[PHP-DB] Re: permissions "system"

2002-06-09 Thread Jason Markantes 

I've heard a couple of ideas, but so far nothing very different from what I'm
planning. Has anyone done anything really different out there?

Kevin, I like your idea for quickly protecting several pages. The difference
here is that I need to be able to turn on any combination of access for users.
By using "Levels", it doesn't give me quite the granularity of permissions for
this particular project. 

Come on, let's see some creative solutions! I know there's some pretty dang
smart people out there, and this isn't a new problem. I'm also starting to
dissect some existing open source projects that have multiple users and
permissions to get (hopefully) some other ideas.

Thanks for any thoughts!
Jason

> ATTACHMENT part 9 message/rfc822 
> From: "Kevin Stone" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Date: Wed, 5 Jun 2002 14:14:11 -0600
> Subject: Re: [PHP-DB] permissions "system"
> 
> Very simply I protect whole pages on my member's website by include()'ing a
> script called auth.php into the top of each page.  Rather than using a
> binary string to turn functions 'on' and 'off', I do things a bit more
> general than that.  I have defined levels of access (ie, L1, L2, L3, etc..)
> stored in the member's table in the database.  At the top of each page I
> wish to protect I write ($min_access = 'L2') to define a minimum level of
> access.  If the user has L2 access or greater they'll fall right through the
> auth.php and end up on the page.  Otherwise one of the conditionals will
> catch them like a net and dump them into the logout() function which kills
> the session and displays the login screen with a lovely "ACCESS DENIED" (or
> other appropriate text) message.  In this way I can protect any number and
> type of webpage (so long as I rename it .php) without registering the
> filename.  And all of my staff and admin scripts can remain public instead
> of behind some .htaccess file.
> 
> As for the complexity of auth.php.  It's hardly complex but I'm fairly
> thurough in my check.  The auth.php script is actually about 150 lines of
> code and does timeout, tracks the member's movement and more...  but it
> could be as simple as a single db query.  This is the best continuous
> pervasive authentication scheme I have devised.  It's probably not as good
> as other systems out there but it does the job in the limited scope of
> protecting my member's site.  :)
> 
> -Keivn
> 
> - Original Message -
> From: "Jason Markantes" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, June 04, 2002 10:43 PM
> Subject: [PHP-DB] permissions "system"
> 
> 
> > Howdy All-
> >
> > I've poked around the net for some snippets, and have done my own in the
> past,
> > but wanted to get some more ideas on how you do a permissions "system".
> This
> > means, in your application, how do you control and enforce different
> > permissions for different users?
> >
> > Simple example: An image repository. You have users who can download
> images
> > and/or upload images. And certain users can only search for images within
> a
> > certain criteria.
> >
> > What I've done in the past is created a permission_flag column for each
> user.
> > Zero or One determines whether or not the user can do that function, and
> the
> > various functions are indicated by position (or index). So if you had
> upload
> > and download functions, you can have:
> >
> > 01 = can download, but can't upload
> > 11 = can download and upload.
> >
> > If I add a new function, I have to add another digit (and potentially
> increase
> > the column size if things grow faster than planned).
> >
> > To enforce this, as a user attempts each function, I simply check the
> function
> > "index" and see if it's one or zero.
> >
> > With me so far?
> >
> > Now, for restricting database access:
> >
> > What I've done is created a user_where column for each user. In this
> column I
> > add a where clause that's appended to each and every search the user
> attempts
> > (with the usual input safety checks for common db exploits).
> >
> > For example, if a user can only see Approved images (in my pretend
> application
> > example here), the user_where value might be "category = 'Approved'". For
> > multiple values, it could be "category IN ('Approved', 'Pending')".
> >
> > Does this make sense? How are other people doing things? I've given a
> little
> > bit of thought to it, but not enough. With all the applications out there
> > everyone at some point has to come up with their own system.
> >
> > Ideas?
> >
> > Thanks,
> > Jason

=
Just Another Fu@#in' Adventure
http://markantes.com/jason

__
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-DB] Re: php-db Digest 9 Jun 2002 13:18:08 -0000 Issue 1246

2002-06-09 Thread chidambaram 

Hi,
   i am using php4.1.2 apahce1.3.240
  i am getting this warning 
Warning: Unknown list entry type in request shutdown (0) in Unknown
on line 0

could anyone help in solving this 
thanks in advance for your help

chidambaram





 --- [EMAIL PROTECTED] wrote: > 
> php-db Digest 9 Jun 2002 13:18:08 - Issue 1246
> 
> Topics (messages 19689 through 19700):
> 
> Re: Auto-update database records
>   19689 by: Jason Wong
>   19690 by: Tony
>   19691 by: Jason Wong
>   19692 by: Tony
>   19693 by: Jason Wong
> 
> Re: MySQL problem on Yellow Dog Linux
>   19694 by: Garrett Nelson
>   19695 by: Jason Wong
>   19696 by: Garrett Nelson
>   19697 by: Jason Wong
> 
> arranging folders hiearchy
>   19698 by: SP
>   19699 by: SP
> 
> Hyperwave Upload Error, hw_insert_document()
>   19700 by: Jean HAUSSER
> 
> Administrivia:
> 
> To subscribe to the digest, e-mail:
>   [EMAIL PROTECTED]
> 
> To unsubscribe from the digest, e-mail:
>   [EMAIL PROTECTED]
> 
> To post to the list, e-mail:
>   [EMAIL PROTECTED]
> 
> 
>
--
> 

> ATTACHMENT part 2 message/rfc822 
> From: Jason Wong <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Date: Sat, 8 Jun 2002 20:45:04 +0800
> Subject: Re: [PHP-DB] Auto-update database records
> 
> On Saturday 08 June 2002 20:35, Tony wrote:
> > Here is my code.
> > If you see some variables not defined, assume it is:
> 
> Hmm, is there a problem with your code? If so could you state what
> the problem 
> is?
> 
> -- 
> Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
> Open Source Software Systems Integrators
> * Web Design & Hosting * Internet & Intranet Applications
> Development *
> 
> 
> /*
> Any man who hates dogs and babies can't be all bad.
>   -- Leo Rosten, on W.C. Fields
> */
> 
> 

> ATTACHMENT part 3 message/rfc822 
> Date: Sat, 08 Jun 2002 05:52:54 -0700
> From: Tony <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Subject: Re: [PHP-DB] Auto-update database records
> 
> You are being picky on me, huh?
> I stated my problem 3 emails ago, browser gives me error "attempt
> to load
> "MyPage's URL" failed".
> Could be because of execution timeout.
> I tried to set the time longer with no luck.
> If I put the flush() after each data, I get the first output only.
> But I need to update the database very often, and I don't want to
> do it by
> hands..
> 
> Tony S. Wu
> [EMAIL PROTECTED]
> 
> 
> > On Saturday 08 June 2002 20:35, Tony wrote:
> >> Here is my code.
> >> If you see some variables not defined, assume it is:
> > 
> > Hmm, is there a problem with your code? If so could you state
> what the problem
> > is?
> 
> 
> 
> 

> ATTACHMENT part 4 message/rfc822 
> From: Jason Wong <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Date: Sat, 8 Jun 2002 21:27:09 +0800
> Subject: Re: [PHP-DB] Auto-update database records
> 
> On Saturday 08 June 2002 20:52, Tony wrote:
> > You are being picky on me, huh?
> 
> I'm sorry if you feel offended ...
> 
> > I stated my problem 3 emails ago, 
> 
> ... but I delete mail from this list as soon as I've finished with
> them. As 
> you have started a new thread one would naturally assume this is a
> new 
> problem. Please don't expect people to remember dead threads.
> 
> > browser gives me error "attempt to load
> > "MyPage's URL" failed".
> 
> > Could be because of execution timeout.
> > I tried to set the time longer with no luck.
> > If I put the flush() after each data, I get the first output
> only.
> > But I need to update the database very often, and I don't want to
> do it by
> > hands..
> 
> Have you tried tracking down where it is that the script fails? 
> 
> Either use echo() or error_log() at various points in the script to
> monitor 
> what the program is doing. For example before starting the
> while-loops 
> echo("Entering while loop") and inside the while-loop
> echo($counter), and 
> when the loop terminates echo someting to that effect. This should
> at least 
> tell you whether you have any infinite loops.
> 
> Another thing you can do is simplify the check for the prices. Your
> present 
> method seems to be veru long-winded. I think a single preg_match()
> could 
> replace the "while ($counter < $i)" loop.
> 
> -- 
> Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
> Open Source Software Systems Integrators
> * Web Design & Hosting * Internet & Intranet Applications
> Development *
> 
> 
> /*
> YOU PICKED KARL MALDEN'S NOSE!!
> */
> 
> 

> ATTACHMENT part 5 message/rfc822 
> Date: Sat, 08 Jun 2002 06:34:56 -0700
> From: Tony <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Subject: Re: [PHP-DB] Auto-update database records
> 
> I do appreciate your reply.
> Yes, I've tried to track down the problem.
> I comment-out the fopen() function and use echo to display the URL.
> And it displays fine, so I did get the record from MySQL.
> Then when I put the fopen() back, same problem appears.
> I

RE: [PHP-DB] arranging folders hiearchy

2002-06-09 Thread SP 

Hi Frank thanks for the reply.  I'm a newbie so I'm not exactly
understanding your solution so I'm trying it out.  I got up to the UPDATE
SORTORDER FROM DIR_TABLE ... but I got an error on the FROM.  I am using
mysql and looked up the UPDATE syntax and it didn't show the FROM syntax
being used.





-Original Message-
From: Frank Flynn [mailto:[EMAIL PROTECTED]]
Sent: June 9, 2002 6:42 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: [PHP-DB] arranging folders hiearchy


The problem is you're overloading your "PATH" field.  An SQL engine cannot
tell the different meanings between (other than they are different):
   '   1   3   7' and
   '   1   2   6'

You can do this 'live' with only the ID, PID and the name SECTION and then a
temporary table to do the sort.

Try this:

CREATE TABLE SORTORDER
ID int
TOPOFPATH int
PATH varchar(512) /*must be big enough for longest path*/
LEVELFROMTOP int

Now run:

INSERT INTO SORTORDER (ID, TOPOFPATH, PATH, LEVELFROMTOP )
  SELECT ID, PID,  SECTION, 1
  FROM DIR_TABLE  /* this is your original table whose name I don't know */

OK now run this over and over again until no rows are being affected.

UPDATE SORTORDER
 FROM DIR_TABLE
  SET TOPOFPATH = DIR_TABLE.PID,
  PATH =  DIR_TABLE.SECTION + PATH
  LEVELFROMTOP = LEVELFROMTOP + 1
  WHERE TOPOFPATH = DIR_TABLE.ID
  AND DIR_TABLE.ID != DIR_TABLE.PID
  /* you could have some sanity end condition like AND LEVELFROMTOP < 50 */

Now to get your data in the order you desire:

SELECT DIR_TABLE.SECTION, SORTORDER.LEVELFROMTOP
  FROM DIR_TABLE, SORTORDER
  WHERE DIR_TABLE.ID = SORTORDER.ID
  ORDER BY SORTORDER.PATH

The SORTORDER.LEVELFROMTOP is the number of spaces to put in front of the
SECTION to get that nice nested look

Remember:
-As you go up the the ID -> PID ladder ALL paths must end at a record ID
where ID = PID (or no end condition -- see sanity end condition above)
-SORTORDER.PATH must be big enough to hold the longest path.  This can be a
weakness.
-you may want to make DIR_TABLE.SECTION lower case before you insert it into
SORTORDER.PATH
-You can't do this PATH field in the original table because if I change a
directory name it's hard to rebuild the PATH field in all of the rows.  But
you can leave the SORTORDER table in tact for performance and only rebuild
it after you modify any of the values in the original table.

Feel free to write back if you have more questions.
Good luck,
Frank

On 6/9/02 6:18 AM, "[EMAIL PROTECTED]"
<[EMAIL PROTECTED]> wrote:

> From: "SP" <[EMAIL PROTECTED]>
> Date: Sat, 8 Jun 2002 20:09:22 -0400
> To: <[EMAIL PROTECTED]>
> Subject: arranging folders hiearchy
>
> I am trying to arrange the results by PATH but within each of the same
PATH
> section I want it to be arranged by NAME alphabetically so it looks like
the
> following below.  I've tried a bunch of order by's but not getting it to
work.
> Is this possible to do?  Or do I have to change my PATH data some how.
>
> Home
> About Us
> Contact Us
> Products
>   Cabinets
>   Furnitures
> Services
>   Repairs
>   Waxing
>
> ID PID PATH   SECTION
> == === == =
> 1  1   '   1' 'Home'
> 2  1   '   1   2' 'Products'
> 3  1   '   1   3' 'Services'
> 5  2   '   1   2   5' 'Furniture'
> 6  2   '   1   2   6' 'Cabinets'
> 7  3   '   1   3   7' 'Waxing'
> 10 7   '   1   3  10' 'Repairs'
> 11 1   '   1   b' 'Contact Us'
> 12 1   '   1   c' 'About Us'
>



-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP-DB] arranging folders hiearchy

2002-06-09 Thread Frank Flynn 

The problem is you're overloading your "PATH" field.  An SQL engine cannot
tell the different meanings between (other than they are different):
   '   1   3   7' and
   '   1   2   6'

You can do this 'live' with only the ID, PID and the name SECTION and then a
temporary table to do the sort.

Try this:

CREATE TABLE SORTORDER
ID int
TOPOFPATH int
PATH varchar(512) /*must be big enough for longest path*/
LEVELFROMTOP int

Now run:

INSERT INTO SORTORDER (ID, TOPOFPATH, PATH, LEVELFROMTOP )
  SELECT ID, PID,  SECTION, 1
  FROM DIR_TABLE  /* this is your original table whose name I don't know */

OK now run this over and over again until no rows are being affected.

UPDATE SORTORDER
 FROM DIR_TABLE
  SET TOPOFPATH = DIR_TABLE.PID,
  PATH =  DIR_TABLE.SECTION + PATH
  LEVELFROMTOP = LEVELFROMTOP + 1
  WHERE TOPOFPATH = DIR_TABLE.ID
  AND DIR_TABLE.ID != DIR_TABLE.PID
  /* you could have some sanity end condition like AND LEVELFROMTOP < 50 */

Now to get your data in the order you desire:

SELECT DIR_TABLE.SECTION, SORTORDER.LEVELFROMTOP
  FROM DIR_TABLE, SORTORDER
  WHERE DIR_TABLE.ID = SORTORDER.ID
  ORDER BY SORTORDER.PATH

The SORTORDER.LEVELFROMTOP is the number of spaces to put in front of the
SECTION to get that nice nested look

Remember:
-As you go up the the ID -> PID ladder ALL paths must end at a record ID
where ID = PID (or no end condition -- see sanity end condition above)
-SORTORDER.PATH must be big enough to hold the longest path.  This can be a
weakness.
-you may want to make DIR_TABLE.SECTION lower case before you insert it into
SORTORDER.PATH 
-You can't do this PATH field in the original table because if I change a
directory name it's hard to rebuild the PATH field in all of the rows.  But
you can leave the SORTORDER table in tact for performance and only rebuild
it after you modify any of the values in the original table.

Feel free to write back if you have more questions.
Good luck,
Frank
 
On 6/9/02 6:18 AM, "[EMAIL PROTECTED]"
<[EMAIL PROTECTED]> wrote:

> From: "SP" <[EMAIL PROTECTED]>
> Date: Sat, 8 Jun 2002 20:09:22 -0400
> To: <[EMAIL PROTECTED]>
> Subject: arranging folders hiearchy
> 
> I am trying to arrange the results by PATH but within each of the same PATH
> section I want it to be arranged by NAME alphabetically so it looks like the
> following below.  I've tried a bunch of order by's but not getting it to work.
> Is this possible to do?  Or do I have to change my PATH data some how.
> 
> Home
> About Us
> Contact Us
> Products
>   Cabinets
>   Furnitures
> Services
>   Repairs
>   Waxing
> 
> ID PID PATH   SECTION
> == === == =
> 1  1   '   1' 'Home'
> 2  1   '   1   2' 'Products'
> 3  1   '   1   3' 'Services'
> 5  2   '   1   2   5' 'Furniture'
> 6  2   '   1   2   6' 'Cabinets'
> 7  3   '   1   3   7' 'Waxing'
> 10 7   '   1   3  10' 'Repairs'
> 11 1   '   1   b' 'Contact Us'
> 12 1   '   1   c' 'About Us'
> 


-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DB] MySQL problem on Yellow Dog Linux

2002-06-09 Thread Garrett Nelson 

Woo-hoo! Fixing the extensions directory worked. I am now all set with MySQL
support ... Thanks for all the help!


-- 



-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-DB] Re: MyCC Problem

2002-06-09 Thread Andy 

maybe you do not have the propper rights set. Check your grant privillegs on
the db.

Andy

--

http://www.globosapiens.net
Global Travellers Network!



"César l . aracena" <[EMAIL PROTECTED]> schrieb im Newsbeitrag
002a01c20e80$743a3650$14ed0dd1@gateway">news:002a01c20e80$743a3650$14ed0dd1@gateway...
Hi all. I know that this isn't probably the best place to make this
question, but I uses that some of you uses MyCC to connect to a remote
MySQL DB. My connection is no problem, but when I issue a SQL command,
which tells the DB to INSERT multiple rows into one table, It gives me
an error every time. Imagine what it takes to pass a 1000 rows to the
"live" DB one each time. Does anyone who uses MyCC had this problem
before? Know how to solve this?

Thanks in advance,

Cesar   Aracena
CE / MCSE+I
Neuquen, Argentina
+54.299.6356688
+54.299.4466621





-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-DB] Hyperwave Upload Error, hw_insert_document()

2002-06-09 Thread Jean HAUSSER 

Hello,

I'm trying to upload an image into an HIS (Hyperwave Information Server)
5.5 server running under Debian GNU/Linux (i386) with this userland
function :

,
| function his_upload($datei, $parent, $attribute) {
|   /* datei : filename on the local (server) filesystem
|* parent : parent collection of the document to upload
|* attribute : string containing all the attributes, separated by \n
|*
|* Returns the new ObjID on success, false on error
|*/
|   global $hwconnector;
| 
|   $document_size = filesize($datei);
|   echo "[his_upload] $datei is $document_size long";
|   $fd = fopen($datei, "r");
|   $document_data = fread($fd, $document_size);
|   fclose($fd);
|   echo "[his_upload] $datei : ".strlen($document_data)." read.";
| 
|   $object_record = hw_array2objrec($attribute);
|   echo "[his_upload] object record preview :".
| nl2br($object_record)."";
|   $hw_doc = hw_new_document($object_record, $document_data,
| $document_size);
|   echo "[his_upload] hw_new_document : $hw_doc (last hw error msg: ".
| hw_ErrorMsg($hwconnector).")";
|   $result = hw_InsertDocument($hwconnector, his_get_objectID($parent),
| $hw_doc);
|   echo "[his_upload] hw_insert_document returned $result (last hw ".
| "error msg: ".hw_ErrorMsg($hwconnector).".)";
|   return $result;
| }
| 
| function his_get_objectID($name)
| {
| global $hwconnector ;
| if (!$hwconnector)return "-1"; // no connection to HIS
| 
| if (!$name)   return "0" ;
| $objids = hw_getobjectbyquery($hwconnector, "Name=$name" , -1);
| if (count($objids) == 0) {
|   return "-2" ; // error! file not found in HIS
| } else   return $objids[0] ;
| }
`

When I try to use this function in a script, I get the following message :

,[ PHP Ouput ]
| [his_upload] /tmp/php8JPPJW is 26264 long
| [his_upload] /tmp/php8JPPJW : 26264 read.
| [his_upload] object record preview :
| Type=Document
| DocumentType=Image
| MimeType=image/jpeg
| Name=~jhausser/pw/ebc/image
| 
| [his_upload] hw_new_document : 3 (last hw error msg: No error)
| Added str to header: Name=~jhausser/pw/ebc (21)
| Sending msg: type = 9 -- id = 6
| Recv msg: type = 9 -- id = 6
| Added str to header: Type=Document DocumentType=Image
| MimeType=image/jpeg Name=~jhausser/pw/ebc/image (81)
| Added str to header: Parent=0x7b (11)
| Sending msg: type = 32 -- id = 7
| Recv msg: type = 32 -- id = 7
| [his_upload] hw_insert_document returned (last hw error msg: Unknown
| error: -5.)
`

And nothing is uploaded in Hyperwave...

Apache is compiled from source (tried versions 1.3.14 and 1.3.23) using
this configure command line :
./configure --prefix=/usr/local/apache --enable-module=so
--with-port=8080 --server-uid=www-data --server-gid=www-data

PHP is also compiled from source (tried versions 4.0.3, 4.1.1 and
4.2.1, same result) with the following configure command-line :
./configure --prefix=/usr/local/apache
--sysconfdir=/usr/local/apache/conf
--with-apxs=/usr/local/apache/bin/apxs --enable-safe-mode
--enable-magic-quotes --enable-ftp --with-hyperwave --with-mysql
--enable-trans-sid --enable-sockets --with-regexp=system

But what is astonishing is that the very same script runs under FreeBSD
4.2 (same Apache and PHP source archive, same configure options, with
Hyperwave's linux binairies running thanks to FreeBSD's compatibility
libraries), and I'm using the very same httpd.conf and php.ini on Linux
and FreeBSD !

I've been looking on PHP's changelog, google, phpbuilder's forums, PHP
mail archives and so on without finding anything about that 'Unknown
Error -5' and I'm running out of ideas... so any advice on the problem
would be really welcomed.

Thanking you in advance,

-- 
 Jean HAUSSER

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php