php-general Digest 9 Feb 2009 16:06:05 - Issue 5949
Topics (messages 287946 through 287973):
Re: Class constant inconsistency
287946 by: Paul M Foster
Securing suexec PHP against local attacks by the webserver user
287947 by: Andrew
287969 by: Jochem Maas
Re: maybe
Hi,
I am trying to set up a site which can run securely on a shared hosting
environment where users have a choice of running PHP scripts using
suexec and FastCGI, or using mod_php and running the scripts as the same
user as the webserver.
My scripts need to read a local file with the
Nathan Rixham wrote:
Project: PHP Common Objects and Datatypes
Has anything been setup for project COD-pieces yet? I like this name! ;)
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Morris wrote:
I know rss_php, but it doesn't fit my solution.
Is anyone able to help me with my question?
thx
2009/2/8 Nathan Rixham nrix...@gmail.com
Morris wrote:
Hi,
I am trying to write a programme to read a rss xml file.
...
media:content url=*exampe.jpg* ...
...
scan anyone
Hi gang,
I did a little research to find out how can someone convert an xls
file into pdf and I found that you can use openoffice to do that
(already done that in perl). My problem is that I need to find a way for
doing this without openoffice by using just PHP.
I know that I could
Marcus Gnaß wrote:
Nathan Rixham wrote:
Project: PHP Common Objects and Datatypes
Has anything been setup for project COD-pieces yet? I like this name! ;)
Hi Markus,
Actually, yes it has - the project, well working group, has been called
voom.
So far there are 8 developers including
Hi,
Can some body help out on how to validate user password from the database?
Thanks
Andrew
2009/2/9 Andrew Williams andrew4willi...@gmail.com:
Hi,
Hi,
Can some body help out on how to validate user password from the database?
There are several possibilities. This would be one.
?
$query = 'SELECT 1 from `usertable` where `name` = ' .
These days SHA should really be used instead of MD5, and you should be
SALTing the password as well.
Here's a great guide : http://phpsec.org/articles/2005/password-hashing.html
Michael Kubler
*G*rey *P*hoenix *P*roductions http://www.greyphoenix.biz
Jan G.B. wrote:
2009/2/9 Andrew Williams
2009/2/9 Michael Kubler mdk...@gmail.com:
These days SHA should really be used instead of MD5, and you should be
SALTing the password as well.
Here's a great guide : http://phpsec.org/articles/2005/password-hashing.html
Good advice. I would also advise against stripping and trimming
anything
Now maybe you didn't mean it that way, but IMO that appears more demeaning
of the poster than providing help. I'm surprised, because that's not typical
of you nor this list.
Indeed. Not really sure what I was thinking when I wrote it and I
apologise for the attitude.
We all have off
2009/2/9 Stuart stut...@gmail.com:
2009/2/9 Michael Kubler mdk...@gmail.com:
These days SHA should really be used instead of MD5, and you should be
SALTing the password as well.
Here's a great guide : http://phpsec.org/articles/2005/password-hashing.html
Good advice.
Absolutley. I used
At 9:00 AM +1100 2/9/09, Chris wrote:
Person a signs up with em...@example.com
Before you are able to fetch the result (which is possible in a high
traffic site), person b also signs up with em...@example.com
Going back to person a, when you fetch, you get record #2 instead of #1.
They are
2009/2/9 Jan G.B. ro0ot.w...@googlemail.com:
2009/2/9 Stuart stut...@gmail.com:
I would also advise against stripping and trimming
anything from passwords. By removing characters you're significantly
reducing the number of possible passwords.
Surely, the stripping should only be done when
2009/2/9 tedd tedd.sperl...@gmail.com:
Now maybe you didn't mean it that way, but IMO that appears more
demeaning
of the poster than providing help. I'm surprised, because that's not
typical
of you nor this list.
Indeed. Not really sure what I was thinking when I wrote it and I
Thanks Nisse,
- Original Message -
From: Nisse Engström news.nospam.0ixbt...@luden.se
To: php-general@lists.php.net
Sent: Sunday, February 08, 2009 6:06 PM
Subject: Re: [PHP] Re: require() causing strange characters ?
On Fri, 6 Feb 2009 10:11:49 +0100, cr.vege...@gmail.com wrote:
Hello,I have been asked to install an existing PHP/MySQL application on a
system using Windows Vista.
I have installed PHP 5.2.8, MySQL 5.1.31 and IIS 7.0. PHP is working as
expected (I created a test page which displays the output from phpinfo()).
The application in question posts to a login
On Mon, Feb 9, 2009 at 9:25 AM, tedd tedd.sperl...@gmail.com wrote:
At 9:00 AM +1100 2/9/09, Chris wrote:
Person a signs up with em...@example.com
Before you are able to fetch the result (which is possible in a high
traffic site), person b also signs up with em...@example.com
Going back to
On Sun, Feb 8, 2009 at 3:37 PM, Paul M Foster pa...@quillandmouse.com wrote:
On Sun, Feb 08, 2009 at 03:20:48PM -0500, tedd wrote:
At 3:54 PM + 2/8/09, Stuart wrote:
2009/2/8 tedd tedd.sperl...@gmail.com:
I wasn't able to find a lot of information, but here's a useful link:
At 2:02 PM + 2/9/09, Stuart wrote:
2009/2/9 Michael Kubler mdk...@gmail.com:
These days SHA should really be used instead of MD5, and you should be
SALTing the password as well.
Here's a great guide : http://phpsec.org/articles/2005/password-hashing.html
Good advice. I would also
tedd,
I think that the problem of the duplicated hashes in the database
(in the case of two users using the same password) persists with a
constant prefix in the passwords. Although the random salt portion get
stored in the database concatenated to the hash, the attacker don't
know the string
At 9:54 AM -0500 2/9/09, Andrew Ballard wrote:
You are right, but the point is that if you intend something to be
unique then you should declare it as such in the database.
We didn't discuss that.
You are saying that if I checked my database for a email address and
find it's not there [1]
Hi,
I am working on a back end OOP project with about about 18 classes of Object
but some of the Objects shear one or two functions in common, like external
login system . What is the best way to avoid a repeatable function among the
classes without using global object instance.
class a{
Andrew schreef:
Hi,
As an example of the attack...
$ whoami
www-data
isn't the whole point of suexec/PHP/FastCGI that the local user
has no access to the www-data account ... suexec switches to the
users account from the webserver account not the other way around.
so the attack is
On Mon, Feb 9, 2009 at 10:27 AM, tedd tedd.sperl...@gmail.com wrote:
At 9:54 AM -0500 2/9/09, Andrew Ballard wrote:
You are right, but the point is that if you intend something to be
unique then you should declare it as such in the database.
We didn't discuss that.
You are saying that if I
Hi gang:
At the college where I teach, they are considering teaching OOP, but
they don't want to settle on a specific language.
My thoughts are it's difficult to teach OOP without a language --
while the general concepts of OOP are interesting, people need to see
how concepts are applied to
At 2:41 PM + 2/9/09, Stuart wrote:
I think people are like that everywhere, particularly above a certain
level of management in my experience. I wish you luck in convincing
them but I've found that PHP rarely wins when put up against the sales
and marketing budgets available to Microsoft and
At 10:55 AM -0500 2/9/09, Andrew Ballard wrote:
-snip-
Andrew
As I said many times before.
I've learned something new every day of my life -- and I'm getting
damned tried of it.
Thanks for the lesson.
Cheers,
tedd
--
---
http://sperling.com http://ancientstones.com
On Mon, Feb 9, 2009 at 8:02 AM, tedd t...@sperling.com wrote:
Hi gang:
At the college where I teach, they are considering teaching OOP, but they
don't want to settle on a specific language.
My thoughts are it's difficult to teach OOP without a language -- while the
general concepts of OOP
Check out the com [www.php.net/com] functionality
Bastien
Alrighty, I'm trying to use the COM function, but not getting much of
anywhere.
This is what I have:
?php
// The VB function for reference
/*function DTM_CONVDMSToMultiTIFF Lib D32_CONV.DLL _
(ByVal FullPathFrom As String, ByVal
At 10:02 AM -0500 2/9/09, Andrew Ballard wrote:
On Sun, Feb 8, 2009 at 3:37 PM, Paul M Foster pa...@quillandmouse.com wrote:
Perhaps a better question then might be how many IIS servers are there
out there compared to Apache. Apache servers uniformly support PHP, but
I think only IIS
On Mon, Feb 9, 2009 at 8:46 AM, Andrew Williams
andrew4willi...@gmail.comwrote:
Hi,
I am working on a back end OOP project with about about 18 classes of
Object
but some of the Objects shear one or two functions in common, like external
login system . What is the best way to avoid a
On Mon, Feb 9, 2009 at 11:05 AM, tedd tedd.sperl...@gmail.com wrote:
At 10:55 AM -0500 2/9/09, Andrew Ballard wrote:
-snip-
Andrew
As I said many times before.
I've learned something new every day of my life -- and I'm getting damned
tried of it.
Thanks for the lesson.
Cheers,
tedd
Hi gang:
At the college where I teach, they are considering teaching OOP, but
they don't want to settle on a specific language.
My thoughts are it's difficult to teach OOP without a language --
while the general concepts of OOP are interesting, people need to see
how concepts are applied
On Mon, Feb 9, 2009 at 11:10 AM, tedd tedd.sperl...@gmail.com wrote:
At 10:02 AM -0500 2/9/09, Andrew Ballard wrote:
On Sun, Feb 8, 2009 at 3:37 PM, Paul M Foster pa...@quillandmouse.com
wrote:
Perhaps a better question then might be how many IIS servers are there
out there compared to
On Mon, Feb 9, 2009 at 11:20 AM, Thodoris t...@kinetix.gr wrote:
Hi gang:
At the college where I teach, they are considering teaching OOP, but they
don't want to settle on a specific language.
My thoughts are it's difficult to teach OOP without a language -- while
the general concepts of
At 12:20 PM -0300 2/9/09, Bruno Fajardo wrote:
tedd,
I think that the problem of the duplicated hashes in the database
(in the case of two users using the same password) persists with a
constant prefix in the passwords. Although the random salt portion get
stored in the database concatenated to
On Mon, Feb 9, 2009 at 11:10 AM, Dan Shirah mrsqua...@gmail.com wrote:
Check out the com [www.php.net/com] functionality
Bastien
Alrighty, I'm trying to use the COM function, but not getting much of
anywhere.
This is what I have:
?php
// The VB function for reference
/*function
At 11:15 AM -0500 2/9/09, Andrew Ballard wrote:
On Mon, Feb 9, 2009 at 11:05 AM, tedd tedd.sperl...@gmail.com wrote:
I've learned something new every day of my life -- and I'm getting damned
tried of it.
Well, you probably know what they say about the day you stop learning
Yeah, you
On Mon, Feb 9, 2009 at 11:32 AM, tedd tedd.sperl...@gmail.com wrote:
At 11:15 AM -0500 2/9/09, Andrew Ballard wrote:
On Mon, Feb 9, 2009 at 11:05 AM, tedd tedd.sperl...@gmail.com wrote:
I've learned something new every day of my life -- and I'm getting
damned
tried of it.
Well, you
-Original Message-
From: Andrew Ballard [mailto:aball...@gmail.com]
Sent: Monday, February 09, 2009 10:30 AM
To: Dan Shirah
Cc: Phpster; PHP-General list
Subject: Re: [PHP] Using DLL with PHP
On Mon, Feb 9, 2009 at 11:10 AM, Dan Shirah mrsqua...@gmail.com
wrote:
Check out the
-Original Message-
From: tedd [mailto:tedd.sperl...@gmail.com]
Sent: Monday, February 09, 2009 10:30 AM
To: Bruno Fajardo
Cc: PHP General
Subject: Re: [PHP] php validate user password
At 12:20 PM -0300 2/9/09, Bruno Fajardo wrote:
tedd,
I think that the problem of the
Eric Butera wrote:
On Mon, Feb 9, 2009 at 11:20 AM, Thodoris t...@kinetix.gr wrote:
Hi gang:
At the college where I teach, they are considering teaching OOP, but they
don't want to settle on a specific language.
My thoughts are it's difficult to teach OOP without a language -- while
the
Jochem Maas wrote:
Andrew schreef:
Hi,
As an example of the attack...
$ whoami
www-data
isn't the whole point of suexec/PHP/FastCGI that the local user
has no access to the www-data account ... suexec switches to the
users account from the webserver account not the other way
tedd wrote:
I lean toward C++ because I wrote in it for a few years AND C++
appears to be the most common, widespread, and popular OOP language.
I would agree, although I suspect Java is also a good candidate.
However, while I don't know PHP OOP, I am open to considering it
because of the
each class should focus on a single area of responsibility.
therefore the login check doesn't belong in class A or B,
instead it belongs in the code consuming the functionality
of said classes.
?php
$login = new login($pwd, $acc, $customerAcc);
$bee = new b();
if ($login-validate())
tedd wrote:
I lean toward C++ because I wrote in it for a few years AND C++
appears to be the most common, widespread, and popular OOP language.
I would agree, although I suspect Java is also a good candidate.
However, while I don't know PHP OOP, I am open to considering it
because of the
2009/2/9 Andrew Ballard aball...@gmail.com:
On Mon, Feb 9, 2009 at 11:10 AM, tedd tedd.sperl...@gmail.com wrote:
At 10:02 AM -0500 2/9/09, Andrew Ballard wrote:
On Sun, Feb 8, 2009 at 3:37 PM, Paul M Foster pa...@quillandmouse.com
wrote:
Perhaps a better question then might be how many
2009/2/9 tedd t...@sperling.com:
Hi gang:
At the college where I teach, they are considering teaching OOP, but they
don't want to settle on a specific language.
My thoughts are it's difficult to teach OOP without a language -- while the
general concepts of OOP are interesting, people need
On Mon, Feb 9, 2009 at 12:10 PM, Dan Shirah mrsqua...@gmail.com wrote:
I can't help much, but this might get you started.
1) Does the DLL you are trying to use actually supports COM. I know some
don't.
2) I'm pretty sure that the string you pass to new COM('...') should
be the name the
On Mon, Feb 09, 2009 at 11:02:37AM -0500, tedd wrote:
Hi gang:
At the college where I teach, they are considering teaching OOP, but
they don't want to settle on a specific language.
My thoughts are it's difficult to teach OOP without a language --
while the general concepts of OOP are
On Mon, Feb 9, 2009 at 12:19 PM, Stuart stut...@gmail.com wrote:
2009/2/9 tedd t...@sperling.com:
Hi gang:
At the college where I teach, they are considering teaching OOP, but they
don't want to settle on a specific language.
My thoughts are it's difficult to teach OOP without a language --
At 10:41 AM -0600 2/9/09, Boyd, Todd M. wrote:
-Original Message-
From: tedd [mailto:tedd.sperl...@gmail.com]
Granted, there are things here that are above my head -- I am not
passing myself off as an expert but rather as someone proposing ideas
to see if they pass or fail.
I
Paul M Foster wrote:
PHP is *not* a good example for OO. There are a lot of OO principles
it doesn't follow.
I would have suggested Smalltalk, the original OO language, except
that no one uses it any more, and other languages don't necessarily
fully implement OO as done in Smalltalk.
2009/2/9 Stuart stut...@gmail.com:
2009/2/9 Jan G.B. ro0ot.w...@googlemail.com:
2009/2/9 Stuart stut...@gmail.com:
I would also advise against stripping and trimming
anything from passwords.
Trimming could be left out but it minimizes user errors and users
pretending to know their password.
-Original Message-
From: Andrew Ballard [mailto:aball...@gmail.com]
Sent: Monday, February 09, 2009 11:21 AM
To: Dan Shirah
Cc: Phpster; PHP-General list
Subject: Re: [PHP] Using DLL with PHP
On Mon, Feb 9, 2009 at 12:10 PM, Dan Shirah mrsqua...@gmail.com
wrote:
I can't help
I can't help much, but this might get you started.
1) Does the DLL you are trying to use actually supports COM. I know some
don't.
2) I'm pretty sure that the string you pass to new COM('...') should
be the name the class as registered with Windows, not the actual file
name. They are
I believe you do have to register it with regsvr32 for it to be visible.
I think the GUID that Todd mentioned might even work, but I've only
ever used the ProgID. If you don't know the ProgID that is registered,
you should be able to find it in the Windows registry after you've
registed it
Hello,
When i create a mysql database with the next command:
mysql_query(CREATE DATABASE my_db,$con)
In the server is created the database, but usually the name is created with
a prefix.
In this case: someuser_my_db
How can i detect with PHP the complete name of the new database created?
Hibbert Miller wrote:
Hello,I have been asked to install an existing PHP/MySQL application on a
system using Windows Vista.
What application are we talking about here?
Is it a known Open/Closed source application? Is it supposed to run on
windows?
I have installed PHP 5.2.8, MySQL 5.1.31
Hi,
Can somebody help me with why I have communication problem using MSSQL with
SQLserver 2005. Instead I am now using SQLSRV
--
Best Wishes
Andrew Williams
--
Best Wishes
Andrew Williams
On Mon, Feb 9, 2009 at 1:11 PM, Andrew Williams
andrew4willi...@gmail.com wrote:
Hi,
Can somebody help me with why I have communication problem using MSSQL with
SQLserver 2005. Instead I am now using SQLSRV
--
Best Wishes
Andrew Williams
Care to be more specific?
Andrew
--
PHP General
R B wrote:
Hello,
When i create a mysql database with the next command:
mysql_query(CREATE DATABASE my_db,$con)
In the server is created the database, but usually the name is created with
a prefix.
In this case: someuser_my_db
How can i detect with PHP the complete name of the new
MSsql unable to connect to the SQLserver2005 but not SQLserver2008
On Mon, Feb 9, 2009 at 6:11 PM, Andrew Williams
andrew4willi...@gmail.comwrote:
Hi,
Can somebody help me with why I have communication problem using MSSQL with
SQLserver 2005. Instead I am now using SQLSRV
--
Best Wishes
I´m creating a software that use a database, and i want to include a
install.php file to install the database
of the software.
I can create the database in the install.php file with
mysql_query(CREATE DATABASE my_db,$con)
But when is created, i don´t know the complete name of the database,
Shawn McKenzie wrote:
R B wrote:
Hello,
When i create a mysql database with the next command:
mysql_query(CREATE DATABASE my_db,$con)
In the server is created the database, but usually the name is created with
a prefix.
In this case: someuser_my_db
How can i detect with PHP the
Jochem Maas wrote:
Andrew schreef:
Hi,
As an example of the attack...
$ whoami
www-data
isn't the whole point of suexec/PHP/FastCGI that the local user
has no access to the www-data account ... suexec switches to the
users account from the webserver account not the
On Sun, Feb 8, 2009 at 09:35, Richard Heyes rich...@php.net wrote:
Hi,
Can anyone point out some general statistics on PHP usage compared to
other server languages? I've tried Netcraft, but they only appear (or
I've only found) to have statistics on the httpd server used.
All @php.net
I´m looking that i have another problem:
I´m making a software to install in any server.
The software needs a database, so i want to create a script install.php
to create the database when this script is executed.
At this point of the instalation, i don´t know none of the users that are
defined
Shawn McKenzie wrote:
Shawn McKenzie wrote:
R B wrote:
Hello,
When i create a mysql database with the next command:
mysql_query(CREATE DATABASE my_db,$con)
In the server is created the database, but usually the name is created with
a prefix.
In this case: someuser_my_db
How can i
2009/2/9 tedd t...@sperling.com:
Hi gang:
At the college where I teach, they are considering teaching OOP, but they
don't want to settle on a specific language.
I guess that is not a good idea, you should really combine it with a
language, as some students will be curious enough to play
R B wrote:
I´m looking that i have another problem:
I´m making a software to install in any server.
The software needs a database, so i want to create a script install.php
to create the database when this script is executed.
At this point of the instalation, i don´t know none of the
On Mon, Feb 9, 2009 at 11:03 AM, Daniel Brown danbr...@php.net wrote:
On Sun, Feb 8, 2009 at 09:35, Richard Heyes rich...@php.net wrote:
Hi,
Can anyone point out some general statistics on PHP usage compared to
other server languages? I've tried Netcraft, but they only appear (or
I've only
On Mon, Feb 9, 2009 at 2:03 PM, Daniel Brown danbr...@php.net wrote:
On Sun, Feb 8, 2009 at 09:35, Richard Heyes rich...@php.net wrote:
Hi,
Can anyone point out some general statistics on PHP usage compared to
other server languages? I've tried Netcraft, but they only appear (or
I've only
On Mon, 2009-02-09 at 15:46 +0100, cr.vege...@gmail.com wrote:
Thanks Nisse,
- Original Message -
From: Nisse Engström news.nospam.0ixbt...@luden.se
To: php-general@lists.php.net
Sent: Sunday, February 08, 2009 6:06 PM
Subject: Re: [PHP] Re: require() causing strange characters ?
On Mon, Feb 9, 2009 at 14:39, Andrew Ballard aball...@gmail.com wrote:
For what it's worth, you missed .do, .dll, .exe, and I'm sure others
(yes, I've seen web sites running what I assume to be compiled web
applications with all of these extensions) as well as anything using
URL rewriting
Daniel Brown wrote:
On Mon, Feb 9, 2009 at 14:39, Andrew Ballard aball...@gmail.com wrote:
For what it's worth, you missed .do, .dll, .exe, and I'm sure others
(yes, I've seen web sites running what I assume to be compiled web
applications with all of these extensions) as well as anything
On Mon, Feb 9, 2009 at 14:58, Shawn McKenzie nos...@mckenzies.net wrote:
And HTM shows 701M, so it is now beating out ASP :-)
Another bone of contention is the masking --- I mentioned it
briefly in my original remarks in this thread, but on further
investigation, it may actually have a
thank you.
On Mon, Feb 9, 2009 at 1:14 PM, Shawn McKenzie nos...@mckenzies.net wrote:
R B wrote:
I´m looking that i have another problem:
I´m making a software to install in any server.
The software needs a database, so i want to create a script install.php
to create the database
H, maybe it's not a problem with the DLL I'm trying to access because
just doing a simple:
$my_com = new COM(Excel.Application);
Gives me the same error:
*Fatal error*: Uncaught exception 'com_exception' with message 'Failed to
create COM object `Excel.Application': Invalid syntax '
I've
2009/2/9 Daniel Brown danbr...@php.net:
On Mon, Feb 9, 2009 at 14:58, Shawn McKenzie nos...@mckenzies.net wrote:
And HTM shows 701M, so it is now beating out ASP :-)
Another bone of contention is the masking --- I mentioned it
briefly in my original remarks in this thread, but on further
On Mon, Feb 9, 2009 at 15:21, Stuart stut...@gmail.com wrote:
I would advise you against wasting your time because there is no
reliable way to tell what systems a server is actually using to serve
pages. Nearly all sites I work on these days use techniques to remove
extensions from URLs, and
On Mon, Feb 9, 2009 at 3:21 PM, Dan Shirah mrsqua...@gmail.com wrote:
H, maybe it's not a problem with the DLL I'm trying to access because
just doing a simple:
$my_com = new COM(Excel.Application);
Gives me the same error:
*Fatal error*: Uncaught exception 'com_exception' with message
2009/2/9 Daniel Brown danbr...@php.net:
On Mon, Feb 9, 2009 at 15:21, Stuart stut...@gmail.com wrote:
I would advise you against wasting your time because there is no
reliable way to tell what systems a server is actually using to serve
pages. Nearly all sites I work on these days use
On Mon, Feb 9, 2009 at 15:41, Stuart stut...@gmail.com wrote:
Indeed, but I find coding without QA requirements is a great way to relax.
It's what I do to take a break from coding for The Job[tm]. I
suppose that makes us seem a little ill, eh?
--
/Daniel P. Brown
On Mon, Feb 9, 2009 at 3:28 PM, Daniel Brown danbr...@php.net wrote:
On Mon, Feb 9, 2009 at 15:21, Stuart stut...@gmail.com wrote:
I would advise you against wasting your time because there is no
reliable way to tell what systems a server is actually using to serve
pages. Nearly all sites I
I updated fedora core from FC5 to TC6, thus httpd and php were updated in the
process. My pages worked with no errors before the upgrade.
My php pages are no not displaying and generating this error in the httpd logs
PHP Notice: Undefined variable: DOCUMENT_ROOT in
Marc Fromm wrote:
I updated fedora core from FC5 to TC6, thus httpd and php were updated in the
process. My pages worked with no errors before the upgrade.
My php pages are no not displaying and generating this error in the httpd logs
PHP Notice: Undefined variable: DOCUMENT_ROOT in
Shawn McKenzie wrote:
Marc Fromm wrote:
I updated fedora core from FC5 to TC6, thus httpd and php were updated in
the process. My pages worked with no errors before the upgrade.
My php pages are no not displaying and generating this error in the httpd
logs
PHP Notice: Undefined variable:
Apache: 2.2.8 threaded
PHP: 5.2.4-2
mySQL: 5.051.a
Ubuntu 8.04 minimal with everything needed installed via apt-get.
Using SMF forum, I'm having an issue with the strtr command... Here's
the code...
$ftp_file = strtr($filename, array ($_SESSION['pack_ftp']['root'] =''));
The
Nathan Rixham wrote:
Marcus Gnaß wrote:
Nathan Rixham wrote:
Project: PHP Common Objects and Datatypes
Has anything been setup for project COD-pieces yet? I like this name! ;)
Actually, yes it has - the project, well working group, has been
called voom.
Sounds fine too! ;)
If you're
Me too..
Zechim from Brazil.
-Mensagem original-
De: Marcus Gnaß [mailto:gona...@gmx.de]
Enviada em: segunda-feira, 9 de fevereiro de 2009 19:59
Para: nrix...@gmail.com
Cc: PHP-General; Paul M Foster
Assunto: Re: [PHP] maybe we could all?
Nathan Rixham wrote:
Marcus Gnaß wrote:
At 3:44 PM -0500 2/9/09, Daniel Brown wrote:
On Mon, Feb 9, 2009 at 15:41, Stuart stut...@gmail.com wrote:
Indeed, but I find coding without QA requirements is a great way to relax.
It's what I do to take a break from coding for The Job[tm]. I
suppose that makes us seem a little ill,
On Mon, Feb 9, 2009 at 2:02 PM, Jônatas Zechim zechim@gmail.com wrote:
Me too..
Zechim from Brazil.
-Mensagem original-
De: Marcus Gnaß [mailto:gona...@gmx.de]
Enviada em: segunda-feira, 9 de fevereiro de 2009 19:59
Para: nrix...@gmail.com
Cc: PHP-General; Paul M Foster
onlist this time...
tedd wrote:
snip
I think the MD5() hash is a pretty good way and if the weakness is the
user's lack of uniqueness in determining their passwords, then we can
focus on that problem instead of looking to another hash. And besides,
the solution presented was to
Or, like the article suggested, a random portion for the hash... I
agree with you, Micah. The hash collision is a problem, and must be
avoided.
Same password hashes for different users are very good candidates for
a dictionary attack. Probably, in most of this cases, users picked
easy passwords,
Greetings All,
We write with reference to our website at http://www.warcrimes.info/shop/html/.
Our web host tells us that our website currently runs on php 5.2.8. We recently
faced this error:
Fatal error: Call to a member function sql_query() on a non-object in
Andrew schreef:
Jochem Maas wrote:
Andrew schreef:
Hi,
As an example of the attack...
$ whoami
www-data
isn't the whole point of suexec/PHP/FastCGI that the local user
has no access to the www-data account ... suexec switches to the
users account from the
I have a login system that I am coding. I need it to generate a unique token
on login to be stored in the browser's cookie. I currently use a script that
generates a MD5 hash of the current unix timestamp, then checks the mysql
database to see if the token already exists. It loops this
On Mon, Feb 9, 2009 at 8:52 PM, sean greenslade zootboys...@gmail.com wrote:
I have a login system that I am coding. I need it to generate a unique token
on login to be stored in the browser's cookie. I currently use a script that
generates a MD5 hash of the current unix timestamp, then checks
1 - 100 of 109 matches
Mail list logo
