2010/8/27 Jan G.B. ro0ot.w...@googlemail.com:
But make sure the other code which we don't see
- does not outpot any _POST / _GET / _REQUEST / _COOKIE variables
without encoding the contents (f.e. htmlspecialchars), or
- does not send and user supplied data without scaping the sb-related
2010/8/25 Paul M Foster pa...@quillandmouse.com:
On Wed, Aug 25, 2010 at 01:05:12PM -0400, David Mehler wrote:
Hello,
Thanks to all who answered my quotes question. I've got another one.
I've got several combo boxes that are sticky, below is an example of
one and the function. Now i'd like
2010/8/25 Marc Guay marc.g...@gmail.com:
function html($text)
{
return htmlentities($text, ENT_QUOTES, 'UTF-8');
}
function htmlout($text)
{
return html($text);
}
Possibly irrelevant, and definitely not related to your questions, but
is it just me or is htmlout() a
2010/8/19 Andre Polykanine an...@oire.org:
Hello Nathan,
Sorry, could you provide any links to read for a security noob?)
Actually, I know that the md5 is decryptable (there are bases with
words encrypted in md5), but I thought the SHA1 was secure...
--
With best regards from Ukraine,
2010/8/18 Daniel P. Brown daniel.br...@parasane.net:
On Tue, Aug 17, 2010 at 15:19, tedd t...@sperling.com wrote:
Bingo -- that worked.
It's interesting that a space is optional between -u and user, but required
to be absent between -p and password. Seems not symmetrical to me.
The
2010/8/24 Bob McConnell r...@cbord.com:
From: Peter Lind
On 24 August 2010 15:43, Gary php-gene...@garydjones.name wrote:
Jan G.B. wrote:
The weakness of MD5 is mainly because MD5 collisions are possible.
That means, that different strings can have the same MD5-hash...
http
2010/8/24 Peter Lind peter.e.l...@gmail.com:
On 24 August 2010 16:25, Jan G.B. ro0ot.w...@googlemail.com wrote:
2010/8/24 Bob McConnell r...@cbord.com:
From: Peter Lind
On 24 August 2010 15:43, Gary php-gene...@garydjones.name wrote:
Jan G.B. wrote:
The weakness of MD5 is mainly because
2010/6/1 Peter Lind peter.e.l...@gmail.com:
On 1 June 2010 17:33, Ashley Sheridan a...@ashleysheridan.co.uk wrote:
On Tue, 2010-06-01 at 16:31 +0100, Richard Quadling wrote:
$re1 = '/^[a-z]++$/i';
$re2 = '/^[a-z ]++$/i';
--
-
Richard Quadling
Standing on the shoulders of some very
Hi there.
I'm also a User of the Netbeans IDE and I can tell you the following:
- Netbeans is the only IDE who can load very large PHP scripts (f.e.
1mb PHP Script with a multiple of 10thousands of lines) with syntax
highlighting and SUPERB code completion. It works with include files,
you can
2010/5/6 David McGlone da...@dmcentral.net:
On Wednesday 05 May 2010 16:19:35 Paul M Foster wrote:
On Wed, May 05, 2010 at 01:03:41PM -0400, David McGlone wrote:
On Wednesday 05 May 2010 12:51:00 Ashley Sheridan wrote:
On Wed, 2010-05-05 at 12:55 -0400, David McGlone wrote:
I've checked
2010/4/25 Michelle Konzack linux4miche...@tamay-dogan.net:
Hi,
I have a code sniplet which does not work and I do not know why:
8--
$isfile=shell_exec(ls /tmp/tdphp-vserver/SESSION_ .
$_SERVER['REMOTE_ADDR'] . _ .
Hi List,
I just figured, that the Browsers on my system do interpret #039;
inside href or onclick attribute as a plain '.
Imagine the user input is the following line:
param2 foo';);alert(document.cookie);alert('
Which is being written by the script like that:
a href=javascript:void(0);
You can also just send out the correct Header for plain text. But your
HTMl will not be interpreted then.. So this makes only sense if you
actually want plain text as the output format.
header(Content-type: text/plain; charset=utf8);
echo foo\nbar;
Regards
2010/4/23 Nick Balestra
2010/4/16 Adam Richardson simples...@gmail.com:
On Thu, Apr 15, 2010 at 5:55 PM, Jason Pruim
li...@pruimphotography.comwrote:
On Apr 15, 2010, at 8:55 AM, tedd wrote:
At 4:13 PM -0400 4/14/10, Al wrote:
Incidentally, about formatting scripts, one of the reasons I like phpEdit
is that
regards from Ukraine,
Andre
Skype: Francophile; WlmMSN: arthaelon @ yandex.ru; Jabber: arthaelon @
jabber.org
Yahoo! messenger: andre.polykanine; ICQ: 191749952
Twitter: m_elensule
- Original message -
From: Jan G.B. ro0ot.w...@googlemail.com
To: Alex Major p...@allydm.co.uk
Date
2010/3/29 Nathan Rixham nrix...@gmail.com
Jan G.B. wrote:
2010/3/29 Nathan Rixham nrix...@gmail.com
Jan G.B. wrote:
Top posting sucks, so I'll answer the post somewhere down there.
SCNR
2010/3/29 Devendra Jadhav devendra...@gmail.com
Then you can do file_get_contents within PHP
2010/3/30 Alex Major p...@allydm.co.uk
Surely if it's not suitable for your situation, it's not the best? :)
Mantis is what I'd recommend and believe has already been recommend to you.
Runs using PHP and MySQL, it's flexible for public or private projects,
multiple projects etc.
I do agree
2010/3/30 Nathan Rixham nrix...@gmail.com:
Jan G.B. wrote:
2010/3/29 Nathan Rixham nrix...@gmail.com
Jan G.B. wrote:
2010/3/29 Nathan Rixham nrix...@gmail.com
Jan G.B. wrote:
Top posting sucks, so I'll answer the post somewhere down there.
SCNR
2010/3/29 Devendra Jadhav devendra
2010/3/29 Anshul Agrawal drinknder...@gmail.com
There is something new based on Trac but written in PHP.
mtrack (http://bitbucket.org/wez/mtrack/wiki/Home)
It is written by one of the PHP Core Developers (Wez Furlong). May be you
want to try it out.
And there's something quite new that's
Top posting sucks, so I'll answer the post somewhere down there.
SCNR
2010/3/29 Devendra Jadhav devendra...@gmail.com
Then you can do file_get_contents within PHP. or any file handling
mechanism.
On Mon, Mar 29, 2010 at 1:00 AM, ebhakt i...@ebhakt.com wrote:
Hi
i am writing a web
2010/3/29 Nathan Rixham nrix...@gmail.com
Jan G.B. wrote:
Top posting sucks, so I'll answer the post somewhere down there.
SCNR
2010/3/29 Devendra Jadhav devendra...@gmail.com
Then you can do file_get_contents within PHP. or any file handling
mechanism.
On Mon, Mar 29, 2010 at 1
2010/3/24 Marten Lehmann lehm...@cnm.de
Hello,
dan...@daniel-laptop:~$ php test.php /dev/null
Error 1
Error 2
dan...@daniel-laptop:~$ ./src/php-5.2.12/sapi/cli/php test.php
/dev/null
Error 1
Error 2
well, using php-cli instead of php-cgi, this finally worked:
?
fwrite(STDERR,
2010/3/23 Marten Lehmann lehm...@cnm.de
Hello,
I found different code examples like this, which use the file handle STDERR
just like this:
?php
fwrite(STDERR, hello\n);
?
Also, the PHP documentation of input/output streams (
http://php.net/manual/de/wrappers.php.php) says:
It is
2010/3/23 Daniel Egeberg degeb...@php.net
On Tue, Mar 23, 2010 at 11:47, Marten Lehmann lehm...@cnm.de wrote:
Hello,
I found different code examples like this, which use the file handle
STDERR
just like this:
?php
fwrite(STDERR, hello\n);
?
Also, the PHP documentation of
2010/3/20 King Coffee kcof...@hotmail.com
Hi,
I'm executing a third-parity standard PHP application on a Windows IIS 7
shared hosting server.
I need to convert, or use, a SMTP mailer service. I found two SMTP PHP
scripts - I think may work.
The sourceforge.net PHPMailer project and the
2010/3/18 Pete Ford p...@justcroft.com:
On 17/03/10 18:59, Tommy Pham wrote:
On Wed, Mar 17, 2010 at 11:01 AM, Rene Veermanrene7...@gmail.com wrote:
hmm.. seems easier to me to push a filetree of .php's with?= through
the str_replace(), than it is to get all the?= writers to comply
with
2010/3/18 tedd tedd.sperl...@gmail.com:
Calling it ranting or religious unjustly demeans the discussion and is
inflammatory.
In all of this, I've simply said it's your choice.
What I said was:
*persons ranting about short open tags* *are just like some religious people
*
I did not address
2010/3/18 Ashley Sheridan a...@ashleysheridan.co.uk
Technically, PHP isn't embedded in any language; it's the other way around.
XML and PHP are used together more often than you might realise. Consider
Ajax and RSS, which are becoming more and more popular. Also, there are
sites out there
2010/3/12 Martine Osias webi...@gmail.com
Hi,
My insert statements on this web page don't execute. The select statements
do work. This tells me that the database connection is working. The username
and password are the administrator's. What else could prevent the insert
statements from
2009/7/14 Tom Chubb tomch...@gmail.com
2009/7/14 Eddie Drapkin oorza...@gmail.com
On Tue, Jul 14, 2009 at 2:29 AM, Tom Chubbtomch...@gmail.com wrote:
Hi List,
Just wanted to pick your brains please?
I'm trying to standardise on the way I query databases and move away
from
the
2009/7/4 tedd t...@sperling.com
So, if you're having problems with Safari 4.0 on Mac OSX uploading files,
you're not alone.
s/uploading files// ;)
To make this posting useful: The thing might be related to this Bug
http://www.webmasterworld.com/macintosh_webmaster/3300569.htm
But, since
2009/7/6 Isaac Dover isaacdo...@gmail.com
Hi Chantale, as Bastien mentioned, a preconfigured package might be the
best
way to go. Wikipedia has more information:
http://en.wikipedia.org/wiki/List_of_LAMP_Packages
What are you wanting to build in your interface?
- Isaac
On Mon, Jul 6,
2009/6/10 Clancy clanc...@cybec.com.au
On Tue, 09 Jun 2009 12:22:22 -0400, rob...@interjinn.com (Robert Cummings)
wrote:
Craige Leeder wrote:
I'm not sure I agree with NEVER using else. Sometimes else is a very
logical way to organize code. However, it should not be used for data
2009/6/11 HallMarc Websites m...@hallmarcwebsites.com
-Original Message-
From: tedd [mailto:tedd.sperl...@gmail.com]
Sent: Thursday, June 11, 2009 9:28 AM
To: PHP-General List
Subject: Re: [PHP] Preventing XSS Attacks
At 7:08 PM +0100 6/10/09, Ashley Sheridan wrote:
You could even make it shorter, if you don't need the line numbers anyway:
pre
?
echo nl2br(file_get_contents('file.txt'));
?
/pre
2009/5/14 Peter Ford p...@justcroft.com:
Moses wrote:
Hi Folks,
I have a written a script in PHP which outputs the result from a text file.
The PHP script is
2009/5/12 PJ af.gour...@videotron.ca:
Could somebody please explain this?
When the line - sort($category) is commented out, the output returns
Notice: Undefined offset: in the line 36 for all the repeats (29 in
this case)
Sure thing if you consider this:
The code below:
?
$SQL = SELECT
What about declare, cast, unhex, exec etc.?
You Replace everything with isn't so good, I believe. Others
mentiond it before, that *, =, select, from ETC. are valid words and
characters in an other context.
Anayse some attacks before trying to defend them. Injections can be
heavily db-dependent,
Hi Gary,
2009/5/5 Gary gwp...@ptd.net:
Jan
Thanks for your note.
So your wrote:
$x = (3)*(2) makes no sense.
$x = 3 * 2 works, as
$x = (3 * 2) does, too.
But this is not an error at all.
^^
In the first example($x = (3)*(2) makes no sense.), which
2009/5/5 Gary gwp...@ptd.net:
This just keeps getting weirder, the results change sometimes even when the
same info is entered..
This is the revised code (after some helpful hints from some readers)
Anyone help, I am supposed to show this tomorrow to client.
Hi there,
Gary
?php
2009/5/5 tedd tedd.sperl...@gmail.com:
At 10:13 AM -0400 5/5/09, Robert Cummings wrote:
On Tue, 2009-05-05 at 10:05 -0400, Robert Cummings wrote:
On Tue, 2009-05-05 at 09:49 -0400, tedd wrote:
At 2:57 PM -0400 5/4/09, Gary wrote:
I am trying to get this to work, however it only reads
2009/4/28 Jay Blanchard jblanch...@pocket.com:
Our company wants to do e-mail verification and does not want to use the
requests / response method (clicking a link in the e-mail to verify the
address), which as we all know is the only way you can be truly sure. I
found this;
2009/4/28 Luke l...@blog-thing.com:
2009/4/28 Jan G.B. ro0ot.w...@googlemail.com
2009/4/28 Jay Blanchard jblanch...@pocket.com:
Our company wants to do e-mail verification and does not want to use the
requests / response method (clicking a link in the e-mail to verify the
address
2009/4/28 Miller, Terion tmil...@springfi.gannett.com:
Can someone help with how to make this work, trying to get the number of
rows but am getting the trying to get property of non-object
Code-
$query = select blah, blah, blah from table where .$type. like
'%.$name.%';
2009/4/26 Nathan Rixham nrix...@gmail.com:
Deivys Delgado Hernandez wrote:
Hi,
I'm having problems when i try to use the function scandir() in a Novell
Netware Volumen or a Windows Shared Folder
they both are mapped as a windows network drive, so i suppose i could
access them as local
2009/4/24 Andrew Williams andrew4willi...@gmail.com:
Hi All,
Does anyone know of any php grahp that will enable you to show/analyse more
than one inputs like price versus time?
Hi Andrew,
we're using PEAR:Image_graph here and it's good for our needs. Maybe
you should check it out.
2009/4/22 Daniel Brown danbr...@php.net:
On Wed, Apr 22, 2009 at 12:31, Jan G.B. ro0ot.w...@googlemail.com wrote:
I believe that you all should just overread the huge signature.
You've wasted a lot bandwidth with this discussion about the signature. :-)
It's not interesting.
You could have
2009/4/22 tedd tedd.sperl...@gmail.com:
At 6:31 PM +0200 4/22/09, Jan G.B. wrote:
I believe that you all should just overread the huge signature.
You've wasted a lot bandwidth with this discussion about the signature.
:-)
It's not interesting.
You could have send your pointless replies
2009/4/24 Andrew Ballard aball...@gmail.com:
On Tue, Apr 21, 2009 at 1:20 PM, Jan G.B. ro0ot.w...@googlemail.com wrote:
Do yourself a favour:
* remopve that 1337 hax0r name - it makes you look like a dumbass
This coming from someone whose e-mail address is ro0ot.w...@?
Sounds a little
2009/4/24 Bastien Koert phps...@gmail.com:
On Fri, Apr 24, 2009 at 10:03 AM, tedd tedd.sperl...@gmail.com wrote:
Whereas, your opinion doesn't matter much because you haven't contributed
anything I can remember
Tedd, it's not my problem that your sight is limited.
I don't believe the
2009/4/24 Adam Williams awill...@mdah.state.ms.us:
I have a form where users submit search terms and it explodes the terms into
an array based upon spaces. But, how can I have explode() keep words in
quotation marks together? For example, if someone enters on the form:
John Jill Judy Smith
2009/4/24 Adam Williams awill...@mdah.state.ms.us:
Jan G.B. wrote:
You could try it with regular expression matching..
for example:
?php
preg_match_all('/([a-z]+|[a-z ]+)/i', $searchstring, $resultarray);
?
Regards
Thanks. That seems to create 2 duplicate arrays, though. Can
2009/4/21 Per Jessen p...@computer.org:
Jan G.B. wrote:
A web application that uses an external db server would be quite ...
uhm... slow! Anyone did this, yet? ;)
Certainly, and it's not slow. It depends entirely on your connection to
the public internet.
As we're speaking
I believe that you all should just overread the huge signature.
You've wasted a lot bandwidth with this discussion about the signature. :-)
It's not interesting.
You could have send your pointless replies to the person, skipping the
mailing list, so that we aren't annoyed by your drivel which is
2009/4/21 Chris dmag...@gmail.com:
How does one deal with that? Do you use mysql_real_escape_string?
e.g.
?php
$db_host = 'localhost';
$db_user = 'auser';
$db_pwd = 'apassword';
$database = 'adatabase';
$table = 'authorBook';
if (!mysql_connect($db_host, $db_user, $db_pwd))
2009/4/21 ®0L¥ rol...@gmail.com:
I have a littli application in PHP that I do with appserv, in my local
server work ok but when I upload de page.php to the hosting server don't
work, the hosting say in your page that support php and the web server is
apache because the directory is httpdocs,
2009/4/21 Andrew Ballard aball...@gmail.com:
On Tue, Apr 21, 2009 at 8:34 AM, Grega Leskovsek mavri...@gmail.com wrote:
provided I want to store hash of a password in MySQL ... Using MySQL,
the whole check can be achieved with a SQL query, since the MD5
function is provided as part of the
2009/4/16 Luke l...@blog-thing.com:
Hi guys,
I've been learning about object oriented programming and I wrote this test
class but it doesn't seem to be working, it throws no errors but doesn't
insert anything to the database either. I have made sure that the data being
sent when the class is
...@addmissions.nlwrote:
Luke wrote:
2009/4/16 Jan G.B. ro0ot.w...@googlemail.com
2009/4/16 Luke l...@blog-thing.com:
Hi guys,
I've been learning about object oriented programming and I wrote
this
test
class but it doesn't seem to be working, it throws no errors
Excuse my bad spelling. I should have read the message again before
hitting send. :-)
2009/4/16 Jan G.B. ro0ot.w...@googlemail.com:
I think the problem was with the $title. As above, you defined the private
variable $rtitle but you were trying to call the variable later as $title
2009/4/12 Ron Piggott ron@actsministries.org:
At the very start of my index.php I have the following lines of code:
foreach($_GET as $key = $val) {
$$key = $_GET[$val];
echo $_GET[$val] . br /;
}
What I don't understand is why the output is
br /br /
Well, this would happen if you
2009/4/13 PJ af.gour...@videotron.ca:
I have already tried with several count and for schemes. None work
because foreach ignores any counters once in the loop. Also, this
foreach is nested within another foreach; don't know if that affects
anything.
Have you heard of while()? You can use it
2009/4/13 René Fournier m...@renefournier.com:
What was the unix timestamp of last week, Monday 12:00 am?
Depends on when I read your message.
SCNR :-)
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
2009/4/9 Yannick Mortier mvmort...@googlemail.com:
2009/4/9 9el le...@phpxperts.net:
-- Forwarded message --
From: Sabrina Akter lizzeel...@gmail.com
Date: Thu, Apr 9, 2009 at 1:12 AM
Subject: codeigniter 'secure, non-secure content' pop up message in IE7
To:
2009/4/9 tedd t...@sperling.com:
Hi gang:
-.-
I'm gathering information from a user, storing that data in a db, and then
showing it back to the user. It's a simple process and can bee seen here in
this address book demo (not real people):
http://php1.net/a/edit-db-demo
I gather
2009/4/7 Bastien Koert phps...@gmail.com:
On Tue, Apr 7, 2009 at 1:10 PM, Michael A. Peters mpet...@mac.com wrote:
PJ wrote:
Bob McConnell wrote:
From: PJ
First, let me thank you all for responding and offering suggestions. I
appreciate it and I am learning things.
However, it looks
Well, you might want to do it with curl, you might want to write your
own socketscript, or your just check the return variable of
file_get_contents() - it'll be false on failure and it won't try to
get an invalid URL forever. Guess the error is somewhere else, when
your script continues
2009/4/3 Chris dmag...@gmail.com:
Andrew Williams wrote:
I want to created a window schedule a task that will run every 2 minutes
and
run my php script(www.domain.com/script.php). But I need to know how to
create a php.exe that I can select as a window schedule a task so that the
php.exe
a nice day.
Regards,
Igor Escoar
Systems Analyst Interface Designer
--
Personal Blog
~ blog.igorescobar.com
Online Portifolio
~ www.igorescobar.com
Twitter
~ @igorescobar
On Thu, Apr 2, 2009 at 11:01 AM, Jan G.B. ro0ot.w...@googlemail.com wrote:
2009/4/2 Igor Escobar titiolin
2009/4/3 aurfal...@gmail.com:
Hi all,
For any one following this thread, here is how I worked around the
apache/php/chown limitation.
script snippet (and if any one has a more elegant style, please share as I
am an amateur script kiddie).
$path = /homes.$username;
$chowncmd =
that.
Regards,
Igor Escoar
Systems Analyst Interface Designer
--
Personal Blog
~ blog.igorescobar.com
Online Portifolio
~ www.igorescobar.com
Twitter
~ @igorescobar
On Fri, Apr 3, 2009 at 6:27 AM, Jan G.B. ro0ot.w...@googlemail.com wrote:
Igor,
what are you doing here? You
Is it mandatory to annoy the whole list with your crap?
If you want to keep on informing me or insulting me or feel free to
send it directly to me. I'll add you to my killfile in no time.
get a life
2009/4/3 Igor Escobar titiolin...@gmail.com:
Better then READ is UNDERSTAND.
2009/4/2 Igor
2009/4/2 Igor Escobar titiolin...@gmail.com:
If you don't want change your form, do some function in Javascript witch
control the last button you clicked.
Javascript is bad and you don't need it.
centerbutton type=submit name=btid value=1Delete/center
centerbutton type=submit name=btid
Or even with CRONw if via window is an indicator for the evil OS.
http://cronw.sourceforge.net/
(I personally didn't test this software)
bye
2009/4/2 Michel OLIVIER michel.oliv...@mc2i.fr:
hi,
with a cron and wget?
2009/4/2 Andrew Williams andrew4willi...@gmail.com:
All,
Please how can you
2009/3/31 Merlin Morgenstern merli...@fastmail.fm:
that php has trouble with files that are saved in UTF-8 with BOM. It is
causing strange bahavior like adding extra headers. On the other hand most
editors only save UTF-8 with BOM.
Has somebody experienced the same problem? How did you
That would be correct. but two things I have to add:
* it's called bad style to re-write (override) predefined vars like
_POST, _GET, _SERVER ...
* using strip_tags() to clean user-input for safe output ist not O.K.!
use htmlspecialchars(), at least.
Regards,
2009/3/28 Virgilio Quilario
Erm, aren't extends what you're looking for?
To accomplish the auto-loading of needed subclasses?
example:
?php
class FOO {
static $x = 'Hello World';
}
class BAR extends FOO {
public $greeting = false;
public function __construct() {
$this-greeting = parent::$x;
}
}
2009/3/24 Toke Herkild t...@ezl-data.dk:
Hi All,
I've an array() with approx 1200 items (list of id-mappings) that part works
fine.
Now I want to add this list to a query:
$where = id in (.$idList.);
To accomplish that i do an implode:
$idList = implode(',', $TidList);
Are all of the
It won't take long until someone digs out the old joke... touch unzip,
strip ...
I can't read it anymore!
2009/3/24 Nick Cooper nick.coo...@jdi-solutions.co.uk:
?php
echo 'won\'t it just end up as lots of echos and prints?';
?
2009/3/24 abdulazeez alugo defati...@hotmail.com
Hello guys,
2009/3/21 Linda Stark nads...@live.com:
I’m not sure if I am
in the right forum but thought I would give this a shot…
Sure, you are
I just
created a new mail form in Dreamweaver for a web site. I’m
working on a form to mail script that I started after reading a few on line
tutorials,
2009/3/20 דניאל דנון danondan...@gmail.com:
I'm a member of some forums about some topics,
One of them include a programming forum.
Now, I've visited there a week ago and saw a topic with the title Free
security,
Someone who calls himself a PHP expert (and said that he could teach me PHP
well, echoing a file name and hashing this name with an added carriage
return is not the same as hashing the string you can see in your file.
bye
echo -n 123 | sha1sum php -r 'echo sha1(123). -\n;'
2009/3/20 bruce bedoug...@earthlink.net:
hi...
doing some testing with linux sha1sum, and
Mantis is a pain in the a*** (for non technical persons).
We (we as in 'the IT department') are using mantis, but all other
persons in the firm fail to do so.
Not very useful. Most persons doesn't even get how the filters work.
byebye
2009/3/17 Micah Gersten news.php@micahscomputing.com:
Yes, recently the developer of JotBug anounced his project. I guess
the project still needs help.
All I have is the public CVS acces so far..
Check out
http://www.jotbug.org/projects
http://code.google.com/p/jotbug/
byebye
2009/3/17 mike mike...@gmail.com:
http://www.redmine.org/
Looks pretty
2009/3/15 PJ af.gour...@videotron.ca:
Daniel Brown wrote:
On Sat, Mar 14, 2009 at 19:51, PJ af.gour...@videotron.ca wrote:
$sql1 = SELECT b.id, b.title, b.sub_title, b.descr, b.comment,
b.bk_cover, b.copyright, b.ISBN, b.language, b.sellers, c.publisher, ---
CONCAT_WS(' ', first_name,
2009/3/15 PJ af.gour...@videotron.ca:
-Original Message-
From: Jan G.B. [mailto:ro0ot.w...@googlemail.com]
so this is just wrong:
$x = select *
// from foo
from bar;
and that query would be valid
SELECT this/*, that*/ from x
It took ma a bit of thinking, I must say
2009/3/15 Jason Pruim pru...@gmail.com:
Personally... I don't care who's code it is, if it was me, I'd still go
out and validate it... If someone typed something out real quick and
missed a period, it wouldn't be their fault :)
As has been said by some big higher up's in this very mailing
2009/3/15 Martin Zvarík mzva...@gmail.com:
I want to store the file's hash to the database, so I can check next time to
see if that file was already uploaded (even if it was renamed).
What would be the best (= fastest + small chance of collision) algorithm in
this case?
Is crc32 a good
Gary,
you can check this by either creating a file containing this:
?php phpinfo(); ?
and putting it up on your webserver, then open in with your browser,
or you could look at the output of php -i | less on the command
line.
After you enabled the mysqli extension on your host, you might change
2009/3/14 Jan G.B. ro0ot.w...@googlemail.com:
One side node.. you should apply addslashes() also to
$_SERVER['REMOTE_ADDR'), because an evil person could manipulate the
value of that variable to execute SQL-Injections.
forget that part - i didn't see that this var is only used in the
email
2009/3/15 Martin Zvarík mzva...@gmail.com:
The browser will only execute script in source files from the white-listed
domains and will disregard everything else, including embedded and inline
scripts.
wtf, can't you just take care of the INPUT and type
strip_tags($_GET['my_name']) ??
This
2009/3/11 Daniel Brown danbr...@php.net:
On Wed, Mar 11, 2009 at 12:38, Jan G.B. ro0ot.w...@googlemail.com wrote:
wrong:
Location: file.txt
and this is correct
Location: http://www.x.x/file.txt;
Not all clients behave like yours and accept the wrong header.
The *protocol* does
2009/3/13 Heddon's Gate Hotel ho...@heddonsgate.co.uk:
The string function htmlentities seems to have very incomplete coverage of
the HTML entities listed in the HTML 4 spec. For example, it does not know
about rsquo, lsquo, rdquo, ldquo, etc. This is confirmed by looking at the
output of
Hi Dave (?)
2009/3/11 revDAVE c...@hosting4days.com:
Hi Bastien - Stuart Daniel
Thanks for your help!
On 3/10/2009 12:16 PM, Bastien Koert phps...@gmail.com wrote:
Are you getting an error? What does 'not working' mean?
No errors the page just stayed on the
header('Location:
2009/3/9 Tom Sparks tom_a_spa...@yahoo.com.au:
is there a php Fop (XSLFO)?
if not are there any that are not java based and can be run o a website that
has php support only?
tom_a_sparks
Hi tom,
I do it the easy way:
system(sprintf('/usr/local/bin/fop -bleh %s', $param));
be sure to
2009/2/11 brian bri...@vt.edu:
hi nathan thanks for the response...
looks like the rx is where it should be.
That doesn't sound like you're cocksure - check it again:
ls -ld /apps /apps/local /apps/local/php5 /apps/local/php5/lib
/apps/local/php5/lib/php.ini
Everything readable (r-x) *for
2009/2/9 Andrew Williams andrew4willi...@gmail.com:
Hi,
Hi,
Can some body help out on how to validate user password from the database?
There are several possibilities. This would be one.
?
$query = 'SELECT 1 from `usertable` where `name` = ' .
2009/2/9 Stuart stut...@gmail.com:
2009/2/9 Michael Kubler mdk...@gmail.com:
These days SHA should really be used instead of MD5, and you should be
SALTing the password as well.
Here's a great guide : http://phpsec.org/articles/2005/password-hashing.html
Good advice.
Absolutley. I used
2009/2/9 Stuart stut...@gmail.com:
2009/2/9 Jan G.B. ro0ot.w...@googlemail.com:
2009/2/9 Stuart stut...@gmail.com:
I would also advise against stripping and trimming
anything from passwords.
Trimming could be left out but it minimizes user errors and users
pretending to know their password
2009/1/28 Skip Evans s...@bigskypenguin.com:
Hey all,
$url=http://xx.xx.xx.xx:1972/csp/test/SASS.Web1.cls?soap_method=FindMemBySASSNumSNum=.$user_sass;
$xml_response = file_get_contents($url, true);
But this transaction times out and returns an empty transaction, even with
the call to
2009/1/21 Thodoris t...@kinetix.gr:
?php
ob_start();
badFunctionThatSpitsInsteadOfReturning();
$sReturned = ob_get_contents();
ob_end_clean();
?
That's a good though thanks. Although I was aware of output buffering I used
to ignore that ob_end_clean actually exists...
You can
1 - 100 of 103 matches
Mail list logo
