the situation.
Hope that helps.
Chris
=
Chris Shiflett - http://shiflett.org/
PHP Security Handbook
Coming mid-2004
HTTP Developer's Handbook
http://httphandbook.org/
RAMP Training Courses
http://www.nyphp.org/ramp
--
PHP General Mailing List (http://www.php.net
is not happening. If you look
at the output of phpinfo() on this exact same script, is the local value
of session.use_trans_sid still 1?
Chris
=
Chris Shiflett - http://shiflett.org/
PHP Security Handbook
Coming mid-2004
HTTP Developer's Handbook
http://httphandbook.org/
RAMP Training Courses
the HTTP
headers, and echo that to the user. The URL in the user's browser will be
your script's, but hopefully that isn't a problem.
Hope that helps.
Chris
=
Chris Shiflett - http://shiflett.org/
PHP Security Handbook
Coming mid-2004
HTTP Developer's Handbook
http
=
Chris Shiflett - http://shiflett.org/
PHP Security Handbook
Coming mid-2004
HTTP Developer's Handbook
http://httphandbook.org/
RAMP Training Courses
http://www.nyphp.org/ramp
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
to distribute the requests, round-robin DNS, or probably some
other solution I may not be aware of. Regardless, the browser only
distinguishes according to the domain name when deciding which cookies to
send.
Hope that helps.
Chris
=
Chris Shiflett - http://shiflett.org/
PHP Security Handbook
--- Chris Boget [EMAIL PROTECTED] wrote:
What is the name of the notation that has variable names
prefixed with the first letter of the type of the variable? eg.
int iVar;
float fVar;
string sVar;
I believe that's called Hungarian notation. I might be wrong, though.
Chris
=
My Blog
--- Alan Lord [EMAIL PROTECTED] wrote:
can I put a function_name() in the form action=... place holder?
I think you can do this with JavaScript, yes.
Chris
=
My Blog
http://shiflett.org/
HTTP Developer's Handbook
http://httphandbook.org/
RAMP Training Courses
--- Adam Williams [EMAIL PROTECTED] wrote:
I need to test a variable to see if it contains a value or not, and if
not, do something. My php is a little rusty, so which would be better?
This is a good page for understanding how things like isset(), is_null(),
and empty() work:
--- Wouter van Vliet [EMAIL PROTECTED] wrote:
I think you can do this with JavaScript, yes.
No, Chris. For as far as I know you cannot even do this with JavaScript.
You can. I just said, I think, to be polite. I knew the answer. :-)
Of course, as someone else pointed out, this is a terrible
--- tirumal b [EMAIL PROTECTED] wrote:
I have an ip addr in a variable. I use
'ssh'.$ipaddr.'command' in a php file
The dots in ipaddr variable are considered to be
string concatenations.
That's wrong, which makes me think that you didn't bother trying this
before you asked your question.
--- Chris W. Parker [EMAIL PROTECTED] wrote:
My original thinking was that I wouldn't be using the session id as I
would the unique identifier because of point #2 (you shouldn't store the
session id on the client). But since you point out that storing the
session id is a necessary evil (if I
--- Shawn McKenzie [EMAIL PROTECTED] wrote:
I get a blank page (no error) in IE6. If I go to IE settings and
disable use HTTP 1.1, then all loads well in IE.
Any ideas on things to look at or a method to troubleshoot???
Can you capture the HTTP transaction with IE and with another browser
--- Pablo Gosse [EMAIL PROTECTED] wrote:
[snip] It might be best to not try and definitely declare what counts as
foreign data, because it's a sort of everything else type of thing. If
it doesn't originate within the PHP script itself, it is foreign.[/snip]
What about data from a database
--- Martin Marques [EMAIL PROTECTED] wrote:
I need to print a page and redirect the browser to another page. As it
can't be done with PHP [snip]
Is that a challenge? :-)
Try this:
?
header('Refresh: 3; url=http://www.php.net/');
echo 'Hello, world!';
?
Hope that helps.
Chris
=
My Blog
--- Shawn McKenzie [EMAIL PROTECTED] wrote:
Yes, thanks Chris. Could it be gzip problems?
That's a possibility, but I've never heard reports of IE having trouble
with gzip.
I captured with HTTP Interceptor and here are the server response
headers prior to the actual HTML:
With NO HTTP 1.1
--- Marek Kilimajer [EMAIL PROTECTED] wrote:
So, i am looking for a function which return the result of the unix
shell command: ls mydir/name*
www.php.net/glob
I think you read that question wrong, or else I am. :-)
Try the second user note on this page:
--- erythros [EMAIL PROTECTED] wrote:
trying to use split(). i want to split a paragraph by sentence. so of
course i used split('[.!?]', $data). but then i noticed i use ... or
every now and again at the end of a sentence.
Maybe you could explode on a period followed by a space? I
Hi Shawn,
--- Shawn McKenzie [EMAIL PROTECTED] wrote:
I've never sent attachment to this group, hope it is ok.
It is generally fine, although I think most people prefer that you trim
your code down to the most relevant bit and include that in the body of
the email.
I got a bit lost in your
--- QT [EMAIL PROTECTED] wrote:
I am using following method for GET but I am getting this error from
server;
HTTP/1.1 505 HTTP Version Not Supported
This means that the version of HTTP that you are using is not supported by
the server you are sending your request to.
fputs ($fp, GET /
--- Lawrence Kennon [EMAIL PROTECTED] wrote:
For a BBS I would like to let users post links to various resources.
They 'post' a message to the BBS via a form and that is stored in a
MySQL db, then the content of their 'post' is available to other users
on the BBS. Currently I strip out all
--- Adam i Agnieszka Gasiorowski FNORD [EMAIL PROTECTED] wrote:
Chris W. Parker wrote:
10. Use htmlentities() on data that will be put through a SQL query to
prevent XSS attacks. http://php.net/htmlentities
How is it going to interact with MySQL FULLTEXT
search SQL queries, where
--- Erik Osterman [EMAIL PROTECTED] wrote:
Look's correct... you could consider adding
Header(Content-transfer-encoding: binary);
Because Content-transfer-encoding is not a valid HTTP header, this will
have no effect. Content-Encoding and Transfer-Encoding are valid headers,
but binary is
--- Duncan [EMAIL PROTECTED] wrote:
The only problem is that if there are no arguments in the URL already I
get the following:
http://localhost/dir_to_my_script/test.php?arg1=1arg2=2
notice the ? bit.
Rather than trying to see whether this might work on most browser, you
should try to make
--- Erin [EMAIL PROTECTED] wrote:
How do i convert a timestamp in to a normal readable time date ie
2003155023
into
11th November 2003 @ 15:50:23
That's not a timestamp, first of all. It looks to me like you just need to
use substr() to parse out the elements however you want. You
--- Josephin Tauschinger [EMAIL PROTECTED]
wrote:
Thank you Chris!
No problem. :-)
What I did was exactly what Pablo Gosse proposed and, as you stated,
it didn't work:
input type=hidden name=referrer value=?php echo
$_SERVER['HTTP_REFERER']; ?
Do you know how I can get my webserver
--- PHPLover [EMAIL PROTECTED] wrote:
is \n same as br
This is not true.
I know that \n creates a break in source and not in display.
Is it possible to make \n does the same function as br
No, but you can convert your newlines to the HTML equivalent:
http://www.php.net/nl2br
Hope that
--- Justin Hannus [EMAIL PROTECTED] wrote:
Does anyone know of some good links to material on Digital Signatures
or openssl examples, articles, tutorials or discussions?? Of course,
implemented in PHP.
I don't know of any tutorials, but the documentation has quite a bit of
information:
--- James [EMAIL PROTECTED] wrote:
Follow-up question:
If I have a specific project that I'm hiring for, would it be
inappropriate to post it here?
As long as you're looking for a PHP developer, this is the place to post.
:-)
If it is ever decided that such things should not be posted here, I
--- Martin Helie [EMAIL PROTECTED] wrote:
no, unfortunately, that doesn't work; it creates a permanent socket on
the server, but between page reads, php still loses its resource id,
and can't communicate with the socket...
The last two user notes on this page seem relevant:
--- Dave Carrera [EMAIL PROTECTED] wrote:
$addamysqluser = mysql_query(grant
select,insert,drop,update,delete,create,index,alter on $_POST[f2] to
[EMAIL PROTECTED] IDENTIFIED by $_POST[f3]);
What is wrong with the above php based mysql_query?
I'm not sure about the query itself, but it
--- Donpro [EMAIL PROTECTED] wrote:
Is there a PHP function that would allow the script execution to pause
'N' seconds? This is analogous to the dBase inkey() function.
When I search Google for PHP pause, the firt result mentions the sleep()
function. Did you try finding the answer yourself
--- Koala Yeung [EMAIL PROTECTED] wrote:
The problem is: right after a submit process, POSTDATA still stored in
the user's browser. When one submit a thread, read the index table of
forum.php, and press Reflash, the browser will give a message like:
The page you are browsing contains POSTDATA.
--- Lee Stewart [EMAIL PROTECTED] wrote:
I'm looking at an existing application that uses a number of
statements like:
location = page2.php;
I thought I'd seen it somewhere in the PHP doc, but can't find it
now.. Can anyone point me to where it's written up?
The HTTP header itself is
--- Lee Stewart [EMAIL PROTECTED] wrote:
It's not $location = xxx, just location = page.php;
So the dollar sign is missing? Can you show us all of the code in
question? (Or did I miss it?)
And it seems to work as a redirect... But not part of the header
fuction, and not just setting a
--- Lee Stewart [EMAIL PROTECTED] wrote:
Here's a *working* section of code... Note the
location = browse.php;
on line 23
How does that not generate a parse error? I must be missing something.
It seems to me that either a dollar sign is missing, or the line is
intended to define a
--- Ron Rudman [EMAIL PROTECTED] wrote:
There are already plenty of echo statements in foo! They DO show up
when I run php foo. It's when I try to use system(php foo) that I
don't get anything.
I missed the original question, but why are you trying to use the PHP CLI
from within PHP itself?
--- Eugene Lee [EMAIL PROTECTED] wrote:
Warning: nl2br() is not safe because it emits br / tags which do
not always work on all browsers (especially browsers not explicitly
advertised to be XHTML-compliant).
Can you name a single browser that cannot properly render a br / tag?
Chris
=
My
--- Ron Rudman [EMAIL PROTECTED] wrote:
I have a report that I would like to run as a cron job, hence the
need for a standalone CLI version that just reads the database and
has no other context.
[snip]
I can't see how I would use eval() here, since in the command line:
php foo, foo is a
--- John Nichel [EMAIL PROTECTED] wrote:
The old Prodigy 'browser' from the early 90's? ;)
Is that a guess or an answer?
I don't see it here:
http://browsers.evolt.org/
That's the only place I know to find old browsers with which to test
things like this. If you have any other information,
--- Eugene Lee [EMAIL PROTECTED] wrote:
Can you name a single browser that cannot properly render a br /
tag?
There were rendering problems discovered with one popular web forum
software called vBulletin.
That's not a browser.
Chris
=
My Blog
http://shiflett.org/
HTTP
--- Robert Cummings [EMAIL PROTECTED] wrote:
This appears to be off-topic, and so to drive the point home in
your own self-righteous drivel:
Robert, that is enough of this. Please take your pesonal differences
elsewhere.
Chris
=
My Blog
http://shiflett.org/
HTTP Developer's Handbook
--- Robert Cummings [EMAIL PROTECTED] wrote:
I was merely trying to keep the list on-topic.
It did not seem that way to me. Your reply appeared to be a deliberate
attempt to rekindle an argument from a day or two ago that most of us
would rather not have read.
I can retract this behaviour if
--- Chris W. Parker [EMAIL PROTECTED] wrote:
What I'd like to do is gather enough info to be able to write a good,
short (heck in can be long, I don't care) write up on what it takes to
write a secure app and be able to post a link to said document any time
someone asks a question security
--- Robert Cummings [EMAIL PROTECTED] wrote:
I did mention database as one of the solutions. The question wasn't
about security so I didn't elaborate.
I have done this same thing in the past, because I tend to answer the
question asked and nothing more.
However, recently I have begun trying to
--- rogue [EMAIL PROTECTED] wrote:
Suppose I am running a script from an URL like:
http://127.0.0.1/~myname/foo/bar.php
on this page I want to redirect to another page and send a full http
string like:
$redirect = http://; . $_SERVER['HTTP_HOST'] . /foo/hello.php;
In this case,
--- Shaun [EMAIL PROTECTED] wrote:
Is there a way to filter metacharacters from all $_POST values sent from
pages on my site in an effort to eliminate the majority of XSS attacks?
Yes, but it's probably more important that you understand what XSS is and
what methods people use to protect
--- Shaun [EMAIL PROTECTED] wrote:
does anyone know of a function i can include in my scrpits to ensure all
$_POST values sent from a page don't include any SQL?
It's only important that the data sent from the client will not be
executed by your database. Depending on which database you use,
--- Ryan A [EMAIL PROTECTED] wrote:
I thought i knew the useage of the global keyword in a function but
after reading a pals program i am really confused, i tried
http://php.net/global but that does not give me any results...searched
the list and found some reference to global and the scope of
--- Steve Buehler [EMAIL PROTECTED] wrote:
I am using PHP/MySQL and am having a problem. We have some names and
addresses in the database that have single quotes in them. For
instance. There is a town around here called Lee's Summit. Also
names like O'connel. When I pull from the database it
--- Boyan Nedkov [EMAIL PROTECTED] wrote:
... Short of any severe bugs in PHP's core, there is no way for a
user of your Web application to modify session data ...
It seems that statement is not completely correct considering the topic
discussed in the paper 'Session Fixation
--- Luis Lebron [EMAIL PROTECTED] wrote:
Any good tools for benchmarking sql queries?
This may not directly answer your question, but I find the mytop utility
very helpful for seeing what is happening with a MySQL server. It's
available here:
http://jeremy.zawodny.com/mysql/mytop/
Another
--- Shaun [EMAIL PROTECTED] wrote:
How could a cookie be changed maliciously?
Cookies are sent by the client, so hopefully that alone illustrates the
danger.
A cookie's value is not guaranteed to be whatever you asked the client to
set. The legitimate users of your site will likely be using a
1. Is it possible to download the entire PHP site so that i can learn
from the source code at my liesure. I know that source code of PHP can
be accessible through CVS but is there any anonymous FTP or a zip file
download?
Not to my knowledge. If you don't like using CVS, you can always browse
--- Luis Lebron [EMAIL PROTECTED] wrote:
I guess there is a configuration option in my.cnf for logging slow
queries?
There, or you can pass it in as a command line argument when you start the
server. Here is a good URL for more information:
http://www.mysql.com/doc/en/Slow_query_log.html
You
--- Jake McHenry [EMAIL PROTECTED] wrote:
input type=text name=10_Accounting_Unit size=1 maxlength=1
value={$_SESSION['10_Accounting_Unit']}
onKeyUp=movefocus(10_Accounting_Unit,11_Accounting_Unit,1);
This looks like you're trying to go in and out of PHP mode without using
?...?, ?php...?,
--- Josephin [EMAIL PROTECTED] wrote:
am a newbie as of yesterday.
Welcome!
Can't figure out how to get the $HTTP_Referer (own domain) of the page
entering my form (html), convert it into a variable which is later
passed on to my formmailer.php for the $subject variable.
xy.html
--- Jonathan Villa [EMAIL PROTECTED] wrote:
I would like submit a form to a page, do some processing on that page,
then if need be, return to the referrer but also send the submitted data
along with it... and data is coming from a POST form, not a GET. I
tried
--- Pablo Gosse [EMAIL PROTECTED] wrote:
Hi Donald. I just tried this in XP Professional on IE 6.0 and it worked
fine, both via a javascript function and a standard link with the target
set to _blank.
Anyone else have any idea why this would be happening?
No, but it would really be nice if
--- Terence [EMAIL PROTECTED] wrote:
I am trying to get the results of a function, which queries MySQL, back
into an array for me to order. I only want to print out certain fields
(I call the same query, but use different fields in different places).
This works is I print out the fields in
--- Donald Tyler [EMAIL PROTECTED] wrote:
I have a site that has a members section. In the news area, when a user
clicks the link for an article, it pops open a new window a requests the
article via a PHP script.
What's happening is that when the new window pops up, the script isn't
getting
--- Chris W. Parker [EMAIL PROTECTED] wrote:
But seriously, why is it such a bad idea? I'd like to finally figure
this out so I don't keep coming up with them (not that I've ever used
any). ;)
I have a free chapter that explains cookies at the protocol level here:
--- Shaun [EMAIL PROTECTED] wrote:
However, due to the nature of the site I need to make sure it is 110%
secure against hacks etc. Now I know this isn't actually possible
That's a very good thing to realize. Security is a measurement, sort of
like temperature, so saying something is 100% secure
--- Luis Lebron [EMAIL PROTECTED] wrote:
I am currently working on an application for a customer that may have
a very large amount of users (10,000 or more according to the customer).
I currently design, develop, and maintain a suite of Web applications and
utilities that receive ten million
--- Pablo Gosse [EMAIL PROTECTED] wrote:
If, as Chris wrote, this is indeed a feature/bug of IE, then it must be
configurable somewhere, though I'm lost as to where that might be.
I have no first-hand experience with this, since I don't use Windows (and
I use Safari when I use Macs). But, there
--- Pablo Gosse [EMAIL PROTECTED] wrote:
It's obviously best practice to rigorously check and validate all input
coming via $_GET or $_POST, but what about $_SESSION values?
Session data can be considered safe, but there are of course caveats. It
is not possible for the user to manipulate
--- Wouter van Vliet [EMAIL PROTECTED] wrote:
One time I had this script somebody else wrote. About 1000 lines, a
complete CMS in one file. It if'ed on simple $_GET vars about 10 times,
by opening a new if statement each and every time. After I changed this
to if ($_GET['p'] == 'one') { .. }
--- Pablo Gosse [EMAIL PROTECTED] wrote:
In all honesty I don't know enough about how one would go about
attempting to hack the values of a session other than through hacking
into the session files, so if anyone has any input on this please pass
it along.
Well, you basically hit the nail on
--- John W. Holmes [EMAIL PROTECTED] wrote:
Pablo Gosse wrote:
As to your last point, can something else change the session vars
other than my php scripts, answers to that question are exactly what
I'm looking for.
Other PHP scripts on the same server (doesn't have to be same domain)
--- Guillaume Dupuis [EMAIL PROTECTED] wrote:
We currently have 3 php servers. Can we use the same SessionID to
connect across the 3 systems?
Yes, assuming I understand you correctly.
There are many ways to address this challenge, but one method is to use a
database for your session store.
--- Chris W. Parker [EMAIL PROTECTED] wrote:
Store the username+password as an MD5 hash in a cookie, also store the
user id. Then on the other servers you can read the user id and use that
to pull out the username and password hash (you do hash your passwords
within the database right?) from a
--- MIKE YRABEDRA [EMAIL PROTECTED] wrote:
What would cause a php page to instantly prompt a timeout error when
loading?
I bet this would cause that to happen pretty quickly:
set_time_limit(1);
Chris
=
My Blog
http://shiflett.org/
HTTP Developer's Handbook
--- Daniel Clark [EMAIL PROTECTED] wrote:
$xyz = Hello World;
echo forminput type=test size=25 value=$xyz/form;
The text box shows up with Hello NOT Hello World. How do I get
the entire variable?
I would try single quotes here.
$xyz = 'Hello World';
That's good advice in general,
--- Justin French [EMAIL PROTECTED] wrote:
form action='nextpage.php?manifacturer=?=$_GET['manufacturer']?'
method='get'
Unless I'm mistaken (which is possible), this won't work. When the
form method is GET, the query string is constructed using the form
fields. Therefore, the manufacturer will
--- Justin French [EMAIL PROTECTED] wrote:
Can someone show me a simple, clean way to apply one function (eg
stripslashes()) to every element in an array (eg $_POST)?
[snip]
I've also seen http://www.php.net/array_walk, but couldn't
determine how/if it suited my needs.
Maybe you can explain
--- Leonel Nunez [EMAIL PROTECTED] wrote:
When php 5 is released will there be support for php 4.3.x?
Support from whom? What type of support?
Do you consider there to be support for 4.3.x now?
Chris
=
My Blog
http://shiflett.org/
HTTP Developer's Handbook
--- Patrick Fowler [EMAIL PROTECTED] wrote:
When I try access the index.php via the web the file it tries to
download.
Try adding this to your httpd.conf:
AddType application/x-httpd-php .php
Hope that helps.
Chris
=
My Blog
http://shiflett.org/
HTTP Developer's Handbook
--- Pablo Zorzoli [EMAIL PROTECTED] wrote:
I've tried with the simlpest example:
---
output.php
?
echo Hello World!;
?
--
test.php
htmlheadtitletesing!/title/head
body
?php
include ('http://***.com/output.php');
?
/body/html
--
Actually, I think the simplest example was
--- Pablo Zorzoli [EMAIL PROTECTED] wrote:
That's it i cannot wget it from the webserver i get
failed: Connection timed out.
i tried to wgetit from another machine and i get the desired
output.
So the server where you're running the PHP script can't connect to
the server you specify in
--- John Nichel [EMAIL PROTECTED] wrote:
Is this on Windoze or *nix? Sounds like some sort of buffering
issue...
Yes, it does.
what is 'output_buffering' set too in your ini?
This shouldn't matter either. I can't think of a reason why he would see the
behavior he describes. In fact, this
--- Luis Lebron [EMAIL PROTECTED] wrote:
I am rebuilding a php application to handle a higher load. The
previous programmer had created a series of dynamically generated
select boxes using a mysql table. Would it be faster or less
resource intensive to create a series of arrays to generate the
--- Pablo Zorzoli [EMAIL PROTECTED] wrote:
I'm having trouble while i try to include a php file.
[snip]
include ('http://blabla.com/script.php?var1=a');
[snip]
script.php should echo some text, but i don't get any output.
When you visit http://blabla.com/script.php?var1=a and view source, what
--- alain dhaene [EMAIL PROTECTED] wrote:
Is there in php something as a redirect to another page like in asp?
Yes, and as with ASP, there are several methods.
Make an example script that has only this:
? header('Location: http://www.google.com/'); ?
As for your error about headers already
--- alain dhaene [EMAIL PROTECTED] wrote:
I have check my code.
I haven't use a echo in my code.
It's very strange. I will search more on the manule.
I don't think the manual will help you here. You *do* have output in your
script prior to the call to header(). Trust me. :-)
One way to find
--- Pablo Zorzoli [EMAIL PROTECTED] wrote:
i see one line containing the expected html code.The scrip is a
counter that outputs the img tags to fecth the images:
img src=digit4.gifimg src=digit2.gif
that's all i get, and all i would like to get with the remote
include.
That seems right,
--- Pablo Zorzoli [EMAIL PROTECTED] wrote:
?
include('http://www.google.com/');
?
That should basically take Google's HTML and make it your own.
The image will obviously not work, but it should otherwise look
like Google's home page.
yes i get Google's HTML.
OK, so this proves
--- Robb Kerr [EMAIL PROTECTED] wrote:
What's your favorite online Php language guide?
http://www.php.net/manual/
Chris
=
My Blog
http://shiflett.org/
HTTP Developer's Handbook
http://httphandbook.org/
RAMP Training Courses
http://www.nyphp.org/ramp
--
PHP General Mailing
--- Kim Kohen [EMAIL PROTECTED] wrote:
I'm glad to report this is not a PHP issue. It turns out to be a
Safari problem with Mac OSX (Safari was updated with OSX 10.3).
All my PHP stuff is working correctly in IE so it looks like
development will proceed there until Apple gets a fix.
I would
--- S.P.Vimala [EMAIL PROTECTED] wrote:
How to create a unique session for every new browser instance?
I'm not sure if this fits your definition of new browser instance, but there
is no way for a remote Web server to distinguish between two instances of the
same browser running on the client
I didn't look into your problem, but I want to mention one thing that stands
out to me.
--- Frank Tudor [EMAIL PROTECTED] wrote:
$query=SELECT payment FROM payment WHERE
dln='.$_POST[dln].' = payment.dln='.$_POST[dln].' and
users.password='.$_POST[password].';
Never, ever build an SQL query
--- Jed R. Brubaker [EMAIL PROTECTED] wrote:
Is there a way to preserve URL variables and have a link simply add
a new variable to the end?
Sure, just use $_SERVER['QUERY_STRING'], which is the current query string, and
append whatever new URL variables you want.
Chris
=
My Blog
--- Rob Adams [EMAIL PROTECTED] wrote:
I'm not sure if this fits your definition of new browser
instance, but there is no way for a remote Web server to
distinguish between two instances of the same browser running
on the client machine.
That can't be true.
It can, and it is.
The only
--- Jake McHenry [EMAIL PROTECTED] wrote:
I know this is a bit off topic, but does anyone know of a way I can
take the server time in php and get it into javascript?
Well, that part isn't off-topic, in my opinion.
JavaScript and HTML are the exact same thing from the perspective of PHP;
--- Rob Adams [EMAIL PROTECTED] wrote:
Test it yourself.
With all due respect, it seems you should be doing the testing.
Login to a PHP app using a standard browser and session cookies
and see for yourself. I understand the philosophy of the web
server only seeing what the client sends it,
--- CPT John W. Holmes [EMAIL PROTECTED] wrote:
If you are not relying on a cookie based session, then this will
work. Each login could be assigned a different session ID, so the
requests for each browser will be different because of the different
session IDs.
What John is explaining here is
--- Rob Adams [EMAIL PROTECTED] wrote:
That doesn't seem to be what he's saying.
because of the different session IDs.
It seems to me a better example of what he is saying would be:
http://example.org/foo.php?PHPSESSID=12345
vs.
http://example.org/foo.php?PHPSESSID=67890
Perhaps I
--- Joao Andrade [EMAIL PROTECTED] wrote:
form method=post action=\basics\quotation-add
Windowsitis? Mind your slashes.
Also, you should quote HTML attributes (though this isn't your problem). So,
try this:
form action=/basics/quotation-add method=post
tdinput type=text size=30
--- Joao Andrade [EMAIL PROTECTED] wrote:
if ( $_POST['nova'] =! )
Equal not? Perhaps you mean not equal? :-)
Chris
=
My Blog
http://shiflett.org/
HTTP Developer's Handbook
http://httphandbook.org/
RAMP Training Courses
http://www.nyphp.org/ramp
--
PHP General Mailing
--- [EMAIL PROTECTED] wrote:
In the php.ini I have set the registr_globals=3D Off
I'm assuming that 3D was put in there by some faulty mail client? Also, make
sure you spell it register_globals.
php_flag register_globals on for only this site.
With the function phpinfo I have see that the
--- Luis Lebron [EMAIL PROTECTED] wrote:
$query=Select * from users where userid='$_POST['userid']';
Use curly braces:
$query = select * from users where userid = '{$_POST['userid']}';
Hope that helps.
Chris
=
My Blog
http://shiflett.org/
HTTP Developer's Handbook
--- [EMAIL PROTECTED] wrote:
The problem concern:
The correct site is: www.gardafun.com with apache.1.3.27 and
php-4.0.6 with register_globals = On
The new webserver is 213.21.138.119 with suse8.2 apache1.3.27 and
php-4.3.3 with register_globals=off in the php.ini and in the
.htaccess
701 - 800 of 1537 matches
Mail list logo
