On Sunday, October 19, 2003, at 02:16 PM, Joel Konkle-Parker wrote:
I'm looking for an open source PHP/MySQL CMS that I can use as the
backend to my website.
If you've got the time skills, I'd actually recommend creating your
own -- building my own CMS rapidly enhanced the way I work,
with best wishes
Zheng Sun
_
Add photos to your messages with MSN 8. Get 2 months FREE*.
http://join.msn.com/?page=features/featuredemail
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit:
Hi, all,
The question is concerning a feedback String from a web-service.
approved=yeserror=authnumber=025968transactionnumber=313869
As you c, the String contains four parameters..
I explode it first by .
$execoutput =
approved=yeserror=authnumber=025968transactionnumber=313869;
Lai, Kenny wrote:
hey, does anyone have any good links they use for their php references?
http://www.php.net/manual
http://www.zend.com/zend/tut/
i'd also like to know how most people approach coding php from an OOP
standpoint
http://pear.php.net
http://www.phpclasses.org
( wasn't there another
Jason Godesky wrote:
I'm working on a collection of functions for handling text documents;
when a Document is added, its text is broken into paragraphs, and each
paragraph is saved to the database as a separate record. The problem is
editing the document, because I only want to update those
Joel Konkle-Parker [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
I've looked at PHPNuke, just because that's the only thing that jumps to
mind, but I want to make sure I'm not missing anything before I dive in
with it.
Have a look at Xaraya -- http://www.xaraya.com
It may work
as far as i know there are no DEB packages for 4.3.1 for Woody.
I'm using the unstable (Debian SID) and i have PHP 4.3.3
Joel Konkle-Parker wrote:
Does anyone have, or know where to get, a Debian Woody package for PHP
4.3.1? I've checked apt-get.org, but nobody seems to have that version.
Thanks
as far as i know there are no DEB packages for 4.3.1 for Woody.
I'm using the unstable (Debian SID) and i have PHP 4.3.3
Scuse the off topic, but is debian the way to go ? i have found great pain
to work with redhat even with rpm's. I just seriouslly cannot believe all
this dependancy bullshit
as far as i know there are no DEB packages for 4.3.1 for Woody.
I'm using the unstable (Debian SID) and i have PHP 4.3.3
Scuse the off topic, but is debian the way to go ? i have found great
pain to work with redhat even with rpm's. I just seriouslly cannot
believe all this dependancy
Curt, et al --
...and then Curt Zirzow said...
%
% * Thus wrote David T-G ([EMAIL PROTECTED]):
%
% Should I use $_SESSION for everything or should I use session_start and
% session_register and friends instead? Is there a clear win with either
% one?
%
% $_SESSION is the proper way to do
Curt, et al --
...and then Curt Zirzow said...
%
% * Thus wrote David T-G ([EMAIL PROTECTED]):
% Hi, all --
%
% It appears that the change from 4.2.3 to 4.3.4rc1 was not something that
% got broken but instead something that got fixed. Oh, yay. But what do I
% do now? Hmmm...
%
% I'm
Zheng --
...and then sun zheng said...
%
% Hi, all,
Hi!
%
...
% I explode it first by .
% $execoutput =
% approved=yeserror=authnumber=025968transactionnumber=313869;
% $execoutput_array = explode(, $execoutput);
I don't see any problem with this.
%
% I secondly explode every
On Sat, Oct 18, 2003 at 10:28:49PM -0400, zavaboy wrote:
:
: Ok, I have a installer that only works if the directory that's being
: installed to has public writing permissions. I tried chmod() on the
: directory, but I get a error. How can I make it so my installer can
: write in a directory with
php-general Digest 19 Oct 2003 13:51:20 - Issue 2364
Topics (messages 166631 through 11):
apache httpd + PHP authentication
166631 by: news.php.net
166632 by: Chris Shiflett
Changing permissions
166633 by: zavaboy
11 by: Eugene Lee
webppliance
tx for the reply.. ya, it is what i am looking for.. however, your solution
is not the right one.. please help me to adjust it a lot..
let us come back to the initial string ..
approved=yeserror=authnumber=025968transactionnumber=313869;
after the statement for (@reset($value_array);
sun zheng said:
tx for the reply.. ya, it is what i am looking for.. however, your solution
is not the right one.. please help me to adjust it a lot..
let us come back to the initial string ..
approved=yeserror=authnumber=025968transactionnumber=313869;
I definately want to get something
tx for the reply.. ya, it is what i am looking for.. however, your solution
is not the right one.. please help me to adjust it a lot..
let us come back to the initial string ..
approved=yeserror=authnumber=025968transactionnumber=313869;
I definately want to get something like
sun zheng said:
tx for the reply.. ya, it is what i am looking for.. however, your solution
is not the right one.. please help me to adjust it a lot..
let us come back to the initial string ..
approved=yeserror=authnumber=025968transactionnumber=313869;
I definately want to get something like
I use it with skins on a web page, users coming in can pick a theme and for
the duration of their visit they have the theme(it's an illustrator website)
the problem that I having is that session expiry will cause that site to
fall apart after idle time.
I notice sites using login detect expiry
Check out this site for live demos of several
different cms projects
http://www.opensourcecms.com.
olinux
--- Joel Konkle-Parker [EMAIL PROTECTED] wrote:
I'm looking for an open source PHP/MySQL CMS that I
can use as the
backend to my website.
My site consists of multiple
Radek Zajkowski said:
I use it with skins on a web page, users coming in can pick a theme and for
the duration of their visit they have the theme(it's an illustrator website)
the problem that I having is that session expiry will cause that site to
fall apart after idle time.
I notice sites
How do I run my installer as root?
Eugene Lee [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
On Sat, Oct 18, 2003 at 10:28:49PM -0400, zavaboy wrote:
:
: Ok, I have a installer that only works if the directory that's being
: installed to has public writing permissions. I tried
Hello Everyone,
Does anyone have the compiled version of the turck-mmcache loader file for Linux
(TurckLoader.so). The
prob is that I encoded the files using my Win box and now its lime to load it onto my
Linux machine (For
which I have only FTP rights). I would really appreciate it if
Leif K-Brooks wrote:
Note to self: try before you ask.
I say that to myself about 100 times each day. ;)
Edward Dudlik
Those who say it cannot be done
should not interrupt the person doing it.
wishy washy | www.amazon.com/o/registry/EGDXEBBWTYUU
- Original Message -
From: Leif
On Sun, Oct 19, 2003 at 02:37:27PM -0400, zavaboy wrote:
: Eugene Lee [EMAIL PROTECTED] wrote:
: On Sat, Oct 18, 2003 at 10:28:49PM -0400, zavaboy wrote:
: :
: : Ok, I have a installer that only works if the directory that's
: : being installed to has public writing permissions. I tried
Radek Zajkowski wrote:
I notice sites using login detect expiry automatically and refrest the pages
+ session, I just don't quite know how to apprach it.
All you need to do is check that your session variables exist before you
use them, otherwise set the values to a default. The method you're
Hello,
On 10/19/2003 04:44 PM, [EMAIL PROTECTED] wrote:
Does anyone have the compiled version of the turck-mmcache loader file for Linux (TurckLoader.so). The
prob is that I encoded the files using my Win box and now its lime to load it onto my Linux machine (For
which I have only FTP rights).
Chris Shiflett wrote:
A parser is called every time a page is accessed. If no page is
defined, the home page is loaded. Subsequent pages are linked with
http://dictionary.reference.com/search?q=parser
Very amusing.
Okay, dispatcher would probably be a better name. It preps the
environment
On Sun, Oct 19, 2003 at 11:58:56PM +1000, Wang Feng wrote:
:
: I don't understand why the decimal 18 is greater than a string like large
: in the ascii code? When I run the following code, the decimal 18 is stored
: in the $third, not the $first. I reckond decimal 18 should be stored into
: the
On Sun, Oct 19, 2003 at 02:51:33PM -0400, Adam Reiswig wrote:
:
: A couple of days ago I placed a post regarding using the $_POST[]
: variable in an insert sql query. Both
:
: $sql=insert into $table set Name = '.$_POST['elementName'].';
: and
: $sql=insert into $table set Name =
Hello,
Thank you for replying. Unfortunately I do not have access to the compiler on my linux
box. All I have is
access to FTP. I don't want to install Linux just to compile 1 file (And I have never
installed Linux before,
so you can imagine what I have to go through)
Thank you,
- Sid
Hi,
Does anyone know why my PHP pages won't work in Frames? I have 5 frames,
each of which are displaying PHP pages.and none of the PHP code works.
If I run the code outside of Frames it works fine!
I've can't find any decent references for PHP in Frames.
Your help would be appreciated.
KB wrote:
Hi,
Does anyone know why my PHP pages won't work in Frames? I have 5 frames,
each of which are displaying PHP pages.and none of the PHP code works.
If I run the code outside of Frames it works fine!
I've can't find any decent references for PHP in Frames.
Your help would be
Hello,
On 10/19/2003 07:37 PM, [EMAIL PROTECTED] wrote:
Thank you for replying. Unfortunately I do not have access to the compiler on my linux box. All I have is
access to FTP. I don't want to install Linux just to compile 1 file (And I have never installed Linux before,
so you can imagine what
Does anyone know why my PHP pages won't work in Frames? I have 5
frames,
each of which are displaying PHP pages.and none of the PHP code
works.
PHP works just fine within frames because the two issues are completely
unrelated. That being said, I can't tell why you're having problems as
Do you mean you want to install a php module (TurckLoader.so) on your
host company server? This won't work, you need to have root access to
the server to install modules.
[EMAIL PROTECTED] wrote:
Hello,
Thank you for replying. Unfortunately I do not have access to the compiler on my linux box.
John,
Thanks for the response. Below is my response to Larry...if you can shed
any light on this then I would be gratefull.
Thanks for the swift response. I didn't post the code as I thought there
may be an obvious answer.sorry..
Attached are two pieces of simple code (produced originally
--- KB [EMAIL PROTECTED] wrote:
Does anyone know why my PHP pages won't work in Frames?
I do. Just kidding. :-)
I have 5 frames, each of which are displaying PHP pages.and
none of the PHP code works.
Please be more specific. I assume you mean that your code is being interpreted
but that
KB wrote:
snip
The Main_User_Interface is the Frames definition and the Catagory_Choice is
a page I'm trying to load into the left page.
I mention the Dreamweaver piece as I'm a novice and can't pass comment on
the bits that dreamweaver automatically generates.
I'm also not sure that I know
A couple of days ago I placed a post regarding using the $_POST[]
variable in an insert sql query. Both
$sql=insert into $table set Name = '.$_POST['elementName'].';
and
$sql=insert into $table set Name = '{$_POST['elementName']}';
worked perfectly. Thanks to everyone for your help. My
A couple of days ago I placed a post regarding using the $_POST[]
variable in an insert sql query. Both
$sql=insert into $table set Name = '.$_POST['elementName'].';
and
$sql=insert into $table set Name = '{$_POST['elementName']}';
worked perfectly. Thanks to everyone for your help. My
Adam Reiswig wrote:
My question now is
regarding the curly brackets in the 2nd example. Can anyone describe
why using the curly brackets works and/or how php processes them. I
have read quite a bit about php and never come accross thier use in this
way. Thanks again.
Adam == Adam Reiswig [EMAIL PROTECTED] writes:
Adam A couple of days ago I placed a post regarding using the
Adam $_POST[] variable in an insert sql query. Both
Adam $sql=insert into $table set Name =
Adam '.$_POST['elementName'].'; and $sql=insert into $table
Adam set Name
does a loadmodule not work in this case ??
Do you mean you want to install a php module (TurckLoader.so) on your
host company server? This won't work, you need to have root access to
the server to install modules.
[EMAIL PROTECTED] wrote:
Hello,
Thank you for replying. Unfortunately I do
PHP has been both heralded and criticized on a number of topics. This is to be
expected, considering the rate of growth of PHP's popularity. It has given
people something to talk about.
One topic that seems to come up a lot is scalability. ONJava.com has an
interesting article entitled The PHP
OK,
This is my latest idea to try and do this:
$xh = xslt_create();
parse_str($_SERVER['QUERY_STRING']);
$params = array(keywords = $keywords);
$results = xslt_process($xh, 'library.xml', 'simple-search.xsl', NULL, NULL,
--$params);
$f = fopen('results.xml','w');
fwrite($f, $results);
Hi,
We have a site that runs a kind of membership section.
When a person logs in we have his username + 3 variables in session, the 3
variables are used for background processing and are never disclosed to the
client, all 3 variables contain 1 or 2 digit numbers.
Somehow 1 person has found out
registered globals off ?
Hi,
We have a site that runs a kind of membership section.
When a person logs in we have his username + 3 variables in session,
the 3 variables are used for background processing and are never
disclosed to the client, all 3 variables contain 1 or 2 digit numbers.
On Wednesday, October 15, 2003, at 01:12 AM,
[EMAIL PROTECTED] wrote:
I'm using $PHP_SELF, but need to automatically record what variables
are
in the URL at that time...
is that possible?
try to get in the habbit of using $_SERVER['PHP_SELF'] on PHP = 4.1,
because $PHP_SELF is deprecated.
NO! Globals are on
And asking the others they tell me that around 20% of the scripts (around
300 scripts) wont function with globals off :-(
What to do?
Please help.
-Ryan
P.S how can you do this even with globals on?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe,
--- Ryan A [EMAIL PROTECTED] wrote:
Somehow 1 person has found out about them and is creating havoc with
that damn account by changing those variables to differient numbers
...any idea how he is doing that?
I have many ideas.
First of all, I bet you are using PHP sessions, and you have done
Hi,
Monday, October 20, 2003, 10:09:42 AM, you wrote:
RA Hi,
RA We have a site that runs a kind of membership section.
RA When a person logs in we have his username + 3 variables in session, the 3
RA variables are used for background processing and are never disclosed to the
RA client, all 3
I am trying to parse out a file using an array. I load each line into a
separate key in the array and then do transforms on the individual
lines.
What I am looking to do is to test each for a keyword so that I can know
which entry contains the data that I need and can get the data from the
Ryan A [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
NO! Globals are on
And asking the others they tell me that around 20% of the scripts (around
300 scripts) wont function with globals off :-(
What to do?
Use an ini_set in your sessions script (I am assuming that you are
Hi Tom,
Thanks for replying.
encrypt the numbers and decrypt them before use, if they wont decrypt to a
nuber
ditch the connection. If you need a class for that I can send it to you
Yes please, that should help, but am new to classes so one or two lines on
how to implement them would be
Hey,
Use an ini_set in your sessions script (I am assuming that you are using a
seperate script to manage your sessions)
Not really, I use authenticate for the login, then above each script i have
a session_start() throughout the site.
Its gotten to be a habit that i start a script with
Hi,
Thanks for replying.
First of all, I bet you are using PHP sessions, and you have done nothing
beyond getting them to work, right? One important note about PHP sessions
is
that they provide the mechanism only; it is your job to provide whatever
security you deem appropriate.
Yep, I
This is really an browser interpretation of HTML issue than a straight
PHP issue. A little more information would be helpful - such as
browser, page content, etc.
Regards,
Adam
On Sunday, October 19, 2003, at 05:45 PM, KB wrote:
Hi,
Does anyone know why my PHP pages won't work in Frames? I
$_REQUEST is a great superglobal, check it out...
And at the top of the hijacked script:
while(list($tmp1,$tmp2)=each($_SESSION))
$$tmp1=$tmp2;
$tmp1=tmp2=NULL;
Could work.. :p
--
// DvDmanDT
MSN: [EMAIL PROTECTED]
Mail: [EMAIL PROTECTED]
Ryan A [EMAIL PROTECTED] skrev i meddelandet
news:[EMAIL
On Sun, 2003-10-19 at 18:01, rich wrote:
OK,
This is my latest idea to try and do this:
$xh = xslt_create();
parse_str($_SERVER['QUERY_STRING']);
$params = array(keywords = $keywords);
$results = xslt_process($xh, 'library.xml', 'simple-search.xsl', NULL, NULL,
--$params);
$f =
Hey,
Thanks for replying.
**
$_REQUEST is a great superglobal, check it out...
And at the top of the hijacked script:
while(list($tmp1,$tmp2)=each($_SESSION))
$$tmp1=$tmp2;
$tmp1=tmp2=NULL;
Could work.. :p
Can you tell me what the above does please? (am quite a
Hi,
Monday, October 20, 2003, 10:38:23 AM, you wrote:
RA Hi Tom,
RA Thanks for replying.
encrypt the numbers and decrypt them before use, if they wont decrypt to a
RA nuber
ditch the connection. If you need a class for that I can send it to you
RA Yes please, that should help, but am new to
On Sun, 2003-10-19 at 17:22, Chris Shiflett wrote:
PHP has been both heralded and criticized on a number of topics. This is to be
expected, considering the rate of growth of PHP's popularity. It has given
people something to talk about.
One topic that seems to come up a lot is scalability.
Hi Tom,
A mighty big thanks for that class, I'll read up on classes tonight and try
to understand it.
Thanks for the tips on how to use it too.
To help prevent problems with stuff like this it is always a good idea to
declare
variables before using them, especially with sessions:
$num = 0;
Hi,
RA If i declare them before using them like the above example...do you think I
RA still need to use that class?
RA Cheers,
RA -Ryan
That depends on what your dicky friend is doing to screw your code up.
If you are passing ids' in the url or in post data then encode them. If he is
The 'above' would make all items of $_SESSION array into variables... Errm..
$_SESSION[id] would become $id, $_SESSION[username] would become
$username and so on...
Not completely sure this'll work, but most likely as they already exist and
you only change their values, so they should remain
You cannot use ini_set() for register_globals. It must be done from .htaccess,
httpd.conf or php.ini.
http://www.php.net/manual/en/function.ini-set.php
Edward Dudlik
Those who say it cannot be done
should not interrupt the person doing it.
wishy washy | www.amazon.com/o/registry/EGDXEBBWTYUU
--- Ryan A [EMAIL PROTECTED] wrote:
Yep, I just created the session and nothing beyond. Am new to PHP
and first time/project user with sessions.
Right. I think this needs to be made clearer in the manual myself, and I might
add something to drive the point home. PHP sessions are a mechanism,
Hey Tom,
thanks again for replying.
That depends on what your dicky friend is doing to screw your code up.
Dicky...nice name you picked pretty close to what I picked for him, but John
Holmes picked something similar for himself so watch out or he could be mad
at ya :-D
I don't want to break the
--- Brad Pauly [EMAIL PROTECTED] wrote:
Good question! This has been on my mind some for a current project
and now I have thought about it even more. Hmm, I'm not sure how to
quote a blog. To paraphrase (hope you don't mind), Chris's
definition of something that scales well is when resources
Lots of great information in this thread as far as solutions go, but
what I'm wondering is the concept behind how someone actually can hijack
a session if register_globals is off. Should all this encryption and
added protection be added to scripts with register_globals off and when
steps are made
Becoming Digital [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
You cannot use ini_set() for register_globals. It must be done from
.htaccess, httpd.conf or php.ini.
http://www.php.net/manual/en/function.ini-set.php
Yup, I should have double checked the manual;) Nice catch.
J.
--- Chris Wanstrath [EMAIL PROTECTED] wrote:
Lots of great information in this thread as far as solutions go, but
what I'm wondering is the concept behind how someone actually can
hijack a session if register_globals is off.
I proposed a talk on this at ApacheCon (in addition to my PHP Attacks
i setup my sessions to be transparent, can it still be hacked ?
--- Chris Wanstrath [EMAIL PROTECTED] wrote:
Lots of great information in this thread as far as solutions go, but
what I'm wondering is the concept behind how someone actually can
hijack a session if register_globals is off.
I
--- [EMAIL PROTECTED] wrote:
i setup my sessions to be transparent, can it still be hacked ?
Yes.
If you can be more specific, I will try to be more specific also. :-)
Chris
=
My Blog
http://shiflett.org/
HTTP Developer's Handbook
http://httphandbook.org/
RAMP Training Courses
Chris Shiflett wrote:
For example, consider that a legitimate user clicks a link and goes to this
URL:
http://www.example.org/foo.php?PHPSESSID=12345
Perhaps the user has cookies disabled, so PHP appends the session identifier to
the URL, or perhaps the developer does it automatically. Either
--- John W. Holmes [EMAIL PROTECTED] wrote:
Either way, what if a bad guy visits this URL:
http://www.example.org/foo.php?PHPSESSID=12345
Called session fixation. Here's good paper on this and how to deal
with it.
http://www.acros.si/papers/session_fixation.pdf
Actually, I didn't
off. Likewise though, you might start looking for replacements for those
scripts as it takes time to make the changes, but it has been a year since
register_globals were turned off by default and mentioned that they were
going away in the future.
That is a sound advice, some time ago a lot
Quick yes or no question. My db's are running on a different server then my
Webserver. I've temporarily mounted the directories from the db server to the
webserver to compile db access. Once PHP/Apache are compiled can they be
safely unmounted or will it give me problems somewhere down the
If the DBMS itself is in those directories, may receive start errors in PHP when
trying to load the database extension. To prevent this problem, comment out the
following line in your php.ini (assumes MySQL):
extension=mysql.so
You may also want to set mysql.max_links = 0 as an additional
If you have magic_quotes_gpc = On in your php.ini file, which it is by
default, does one still need to have the addslashes function in their
coding?
When I'm inserting into my database, I have addslashes in place, and I
haven't change the default value of magic_quotes_qpc = On. I havn't
seen any
If you are doing both addslashes() and have magic_quotes_gpc turned on,
then yes, you are double-escaping things.
From a performance-perspective I doubt you could measure much difference,
but I suppose doing it through magic_quotes_gpc would be faster assuming
you need to escape all your GPC
I think always using addslashes is better because you have to write
clean cide instead of trusting in a funktion which can be disabled on
some servers.
To avoid double-escaping I use this code:
function stripslashes_array($array) {
reset($array);
while(list($key,$val)=each($array)) {
I'd recommend Justin's route as well, if you have the time. In fact that is
how I learned to program in PHP by programming my own template and CMS
system (it still has a ways to go though).
If you don't have the time search the list archives as this question comes
up often. You'll get a lot of
84 matches
Mail list logo
