php-general Digest 17 Aug 2007 08:42:05 -0000 Issue 4966
Topics (messages 260936 through 260943):
Re: maintaining session information
260936 by: Vic Agnews
260937 by: Chris
260941 by: Vic Agnews
Which CAPTCHA is the besta?
260938 by: Tony Di Croce
260940 by: Hamza Saglam
Re: adding "Back to Search results" link
260939 by: Tom Rogers
Re: Is it possible to disable eval()?
260942 by: hshh
Re: php 5 and ms sql server express won't play nice !
260943 by: Gregory Machin
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
--- Begin Message ---
Thanks for the suggestions guys .... I appreciate the help! I guess I'll
look into creating a custom session handler. Any good references?
How my current setup works is, there's session information for
sub-domain1.domain.com stored in a cookie and I want
sub-domain2.domain.com(which currently does not have
authentication/sessions) to be able to read
that cookie and find out who the user is. I read somewhere that you could do
this either by using an apache module or .htaccess files or configuring
php.ini ...
- Vic
On 8/16/07, Chris <[EMAIL PROTECTED]> wrote:
>
> Vic Agnews wrote:
> > is there a way we can maintain session information across two
> sub-domains
> > (on two different servers though) ... kinda like how google does it?
>
> Might have to use a 3rd party cookie & possibly a custom session handler.
>
> A cookie created on 'domain.com' cannot be read by any subdomains
> (including 'www.domain.com').
>
> A 3rd party cookie (on 'www.domain2.com') can be used in both cases and
> it's independent so shouldn't have a problem being read.
>
> --
> Postgresql & php tutorials
> http://www.designmagick.com/
>
--- End Message ---
--- Begin Message ---
Vic Agnews wrote:
Thanks for the suggestions guys .... I appreciate the help! I guess I'll
look into creating a custom session handler. Any good references?
http://php.net/session_set_save_handler shows an example.
How my current setup works is, there's session information for
sub-domain1.domain.com <http://sub-domain1.domain.com> stored in a
cookie and I want sub-domain2.domain.com <http://sub-domain2.domain.com>
(which currently does not have authentication/sessions) to be able to
read that cookie and find out who the user is. I read somewhere that you
could do this either by using an apache module or .htaccess files or
configuring php.ini ...
AFAIK that's completely wrong. Your browser holds the cookie and it
works out the security of which domain can read which cookie.
--
Postgresql & php tutorials
http://www.designmagick.com/
--- End Message ---
--- Begin Message ---
Thanks again for the reply ... i will look into session_set_save_handler. I
also did some research on SSO and OpenID (phpMyID) ... sounds like an
interesting concept!
- Vic
On 8/16/07, Chris <[EMAIL PROTECTED]> wrote:
>
> Vic Agnews wrote:
> > Thanks for the suggestions guys .... I appreciate the help! I guess I'll
> > look into creating a custom session handler. Any good references?
>
> http://php.net/session_set_save_handler shows an example.
>
> > How my current setup works is, there's session information for
> > sub-domain1.domain.com <http://sub-domain1.domain.com> stored in a
> > cookie and I want sub-domain2.domain.com <http://sub-domain2.domain.com>
> > (which currently does not have authentication/sessions) to be able to
> > read that cookie and find out who the user is. I read somewhere that you
> > could do this either by using an apache module or .htaccess files or
> > configuring php.ini ...
>
> AFAIK that's completely wrong. Your browser holds the cookie and it
> works out the security of which domain can read which cookie.
>
> --
> Postgresql & php tutorials
> http://www.designmagick.com/
>
--- End Message ---
--- Begin Message ---
I need a CAPTCHA script.... Which one is the best? (I dont mind if its
somewhat difficult).
--- End Message ---
--- Begin Message ---
Not a script you can install/hack but why don't you have a look at:
http://recaptcha.net/ ?
Regards,
Hamza.
""Tony Di Croce"" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
>I need a CAPTCHA script.... Which one is the best? (I dont mind if its
> somewhat difficult).
>
--- End Message ---
--- Begin Message ---
Hi,
Thursday, August 16, 2007, 6:44:46 AM, you wrote:
D> Jim and Brad.
D> Thanks for the feedback. I was thinking it was something simple like a back
D> button. But the problem that arises when I use this method is on Form 3.
D> If I go through the steps, and make a change to an item on Form 3. Then use
D> the <a href="javascript:history.go(-2);">Return to search
D> results</a>.....everything works fine.
D> But if I dont make any changes to Form 3. then this takes me all the way
D> back to the search page.
D> People in my group use this form to update database information for a number
D> of items. Once they make changes, they would like to go back to the search
D> results, instead of having to run the same search again and again.
Have form 3 open in a new window and they just close it when finished
leaving the original on form 2.
--
regards,
Tom
--- End Message ---
--- Begin Message ---
Thank you. It is already enough for me. It works.
On 8/16/07, Steffen Ebermann <[EMAIL PROTECTED]> wrote:
> On Thu, Aug 16, 2007 at 09:50:30PM +0800, hshh wrote:
> > I try to disable eval() function in php script, but failed.
> > In php.ini disable_functions=eval is not work, but other functions.
> > So, is it possible to disable eval()? Thanks.
>
> It don't work because eval() isn't a function.
>
> The Suhosin protection system would let you do so. If an option:
> http://www.hardened-php.net/suhosin/configuration.html#suhosin.executor.disable_eval
>
--- End Message ---
--- Begin Message ---
with the suggested config i get the following
Warning: mssql_connect() [function.mssql-connect]: Unable to connect
to server: (local)\SQLEXPRESS in C:\wamp\www\test\test.php on line 8
Couldn't connect to SQL Server on (local)\SQLEXPRESS
this is my connection script
<?php
$myServer = "(local)\SQLEXPRESS";
$myUser = "sa";
$myPass = "[EMAIL PROTECTED]";
$myDB = "WEBCOLTECH";
//connection to the database
$dbhandle = mssql_connect($myServer, $myUser, $myPass)
or die("Couldn't connect to SQL Server on $myServer");
On 8/16/07, Kirk Friggstad <[EMAIL PROTECTED]> wrote:
> SQL Server Express defaults to installing as a named instance -
> assuming that you're running Apache/PHP on the same machine as SQL
> Server Express, I believe you'll want to use "(local)\SQLEXPRESS" as
> the host to connect to. If it's on a different machine, you'll want to
> use "MACHINENAME\SQLEXPRESS" (replace "MACHINENAME" with the actual
> name of the computer SQL Express is running on).
>
> DISCLAIMER: I haven't actually tried using SQL Server with PHP, so I
> can't guarantee this will work. However, I have spent a lot of time
> working with SQL Server and ASP in a previous life, so I'd like to
> think that I have half a clue when it comes to connecting to it. :-)
>
> Hope this helps.
>
> Kirk
>
> On 8/16/07, Gregory Machin <[EMAIL PROTECTED]> wrote:
> > Hi
> > I have tried most of the configuration options in the php manual /
> > examples http://www.php.net/function.mssql-connect and I just can't
> > get it to connect
> > I'm running WAMP5 and have enables php_mssql.dll extentions etc ..
> > sql server 2005 express has both named pipes and tcp/ip conections enabled,
> > both are installed on the same machine (xp pro)...
> >
> > this it the error I keep getting
> > Warning: mssql_connect() [function.mssql-connect]: Unable to connect
> > to server: SQLEXPRESS in C:\wamp\www\test\test.php on line 8
> > Couldn't connect to SQL Server on SQLEXPRESS
> >
> > Many Thanks in advance
> > --
> > Gregory Machin
> > [EMAIL PROTECTED]
> > www.linuxpro.co.za
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> >
> >
>
>
> --
> _________________
> Kirk Friggstad, Daft Viking Consulting
> email / msn / gtalk: [EMAIL PROTECTED]
> aim / skype: daftviking
> mobile / SMS: 306-867-0010
>
--
Gregory Machin
[EMAIL PROTECTED]
www.linuxpro.co.za
--- End Message ---
