[PHP-DB] mysql question.
hi i need help regarding a sql query in my php app. the query is : $SQL = SELECT DISTINCT(EMail) FROM mena_guests WHERE Voted = 'yes' LIMIT $startingID,$items_numbers_list; i want to sort this query by the number of the repeated EMail counts. can anyone help me with that please ?
Re: [PHP-DB] mysql question.
On 4/3/07, Me2resh Lists [EMAIL PROTECTED] wrote: hi i need help regarding a sql query in my php app. the query is : $SQL = SELECT DISTINCT(EMail) FROM mena_guests WHERE Voted = 'yes' LIMIT $startingID,$items_numbers_list; i want to sort this query by the number of the repeated EMail counts. can anyone help me with that please ? $SQL = SELECT EMail,count(EMail) AS repeated FROM mena_guests WHERE Voted = 'yes' GROUP BY EMail ORDER BY count(EMail) LIMIT $startingID,$items_numbers_list; I can't remember if in the order clause you can order by the alias of the field or using the count again, test it to see what's the proper syntax -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] database password
Howdy all, Just wondering what -- if anything -- people are doing to protect plaintext database passwords in their PHP scripts. Ultimately, PHP needs a plaintext password to create the database connection, so it seems that obfuscation is the best we can achieve on this front. While not really secure by itself, obfuscation along with other measures (firewall, privilege separation, file system privileges, etc) can help slow someone down. So I've been looking into this approach at the moment. Any other ideas out there? Thanks, Roberto -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] database password
store your password/access credentials outside the web root and use php to read the data in. Another alternative is to wrap those items in a function and check the calling source to make sure its only your application hth Bastien From: Roberto Mansfield [EMAIL PROTECTED] To: php-db@lists.php.net Subject: [PHP-DB] database password Date: Tue, 03 Apr 2007 09:39:32 -0400 Howdy all, Just wondering what -- if anything -- people are doing to protect plaintext database passwords in their PHP scripts. Ultimately, PHP needs a plaintext password to create the database connection, so it seems that obfuscation is the best we can achieve on this front. While not really secure by itself, obfuscation along with other measures (firewall, privilege separation, file system privileges, etc) can help slow someone down. So I've been looking into this approach at the moment. Any other ideas out there? Thanks, Roberto -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ http://local.live.com/?mkt=en-ca/?v=2cid=A6D6BDB4586E357F!420 -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] database password
Bastien Koert wrote: store your password/access credentials outside the web root and use php to read the data in. This is good for web attacks, but I'm thinking of an account break in where someone is accessing files directly on the server. Another alternative is to wrap those items in a function and check the calling source to make sure its only your application How would you do this? Thanks, Roberto From: Roberto Mansfield [EMAIL PROTECTED] To: php-db@lists.php.net Subject: [PHP-DB] database password Date: Tue, 03 Apr 2007 09:39:32 -0400 Howdy all, Just wondering what -- if anything -- people are doing to protect plaintext database passwords in their PHP scripts. Ultimately, PHP needs a plaintext password to create the database connection, so it seems that obfuscation is the best we can achieve on this front. While not really secure by itself, obfuscation along with other measures (firewall, privilege separation, file system privileges, etc) can help slow someone down. So I've been looking into this approach at the moment. Any other ideas out there? Thanks, Roberto -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ http://local.live.com/?mkt=en-ca/?v=2cid=A6D6BDB4586E357F!420 -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] database password
Roberto Mansfield wrote: Bastien Koert wrote: store your password/access credentials outside the web root and use php to read the data in. This is good for web attacks, but I'm thinking of an account break in where someone is accessing files directly on the server. I suggest you think about this for a second before you start designing with a really pointless obfuscation system. Say someone is accessing files directly on the server... if they can get at the file that contains the password then they can also get at the PHP code that will de-obfuscate it. Spend your time locking the doors rather than putting 5-minute obstacles in the path. -Stut -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] database password
Stut wrote: Roberto Mansfield wrote: Bastien Koert wrote: store your password/access credentials outside the web root and use php to read the data in. This is good for web attacks, but I'm thinking of an account break in where someone is accessing files directly on the server. I suggest you think about this for a second before you start designing with a really pointless obfuscation system. Say someone is accessing files directly on the server... if they can get at the file that contains the password then they can also get at the PHP code that will de-obfuscate it. Spend your time locking the doors rather than putting 5-minute obstacles in the path. Yes, I have thought about this. We've spent time locking the doors. There are many layers in place. As I said, this is not the only type of security being considered. But if a new exploit comes out and someone does gain unauthorized access to the file system, I'd rather not hand them a plaintext password. So is anyone doing anything to protect plain text passwords in the filesystem? Thanks, Roberto -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Include function across servers
No. That would be to access the code. Include grabs an entire file. Perhaps you should look into Ajax techniques. -Micah On 04/02/2007 04:06 PM, ioannes wrote: I have a particular business application so just returning html is OK, the output is the useful bit in this case. I understand from the discussion that I can still run my code on my server in response to a remote server requesting the result of a function in that file and that result gets back to that server. So you can use include() to access the result of a function on another server, sounds like. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] mysql question.
Hello, I try your SQL statements. There is no problem on your SQL syntax and you can use alias in the order by clause.:) $SQL = SELECT EMail,count(EMail) AS repeated FROM mena_guests WHERE Voted = 'yes' GROUP BY EMail ORDER BY repeated LIMIT $startingID,$items_numbers_list; -- Republic Of Turkey - Ministry of National Education Education Technology Department Ankara / TURKEY Web: http://www.haydartuna.net Dimiter Ivanov [EMAIL PROTECTED], haber iletisinde sunlari yazdi:[EMAIL PROTECTED] On 4/3/07, Me2resh Lists [EMAIL PROTECTED] wrote: hi i need help regarding a sql query in my php app. the query is : $SQL = SELECT DISTINCT(EMail) FROM mena_guests WHERE Voted = 'yes' LIMIT $startingID,$items_numbers_list; i want to sort this query by the number of the repeated EMail counts. can anyone help me with that please ? $SQL = SELECT EMail,count(EMail) AS repeated FROM mena_guests WHERE Voted = 'yes' GROUP BY EMail ORDER BY count(EMail) LIMIT $startingID,$items_numbers_list; I can't remember if in the order clause you can order by the alias of the field or using the count again, test it to see what's the proper syntax -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Sybase and PHP
We have been using sybase with PHP4 and now are looking to move to PHP5. I ran into an installation problem with PHP5 and starting looking at the bug reports and can't tell for sure whether sybase is being supported any longer. I was working with PHP5 source rpm on Fedora 6 when I ran into a problem with recompiling it (rpmbuild -ba). I really couldn't make much of the error. php-5.1.6-3 Building from rpm source I get the following errors. with standard Fedora6 src I added the following line to the --with-sybase-ct=/opt/sybase/OCS-15_0 \ Building from rpm source I get the following errors. - screen error -- checking for string.h... (cached) yes checking for char... yes checking size of char... configure: error: cannot compute sizeof (char), 77 See `config.log' for more details. error: Bad exit status from /var/tmp/rpm-tmp.17076 (%build) -- partial output from config logs config.log before this it indicated that it was in confdefs.h --- #define SIZEOF_LONG 4 #define SIZEOF_LONG 4 #define SIZEOF_LONG 4 #define SIZEOF_LONG 4 #define SIZEOF_LONG_LONG 8 #define SIZEOF_LONG_LONG 8 #define SIZEOF_LONG_LONG_INT 8 #define SIZEOF_PTRDIFF_T 4 #define SIZEOF_SHORT 2 #define SIZEOF_SHORT 2 #define SIZEOF_SIZE_T 4 #define SIZEOF_SSIZE_T 4 #define STDC_HEADERS 1 #define STDC_HEADERS 1 #define TIME_WITH_SYS_TIME 1 #define UCD_SNMP_HACK 1 #define UNDEF_THREADS_HACK #define USE_GD_IMGSTRTTF 1 #define USE_GD_IMGSTRTTF 1 #define YYTEXT_POINTER 1 #define _GNU_SOURCE 1 configure: exit 1 -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Sybase and PHP
I got a similar setup up and running a few months ago. Sadly I am having connection problems, else I would give you the configure string I used. When netowrk does come around, I will see what I can do. Steven [EMAIL PROTECTED] wrote: We have been using sybase with PHP4 and now are looking to move to PHP5. I ran into an installation problem with PHP5 and starting looking at the bug reports and can't tell for sure whether sybase is being supported any longer. I was working with PHP5 source rpm on Fedora 6 when I ran into a problem with recompiling it (rpmbuild -ba). I really couldn't make much of the error. php-5.1.6-3 Building from rpm source I get the following errors. with standard Fedora6 src I added the following line to the --with-sybase-ct=/opt/sybase/OCS-15_0 \ Building from rpm source I get the following errors. - screen error -- checking for string.h... (cached) yes checking for char... yes checking size of char... configure: error: cannot compute sizeof (char), 77 See `config.log' for more details. error: Bad exit status from /var/tmp/rpm-tmp.17076 (%build) -- partial output from config logs config.log before this it indicated that it was in confdefs.h --- #define SIZEOF_LONG 4 #define SIZEOF_LONG 4 #define SIZEOF_LONG 4 #define SIZEOF_LONG 4 #define SIZEOF_LONG_LONG 8 #define SIZEOF_LONG_LONG 8 #define SIZEOF_LONG_LONG_INT 8 #define SIZEOF_PTRDIFF_T 4 #define SIZEOF_SHORT 2 #define SIZEOF_SHORT 2 #define SIZEOF_SIZE_T 4 #define SIZEOF_SSIZE_T 4 #define STDC_HEADERS 1 #define STDC_HEADERS 1 #define TIME_WITH_SYS_TIME 1 #define UCD_SNMP_HACK 1 #define UNDEF_THREADS_HACK #define USE_GD_IMGSTRTTF 1 #define USE_GD_IMGSTRTTF 1 #define YYTEXT_POINTER 1 #define _GNU_SOURCE 1 configure: exit 1 -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Re: mysql question.
Me2resh Lists, with my limited SQL experience it appears that you're asking to sort the query without the proper results from the query. Your SELECT statement below should return the following: Non-duplicate rows of mena_guests.EMail where mena_guests.Voted is yes, starting at $startingID up to $items_numbers_list records. Since the DISTINCT clause is used, only non-duplicate records are returned, and there is no count of the rows duplicated for each distinct EMail. Thus you can't sort the result by any count. I think the select statement that you really want is this... SELECT EMail, COUNT(*) FROM mena_guests WHERE Voted = 'yes' GROUP BY EMail LIMIT $startingID, $items_numbers_list The group by will cause the DISTINCT effect AND you'll be able to see how many duplicates there were for each distinct EMail. Hope this helps, Dan Luevano [EMAIL PROTECTED] wrote: mysql question. 43402 by: Me2resh Lists hi i need help regarding a sql query in my php app. the query is : $SQL = SELECT DISTINCT(EMail) FROM mena_guests WHERE Voted = 'yes' LIMIT $startingID,$items_numbers_list; i want to sort this query by the number of the repeated EMail counts. can anyone help me with that please ? -- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php