ?php session_start(); ob_start(); ? // ob_start(); so I can have html headers on this page redirect later // some other code form action=page2.php method=get ?php // The following line is where I think I've caused myself grief. input type=text size=20 name=bozo // many other lines of code input type=submit name=submit value=Agree ? On page 2: ?php session_start(); ob_start(); ? // ob_start(); so I can have html headers on this page redirect later // some other code form action=page3php method=get ?php $bozo = $_GET['bozo']; /* Now is this correct? Am I exposing 'bozo'  to a security hole? For the rest of the script, with each $_GET['var'] from the previous page I do the same. Somehow, I don't think I've grasped what to do with $vars. From my reading elsewhere, should I, for example, in page 1 use something like : input type=text size=20 name=?php  echo $_SESSION['bozo'] ? Once I figure out how I'm supposed to write the variables in the scripts, I'll be OK. But I'm so CONFUSED!  */ if  ($bozo == ) die (Please enter your 'First Name'. brbr Click 'Back in your browser to enter this information.); // new input variable unique to page 2 input type=text size=20 name=dodo // other code: including an if $level  statement that checks for level of registration and redirects, using header(location . . .) session_write_close(); // to allow the header through header(location:page 3.php); ? On page 3: ?session_start(); ob_start(); ? ?php /* This page is actually a confirmation page, I've tried to collect the info from page 1 ($bozo) and page 2 ($dodo) and print them to screen as in */ $bozo = $_GET['bozo']; $dodo = $_GET['dodo']; print $bozo $dodo; /* I've also tried $_SESSION['bozo'], $_GET['bozo'], left out the '$bozo = $_GET['bozo']' etc, etc, etc. -- I don't know what I'm doing here!! Help! !  */ ? {Btw, I've used bozo and dodo since it's easier to spot the diffference than what I actually use for the field :] Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Empty $_SESSION and $_POST ??
On Monday 22 April 2002 05:34 pm, you wrote: On Monday, April 22, 2002, at 03:47 PM, Andre Dubuc wrote: I tried what you suggested, and indeed globals are off. Perhaps my problem stems from my use of the $_GET[] with $vars. I guess I don't really understand what I'm doing. If you would take a peek at this code [I think I've introduced a security hole, and I'm mixing up things]: I think the problem you're having is basically understanding what register_globals does, and why some people might want to turn it off. register_globals takes a variable (doesn't matter if it's a server variable, a cookie variable, a post variable, or a get variable) and registers it as global throughout the script. This means that if someone types http://www.domain.com/index.php?firstname=andrelastname=dubuc into the Address bar of her browser, she has just requested the index.php resource from the server at www.domain.com using the HTTP protocol and sent two variables to the server using the GET method: $firstname = 'andre' $lastname = 'dubuc' If you have register_globals turned on, then your script can look like this: if ($firstname == 'andre' $lastname == 'dubuc') { // do something } and it still works. However, if you have register_globals turned off, then the above 'if test' won't work. This is because these variables are not $firstname and $lastname, they are $_GET['firstname'] and $_GET['lastname']. To do an 'if test' with register_globals off, you should do: if ($_GET['firstname'] == 'andre' $_GET['lastname'] == 'dubuc') { // do something } There's really not much of a difference. The thing is that instead of being a global variable, the data that you passed is now an element of the $_GET array. So you use the standard element notation, using the associative index of the variable name. If you do this: $firstname = $_GET['firstname']; $lastname = $_GET['lastname']; ...you make your code simpler to understand, but be careful that you don't do something in the same script like $lastname = $row['last_name']; (which could happen if you were trying to simplify your MySQL result data.) I'll take a look at what you've got On page 1: ?php session_start(); ob_start(); ? // ob_start(); so I can have html headers on this page redirect later // some other code form action=page2.php method=get ?php // The following line is where I think I've caused myself grief. input type=text size=20 name=bozo input type=submit name=submit value=Agree ? Yeah, I'd say you've caused yourself some grief. This isn't even related to register_globals -- you've got two HTML input tags in the middle of your PHP block. You need to print() or echo these, not just type them in directly. print(input type='text' size='20' name='bozo' /); print(input type='submit' name='submit' value='Agree'); $bozo = $_GET['bozo']; /* Now is this correct? Am I exposing 'bozo'  to a security hole? For the rest of the script, with each $_GET['var'] from the previous page I do the same. Somehow, I don't think I've grasped what to do with $vars. From my reading elsewhere, should I, for example, in page 1 use something like input type=text size=20 name=?php  echo $_SESSION['bozo'] ? I prefer to do it the way that you have read elsewhere, but it really doesn't matter. Either way, you have a variable in your script that points to some user-specified data. What you've done is simplified the results, similar to what some people do when they pull data out of a result set with mysql_fetch_array(). The only security hole is if you have written your script to do something unsafe with the $bozo variable. HOWEVER... bear in mind that now that you are referring to this variable in this fashion, you could end up inadvertently overwriting this variable with a new variable, by doing something like $bozo = $row['bozo']; -- something that is far less likely to occur when referring to it as $_GET['bozo']. It really depends on how organized your code is. If I were you, I would probably get into the habit of calling it $_GET['bozo'], since that just saves you time and stress in the long run. The only security hole would be this: $_SESSION['admin'] = 'yes'; // indicates that user is an administrator $admin = $_SESSION['admin']; // simplify our variable name if ($admin == 'yes') { // if user is an administrator // display some sensitive data } // for some stupid reason we do this $admin = $_GET['admin']; // obviously you wouldn't do something like this if ($admin == 'yes') { // display some sensitive data } Essentially, in the above code, you've given the value of a GET variable called admin the same power as a session variable called admin. This is bad practice in general, and I'm sure you wouldn't make this mistake. Simply making $admin = $_SESSION['admin'] does NOT mean that someone can type
[PHP] Re: {PHP] Empty $_SESSION and $_POST??
Hi Eric, First off, my apologies for the bloat replies, and for the re-write of this thread -- your last reply accidentally was deleted. My actual INSERT command (for page 1): $query = INSERT INTO sponsor (sid, sfname, ssname, sinit, saddr1, saddr2, scity, sprov, scountry, scode, sstatus, sdate, susername, spwd, smail, sipaddress) values (nextval('sponsor_sid_seq'), '$sfname', '$ssname', '$sinit', '$saddr1', '$saddr2', '$scity', '$sprov', '$scountry', '$scode', 'Guest', '$sdate', '$susername', '$spwd', '$smail', '$sipaddress'); // page 2 is the same except the prefix s changes to r in each field I tried with VALUES ($_GET['sfname'] etc, etc and got a T_Variable error as you said would happen. I've yet to try what you've suggested, but since the Test to ensure your PHP binary is working shows that it is indeed funtioning, I think with the info you've provided, I should be able to pass the variables or the array to the next page. I did a print_r($_GET); for pages 1 and 2, and both showed the array for that page only. I sort of thought that the command would show the $_GET array growing with the values from page 1 and page 2. That seems to be where the problem lies. Using $sfname = $_GET['sfname']; on page 1 and $rfname = $_GET['rfname'] on page 2, I would have assumed that the print_r[$_GET] done on page 2 would show both sfname AND rfname. But perhaps I am mis-understanding the function of print_r[$_GET] -- it's probably non-cumulative and specific to the page from which it was called on. If that's the case, what precisely is the value of these superglobals when ,in fact, they are specific to ONE page only??? Btw, your explanations are superb! With superglobals, you need to actually break out of the string by using the dot to append variable names. How I wish I knew that before: I don't recall running into that statement anywhere in the docs. I think I'll get used to dot notation [I used it a lot in Paradox PAL] and re-do my scripts properly. I'll get back to you on how it goes. Thank-you very much, Eric -- your advice and your excellent help is really what OpenSource is all about. Regards, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Empty $_SESSION and $_POST??
Hi Eric, First off, my apologies for the bloat replies, and for the re-write of this thread -- your last reply accidentally was deleted. My actual INSERT command (for page 1): $query = INSERT INTO sponsor (sid, sfname, ssname, sinit, saddr1, saddr2, scity, sprov, scountry, scode, sstatus, sdate, susername, spwd, smail, sipaddress) values (nextval('sponsor_sid_seq'), '$sfname', '$ssname', '$sinit', '$saddr1', '$saddr2', '$scity', '$sprov', '$scountry', '$scode', 'Guest', '$sdate', '$susername', '$spwd', '$smail', '$sipaddress'); // page 2 is the same except the prefix s changes to r in each field I tried with VALUES ($_GET['sfname'] etc, etc and got a T_Variable error as you said would happen. I've yet to try what you've suggested, but since the Test to ensure your PHP binary is working shows that it is indeed funtioning, I think with the info you've provided, I should be able to pass the variables or the array to the next page. I did a print_r($_GET); for pages 1 and 2, and both showed the array for that page only. I sort of thought that the command would show the $_GET array growing with the values from page 1 and page 2. That seems to be where the problem lies. Using $sfname = $_GET['sfname']; on page 1 and $rfname = $_GET['rfname'] on page 2, I would have assumed that the print_r[$_GET] done on page 2 would show both sfname AND rfname. But perhaps I am mis-understanding the function of print_r[$_GET] -- it's probably non-cumulative and specific to the page from which it was called on. If that's the case, what precisely is the value of these superglobals when ,in fact, they are specific to ONE page only??? Btw, your explanations are superb! With superglobals, you need to actually break out of the string by using the dot to append variable names. How I wish I knew that before: I don't recall running into that statement anywhere in the docs. I think I'll get used to dot notation [I used it a lot in Paradox PAL] and re-do my scripts properly. I'll get back to you on how it goes. Thank-you very much, Eric -- your advice and your excellent help is really what OpenSource is all about. Regards, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Empty $_SESSION and $_POST ??
On Wednesday 24 April 2002 09:18 am, you wrote: Have you tried doing phpinfo() and seeing what values are coming up? I finally got everything working, thanks to Erik Price's excellent help and for all the others who offered their suggestions. Thanks for your suggestion! Regards, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] E-mail Confirmation script?
I've looked about for an 'Email Confirmation' script that many sites use for verifcation of wannabee new members. That is, the person subscribes, is sent a 'confirmation' number to which they must have in the 'Subject' area of their reply. I would like to implement this on my site, but I haven't discovered a source for a script, or how to go about doing it. That is, how do you retrieve items from an incoming e-mail, and is it possible to parse the same? If anyone who has seen such a script could point me to where I could find one, I would greatly appreciate it, or in the Manual, what it would be listed under. The 'mail()' function doesn't seem to include how to access received e-mails, and to parse individual copmponents of a message. Btw, does anyone know what's up with the 'Search' function of the PHP-general lst? It always seems to be 'offline'. Rather hard to search the archives for previously asked questions. Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] E-mail Confirmation script?
Thanks, Now why didn't that ever occur to me? It's simple and very effective. Thanks for the idea! Regards, Andre On Sunday 12 May 2002 04:51 pm, you wrote: I would suggest just sending them an email with a link like this and telling them to click on it to confirm their membership. http://www.mysite.com/confirm.php?uniqueid=2i3k238 s9sd0s99d The confirm.php page would look up the uniqueid and try to find it in your database. If it's there then that means the email address they gave you exists and they have access to that email account cuz they know that uniqueid. After confirming, you could send a welcome user email and include another link that they can use for all other account management like unsubscribing, changing password, changing personal info ... http://www.mysite.com/account.php -Original Message- From: Andre Dubuc [mailto:[EMAIL PROTECTED]] Sent: May 12, 2002 4:36 PM To: [EMAIL PROTECTED] Subject: [PHP] E-mail Confirmation script? I've looked about for an 'Email Confirmation' script that many sites use for verifcation of wannabee new members. That is, the person subscribes, is sent a 'confirmation' number to which they must have in the 'Subject' area of their reply. I would like to implement this on my site, but I haven't discovered a source for a script, or how to go about doing it. That is, how do you retrieve items from an incoming e-mail, and is it possible to parse the same? If anyone who has seen such a script could point me to where I could find one, I would greatly appreciate it, or in the Manual, what it would be listed under. The 'mail()' function doesn't seem to include how to access received e-mails, and to parse individual copmponents of a message. Btw, does anyone know what's up with the 'Search' function of the PHP-general lst? It always seems to be 'offline'. Rather hard to search the archives for previously asked questions. Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Uploading JPEG's - Security Issues?
My question will probably expose my woeful lack understanding of security breaches, but perhaps someone can enlighten me. On my site, registered members will be allowed to upload jpg/jpeg pictures. I'm concerned about possible security problems. First, is there a way to ensure that a picture (and not some other malicious stuff) has been uploaded? Aside from checking the mime type info associated with the file, is there any way of verifying what's in the file that has been uploaded? (I'm using Linux LM8.2) Would it be possible to fake info to fool this check? Would verification checks for html/scripts/commands be of any use? Secondly, since the file in question is already uploaded and saved to disk in /tmp or wherever, wouldn't any verification scheme be sort of, 'after-the-fact'? I would appreciate any input, suggestions, or ideas on what to do here. Am I being overly-paranoid about this, or do I have legitimate security concern. Using: Apache 1.3.23 + PHP 4.1.2 + PostgreSQL 7.2 Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Uploading JPEG's - Security Issues?
Thanks Miguel, Actually, I figured out how to do it: a combination of checking: if ( $_REQUEST['pix']['type'] == image/jpeg)} blah, blah, blah and then using 'fread' on the actual file itself, applying my 'eregi' verification code. It works! The problem before was that I was attempting to read the array, rather than the actuial file. Thanks for the link. Btw, I still confused about how to organize my /var/www/html directory so that I can still access it for code, but others will not be able to say access /var/www/html/tmp_for_checking_files_like_jpegs. I've made a temporary change (for protyping) to php.ini using /var/www/html as the upload_temp_dir, but I don't know how or where it should go in production. Any suggestions? Tia, Andre On Wednesday 15 May 2002 02:36 pm, you wrote: On Tue, 14 May 2002, Andre Dubuc wrote: My question will probably expose my woeful lack understanding of security breaches, but perhaps someone can enlighten me. On my site, registered members will be allowed to upload jpg/jpeg pictures. I'm concerned about possible security problems. First, is there a way to ensure that a picture (and not some other malicious stuff) has been uploaded? Aside from checking the mime type info associated with the file, is there any way of verifying what's in the file that has been uploaded? (I'm using Linux LM8.2) Would it be possible to fake info to fool this check? Would verification checks for html/scripts/commands be of any use? You can pass the path to the unix command 'file' which looks at the file's prologue to attempt to figure out what it is. This is usually a pretty good way to weed out trouble. http://www.doc.ic.ac.uk/lab/labman/lookup-man.cgi?file miguel -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Uploading JPEG's - Security Issues?
My question will probably expose my woeful lack understanding of security breaches, but perhaps someone can enlighten me. On my site, registered members will be allowed to upload jpg/jpeg pictures. I'm concerned about possible security problems. First, is there a way to ensure that a picture (and not some other malicious stuff) has been uploaded? Aside from checking the mime type info associated with the file, is there any way of verifying what's in the file that has been uploaded? (I'm using Linux LM8.2) Would it be possible to fake info to fool this check? Would verification checks for html/scripts/commands be of any use? Secondly, since the file in question is already uploaded and saved to disk in /tmp or wherever, wouldn't any verification scheme be sort of, 'after-the-fact'? I would appreciate any input, suggestions, or ideas on what to do here. Am I being overly-paranoid about this, or do I have legitimate security concern. Using: Apache 1.3.23 + PHP 4.1.2 + PostgreSQL 7.2 Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Uploading JPEG's - Security Issues?
Thanks Rasmus, I thought there had to be function out there that could examine the actual contents. Now the question remains, would an ereg/eregi check for html/code/commands work on a jpg/jpeg type file? From a brief examination of one, I note that it's not text, but code. I tried writing some text commands into a jpeg file to see what would happen, and wasn't too surprised that the file didn't load -- but then again, I don't know what I'm doing: I suppose, following what I saw in a movie Along Came a Spider -- manipulating image files with hidden text files, etc. -- sort of put me on guard. I have no idea whether this is even possible. . . sounds probable though. Would be great to find out before the site is compromised. Tia, Andre On Tuesday 14 May 2002 10:32 pm, you wrote: Have a look at the getimagesize() function. This function looks at the actual file data, not the mime type nor the file's extension but the data itself and tells you what sort of image file it is. And no, it wouldn't really be after the fact because because stores the file with a temporary random filename in /tmp ensuring not to overwrite anything that is already there. It is then your job to perform the check and copy the file to some appropriate directory on your server. If you don't do anything with the file, PHP will automatically delete it at the end of the request. -Rasmus On Tue, 14 May 2002, Andre Dubuc wrote: My question will probably expose my woeful lack understanding of security breaches, but perhaps someone can enlighten me. On my site, registered members will be allowed to upload jpg/jpeg pictures. I'm concerned about possible security problems. First, is there a way to ensure that a picture (and not some other malicious stuff) has been uploaded? Aside from checking the mime type info associated with the file, is there any way of verifying what's in the file that has been uploaded? (I'm using Linux LM8.2) Would it be possible to fake info to fool this check? Would verification checks for html/scripts/commands be of any use? Secondly, since the file in question is already uploaded and saved to disk in /tmp or wherever, wouldn't any verification scheme be sort of, 'after-the-fact'? I would appreciate any input, suggestions, or ideas on what to do here. Am I being overly-paranoid about this, or do I have legitimate security concern. Using: Apache 1.3.23 + PHP 4.1.2 + PostgreSQL 7.2 Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Augmenting an old date
Two columns in my PostgreSQL db are type 'date' (formatted '-mm-dd'): 'start_date' and 'expiry_date'. What I cannot seem to figure out is how to augment the 'expiry_date' either by 30 days, 60 days, or 1 year. I've tried the date function in PHP (getdate) but the problem is that it appears to need a timestamp of today. The dates that I'm trying to augment are sometimes a year or two ago. This doesn't work: $new_expiry_date = $expiry_date(Y-m-d, mktime(0,0,0, date(Y), date(m), date(d) + 60))); I assume it's because the '$expiry_date' should be simply 'date', but that would give the current date which is not what is wanted. Is there anyway to set 'date' as '$expiry_date'? Suggestions, admonitions, and general advice will be greatly appreciated. Btw, I've searched the archives, and haven't found anything quite on this topic. Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Augmenting an old date
Thanks Tom, for the excellent help! Seems like 'strtotime' function was what was needed! Regards, Andre On Sunday 19 May 2002 01:06 am, you wrote: Hi A slightly more efficeint way :) ? $start = 2002-01-01; $expire = date(Y-m-d,strtotime($start +30 days)); echo $expire.br; ? Tom At 02:03 PM 19/05/2002, Andre Dubuc wrote: Two columns in my PostgreSQL db are type 'date' (formatted '-mm-dd'): 'start_date' and 'expiry_date'. What I cannot seem to figure out is how to augment the 'expiry_date' either by 30 days, 60 days, or 1 year. I've tried the date function in PHP (getdate) but the problem is that it appears to need a timestamp of today. The dates that I'm trying to augment are sometimes a year or two ago. This doesn't work: $new_expiry_date = $expiry_date(Y-m-d, mktime(0,0,0, date(Y), date(m), date(d) + 60))); I assume it's because the '$expiry_date' should be simply 'date', but that would give the current date which is not what is wanted. Is there anyway to set 'date' as '$expiry_date'? Suggestions, admonitions, and general advice will be greatly appreciated. Btw, I've searched the archives, and haven't found anything quite on this topic. Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Annoying display problem
PHP 4.1.2 + Apache 1.3.23 + PostgreSQL 7.2 I've put off trying to figure out how to accomplish a fairly simple display problem. It's probably so simple, that I keep missing it. Here's what I'd like to accomplish: I want an image (aligned on the left side) with text beside it (aligned in the center). That sounds simple enough. But try as I may, I can't get it to work. Here's the code I've tried: *** ?php // lotsa stuff print brdiv align='left'img src='709-2585.jpg' width='120' height='120' alt=' '//a/divdiv align='center'{$_SESSION['desc']}/divbr; // more stuff ? *** What it displays: The pix is on the left where it should be, but the text isn't centered, but hangs either just underneath the pix. I've seen many sites with this layout. Perhaps they've separated the image/text. But I can't figure out how they did it. Any ideas? Will greatly appreciate some suggestions, and at this point, hand-slapping for missing the obvious: Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Annoying display problem
Miguel, It's been a long day - thanks. (Duh at this end!) Regards, Andre On Thursday 23 May 2002 04:54 pm, you wrote: The obvious answer would be a table. miguel On Thu, 23 May 2002, Andre Dubuc wrote: PHP 4.1.2 + Apache 1.3.23 + PostgreSQL 7.2 I've put off trying to figure out how to accomplish a fairly simple display problem. It's probably so simple, that I keep missing it. Here's what I'd like to accomplish: I want an image (aligned on the left side) with text beside it (aligned in the center). That sounds simple enough. But try as I may, I can't get it to work. Here's the code I've tried: * ** ?php // lotsa stuff print brdiv align='left'img src='709-2585.jpg' width='120' height='120' alt=' '//a/divdiv align='center'{$_SESSION['desc']}/divbr; // more stuff ? * ** What it displays: The pix is on the left where it should be, but the text isn't centered, but hangs either just underneath the pix. I've seen many sites with this layout. Perhaps they've separated the image/text. But I can't figure out how they did it. Any ideas? Will greatly appreciate some suggestions, and at this point, hand-slapping for missing the obvious: Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Annoying display problem
Thanks Dave, I tried that one, and the results were interesting. I reverted to the table method (I should have thought of it earlier, seeing that I had just used it in the lines just before [go figure!], but my mind was too frazzled to see it. Now I've got the text sitting nicely beside the pix, but no matter what I try (i.e. td cellpadding=5 or whatever, the text butts right to the left margin, and won't format nicely -- it looks, in three words ugly and unprofessional. It offends my typsetting days! Is there any way I can set the margins for the test, in particular, the left margin? Code is now: print brtd bgcolor='#ACE'table border=0td align='left' td cellpadding='5'img src='709-2585.jpg' width='120' height='120' alt=' '//a/td td bgcolor='#ACE'td cellpadding='5'{$_SESSION['desc']}/td /table; Any ideas? Tia, pAndre On Thursday 23 May 2002 07:43 pm, you wrote: I want an image (aligned on the left side) with text beside it (aligned in the center). That sounds simple enough. But try as I may, I can't get it to work. * print brdiv align='left'img src='709-2585.jpg' width='120' height='120' alt=' '//a/divdiv align='center'{$_SESSION['desc']}/divbr; * The pix is on the left where it should be, but the text isn't centered, but hangs either just underneath the pix. I've seen many sites with this layout. Perhaps they've separated the image/text. But I can't figure out how they did it. Wrapping something in a div will often get you an implied br depending on the circumstances. If you want text centred beside an image that's not the most obvious solution is probably a table. However, you might also try this (which is completely untested but may do what you want...) div align=center img src=image.jpg width=120 height=120 alt= align=left some text here, whatever... /div I tend to think that centering is over-used in many web pages so I don't often mix things like this but it may well produce the behaviour you're looking for. CYA, Dave -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Annoying display problem
Hi Dave, Well, I sort of solved it by adding: tdnbsp;nbsp;/td in a few judicious places. Renders well in Konqueror, Mozilla, and Galeon. Btw, I've been using CSS, and thought of doing it there, but it's a lot of trouble for only one table. Thanks, Andre On Thursday 23 May 2002 11:00 pm, you wrote: Now I've got the text sitting nicely beside the pix, but no matter what I try (i.e. td cellpadding=5 or whatever, the text butts right to the left margin, First option is to insert cellpadding or cellspacing in your table tag - that's where it get's set for the whole table. A possible solution could include using hspace=10 in your image tag (don't know if that would be swallowed up in the table layout though). Another option would be to use styles - define a style for putting padding around something and then use that style for your test (or probably your image for that matter). CYA, Dave -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] 'ucfirst' function for text area strings?
Is there a way to get a function similar to 'ucfirst' to work with the first letters of a set of strings in textarea strings? ** Inputted strings: hi. i hope there is one. any ideas? Should appear: Hi. I hope there is one. Any ideas? ** Would it be possible to do a 'foreach' 'ucfirst' type of statement while reading a string and breaking it apart at punctuation marks? Any suggestions will be greatly appreciated. This one's got me stumped. Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] 'ucfirst' function for text area strings?
Thanks John, I'm not familiar with the first function, but it sounds like any easy way to accomplish basic validation. Btw, any ideas why my code snippet didn't work? I still have some badWords' to check for, and eregi doesn't seem to work with textarea. Tia, Andre On Tuesday 28 May 2002 06:50 pm, you wrote: Why not just use htmlentities() and striptags() on the user input? I prefer to just use htmlentities() and that's it. Any code the user tries to type in is just converted to html codes and ends up being displayed in the browser exactly as they typed it. None of their code is evaluated though. ---John Holmes... -Original Message- From: Andre Dubuc [mailto:[EMAIL PROTECTED]] Sent: Tuesday, May 28, 2002 5:37 PM To: Miguel Cruz Cc: [EMAIL PROTECTED] Subject: Re: [PHP] 'ucfirst' function for text area strings? On Tuesday 28 May 2002 02:19 pm, you wrote: On Tue, 28 May 2002, Andre Dubuc wrote: Is there a way to get a function similar to 'ucfirst' to work with the first letters of a set of strings in textarea strings? ** Inputted strings: hi. i hope there is one. any ideas? Should appear: Hi. I hope there is one. Any ideas? ** Would it be possible to do a 'foreach' 'ucfirst' type of statement while reading a string and breaking it apart at punctuation marks? What are you going to do about abbreviations? The General Electric Corp. was represented at the meeting. miguel Hi Miguel, Well, I've discovered that using 'textarea' is a real pain. The usual validation checks don't work since there can be more than one string in whatever has been typed there. My nifty 'checkHtmlCommandsRottenwordsAndOther Garbage' sort of looks at whatever is in the text area and says, 'Uh, huh -- right. . . . Passed' no matter what I do. I've tried ereg, eregi, preg_match_all, explode, but the effect is the same. Unfortunately, this 'textarea' is one area on the site where the user can input the most. Therefore, it's the most vulnerable. So, how do others validate 'textarea' inputs? . . . Man, this is annoying! I've tried the 'foreach' but it chokes on the $_SESSION['rap'] , so I tried $rap = $_SESSION['rap']; just to make things easier. To be honest, at this point, I'd be happy to just validate that no 'evildoers' stuff has been typed into the 'textarea'. But as it stands now, it's pretty well open. So, abbreviations -- that's not really an issue at this point-- I only wanted the first letter of each sentence capitalized. If the user wants his/her aBbrEvatIoNs looking ugly -- that's fine by me. Perhaps, if I can get the basic validations done, I'll tackle the interior stuff as well. Any ideas on how to handle textarea inputs? I'd really apprecaite some advice on how to proceed at this point. Btw here's what I've tried before, and it works everywhere else except for textarea's: ** ** // 'rap' is the textarea input $_SESSION['rap'] = $_POST['rap']; $rap = $_SESSION['rap'] if (eregi(([^]|\n)*|/SCRIPT.*?\/SCRIPT/ims|onClick|onLoad|onDblClick onDragStart|onKeyDown|onKeyPress|onKeyUp|onMouseDown|onMouseMove| onMouseOut|MouseOver|SelectStart|Blur|Focus|Scroll|onMouseOver|onSelectS ta rt|onBlur| onFocus|Scroll|SCRIPT|script|Select|Unload|Change||DELETE|rm|mkdir|COPY| CREATE|UPDATE|WHERE|AS|FROM|POST|INSERT|INTO|while, $rap)); {header(location:out.php);} $rap = ucfirst($rap); // set it back to session variable $_SESSION['rap] = $rap; ** *** Tia, Andre - - Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] 'Pure' php vs 'mixed' (html + php)
I've noticed that many people on the list code in 'pure' php, i.e. ? print input type='text' name='fname' size='50'; // etc ? Since most of my code is a mixture (the early stuff is 'mixed' html + php), I've been wondering why code in 'pure' php? Is there some compelling reason (that I'm unaware of) for doing so? Should I rewrite all my earlier code into its 'pure' form? If so, what do I do with the '! DOCTYPE . . . statement -- put it in quotes too? I would like to understand the reasons for writing code in this manner, when all my code works fine, displays great: am I missing something important here? Btw, I use the 'php' ending for all file names. Your thoughts, opinions and suggestions would be greatly appreciated -- I'd like to do what is best. Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] 'Pure' php vs 'mixed' (html + php)
Thanks Bogdan, That's what I thought, but I was beginning to feel 'guilty' the more I understood php. It seems to me, from my limited experience, that there's much mor chance for error using 'pure' php (as in forgetting ' or or closing with ; -- but . . . Actually I've found that the 'mixed' is easier to read and understand -- less quotes, less 'print' to read with every line. But that's just personal taste on my part. While I'm at it, I've also noticed that coders tend to integrate 'result' pages with the 'calling' page. (That is, I have a text input, and use a php function to verify it on the same page). I've tended to keep them separate for de-bugging purposes. Should I consider re-writing them as well? Regards, Andre On Sunday 02 June 2002 08:16 pm, you wrote: No *real* reason - just two not-so-important ones: 1. Clarity Please compare these two: -- MIXED td bgcolor=?php echo $td_col; ? class=?php echo $prefclass; ? ?php $fldcontent=$myrow[0]?$myrow[0]:no data; ? input type=text name=fname size=50 value=?php echo $fldcontent; ? /td -- PURE ?php echo(td bgcolor='$td_col' class='$prefclass'\n); $fldcontent=$myrow[0]?$myrow[0]:no data; echo(input type='text' name='fname' size='50' value='$fldcontent'\n); ? The second is much easier to read and understand, you must agree. 2. Speed There's an urban legend saying that switching php tags on and off would slow parsing down. I don't know if that's true and try to write pure php as you call it due to the first reason. Bogdan Andre Dubuc wrote: I've noticed that many people on the list code in 'pure' php, i.e. ? print input type='text' name='fname' size='50'; // etc ? Since most of my code is a mixture (the early stuff is 'mixed' html + php), I've been wondering why code in 'pure' php? Is there some compelling reason (that I'm unaware of) for doing so? Should I rewrite all my earlier code into its 'pure' form? If so, what do I do with the '! DOCTYPE . . . statement -- put it in quotes too? I would like to understand the reasons for writing code in this manner, when all my code works fine, displays great: am I missing something important here? Btw, I use the 'php' ending for all file names. Your thoughts, opinions and suggestions would be greatly appreciated -- I'd like to do what is best. Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] 'Pure' php vs 'mixed' (html + php)
On Sunday 02 June 2002 08:13 pm, you wrote: On Sun, Jun 02, 2002 at 07:55:09PM -0400, Andre Dubuc wrote: I've noticed that many people on the list code in 'pure' php, i.e. ? print input type='text' name='fname' size='50'; // etc ? Since most of my code is a mixture (the early stuff is 'mixed' html + php), I've been wondering why code in 'pure' php? Is there some compelling reason (that I'm unaware of) for doing so? Should I rewrite all my earlier code into its 'pure' form? If so, what do I do with the '! DOCTYPE . . . statement -- put it in quotes too? I would like to understand the reasons for writing code in this manner, when all my code works fine, displays great: am I missing something important here? Btw, I use the 'php' ending for all file names. Your thoughts, opinions and suggestions would be greatly appreciated -- I'd like to do what is best. Tia, Andre ---end quoted text--- I don't know, but i prefer coding in mixed way.. to avoid excessive escaping at html tags and other.. []'s Thanks Marcelo, Precisely my feelings as well. Looks cleaner since I can spot the divisions quite readily (no print . . . ; in the code). Regards, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] 'Pure' php vs 'mixed' (html + php)
That's what I meant. I was referring to verification/validation scripts for user inputs. I've made a separate page that runs these routines. I have a feeling I should have incorporated them on the user input page . . . but does it really amtter if they're on another page? Andre On Sunday 02 June 2002 08:32 pm, you wrote: I'm not sure what you mean... Is it checking that you fill in the correct values via PHP or that the submission works - or something else? Bogdan Andre Dubuc wrote: Thanks Bogdan, That's what I thought, but I was beginning to feel 'guilty' the more I understood php. It seems to me, from my limited experience, that there's much mor chance for error using 'pure' php (as in forgetting ' or or closing with ; -- but . . . Actually I've found that the 'mixed' is easier to read and understand -- less quotes, less 'print' to read with every line. But that's just personal taste on my part. While I'm at it, I've also noticed that coders tend to integrate 'result' pages with the 'calling' page. (That is, I have a text input, and use a php function to verify it on the same page). I've tended to keep them separate for de-bugging purposes. Should I consider re-writing them as well? Regards, Andre On Sunday 02 June 2002 08:16 pm, you wrote: No *real* reason - just two not-so-important ones: 1. Clarity Please compare these two: -- MIXED td bgcolor=?php echo $td_col; ? class=?php echo $prefclass; ? ?php $fldcontent=$myrow[0]?$myrow[0]:no data; ? input type=text name=fname size=50 value=?php echo $fldcontent; ? /td -- PURE ?php echo(td bgcolor='$td_col' class='$prefclass'\n); $fldcontent=$myrow[0]?$myrow[0]:no data; echo(input type='text' name='fname' size='50' value='$fldcontent'\n); ? The second is much easier to read and understand, you must agree. 2. Speed There's an urban legend saying that switching php tags on and off would slow parsing down. I don't know if that's true and try to write pure php as you call it due to the first reason. Bogdan Andre Dubuc wrote: I've noticed that many people on the list code in 'pure' php, i.e. ? print input type='text' name='fname' size='50'; // etc ? Since most of my code is a mixture (the early stuff is 'mixed' html + php), I've been wondering why code in 'pure' php? Is there some compelling reason (that I'm unaware of) for doing so? Should I rewrite all my earlier code into its 'pure' form? If so, what do I do with the '! DOCTYPE . . . statement -- put it in quotes too? I would like to understand the reasons for writing code in this manner, when all my code works fine, displays great: am I missing something important here? Btw, I use the 'php' ending for all file names. Your thoughts, opinions and suggestions would be greatly appreciated -- I'd like to do what is best. Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] 'Pure' php vs 'mixed' (html + php)
Thanks Michael, Point well-made. I suppose doing it the mixed way might have repercussions later on if/when the site grows. Perhaps while the code is still fresh in my mid, it might be worth the effort to separate it. However, for a good part of the site, I've used CSS for appearance details, and controlling a lot of stuff that changes from page-to-page. It's very easy to change all or some of the pages from the CSS scripts. But, for the most part, not much of the actual php scripts COULD change, so that's why I've never bothered to separate html from php. Perhaps I wrong, but . . . Regards, Andre On Sunday 02 June 2002 08:36 pm, you wrote: However... From the point of view of someone who has worked in a company where diesign is separated from development, it is much better to have separate files with HTML templates with special markers (in the library I use, it is HTML comments !--element_to_replace--) so that the two processes are adequately separated. When all of the HTML is embedded in PHP staements, minor changes to HTML layout involve a PHP developer, whereas with template based strategies all they have to do is change the template. I believe that 'smarty' is the approved template libray, but there are several other worth investigating. Mikey Bogdan Stancescu [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... No *real* reason - just two not-so-important ones: 1. Clarity Please compare these two: -- MIXED td bgcolor=?php echo $td_col; ? class=?php echo $prefclass; ? ?php $fldcontent=$myrow[0]?$myrow[0]:no data; ? input type=text name=fname size=50 value=?php echo $fldcontent; ? /td -- PURE ?php echo(td bgcolor='$td_col' class='$prefclass'\n); $fldcontent=$myrow[0]?$myrow[0]:no data; echo(input type='text' name='fname' size='50' value='$fldcontent'\n); ? The second is much easier to read and understand, you must agree. 2. Speed There's an urban legend saying that switching php tags on and off would slow parsing down. I don't know if that's true and try to write pure php as you call it due to the first reason. Bogdan Andre Dubuc wrote: I've noticed that many people on the list code in 'pure' php, i.e. ? print input type='text' name='fname' size='50'; // etc ? Since most of my code is a mixture (the early stuff is 'mixed' html + php), I've been wondering why code in 'pure' php? Is there some compelling reason (that I'm unaware of) for doing so? Should I rewrite all my earlier code into its 'pure' form? If so, what do I do with the '! DOCTYPE . . . statement -- put it in quotes too? I would like to understand the reasons for writing code in this manner, when all my code works fine, displays great: am I missing something important here? Btw, I use the 'php' ending for all file names. Your thoughts, opinions and suggestions would be greatly appreciated -- I'd like to do what is best. Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: 'Pure' php vs 'mixed' (html + php)
On Monday 03 June 2002 01:00 pm, you wrote: Sunday, June 02, 2002, 7:55:09 PM, Andre wrote: AD I've been wondering why code in 'pure' php? Is there some compelling reason AD (that I'm unaware of) for doing so? Should I rewrite all my earlier code into Andre, Sorry to chime in so late, but IMO, be more concerned with saving output for the last step in execution, because once it's echoed out, there's no turning back or sending headers or a redirect.. Have functions return strings instead of echo them (and take advantage of syntax for more readable string building), build up a document into variables, send out at very end. Some home-grown example code might be useful: ?php //setup session, DB, some common functions require_once(setup_session.php); require_once(create_DB_object_instance.php); require_once(html_building_functions.php); // start building string array for later output $Template[title] = query results; // if DB problems, load content, output, quit. if (!$dbi-connect()) { $Template[main_content] = join('',file(DB_down_message.html,1)); include(main_template.php); exit(0); } // build result table HTML $result_table = open_result_table(); $dbi-run_query(SELECT ..); while ($row = $dbi-next_row_array()) { $result_table .= EOD tr td{$row[guns]}/td td{$row[butter]}/td /tr EOD; } $result_table .= /table\n; // load results content $results_copy = join('',file(about_results.html,1)); $Template[main_content] .= EOD h1Query Results/h1 $result_table h2About Results/h2 $results_copy EOD; if (//need to go elsewhere) { header(Location: http://elsewhere;); exit(0); } $_SESSION['last_accessed'] = $PHP_SELF; setcookie(//something); include(main_template.php); ? Point is, at any point in execution cookies or headers can be sent or content changed. You end up with most content in seperate files and script logic/execution very easy to understand/debug. Stick a watch echo anywhere in the code and it pops up at the top of the browser window. For the above code, main_template.php is a full HTML document (only HTML editor needed) with PHP tags in just a few spots to echo elements of the $Template array: !DOCTYPE ... html head title?php echo $Template['title'] ?/title /head body ?php echo $Template['main_content'] ? /body /html Bogdan wrote: There's an urban legend saying that switching php tags on and off would slow parsing down. Content outside PHP tags gets to skip the parser. From the manual: ..for outputting large blocks of text, dropping out of PHP parsing mode is generally more efficient than sending all of the text through echo() or print() or somesuch. Steve Thanks Steve, How I wish I had seen this before I started coding. Looks very good . . . I might work on some changes, after all . . . Regards, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Session problem with https
I've followed the threads on sessions, and discovered, to my horror, that I was passing the session id through cookies. Attempting to repair this 'problem' has been fun (with 200+ files). Somehow, the session variables are not passing through once they encounter an https page. I'm using the following for passing the session id: form action=desired.php??=SID? method=post ?php header(location: desired.php?.sid); ? These work for ordinary http, but for https, it gives array(). Each page starts with ?php session_start(); ob_start(): ?. I have set globals=off, session.use_trans_sid=1 (so I shouldn't need to use ?=SID? above, but I don't know what to use instead??), and session.use_cookies=0 in my php.ini. In only one https page, when it loads gives me PHPSESSIONID anen3n1nn..., but still does not let me access the variables that should be within that session. I'm totally at a loss what is happening here. Can anyone shed some light on how to retrieve the session variables for an https page? Any help or where to look (beyond the php.net pages where I learned about sessions), would be greatly appreciated. Tia, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Session problem with https
I've followed the threads on sessions, and discovered, to my horror, that I was passing the session id through cookies. Attempting to repair this 'problem' has been fun (with 200+ files). Somehow, the session variables are not passing through once they encounter an https page. I'm using the following for passing the session id: form action=desired.php??=SID? method=post ?php header(location: desired.php?.sid); ? These work for ordinary http, but for https, it gives array(). Each page starts with ?php session_start(); ob_start(): ?. I have set globals=off, session.use_trans_sid=1 (so I shouldn't need to use ?=SID? above, but I don't know what to use instead??), and session.use_cookies=0 in my php.ini. In only one https page, when it loads gives me PHPSESSIONID anen3n1nn..., but still does not let me access the variables that should be within that session. I'm totally at a loss what is happening here. Can anyone shed some light on how to retrieve the session variables for an https page? Any help or where to look (beyond the php.net pages where I learned about sessions), would be greatly appreciated. Tia, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Code for db connection errors
Suppose, during an attempted connection to a database, an error condition occurs, where the connection cannot be made. ?php . . . $db = pg_connect(dbname=rap user=postgres) die (Connection failed - please try again.); . . . . ? Is it advisable for such a message to be displayed to the User, or should such reporting be sent to a log of some sort. (I'm unclear of what use the message would be to the User, and since the site is not on my server, but on my IP's, I would definetly like to know if a failed connection occurs, so that I could investigate the problem) What code could/should I place in the error message -- for example, how can I arrange for an e-mail to be sent to me (if that would be advisable)? How would you handle this situation? Any guidance would be greatly appreciated, Tia, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Code for db connection errors
On Thursday 15 August 2002 10:20 pm, Jason Wong wrote: It's probably not very user friendly to display the raw error. You could redirect the user to a generic error page saying something like The site is down for maintenance or whatever. That's what I thought. So with your other idea of checking error_log(), I have a good idea what to do. Thanks. Regards, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Code for db connection errors
Thanks Patrick, This looks good -- just what I needed to do the job! Regards, Andre On Thursday 15 August 2002 10:22 pm, Pafo wrote: why not: ?php $error[] = Connection to the database failed; $db = pg_connect(dbname=rap user=postgres) die (error(0)); function error ($code) { switch ($code) { case 0 : reportErrMsg($error[$code]); break; ... } } ? i think ive would have done something like that... but im not the greatest expert on php :) regards patrick Andre Dubuc [EMAIL PROTECTED] skrev i meddelandet [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Suppose, during an attempted connection to a database, an error condition occurs, where the connection cannot be made. ?php . . . $db = pg_connect(dbname=rap user=postgres) die (Connection failed - please try again.); . . . . ? Is it advisable for such a message to be displayed to the User, or should such reporting be sent to a log of some sort. (I'm unclear of what use the message would be to the User, and since the site is not on my server, but on my IP's, I would definetly like to know if a failed connection occurs, so that I could investigate the problem) What code could/should I place in the error message -- for example, how can I arrange for an e-mail to be sent to me (if that would be advisable)? How would you handle this situation? Any guidance would be greatly appreciated, Tia, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] NS4.x / IE3.0 Browser Detection
I need to differentiate between different versions of NS4, particularly the ones that are used by Mac. So far, I've used the following to detect variants: if(eregi((Mozilla/4.[0-8][0-9]),$_SERVER['HTTP_USER_AGENT'])) However, I'm aware that it will not distinguish between PC and Mac-based NS4. My question is: what versions of NS (if any) do Mac's use? I've used the following to detect IE3.0 users: if(eregi((mozilla/3.0),$_SERVER['HTTP_USER_AGENT'])) Is this correct? Any insights or advice most welcome. Tia, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] NS4.x / IE3.0 Browser Detection
On Tuesday 20 August 2002 10:57 am, Lowell Allen wrote: From: Andre Dubuc [EMAIL PROTECTED] I need to differentiate between different versions of NS4, particularly the ones that are used by Mac. So far, I've used the following to detect variants: if(eregi((Mozilla/4.[0-8][0-9]),$_SERVER['HTTP_USER_AGENT'])) However, I'm aware that it will not distinguish between PC and Mac-based NS4. My question is: what versions of NS (if any) do Mac's use? I've used the following to detect IE3.0 users: if(eregi((mozilla/3.0),$_SERVER['HTTP_USER_AGENT'])) Is this correct? Any insights or advice most welcome. Here's what I use to detect Mac Netscape 4.x: if((eregi(Mozilla, getenv(HTTP_USER_AGENT))) (!eregi(MSIE, getenv(HTTP_USER_AGENT))) (!eregi(Gecko, getenv(HTTP_USER_AGENT))) (eregi(Mac, getenv(HTTP_USER_AGENT Do you really need to differentiate between 4.x versions? It looks like you're matching any 4.x version. Thanks Lowell, That's the problem -- I don't know whether to exclude Mac NS4 as well. I'm using a lot of CSS1, and NS4's output is horrible. Rather than re-write the whole site, or try to patch things up, I'm re-directing them to WaSP. So, the question is: does Mac NS4 behave like the PC version? If so, I'll just use what I have, and re-direct. Any ideas on the Mac? Tia, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Simple Security Clarification
In another thread [How do you protect individual files], Justin French stated: In real short, you want to store the files outside your htdocs root (so they can't be served by http) . . . My PHP setup serves files from DOCUMENT_ROOT=/var/www/html. If I place files in '/var/www/html/secure' would this provide any isolation for file access? Am I correct in thinking that 'below' is not the same as 'outside' doc_root, and that i this case, no protection would be afforded? Tia, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Code for off-site Maintenance?
Soon, I will be transferring my site to go on-line with my IP. Since I've never managed anything off-site, I have a very fundamental question: What are the usual procedures with respect to maintaining a site, that is, accessing the PostgreSQL database for corrections, deletions, etc? One idea that occured to me: mirror the site here, complete with database, and modify stuff at this end, then upload to the IP. Or should I create some form of management code that would allow me, using php, to access and modify the stuff on-line. I've looked at Zope, Midguard, and another one, but they seem like over-kill (and I would have to change a lot of my code to use them). I would appreciate any input pointing how I should proceed -- I'm a total newbie in this area. Any pointers, or where to look, would be greatly appreciated. Tia, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Simple Security Clarification
On Wednesday 21 August 2002 08:15 am, Jay Blanchard wrote: [snip] In another thread [How do you protect individual files], Justin French stated: In real short, you want to store the files outside your htdocs root (so they can't be served by http) . . . My PHP setup serves files from DOCUMENT_ROOT=/var/www/html. If I place files in '/var/www/html/secure' would this provide any isolation for file access? Am I correct in thinking that 'below' is not the same as 'outside' doc_root, and that i this case, no protection would be afforded? [/snip] Yes, and no. 'Secure' is below the root and is therfore less protected. However, you can still use .htaccess directives to control the 'secure' directory much more closely. The path could be hacked, but if there is a requirement to login to that folder (because of .htaccess directives) then the hacker will still have to come up with appropriate authentication. If the root is /var/www/html then outside of the root could be /var/www/secure so that the path cannot be hacked from the browser, but you should still apply appropriate restrictions. HTH! Jay Thanks Jay, It's becoming clearer. But one question concerning: the path could be hacked, but if there is a requirement to login to that folder (because of .htaccess directives) then the hacker will still have to come up with appropriate authentication. Since all sensitive files on my site require login (username/password) and each (https) page requires the appropriate $_SESSION variables before it'll load, I wonder whether I can leave things as they are (everything in the /html folder)? You mentioned that the path could be hacked -- if that's the case (even using .htaccess) would setting these sensitive files below the root make much difference? Tia, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Code for off-site Maintenance?
Thanks Justin, A web-based control panel content management system seems like a nice invitation to enter 'Hackers' Paradise'. I like the idea of doing it at home and testing, as you do. Something inside of me squirms at the idea of the whole shebang being tatooed by a hacker. Regards, Andre On Wednesday 21 August 2002 09:21 am, Justin French wrote: I'm usually weeks, or month ahead of myself. The code I have in my local environment is looking forward towards knew features, new ideas, etc etc. Every week or two I grab a mirror of the online database (or I could connect straight to it of course), and WHEN new code is ready to upload, I do it via FTP. If I had a LOT of uploads, I'd write something that does it for me, comparing dates or something. I do have a web-based control panel content management system for some sections of some sites, allowing me (or the client) to add / edit / delete / arrange some content... End of the day, it's each to their own -- but I know that I wouldn't want to be directly editing live code, data or modules on the fly. I like to work on a mirror, test, test, test, upload, test. Justin French on 21/08/02 10:11 PM, Andre Dubuc ([EMAIL PROTECTED]) wrote: Soon, I will be transferring my site to go on-line with my IP. Since I've never managed anything off-site, I have a very fundamental question: What are the usual procedures with respect to maintaining a site, that is, accessing the PostgreSQL database for corrections, deletions, etc? One idea that occured to me: mirror the site here, complete with database, and modify stuff at this end, then upload to the IP. Or should I create some form of management code that would allow me, using php, to access and modify the stuff on-line. I've looked at Zope, Midguard, and another one, but they seem like over-kill (and I would have to change a lot of my code to use them). I would appreciate any input pointing how I should proceed -- I'm a total newbie in this area. Any pointers, or where to look, would be greatly appreciated. Tia, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Further Security Clarifications [was: Simple Security Clarifcation]
My main files are located in /var/www/html (the 'DOCUMENT_ROOT' in Apache, according to php.ini). All sensitive files have been moved to '/var/www/secure', but now I can't access them! (According to php.ini, the PHP core 'doc_root=none'). I'm totally confused. If I understand this correctly, I want the files in '/var/www/secure' to be served through php scripts that reside in the individual files that call them up in /var/www/html. So, the problem seems to be that either Apache or PHP doesn't know/can't access them. So, what am I doing wrong here? I've also added a FILes ~\.sht$ directive to refuse all .sht files (they're .inc's). How do get access for php to the secure file directory, and exclude the hackers? At this point, I'm about as confused as I've ever been since beginning PHP. Any clarifications that will guide back into the fold, will be greatly appreciated! Tia, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Further Security Clarifications [was: Simple Security Clarifcation]
Thanks Bob, Got a 404: File not Found. Checked the ssl_error_log as suggested, and found a rather interesting entry: No such file: /var/www/html/var/www/secure/test.php Obviously it's goes to DOCUMENT_ROOT (pre-pending the/var/www/html) and adds what I've asked for. So, how do I tell it where to look, and not the default setting? How am I including them? Well, most of the action occurs from the menu so it's: a href=https://localhost/var/www/secure/test.php;Testing for Bugs/a (I've also tried /secure/test.php Any ideas what I'm messing up? Tioa, Andre On Wednesday 21 August 2002 09:26 pm, Bob Irwin wrote: Usually the first thing you want to do here is check your error log. Most of the time, this sort of thing will be a permissions problem, as the apache server runs the PHP scripts as a user (ie you), that user needs to have the ability to execute those files. If you aren't sure, make the file owner you and give the files 777 and work backwards from there. Don't forget to check the directory permissions as well as the file permissions. From a hosting point of view, its different and a little more complicated if you have multiple users on the server, if it's just you though, it makes it a little easier. Take note of what the file permissions/ownership are befor eyou change them (in case this isn't the problem). Another simple things to check - make sure you're using the full path, ie, /var/www/secure/filename.php How are you including them? I use a require(/pathtofile/filename.php); Works for me assuming I have the right permissions. Best Regards Bob Irwin Server Admin Web Programmer Planet Netcom - Original Message - From: Andre Dubuc [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, August 22, 2002 11:19 AM Subject: [PHP] Further Security Clarifications [was: Simple Security Clarifcation] My main files are located in /var/www/html (the 'DOCUMENT_ROOT' in Apache, according to php.ini). All sensitive files have been moved to '/var/www/secure', but now I can't access them! (According to php.ini, the PHP core 'doc_root=none'). I'm totally confused. If I understand this correctly, I want the files in '/var/www/secure' to be served through php scripts that reside in the individual files that call them up in /var/www/html. So, the problem seems to be that either Apache or PHP doesn't know/can't access them. So, what am I doing wrong here? I've also added a FILes ~\.sht$ directive to refuse all .sht files (they're .inc's). How do get access for php to the secure file directory, and exclude the hackers? At this point, I'm about as confused as I've ever been since beginning PHP. Any clarifications that will guide back into the fold, will be greatly appreciated! Tia, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Scanned by PeNiCillin http://safe-t-net.pnc.com.au/ Scanned by PeNiCillin http://safe-t-net.pnc.com.au/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Further Security Clarifications [was: Simple Security Clarifcation]
Thanks again Bob, First off, the site is still being debugged off-line, and part of the problem, as you suggested is my confusion over UNIX SERVER and the Apache Server. OK. Got that. What I'm trying to do: Any file that utilizes $_SESSION variables accessed through username/password validation is accessed via https. This includes the original signup screen, logins, etc. The only place for http files are static files that display non-sensitive info, and that do not require db access. If you are trying to hide scripts with important information (ie, passwords) then running a secure server will not work. They will STILL be available from the internet, just at https://mywebsite/myfilewithapassword.php. If the user is not logged in, they get an error message, and can go no further since $_SESSION['authenticate'] must match their username/password. All I'm trying to do is to provide an extra layer of security by shoving all sensitive files into the 'secure' directory, outside of the DOCUMENT_ROOT (but I have no idea what 'doc_root' in PHP is for??). From what I'm trying to accomplish, do I really need to bother setting the 'secure' directory outside of the document_root? Wouldn't the setup I've done so far suffice? At any rate, I've tried just setting : https://localhost/secure/test.php -- it still gives a 404 Tia, Andre On Wednesday 21 August 2002 10:12 pm, Bob Irwin wrote: Thanks Bob, Got a 404: File not Found. Checked the ssl_error_log as suggested, and found a rather interesting entry: No such file: /var/www/html/var/www/secure/test.php Ahhh - ok - I thought you were including them internally from PHP. You are actually linking to the file being SERVED by the web server in HTML. IN this case, all you need to do is reference to it as https://secureserveraddress/filename.php First of all, we need to understand this. We have two seperate servers here, the unix server that apache is running on and the apache server (this runs PHP, the secure server etc) itself. So... your normal website (served by the apache server) is at http://mywebsite.com/files.php BUT 'files.php' is located ON THE UNIX SERVER as /var/www/html/files.php The /var/www/html/ is the UNIX path to the file. The users who are using your APACHE server to get file do not see this in anyway. All they see is what is in the root directory, ie, /var/www/html from http://mywebsite.com/, this is exactly the same for the secure server, except the served files are encrypted. Success in this depends on what you are trying to do. Are you trying to secure files that contain information like your database passwords? Or are you just trying to run PHP scripts that produce HTML on a secure server (so that you can take credit card details from the remote users?). If you are trying to hide scripts with important information (ie, passwords) then running a secure server will not work. They will STILL be available from the internet, just at https://mywebsite/myfilewithapassword.php. This is not easily explained and I don't want to spend time going into it if its not what you're after, but if this is what you are doing, let me know and I'll help out. If you are just trying to encrypted the data from the server to the user, then you are doing the right thing, you just need to lose the /var/www/secure/ in the https:// address. Obviously it's goes to DOCUMENT_ROOT (pre-pending the/var/www/html) and adds what I've asked for. So, how do I tell it where to look, and not the default setting? How am I including them? Well, most of the action occurs from the menu so it's: a href=https://localhost/var/www/secure/test.php;Testing for Bugs/a (I've also tried /secure/test.php Any ideas what I'm messing up? Scanned by PeNiCillin http://safe-t-net.pnc.com.au/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Apostrophe in preg_match?
I'm trying to get an apostrophe (and a dash, as well) to be included in a preg_match expression, but I don't know how to escape the characters. ?php if (preg_match(^[!a-zA-Z-/\\\'/]^, $_POST['ssname'])) die (h5Numbers and special characters not allowed in 'Surname'brbr Click 'Back' on your browser to re-enter information./h5); ? Any help will be greatly appreciated. Tia, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Apostrophe in preg_match?
Thanks DL, I've read that part of the manual. My original syntax was as you suggested [^a-zA-Z-'], but the PostgreSQl query barfed on the apostrophe. The preg_match works, but the db refuses to accept the apostrophe. Reading the postgresql docs, they suggest escaping the character, but since the variable is contained in $_POST['ssname'] I don't know how to get the escaped character inserted into this POST'd variable. After the validation check : if (!preg_match(^[a-zA-Z-/\'/]^, $_POST['ssname'])) die . . . . . the POST'd variable is transformed: $_POST['ssname'] = ucwords({$_POST['ssname']}); $_SESSION['ssname'] = $_POST['ssname']; $_SESSION['ssname'] = ucwords({$_SESSION['ssname']}); and then inserted into the db: INSERT INTO sponsor (sid, sfname, ssname, . . . '{$_SESSION['ssname']}', . . . . So, how would I get this escaped character into the db? Any further help would be greatly appreciated. I'm stumped on this one. Perhaps, I'll have to exclude apostrophes, but there must be a way?? Tia, Andre On Wednesday 28 August 2002 06:16 am, DL Neil wrote: I'm trying to get an apostrophe (and a dash, as well) to be included in a preg_match expression, but I don't know how to escape the characters. The manual discusses which characters need escaping and how to escape characters: http://www.php.net/manual/en/pcre.pattern.syntax.php ?php if (preg_match(^[!a-zA-Z-/\\\'/]^, $_POST['ssname'])) die (h5Numbers and special characters not allowed in 'Surname'brbr Click 'Back' on your browser to re-enter information./h5); ? Any help will be greatly appreciated. Keep it simple: [^a-zA-Z-'] Regards, =dn -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php