Re: [PHP] Upgrading from libmcrypt 2.2.x to 2.4.x
Hi
Thanks for that info, was just what I needed :)
You can also create $iv with this:
$iv = pack(a.mcrypt_enc_get_iv_size($td),$iv);
I use base64_encode() and base64_decode() to store the result and send via
the web.
Tom
At 01:02 PM 3/05/2002, Cédric Veilleux wrote:
Hi,
I had an hard time converting my code from mcrypt 2.2.x to 2.4.x.
There is a
big lack of info about the difference between the two and I could not find
anything to help me make the move.
My problem was not getting things to work with either version of
mcrypt,
there are plenty of examples available for both versions. My problem was
getting libmcrypt 2.4.x decrypting the data previously encrypted by 2.2.x.
Here's some general info for anyone interested. I would have been
very
pleased to find this will searching the archive and I didn't, so I am doing
it for anybody else facing the same problem.
1) PHP linked with libmcrypt 2.2.x is not too picky about Initialization
Vectors, but with 2.4.x, it will give a warning message if you don't specify
one with some of the functions or simply wont work with others. Check my
example code below to see what I did.
2) PHP will segfault if you use a key size with the wrong lenght with 2.4.x
and it won't with 2.2.x. Be very careful about the lenght of your key in
2.4.x, what worked previously might not work now.
Decryption under libmcrypt 2.2.x:
-
$clear_text = mcrypt_cbc ($cipher, $key, hex2bin($crypted_text),
MCRYPT_DECRYPT);
-
Encryption under libmcrypt 2.2.x:
-
$crypted_text = bin2hex(mcrypt_cbc ($cipher, $key, $clear_text,
MCRYPT_ENCRYPT));
-
The following code is what I had to do to get a similar (compatible)
behaviour
under libmcrypt 2.4.x. Note that I create an initialization vector filled
with \0 characters, which is, I believe, the default behavior with
libmcrypt 2.2.x. The PHP manual somewhere recommends to use 0 if you do not
want to use an initialization vector. This did not work for me, as this is
not the default 2.2.x behavior. I think the manual should be modified as it
greatly confiused me.
Encryption under libmcrypt 2.4.x:
-
$td = mcrypt_module_open ($cipher, , MCRYPT_MODE_CBC, );
$i = 0;
while ($i mcrypt_enc_get_iv_size ($td)) {
$iv .= \0;
$i++;
}
mcrypt_generic_init ($td, $key, $iv);
$crypted_text = bin2hex(mcrypt_generic($td, $plain_text));
mcrypt_generic_end ($td);
-
Decryption under libmcrypt 2.4.x:
-
$td = mcrypt_module_open ($cipher, , MCRYPT_MODE_CBC, );
$i = 0;
while ($i mcrypt_enc_get_iv_size ($td)) {
$iv .= \0;
$i++;
}
mcrypt_generic_init ($td, $key, $iv);
$plain_text = mdecrypt_generic($td, hex2bin($crypted_text));
mcrypt_generic_end ($td);
-
In these snippets, $crypted_text is the encrypted data in hexadecimal format.
This allows data to be stored (in DB's for example) or displayed without
problems. You need the following function:
function hex2bin($data) {
$len = strlen($data);
return pack(H . $len, $data);
}
Hope this can help someone..
Thank you,
Cedric
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Upgrading from libmcrypt 2.2.x to 2.4.x
Hi,
Thanks for the hint.
Just a small note to let you know that my code to decrypt a string will
return a string with filled with null characters at the end. You should
trim() it.
Also, anybody knows how to detect if the PHP build is linked with 2.2 or 2.4?
I would like my crypt / decrypt functions to detect which mcrypt version is
used dynamically, so the same code could run with both versions without
modifications.
Right now the only way I found is to check whether the MCRYPT_RIJNDAEL_128
constant (or any other cipher type constants) is a number or a string (these
constants are strings under 2.4.x and numbers under 2.2.x). Any better way of
doing this?
I've checked the php info functions, they can tell if a certain extension is
present but this is not very helpful..
Thank you,
Cedric
On May 3, 2002 02:29 am, Tom Rogers wrote:
Hi
Thanks for that info, was just what I needed :)
You can also create $iv with this:
$iv = pack(a.mcrypt_enc_get_iv_size($td),$iv);
I use base64_encode() and base64_decode() to store the result and send via
the web.
Tom
At 01:02 PM 3/05/2002, Cédric Veilleux wrote:
Hi,
I had an hard time converting my code from mcrypt 2.2.x to 2.4.x.
There is a
big lack of info about the difference between the two and I could not find
anything to help me make the move.
My problem was not getting things to work with either version of
mcrypt,
there are plenty of examples available for both versions. My problem was
getting libmcrypt 2.4.x decrypting the data previously encrypted by 2.2.x.
Here's some general info for anyone interested. I would have been
very
pleased to find this will searching the archive and I didn't, so I am
doing it for anybody else facing the same problem.
1) PHP linked with libmcrypt 2.2.x is not too picky about Initialization
Vectors, but with 2.4.x, it will give a warning message if you don't
specify one with some of the functions or simply wont work with others.
Check my example code below to see what I did.
2) PHP will segfault if you use a key size with the wrong lenght with
2.4.x and it won't with 2.2.x. Be very careful about the lenght of your
key in 2.4.x, what worked previously might not work now.
Decryption under libmcrypt 2.2.x:
-
$clear_text = mcrypt_cbc ($cipher, $key, hex2bin($crypted_text),
MCRYPT_DECRYPT);
-
Encryption under libmcrypt 2.2.x:
-
$crypted_text = bin2hex(mcrypt_cbc ($cipher, $key, $clear_text,
MCRYPT_ENCRYPT));
-
The following code is what I had to do to get a similar (compatible)
behaviour
under libmcrypt 2.4.x. Note that I create an initialization vector filled
with \0 characters, which is, I believe, the default behavior with
libmcrypt 2.2.x. The PHP manual somewhere recommends to use 0 if you do
not want to use an initialization vector. This did not work for me, as
this is not the default 2.2.x behavior. I think the manual should be
modified as it greatly confiused me.
Encryption under libmcrypt 2.4.x:
-
$td = mcrypt_module_open ($cipher, , MCRYPT_MODE_CBC, );
$i = 0;
while ($i mcrypt_enc_get_iv_size ($td)) {
$iv .= \0;
$i++;
}
mcrypt_generic_init ($td, $key, $iv);
$crypted_text = bin2hex(mcrypt_generic($td, $plain_text));
mcrypt_generic_end ($td);
-
Decryption under libmcrypt 2.4.x:
-
$td = mcrypt_module_open ($cipher, , MCRYPT_MODE_CBC, );
$i = 0;
while ($i mcrypt_enc_get_iv_size ($td)) {
$iv .= \0;
$i++;
}
mcrypt_generic_init ($td, $key, $iv);
$plain_text = mdecrypt_generic($td, hex2bin($crypted_text));
mcrypt_generic_end ($td);
-
In these snippets, $crypted_text is the encrypted data in hexadecimal
format. This allows data to be stored (in DB's for example) or displayed
without problems. You need the following function:
function hex2bin($data) {
$len = strlen($data);
return pack(H . $len, $data);
}
Hope this can help someone..
Thank you,
Cedric
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Help with Bookmark
Hi guys I'm trying to make a online bookmark adress book, this bookmark adress book, would consist of the following: A text file named name.txt, that would content the name of each of the users. A text file named pass.txt, that would contain a non-secure password for each user. A text file for each user named loginbookmarks.txt containing the list of urls and hopefully an indicator, as in a hash, to call the bookmark by it's name. That's all, I've figured the first two but I can't seem to make the third one. Anyone can send me any ideas... Code hopefully. Thanks, Rodrigo
[PHP] Hashes in text files
Can I store Hashes in text files? If yes, how? Can I store a multi dimensional array in a text file? If not how should I do to store the data in one file and the pointer in another file? Thanx, Rodrigo
Re: [PHP] Re: snmp_set_quick_print or snmpwalkoid issue ?
Yes, I have seen that, but the manual says I should get the only the
value, not also the OID. Can anyone please run this code and tell
me if they get the same result?
On Thu, 2 May 2002, Ray \BigDog\ Hunter wrote:
Basically you are not going to get the value type of the snmp, ie OID,
timeticks, integers, etc..
Ray Hunter
Razvan Cosma [EMAIL PROTECTED] wrote in message
Pine.LNX.4.44.0205011203110.32753-10@mach2">news:Pine.LNX.4.44.0205011203110.32753-10@mach2...
First of all, gretings to everyone (I'm new here).
And the problem:
#!/usr/local/bin/php -q
?
snmp_set_quick_print(0);
$test=snmpwalkoid(1.1.1.1,public,.1.3.6.1.2.1.2.2.1.16);
for (reset($test); $i = key($test); next($test)) {
echo $i:\n$test[$i]\n;
}
?
results in:
interfaces.ifTable.ifEntry.ifOutOctets.1:
interfaces.ifTable.ifEntry.ifOutOctets.1 = Counter32: 137600220
interfaces.ifTable.ifEntry.ifOutOctets.2:
interfaces.ifTable.ifEntry.ifOutOctets.2 = Counter32: 25026545
and with snmp_set_quick_print(1):
interfaces.ifTable.ifEntry.ifOutOctets.1:
interfaces.ifTable.ifEntry.ifOutOctets.1 137600606
interfaces.ifTable.ifEntry.ifOutOctets.2:
interfaces.ifTable.ifEntry.ifOutOctets.2 25031056
Shouldn't I get only the last field with the actual value ??
Details: php-4.1.2 ucd-snmp-4.2.4 both from tarballs.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Hashes in text files
use mysql, forget about files.. they are too slow. Rodrigo a écrit : Can I store Hashes in text files? If yes, how? Can I store a multi dimensional array in a text file? If not how should I do to store the data in one file and the pointer in another file? Thanx, Rodrigo -- Marius Ursache (3563 || 3494) \|/ \|/ '/ ,. \` /_| \__/ |_\ \__U_/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: srand thought
Hello Gerard, The point is that we wanted adodb to work out of the box so that is why srand( ) is called. You can do it yourself if you want to (and comment out the srand) , or let adodb do it for you. Regards John Gerard Samuel [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Quick question. Im using srand to seed array_rand in a script. I read that srand should only be called once per script under the srand manual page. Im using ADODB, and that also uses srand. Now should that warning be a literal warning or should that be 'use srand once per page'?? Thanks -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Help with Bookmark
an idea would to be not to use flat files for it... use a database, try mysql... -Original Message- From: Rodrigo [mailto:[EMAIL PROTECTED]] Sent: 03 May 2002 08:02 To: [EMAIL PROTECTED] Subject: [PHP] Help with Bookmark Hi guys I'm trying to make a online bookmark adress book, this bookmark adress book, would consist of the following: A text file named name.txt, that would content the name of each of the users. A text file named pass.txt, that would contain a non-secure password for each user. A text file for each user named loginbookmarks.txt containing the list of urls and hopefully an indicator, as in a hash, to call the bookmark by it's name. That's all, I've figured the first two but I can't seem to make the third one. Anyone can send me any ideas... Code hopefully. Thanks, Rodrigo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Hashes in text files
On Friday 03 May 2002 15:16, Rodrigo wrote: Can I store Hashes in text files? If yes, how? Can I store a multi dimensional array in a text file? If not how should I do to store the data in one file and the pointer in another file? You can use serialize() on your array before you write to the file. -- Jason Wong - Gremlins Associates - www.gremlins.com.hk Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * /* You are a bundle of energy, always on the go. */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Hashes in text files
On Fri, 3 May 2002, Rodrigo wrote: Can I store Hashes in text files? If yes, how? Can I store a multi dimensional array in a text file? If not how should I do to store the data in one file and the pointer in another file? http://php.net/serialize That function will turn any PHP data structure into something you can safely write to a file. Use unserialize to turn it back into its original form. However, based on what you plan to do, it seems like a database would be a lot less work and a lot more efficient. miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PRIMARY KEY vs. INDEX
Yes, but that's what the php-db list is for. I am sorry... Gonna get this list. Kiko -- It's not a bug, it's a feature. christoph starkmann mailto:[EMAIL PROTECTED] http://www.gruppe-69.com/ ICQ: 100601600 -- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: PHP and SOAP
Hi, Let Manuel be your friend! http://www.phpclasses.org/ Quentin Udo Giacomozzi [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Probably this question has been asked a couple of times but I could not find a complete answer to my question... I am new to PHP but have a lot of experience with Delphi and usually have no problems learning new languages (besides PHP is very similar to C). I also made already some little PHP scripts or modified larger scripts to suit my needs. Anyway... I need to write a web service in PHP. On the client side there will be a Delphi program that accesses the server via SOAP. I choose PHP on the server side because it (1) offers more possibilities to extend the product later on and (2) because it is less problematic with installation issues and platform support. The most work will be anyway the client so it should not be too difficult to write the server. Now the simple question: What SOAP server implementation for PHP do you suggest me? I know there are several projects being developed on but I really don't know which one I should use to begin my tests with or - in other words - to learn. I hope you can give me more information on this subject. :-) Many thanks in advance, Udo -- Udo Giacomozzi - [EMAIL PROTECTED] www.nova-sys.net - www.guweb.com The disadvantage of intelligence is that one is constantly obliged to go on learning. Posted by ELKNews 1.0.4-B Empower your News Reader! http://www.atozedsoftware.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] php converts \ to \\, how can I stop that
I have made a phpscript to register all things on a computer, and then it stores the information in a database, but php converts \\CADS1\HP2100PCL to CADS1\\HP2100PCL how can I force PHP to not do that cause CADS1 \\HP2100PCL aint a right address for a printer, cause there are too many \\, hope the are someone that can help me. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php converts \ to \\, how can I stop that
On Friday 03 May 2002 17:07, Mikael Syska wrote: I have made a phpscript to register all things on a computer, and then it stores the information in a database, but php converts \\CADS1\HP2100PCL to CADS1\\HP2100PCL how can I force PHP to not do that cause CADS1 \\HP2100PCL aint a right address for a printer, cause there are too many \\, hope the are someone that can help me. After you've retrieved the info from the database run it through stripslashes() before displaying it. -- Jason Wong - Gremlins Associates - www.gremlins.com.hk Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * /* God made the integers; all else is the work of Man. -- Kronecker */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php converts \ to \\, how can I stop that
[EMAIL PROTECTED] (Jason Wong) wrote in news:php.general-95846 @news.php.net: stripslashes() thanks, now it works -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php converts \ to \\, how can I stop that
On Friday 03 May 2002 17:29, Mikael Syska wrote: [EMAIL PROTECTED] (Jason Wong) wrote in news:php.general-95846 @news.php.net: stripslashes() thanks, now it works Do read up on /why/ you need it. -- Jason Wong - Gremlins Associates - www.gremlins.com.hk Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * /* Rule of Life #1 -- Never get separated from your luggage. */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php converts \ to \\, how can I stop that
[EMAIL PROTECTED] (Jason Wong) wrote in news:php.general-95848 @news.php.net: @news.php.net: stripslashes() thanks, now it works Do read up on /why/ you need it. ohhh, what do u mean??? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Browser class
Hello: Do you know of any php class/code that acts as a browser? I want to browse external pages from my website and place the external pages inside my web as if were own content. I supose must use sockets to get the content and parse the links inside the page to allow keep browsing inside. Any idea? I have found several solutions but don't work very well. Best Regards. QaDRAM Studio, RAD Development for the WEB http://studio.qadram.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Browser class
Hello, José león serna wrote: Hello: Do you know of any php class/code that acts as a browser? I want to browse external pages from my website and place the external pages inside my web as if were own content. I supose must use sockets to get the content and parse the links inside the page to allow keep browsing inside. Any idea? I have found several solutions but don't work very well. You may want to try any of these classes: http://www.phpclasses.org/http Regards, Manuel Lemos -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php converts \ to \\, how can I stop that
On Friday 03 May 2002 17:37, Mikael Syska wrote: [EMAIL PROTECTED] (Jason Wong) wrote in news:php.general-95848 @news.php.net: @news.php.net: stripslashes() thanks, now it works Do read up on /why/ you need it. ohhh, what do u mean??? OK, at the very least read the manual entries for addslashes() stripslashes() -- Jason Wong - Gremlins Associates - www.gremlins.com.hk Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * /* Smoking is, as far as I'm concerned, the entire point of being an adult. -- Fran Lebowitz */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: PHP with MySQL
Just out of interest, what's the standard/best/triedtested method for
handling errors in relation to connecting to DB's? i.e. how to check that
the connection was a success, and if not then display why.
any pointers appreciated.
.b
-Original Message-
From: Mike Eheler [mailto:[EMAIL PROTECTED]]
Sent: 03 May 2002 02:28
To: [EMAIL PROTECTED]
Subject: [PHP] Re: PHP with MySQL
Typically it's done like:
$db = mysql_connect('localhost','username','password');
The MySQL database detects what host you're connecting from, and appends
that to your username. I'm not sure if it's possible to specify an
alternate host.
So if both PHP and MySQL are on the same machine, and you connect to the
MySQL server as 'username', MySQL will see you as 'username@localhost'.
Mike
Paras Mukadam wrote:
Hi Gurus,
one MySQL - PHP query : while granting permissions to particular user in
MySQL, the administrator has to give username@machine_address
!! Then how
can we connect to MySQL through PHP only by passing username
as one of the
arguments to mysql_connect() ?
Thanks.
Paras.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Object Reference Serialization
OK, heres all the code...
I have a BoundForm class, a BoundFormPage class, and a BoundTextField...
I create a BoundForm, add a BoundFormPage object to it, then add a
BoundTextField to the BoundFormPagethen I add the root node (the
BoundForm) to the SESSION...
The Form, and Page survive serialization, but not the TextField...I dont
know why.
// these are the class definitions
class BoundTextField{
var $name;
var $value;
function BoundTextField($name, $size, $value=){
$this-name = $name;
print input type=\text\ name=\$name\ value=\.addSlashes($name).\
/input\n;
}
function isValid(){
if (strlen(trim($value))0){
return true;
} else {
return false;
}
}
}
class BoundForm{
function BoundForm($lName){
$name = $lName;
print count = .count($pages);
}
var $action;
var $method;
var $name;
var $dbName;
var $pages;
// upon instantiation, write form to session object.
function addPage($page){
if (!isset($this-pages[$page-name])){
print adding pagebr;
$this-pages[$page-name] = $page;
} else {
// this page already exists, so we dont want to replace it,
// or it will lose all its stored data...
print .$this-pages[$page-name]-name. already existsbr\n;
}
}
}
class BoundFormPage{
// these are the fields (BoundFormElements) that you can add to a form page.
var $fields;
var $name;
function BoundFormPage($lName){
$this-name = $lName;
//$myTextField = new BoundTextField(No, 30);
}
// will determine if the page has been successfully filled in.
function isComplete(){
for(reset($fields);$key = key($fields);next($fields)){
if (!$fields[$key].isValid()){
return false;
}
}
}
function addField($field){
print $field-name;
print b.count($this-fields)./b;
if (!isset($this-fields[$field-name])){
print(adding field .$field-name);
$this-fields[$field-name] = $field;
} else {
// this page already exists, so we dont want to replace it,
// or it will lose all its stored data...
print already exists.$this-fields[$field-name]-name.br\n;
}
}
}
//--
//and this code execute the sample classes above...
// get our form object back, but dont overwrite it
if (!session_is_registered(myForm)){
$myForm = new BoundForm(Application Form);
session_register(myForm);
} else {
//return $_SESSION[$formName];
session_register(myForm);
}
// construct the hierachy (note that all 'add' methods will not overwrite
existing children of same names)
$firstPage = new BoundFormPage(pageOne);
//$myTextField2 = new BoundTextField(gumber, 30);
//$firstPage-fields[$myTextField2-name] = $myTextField2;
$myTextField = new BoundTextField(CustomerNumber, 30);
$firstPage-addField($myTextField);
$myForm-addPage($firstPage);
Thies C. Arntzen [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]...
On Fri, May 03, 2002 at 12:34:01AM +1200, Adam Langley wrote:
Hi everyone,
Im trying to store an object which contains an associative array of
classes,
each of which contains an array of classes, so a 3-tier hierachy, in the
session object. However, the final tier gets lost upon
serialization/deserialization, why is this and how can I prevent this
from
happening?
send us a minimal testcase...
tc
Thanks in advance.
- Adam Langley
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] File Uploads Security Fix
Hello, after copy do_download.php to php4.0.6/main what I have to do? T.Y. -- Best Regards -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: File Uploads Security Fix
Hello, Miguel Loureiro wrote: Hello, after copy do_download.php to php4.0.6/main what I have to do? T.Y. do_download.php is not the name of the download file. It should be rfc1867.c.diff-4.0.6.gz . Here is the correct URL. http://www.php.net/distributions/rfc1867.c.diff-4.0.6.gz What you need to do is to use gunzip to uncompress and that use the program named patch to apply the patch file. Regards, Manuel Lemos -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Object Reference Serialization
No worries...I just realized that my object never repopulated the underlying classes with previous object references...Thanks guys, but I see my problem now... Cheers. Adam Langley. Thies C. Arntzen [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... On Fri, May 03, 2002 at 12:34:01AM +1200, Adam Langley wrote: Hi everyone, Im trying to store an object which contains an associative array of classes, each of which contains an array of classes, so a 3-tier hierachy, in the session object. However, the final tier gets lost upon serialization/deserialization, why is this and how can I prevent this from happening? send us a minimal testcase... tc Thanks in advance. - Adam Langley -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: PHP with MySQL
John, presumably I can leave the error reporting on - but pipe it into a file if i wanted, rather than displaying on screen, and then redirect the user to another page? Not asking for code sample here, just whether I can do it or not :) /me goes to look up mysql_error() Cheers, .b -Original Message- From: Jon Haworth [mailto:[EMAIL PROTECTED]] Sent: 03 May 2002 11:34 To: '[EMAIL PROTECTED]'; PHP Subject: RE: [PHP] Re: PHP with MySQL Hi .ben, Just out of interest, what's the standard/best/tried tested method for handling errors in relation to connecting to DB's? i.e. how to check that the connection was a success, and if not then display why. Something like... $dbh = mysql_connect (foo, bar, baz) or die (mysql_error ()); has always worked well for me. When it comes to queries I generally tack the SQL on the end of the error, like this: $q = mysql_query ($sql, $dbh) or die (mysql_error (). brb. $sql. /b); Obviously it's a good idea to turn this error reporting off on a production site, otherwise you risk exposing details of your database structure. HTH Jon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: PHP with MySQL
Hi Ben, John, presumably I can leave the error reporting on - but pipe it into a file if i wanted, rather than displaying on screen, and then redirect the user to another page? Of course you can - I generally have my pages send me email when they throw an error, but that's because I'm really lazy and I can't be bothered to go and check log files all the time g It's just not a stunning idea to display an error messages that give away out any information you could hold back - one of the starting points for an attacker is to try and mess up your query strings, and if you're merrily telling them exactly what the problem is, you're helping them out :-) Cheers Jon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: PHP with MySQL
Oh, i agree entirely. Ok, i'll look into the logging/mailing solution - something i've been doing in ASP for years but am new to in PHP. Cheers, .b -Original Message- From: Jon Haworth [mailto:[EMAIL PROTECTED]] Sent: 03 May 2002 11:57 To: '[EMAIL PROTECTED]'; PHP Subject: RE: [PHP] Re: PHP with MySQL Hi Ben, John, presumably I can leave the error reporting on - but pipe it into a file if i wanted, rather than displaying on screen, and then redirect the user to another page? Of course you can - I generally have my pages send me email when they throw an error, but that's because I'm really lazy and I can't be bothered to go and check log files all the time g It's just not a stunning idea to display an error messages that give away out any information you could hold back - one of the starting points for an attacker is to try and mess up your query strings, and if you're merrily telling them exactly what the problem is, you're helping them out :-) Cheers Jon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] New Session Variable unset doesn't work
Hi, I somehow cannot unset Session variables. If I set for example $_SESSION[error]=formcheck (the new style) and I want to unset it at the end of the page (unset($_SESSION[error])), it's there again on the next page. Is there a special way to unset the new Session variables? I am using Windows 2000 Server + PHP4.2.0. Thanks in advance... Sascha Ragtschaa -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Witch var is the biggest and the lowest
i have 10 vars, and I would like to have them posted, so the higest is first and the second highest etc. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] rather a mysql question
Sorry that this is more of a mysql question, but since most php programmers use it a lot, i though i might find the answer without subscribing to mysql list, here goes: When i do a query from a big table using indexes,it takes for example 5 seconds. Now if i, after some time repeat the query, the query takes about 0.5 secs. So far i thought it was because of caching, but now i read mysql (v3.23) doesnt support query cache. So this really gets me wondering, where does the speed increase come from? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Export selected data to a text file
I'm brand new to PHP, but very familiar with how to do this in another language. I'm want to read a member's record and export the selected data to a downloadable vCard. The vCard is simply a text file with a .vcf extension. Once I've read all the data for that user, I need to create the file line by line with a \r\n at the end of each. Example: BEGIN:VCARD VERSION:2.1 N:List;PHP;Mailing FN:PHP Mailing List EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20020503T111208Z END:VCARD How do I export each line to a text file then move that newly created file to a web root subdirectory? Thanks! Mark -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Call to a member function on a non-object...?
Hi. When I try to call a manual defined function in my function.inc file, I get the error: Fatal error: Call to a member function on a non-object in /www/xyz/.. on line xy I've defined the function in a seperate .inc file and included this is the mainpage. Do you have any solutions for this problem? Thanks, Richard -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Fatal error: Call to a member function on a non-object in /www/xynz on line 19
Hi there. I created an inc file with a single function and included it in my general script. When I try to start the function out the the program, I receive the following error message: Fatal error: Call to a member function on a non-object in /www/xynz on line 19 Does someone know, what this error means? Thank you very much, Richard
Re: [PHP] Export selected data to a text file
On Friday 03 May 2002 19:20, Miva Guy wrote: I'm brand new to PHP, but very familiar with how to do this in another language. I'm want to read a member's record and export the selected data to a downloadable vCard. The vCard is simply a text file with a .vcf extension. Once I've read all the data for that user, I need to create the file line by line with a \r\n at the end of each. Example: BEGIN:VCARD VERSION:2.1 N:List;PHP;Mailing FN:PHP Mailing List EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20020503T111208Z END:VCARD How do I export each line to a text file then move that newly created file to a web root subdirectory? Manual Filesystem functions -- Jason Wong - Gremlins Associates - www.gremlins.com.hk Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * /* Boren's Laws: (1) When in charge, ponder. (2) When in trouble, delegate. (3) When in doubt, mumble. */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Witch var is the biggest and the lowest
On Friday 03 May 2002 19:19, Mikael Syska wrote: i have 10 vars, and I would like to have them posted, so the higest is first and the second highest etc. Put your variables into an array then sort it. -- Jason Wong - Gremlins Associates - www.gremlins.com.hk Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * /* Nobody ever forgets where he buried the hatchet. -- Kin Hubbard */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP editing environment
Hi, i am new to the list and i am quite impressed with whats going on over here. Anyway, just have a small question. Have been coding php for a while now but i still havent found a stable (easy and not time consuming) way of working in PHP, i mean, i use homesite5 to code and when i want to test the php i upload the scripts and test them on the site. This process is a bit time consuming, so i installed php on my winXP, but even like that i can only test small things using php master editor. Anyone know how i can make my work more efficient? Like install MySQL and PHP and get everything working normally when i preview the code in internet explorer, that would be perfect, is it possible? How do you guys and girls work with php, what editors and/or tools you use? Thanks. Pag -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Witch var is the biggest and the lowest
and witch is spelt Which... no harm intended.. just a tip for those English grammatically correct people out there who care about spelling.. ::: : Julien Bonastre [The-Spectrum.org CEO] : A.K.A. The_RadiX : [EMAIL PROTECTED] : ABN: 64 235 749 494 : QUT Student :: 04475739 ::: - Original Message - From: Jason Wong [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, May 03, 2002 9:34 PM Subject: Re: [PHP] Witch var is the biggest and the lowest On Friday 03 May 2002 19:19, Mikael Syska wrote: i have 10 vars, and I would like to have them posted, so the higest is first and the second highest etc. Put your variables into an array then sort it. -- Jason Wong - Gremlins Associates - www.gremlins.com.hk Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * /* Nobody ever forgets where he buried the hatchet. -- Kin Hubbard */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: How do I Install PHP on Apache 2, on win32
Vincent, as register_globals is off, I use echo $SERVER['PHP_SELF']; which works fine... though everything has to be uppercase, what surprised me! Herb - Original Message - From: Vincent Kruger [EMAIL PROTECTED] To: Herbert Mraz [EMAIL PROTECTED] Sent: Friday, May 03, 2002 1:22 AM Subject: Re: [PHP] Re: How do I Install PHP on Apache 2, on win32 Dude. Are you able to echo $PHP_SELF; with your installation and apache server ? I'm having endless trouble with this. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] I-worm/Klez and a GIF query/question
Hey all, Whah, talk about getting a response, I posted the I-Worm/Klez question hoping to get one or two replies of people who actually got infected..I got more than 40 replies! I got two more today, but one poor dude says he got around 149 and counting! Anyway, thanks for your replies guys/girls and for the URLs, but 'nuff about virus's back to PHP I got a client who want a simple registeration form (Which i can do without any problem...easy.) but he wants one extra bit: at the end of the form he wants a key gif...(A gif with a number) that is automatically generated and that number has to be entered into the text boxthe idea is that it prevents automaited registerations. Yahoo and a couple of other big sites/portals use it. For those of you who dont know what i am talking about and are curious to see an example, try registering for an account at yahoo mail or chat or something. I understand that the new version of PHP/GD or whatever does not support GIF and i also know for PNG or JPEG i can use LIBJPEG and LIBPNG (both are installed on my webhost) but how do i do it in GIF? (He insists on GIF- the clients a ## his money helps pay the bills) Any ideas? and if any of you guys done anything similar, can give me the function/s or any help? ANY help appreciated and guys.please dont send me anything more about I-Worm/Klez...I apoligise about that. All feedback appreciated even ones that just want to flame me. :-) Cheers, -Ryan. /* If you see a cop beating me, put down the $#@ing camera and come help me! */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] rather a mysql question
[snip] When i do a query from a big table using indexes,it takes for example 5 seconds. Now if i, after some time repeat the query, the query takes about 0.5 secs. So far i thought it was because of caching, but now i read mysql (v3.23) doesnt support query cache. So this really gets me wondering, where does the speed increase come from? [/snip] As I understand it, queries create temporary indexes specific to the query. The same (same) query will be theoretically much quicker if those temp indexes are there. But you can't count on them. Here's why... Me - Query DB Create TMP INDEX Query DB - Someone else Destroy Existing TMP INDEX Create New TMP INDEX Me - Re-Query DB (same query as before) Destroy Existing TMP INDEX Create New TMP INDEX And so on --Someone else Hope this helps as this is the way it was explained to me quite a long time ago, so I may not have the flow exactly right. Jay Blanchard -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: tutorial on global variables
Just CPU time to make all of the new variables. ---John Holmes... -Original Message- From: John Hughes [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 02, 2002 9:58 PM To: Philip Olson; [EMAIL PROTECTED] Subject: Re: [PHP] Re: tutorial on global variables After reviewing http://www.php.net/manual/en/function.import-request-variables.php I was wondering if simply including this line at the top of all scripts import_request_variables(gP, ); would eliminate the potential problem I would have if register_globals gets turned off unexpectedly? Other than the security reasons, is there any disadvantage to adding this line? John Hughes --- Philip Olson [EMAIL PROTECTED] wrote: I have several scripts that take it for granted PHP will assign variables to the information in the URL as in your example $a from example.com/foo.php?a=apple Okay, so they depend on the behavior that register_globals provides. Will these scripts fail when my commercial Web host upgrades from PHP 4.1.x to 4.2? It's not a matter of PHP versions, it's a matter of a simple PHP directive. PHP 4.2.0 defaults to register_globals = off, this does not mean a host has to go by this default. Ask them if it will be changing, odds are it will not without a warning. If so, can I 'upgrade' my scripts now (again, PHP 4.1.x) to use $food = $_GET['a'] or $food = $_POST['a'] and prevent everything from crashing when PHP 4.2 is installed? Yes you can. I eluded to import_request_variables() and extract(), two functions that will allow you to do such things. Please look them up in the manual (links below). Also consider $_REQUEST, see the manual for details. Also note that if you really want register_globals = on and the host has it off, you _may_ (depending on the hosts configurations) be able to use .htaccess (or equivalent) with something like: php_flag register_globals on Yes there are a lot of options, variety is the spice of life. Regards, Philip Olson __ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP editing environment
[snip] Have been coding php for a while now but i still havent found a stable (easy and not time consuming) way of working in PHP, i mean, i use homesite5 to code and when i want to test the php i upload the scripts and test them on the site. This process is a bit time consuming, so i installed php on my winXP, but even like that i can only test small things using php master editor. Anyone know how i can make my work more efficient? Like install MySQL and PHP and get everything working normally when i preview the code in internet explorer, that would be perfect, is it possible? How do you guys and girls work with php, what editors and/or tools you use? Thanks. [/snip] Editor; (Win) Programmer's File Editor http://www.lancs.ac.uk/people/cpaap/pfe/ (Linux) vi, xEdit, pico (none of that color coded, tag completion stuff, just good ol' text editing. I liked HomeSite when it didn't crash...around v1.2, and it was basically just a text ed w/color coding) Server Environments; Win XP Win 98 - latest version of PHP for win, MySQL 3.23 for win, Apache for win and PWS on Win98 to test as IIS server running PHP and MySQL Linux - just upgraded PHP using a small, resurrected 466Mhz machine, 128Mb RAM with Apache, PHP, MySQL 3.23 as test platform FreeBSD - just upgraded PHP, production servers You know you could get a used, older machine, like a P90 for just a few bucks, install a network card, go the Linux, Apache, MySQL, PHP route (not difficult at all), and for under $200 you could have a nifty little test server. Jay Blanchard -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: PHP with MySQL
There's a whole section in the manual on it. There is a log_error() or errorlog() function that'll write your errors to a file of your choosing. ---John Holmes... -Original Message- From: .ben [mailto:[EMAIL PROTECTED]] Sent: Friday, May 03, 2002 4:04 AM To: PHP Subject: RE: [PHP] Re: PHP with MySQL Oh, i agree entirely. Ok, i'll look into the logging/mailing solution - something i've been doing in ASP for years but am new to in PHP. Cheers, .b -Original Message- From: Jon Haworth [mailto:[EMAIL PROTECTED]] Sent: 03 May 2002 11:57 To: '[EMAIL PROTECTED]'; PHP Subject: RE: [PHP] Re: PHP with MySQL Hi Ben, John, presumably I can leave the error reporting on - but pipe it into a file if i wanted, rather than displaying on screen, and then redirect the user to another page? Of course you can - I generally have my pages send me email when they throw an error, but that's because I'm really lazy and I can't be bothered to go and check log files all the time g It's just not a stunning idea to display an error messages that give away out any information you could hold back - one of the starting points for an attacker is to try and mess up your query strings, and if you're merrily telling them exactly what the problem is, you're helping them out :-) Cheers Jon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] New Session Variable unset doesn't work
I somehow cannot unset Session variables. If I set for example $_SESSION[error]=formcheck (the new style) and I want to unset it at the end of the page (unset($_SESSION[error])), it's there again on the next page. Is there a special way to unset the new Session variables? Seen as you used session_register to set the session variable, it would make sense for you to use session_unregister to do the inverse. -- Dan Hardiker [[EMAIL PROTECTED]] ADAM Software Systems Engineer First Creative Ltd -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: PHP with MySQL
Thanks John. -Original Message- From: John Holmes [mailto:[EMAIL PROTECTED]] Sent: 03 May 2002 16:29 To: [EMAIL PROTECTED]; 'PHP' Subject: RE: [PHP] Re: PHP with MySQL There's a whole section in the manual on it. There is a log_error() or errorlog() function that'll write your errors to a file of your choosing. ---John Holmes... -Original Message- From: .ben [mailto:[EMAIL PROTECTED]] Sent: Friday, May 03, 2002 4:04 AM To: PHP Subject: RE: [PHP] Re: PHP with MySQL Oh, i agree entirely. Ok, i'll look into the logging/mailing solution - something i've been doing in ASP for years but am new to in PHP. Cheers, .b -Original Message- From: Jon Haworth [mailto:[EMAIL PROTECTED]] Sent: 03 May 2002 11:57 To: '[EMAIL PROTECTED]'; PHP Subject: RE: [PHP] Re: PHP with MySQL Hi Ben, John, presumably I can leave the error reporting on - but pipe it into a file if i wanted, rather than displaying on screen, and then redirect the user to another page? Of course you can - I generally have my pages send me email when they throw an error, but that's because I'm really lazy and I can't be bothered to go and check log files all the time g It's just not a stunning idea to display an error messages that give away out any information you could hold back - one of the starting points for an attacker is to try and mess up your query strings, and if you're merrily telling them exactly what the problem is, you're helping them out :-) Cheers Jon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Call to a member function on a non-object...?
You must have created that function inside some class definition. When you
do that, you must first instantiate that class to have access to its
functions (methods).
If you have:
class YourClass
{
function YourClass()
{
// constructor
}
function methodOne()
{
// method 1
}
}
To call the function methodOne, you must first:
$objectName = new YourClass();
and only then
$objectName-methodOne();
Hope it helps.
--
Pedro Alberto Pontes
Richard Brenner [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Hi.
When I try to call a manual defined function in my function.inc file, I
get
the error:
Fatal error: Call to a member function on a non-object in /www/xyz/.. on
line xy
I've defined the function in a seperate .inc file and included this is the
mainpage.
Do you have any solutions for this problem?
Thanks,
Richard
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP editing environment
It's too easy to install a web server, PHP, and MySQL on your own computer and test everything locally. Apache works on Windows and *nix, or you can try OmniHTTPd or PWS/IIS. PHP is a simple download and follow the install instructions, and MySQL has an installation program, it just takes a minute. ---John Holmes... -Original Message- From: Pag [mailto:[EMAIL PROTECTED]] Sent: Friday, May 03, 2002 4:59 AM To: [EMAIL PROTECTED] Subject: [PHP] PHP editing environment Hi, i am new to the list and i am quite impressed with whats going on over here. Anyway, just have a small question. Have been coding php for a while now but i still havent found a stable (easy and not time consuming) way of working in PHP, i mean, i use homesite5 to code and when i want to test the php i upload the scripts and test them on the site. This process is a bit time consuming, so i installed php on my winXP, but even like that i can only test small things using php master editor. Anyone know how i can make my work more efficient? Like install MySQL and PHP and get everything working normally when i preview the code in internet explorer, that would be perfect, is it possible? How do you guys and girls work with php, what editors and/or tools you use? Thanks. Pag -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Fatal error: Call to a member function on a non-object in /www/xynz on line 19
You're trying to call a function within an object. Something like Something-getthis(); Which is not a normal PHP function. Show your code. You're probably just calling it wrong. ---John Holmes... -Original Message- From: Richard Brenner [mailto:[EMAIL PROTECTED]] Sent: Friday, May 03, 2002 4:33 AM To: [EMAIL PROTECTED] Subject: [PHP] Fatal error: Call to a member function on a non-object in /www/xynz on line 19 Hi there. I created an inc file with a single function and included it in my general script. When I try to start the function out the the program, I receive the following error message: Fatal error: Call to a member function on a non-object in /www/xynz on line 19 Does someone know, what this error means? Thank you very much, Richard -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Secure user authentication
Hello, I'm using the regular user authentication method, that is, check the specified login/pass agains't the entries in the DB, if it is valid, create the user object and register it with the section. How can we prevent any user from creating a simple PHP page that creates a simmilar user object, registers it with the session and then links to my pages? One way would be to check, in each page, for the password in the session user object and match it with the DB entry, but storing the password in the session is not advisable, as other users in the host system may have access to that information. Please advise. Thank you ver much for your time. -- Pedro Alberto Pontes -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Process Scheduling
This isnt really the place for it but I thought some might be interested. Has any thought been given to the following process scheduling idea? As a process's cpu usage gets higher it priority gets slightly lower. So that if I have a process to run but someone is hogging the CPU my task while it is lower in usage will get slightly more CPU priority. I am not talking about the major steps in priority only the minor steps within a priority. So that this would only help 2 processes at the same priority, ie Normal,Low. I have never modified and recompiled a linux kernal, and I work only with Windows at work so I havent really been able to play with this idea. Just wodering if anyone else has. Thanks Charles Killmer -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Turning OFF auto_prepend_file on a page by page basis
Hello all I am using auto_prepend_file to include a load of files. This is prepended to all PHP parsed files. The prepend files contain the HTML for the framework of my site. How I want to create an XML file for other web sites to use. I do this by getting some data from a database and packaging it as RSS. Correctly, PHP appends my prepend file HTML on top of the XML. I do not want that, as it produced invalid XML. :-(( Is there a way to say, for example: Prepend this file to all files, but NOT this one? i.e. is it possible to turn off the prepend functionality on a page by page basis?? Thanks for your comments S. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP editing environment
-Original Message- From: Pag [mailto:[EMAIL PROTECTED]] Sent: Friday, May 03, 2002 4:59 AM To: [EMAIL PROTECTED] Subject: [PHP] PHP editing environment Anyone know how i can make my work more efficient? Like install MySQL and PHP and get everything working normally when i preview the code in internet explorer, that would be perfect, is it possible? How do you guys and girls work with php, what editors and/or tools you use? Download and install the windows installers for Apache and MySQL and you'll have a very functional server for testing your code before uploading it to your production server. I've got them all running under WinXP Home quite nicely. I have both Apache and MySQL servers set to start up manually (don't need them running all the time, and especially don't want them running while I'm connected to the net). I use Emacs/html-helper-mode or HTML-Edit (www.chami.com) depending on the mood I'm in to write my code (doesn't anybody work with raw HTML anymore?) I preview with Mozilla and IE 6 (HTML-Edit also offers preview capabilities, although I haven't figured out how to make it preview PHP pages yet). Eugene -- - Eugene Mah, M.Sc., DABR [EMAIL PROTECTED] Medical Physicist/Misplaced Canuck[EMAIL PROTECTED] Department of Radiology For I am a Bear of Very Little Medical University of South Carolina Brain, and long words Bother Charleston, South Carolina me. Winnie the Pooh http://home.netcom.com/~eugenem/ PGP KeyID = 0x1F9779FD, 0x319393F4 PGP keys available on request ICQ 3113529 O- - -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP editing environment
I am using Apache php and MySQL at work and at home, at work I have a win98 box and I use Maguma Studio Light for php as an editor, at home I use VIM for my editor, Maguma is really working for me. What I did was download php, MySql, and Apache then find a good tutorial, of which there are many, on the net that deals with all three and how to correctly install them. Once you figure out the config files, its as easy as pie baby. Then you can view your test scripts through ie, or hook Maguma up to work with php and it renders the pages for you right in the editor. And trust me its easy to do. One more thing, if you haven't already I recommend getting phpMyAdmin to administer your mysql databases, this combination blows any purchased product out of the water with ease of use and speed. -Steve. -Original Message- From: Pag [mailto:[EMAIL PROTECTED]] Sent: Friday, May 03, 2002 7:59 AM To: [EMAIL PROTECTED] Subject: [PHP] PHP editing environment Hi, i am new to the list and i am quite impressed with whats going on over here. Anyway, just have a small question. Have been coding php for a while now but i still havent found a stable (easy and not time consuming) way of working in PHP, i mean, i use homesite5 to code and when i want to test the php i upload the scripts and test them on the site. This process is a bit time consuming, so i installed php on my winXP, but even like that i can only test small things using php master editor. Anyone know how i can make my work more efficient? Like install MySQL and PHP and get everything working normally when i preview the code in internet explorer, that would be perfect, is it possible? How do you guys and girls work with php, what editors and/or tools you use? Thanks. Pag -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: getting a function name of the calling function
Miguel Cruz [EMAIL PROTECTED] wrote: [snip] I'm guessing he wants to do something like a stack trace to figure out how a function managed to get itself called with bad data. With utility functions that may get called hundreds of times in a single run, that would be some really handy stuff. [snip] That is exactly what I am trying to do. Does you know of a good way to go about doing this? The functions that are going to use this are base functions which have full control to the database access to INSERT/UPDATE/DELETE but they are never used by the user. The user will use some wrapper functions which call the base functions. But I want to know who (which function) called the base function. -josh -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] New Session Variable unset doesn't work
Yes, always remember that unset() deletes the REFERENCE to the variable, not the variable itself, so in the next page, when you session_start() again, the reference is recreated to the still existing value. So, session_unregister is fundamental to unregister the reference from the session. To destroy the variable's value you must use $var = null; Regards, -- Pedro Alberto Pontes Dan Hardiker [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I somehow cannot unset Session variables. If I set for example $_SESSION[error]=formcheck (the new style) and I want to unset it at the end of the page (unset($_SESSION[error])), it's there again on the next page. Is there a special way to unset the new Session variables? Seen as you used session_register to set the session variable, it would make sense for you to use session_unregister to do the inverse. -- Dan Hardiker [[EMAIL PROTECTED]] ADAM Software Systems Engineer First Creative Ltd -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP editing environment
Two ways for you: 1. invest $200 (as you mentioned) in a little test server. Set there Samba (samba.org) and simply save.file-refresh.browser 2. install FoxServ or PHPTriad or something else. Look at the sourceforge.net. Or go manually installing the three - Apache, PHP, mySQL on your Win. This is the easiest way. Editors: 1. Look the list archives. 2. Browse the list archives. 3. Search the list archives. 4. If I ever would need to get a list of possible text editors I would Look into, browse and search the archives of this list. 5. well, my idea is Edit Plus. I just love it - Its got all I need. Sincerely, Maxim Maletsky Founder, Chief Developer www.PHPBeginner.com // where PHP Begins -Original Message- From: John Holmes [mailto:[EMAIL PROTECTED]] Sent: Friday, May 03, 2002 5:36 PM To: 'Pag'; [EMAIL PROTECTED] Subject: RE: [PHP] PHP editing environment It's too easy to install a web server, PHP, and MySQL on your own computer and test everything locally. Apache works on Windows and *nix, or you can try OmniHTTPd or PWS/IIS. PHP is a simple download and follow the install instructions, and MySQL has an installation program, it just takes a minute. ---John Holmes... -Original Message- From: Pag [mailto:[EMAIL PROTECTED]] Sent: Friday, May 03, 2002 4:59 AM To: [EMAIL PROTECTED] Subject: [PHP] PHP editing environment Hi, i am new to the list and i am quite impressed with whats going on over here. Anyway, just have a small question. Have been coding php for a while now but i still havent found a stable (easy and not time consuming) way of working in PHP, i mean, i use homesite5 to code and when i want to test the php i upload the scripts and test them on the site. This process is a bit time consuming, so i installed php on my winXP, but even like that i can only test small things using php master editor. Anyone know how i can make my work more efficient? Like install MySQL and PHP and get everything working normally when i preview the code in internet explorer, that would be perfect, is it possible? How do you guys and girls work with php, what editors and/or tools you use? Thanks. Pag -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Turning OFF 'auto_prepend_file' on a page by page basis
.htaccess Not sure if ini_set() will work in your case. But try. Sincerely, Maxim Maletsky Founder, Chief Developer www.PHPBeginner.com // where PHP Begins -Original Message- From: Stefen Lars [mailto:[EMAIL PROTECTED]] Sent: Friday, May 03, 2002 3:02 PM To: [EMAIL PROTECTED] Subject: [PHP] Turning OFF 'auto_prepend_file' on a page by page basis Hello all I am using 'auto_prepend_file' to include a load of files. This is prepended to all PHP parsed files. The prepend files contain the HTML for the framework of my site. How I want to create an XML file for other web sites to use. I do this by getting some data from a database and packaging it as RSS. Correctly, PHP appends my prepend file HTML on top of the XML. I do not want that, as it produced invalid XML. :-(( Is there a way to say, for example: Prepend this file to all files, but NOT this one? i.e. is it possible to 'turn off' the prepend functionality on a page by page basis?? Thanks for your comments S. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP editing environment
Here's one good tutorial: http://www.phpbeginner.com/columns/morten/win32 Sincerely, Maxim Maletsky Founder, Chief Developer www.PHPBeginner.com // where PHP Begins -Original Message- From: Steve Bradwell [mailto:[EMAIL PROTECTED]] Sent: Friday, May 03, 2002 3:00 PM To: 'Pag'; [EMAIL PROTECTED] Subject: RE: [PHP] PHP editing environment I am using Apache php and MySQL at work and at home, at work I have a win98 box and I use Maguma Studio Light for php as an editor, at home I use VIM for my editor, Maguma is really working for me. What I did was download php, MySql, and Apache then find a good tutorial, of which there are many, on the net that deals with all three and how to correctly install them. Once you figure out the config files, its as easy as pie baby. Then you can view your test scripts through ie, or hook Maguma up to work with php and it renders the pages for you right in the editor. And trust me its easy to do. One more thing, if you haven't already I recommend getting phpMyAdmin to administer your mysql databases, this combination blows any purchased product out of the water with ease of use and speed. -Steve. -Original Message- From: Pag [mailto:[EMAIL PROTECTED]] Sent: Friday, May 03, 2002 7:59 AM To: [EMAIL PROTECTED] Subject: [PHP] PHP editing environment Hi, i am new to the list and i am quite impressed with whats going on over here. Anyway, just have a small question. Have been coding php for a while now but i still havent found a stable (easy and not time consuming) way of working in PHP, i mean, i use homesite5 to code and when i want to test the php i upload the scripts and test them on the site. This process is a bit time consuming, so i installed php on my winXP, but even like that i can only test small things using php master editor. Anyone know how i can make my work more efficient? Like install MySQL and PHP and get everything working normally when i preview the code in internet explorer, that would be perfect, is it possible? How do you guys and girls work with php, what editors and/or tools you use? Thanks. Pag -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Secure user authentication
Hmm yes good question.. Security was (still is) a major for my organisation's site and I did something a little unique and robust.. I love programming and I hate stealing (some call it borrowing) other programmer's scripts/code from the web.. therefore I write it _all_ myself.. Trust me.. Sometimes this is a dumb attitude to take such as when I created my first Perl discussion forum.. still running I think (http://the-radix.hypermart.net i think) and that consisted of this huge perl system to maintain the files etc.. for members and the forum.. Anyway! off the sub now.. I used sessions and pass around the array of columns for that member/user .. but the password is put through my own fairly unbreakable (yes.. I am serious) password key system.. An idea to make your own safe keys to pass them around or use for authenticating is simple maths and a crypt() or my preferred: md5() function.. I simply do some lovely maths like for each char of pword I loop through them and append them onto the entire pword string plus the length, get the md5 of that.. then md5 that md5 with the md5 of the previous result and then do some maths, pick some specified characters (like every 3rd or whatever you wish) .. strrev( reverse the string) md5 that again, all md5'ed again.. :) haha, you get the idea.. SO basically you'll end up with a nice 32 char string which is QUITE safe to pass around and the chance anyone's gonna decrypt it IMHO is about zilch, buckley's, zut, nil, null, zero.. And all you have to do, is when they login once, just run the password they entered through this algorithm and check it against the stored algo'd password.. Ah yes that's the next thing.. the DB passwords will also have to be proc. using your algorithm.. So it's kinda like a key security idea.. you are not meant to decrypt md5 hashes.. instead recreate it using what you are supplied and then compare both hashes.. Simple :P Ok hope that helps ::: : Julien Bonastre [The-Spectrum.org CEO] : A.K.A. The_RadiX : [EMAIL PROTECTED] : ABN: 64 235 749 494 : QUT Student :: 04475739 ::: - Original Message - From: Pedro Pontes [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, May 03, 2002 10:19 PM Subject: [PHP] Secure user authentication Hello, I'm using the regular user authentication method, that is, check the specified login/pass agains't the entries in the DB, if it is valid, create the user object and register it with the section. How can we prevent any user from creating a simple PHP page that creates a simmilar user object, registers it with the session and then links to my pages? One way would be to check, in each page, for the password in the session user object and match it with the DB entry, but storing the password in the session is not advisable, as other users in the host system may have access to that information. Please advise. Thank you ver much for your time. -- Pedro Alberto Pontes -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Secure user authentication
Hi, but the password is put through my own fairly unbreakable (yes.. I am serious) password key system.. SO basically you'll end up with a nice 32 char string which is QUITE safe to pass around and the chance anyone's gonna decrypt it IMHO is about zilch, And all you have to do, is when they login once, just run the password they entered through this algorithm and check it against the stored algo'd password.. Presumably you have a Javascript implementation of your algorithm, which runs on the login page - otherwise you'd just be transmitting the password in clear text from the browser to the server, right? If you don't do this, how do you deal with getting the password from the user to the server so you can authenticate them? If you do, how do you deal with people who have Javascript disabled? Cheers Jon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Secure user authentication
another option is to use SSL for the login page/sensitive parts of the site that deal with any transfer of 'sensitive' data? -Original Message- From: Jon Haworth [mailto:[EMAIL PROTECTED]] Sent: 03 May 2002 15:08 To: 'The_RadiX'; [EMAIL PROTECTED] Subject: RE: [PHP] Secure user authentication Hi, but the password is put through my own fairly unbreakable (yes.. I am serious) password key system.. SO basically you'll end up with a nice 32 char string which is QUITE safe to pass around and the chance anyone's gonna decrypt it IMHO is about zilch, And all you have to do, is when they login once, just run the password they entered through this algorithm and check it against the stored algo'd password.. Presumably you have a Javascript implementation of your algorithm, which runs on the login page - otherwise you'd just be transmitting the password in clear text from the browser to the server, right? If you don't do this, how do you deal with getting the password from the user to the server so you can authenticate them? If you do, how do you deal with people who have Javascript disabled? Cheers Jon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Secure user authentication
nope you are quite correct.. but I put my chances of someone catching packets from my site and ripping em open.. in that low down probability of around 0 as well. :) ::: : Julien Bonastre [The-Spectrum.org CEO] : A.K.A. The_RadiX : [EMAIL PROTECTED] : ABN: 64 235 749 494 : QUT Student :: 04475739 ::: - Original Message - From: Jon Haworth [EMAIL PROTECTED] To: 'The_RadiX' [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Saturday, May 04, 2002 12:07 AM Subject: RE: [PHP] Secure user authentication Hi, but the password is put through my own fairly unbreakable (yes.. I am serious) password key system.. SO basically you'll end up with a nice 32 char string which is QUITE safe to pass around and the chance anyone's gonna decrypt it IMHO is about zilch, And all you have to do, is when they login once, just run the password they entered through this algorithm and check it against the stored algo'd password.. Presumably you have a Javascript implementation of your algorithm, which runs on the login page - otherwise you'd just be transmitting the password in clear text from the browser to the server, right? If you don't do this, how do you deal with getting the password from the user to the server so you can authenticate them? If you do, how do you deal with people who have Javascript disabled? Cheers Jon ::: : Julien Bonastre [The-Spectrum.org CEO] : A.K.A. The_RadiX : [EMAIL PROTECTED] : ABN: 64 235 749 494 : QUT Student :: 04475739 :::
Re: [PHP] Secure user authentication
that is a good suggestion.. Using SSL to perform sensitive logins.. and then using some sort of hidden or encrypted passwords in your sessions should provide a nice level of security and comfort.. ::: : Julien Bonastre [The-Spectrum.org CEO] : A.K.A. The_RadiX : [EMAIL PROTECTED] : ABN: 64 235 749 494 : QUT Student :: 04475739 ::: - Original Message - From: Brian McGarvie [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Saturday, May 04, 2002 12:12 AM Subject: RE: [PHP] Secure user authentication another option is to use SSL for the login page/sensitive parts of the site that deal with any transfer of 'sensitive' data? -Original Message- From: Jon Haworth [mailto:[EMAIL PROTECTED]] Sent: 03 May 2002 15:08 To: 'The_RadiX'; [EMAIL PROTECTED] Subject: RE: [PHP] Secure user authentication Hi, but the password is put through my own fairly unbreakable (yes.. I am serious) password key system.. SO basically you'll end up with a nice 32 char string which is QUITE safe to pass around and the chance anyone's gonna decrypt it IMHO is about zilch, And all you have to do, is when they login once, just run the password they entered through this algorithm and check it against the stored algo'd password.. Presumably you have a Javascript implementation of your algorithm, which runs on the login page - otherwise you'd just be transmitting the password in clear text from the browser to the server, right? If you don't do this, how do you deal with getting the password from the user to the server so you can authenticate them? If you do, how do you deal with people who have Javascript disabled? Cheers Jon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Replacing non exact strings
Hi List, Imagine a form where user can search for clients using a 'name' field. When submitted, there's a result page, linking results to another page with the client information. I need to make the terms inputted at the form bold when they appear at the client information page. Problem is: When someone searchs for Joe Doe, and the client's name is Joe Doe, I can make it bJoe Doe/b. But when the name is Joe Cougar Doe, I can't bold it (parts Joe Doe) because there's this Cougar in the middle. The result I am looking for is bJoe/b Cougar bDoe/b. So: $searched = Joe Doe; $original = Joe Cougar Doe; $final = bJoe/b Cougar bDoe/b; Any ideas about how can I achieve this result? I am currently using eregi_replace($searched, b$searched/b, $original), so that's why it only accepts the whole string. Thanks a lot, Julio Nobrega. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Secure user authentication
First of all, thank you for your devote answer. The method I was thinking about before was to pass the md5 hash of the password around, as the passwords are already md5'ed in the DB. Your method seems more secure as you use a totally spiced-up and personalized encryption engine. But, the main question remains, I think. If you pass your crypted password around, then, in each page, you must check it agains't the database entry with a SIMPLE equals test. So if a user happens to get that crypted value of the password (from a temporary file on the server, for example), then all the little devil has to do is to create a dummy session user object, or in your case, array, set its password value to the stolen crypted hash and then link freely to any of your pages. Am I right? Thanks again. -- Pedro Alberto Pontes The_radix [EMAIL PROTECTED] wrote in message 003601c1f2aa$6120dbb0$f86086cb@oracle">news:003601c1f2aa$6120dbb0$f86086cb@oracle... Hmm yes good question.. Security was (still is) a major for my organisation's site and I did something a little unique and robust.. I love programming and I hate stealing (some call it borrowing) other programmer's scripts/code from the web.. therefore I write it _all_ myself.. Trust me.. Sometimes this is a dumb attitude to take such as when I created my first Perl discussion forum.. still running I think (http://the-radix.hypermart.net i think) and that consisted of this huge perl system to maintain the files etc.. for members and the forum.. Anyway! off the sub now.. I used sessions and pass around the array of columns for that member/user .. but the password is put through my own fairly unbreakable (yes.. I am serious) password key system.. An idea to make your own safe keys to pass them around or use for authenticating is simple maths and a crypt() or my preferred: md5() function.. I simply do some lovely maths like for each char of pword I loop through them and append them onto the entire pword string plus the length, get the md5 of that.. then md5 that md5 with the md5 of the previous result and then do some maths, pick some specified characters (like every 3rd or whatever you wish) .. strrev( reverse the string) md5 that again, all md5'ed again.. :) haha, you get the idea.. SO basically you'll end up with a nice 32 char string which is QUITE safe to pass around and the chance anyone's gonna decrypt it IMHO is about zilch, buckley's, zut, nil, null, zero.. And all you have to do, is when they login once, just run the password they entered through this algorithm and check it against the stored algo'd password.. Ah yes that's the next thing.. the DB passwords will also have to be proc. using your algorithm.. So it's kinda like a key security idea.. you are not meant to decrypt md5 hashes.. instead recreate it using what you are supplied and then compare both hashes.. Simple :P Ok hope that helps ::: : Julien Bonastre [The-Spectrum.org CEO] : A.K.A. The_RadiX : [EMAIL PROTECTED] : ABN: 64 235 749 494 : QUT Student :: 04475739 ::: - Original Message - From: Pedro Pontes [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, May 03, 2002 10:19 PM Subject: [PHP] Secure user authentication Hello, I'm using the regular user authentication method, that is, check the specified login/pass agains't the entries in the DB, if it is valid, create the user object and register it with the section. How can we prevent any user from creating a simple PHP page that creates a simmilar user object, registers it with the session and then links to my pages? One way would be to check, in each page, for the password in the session user object and match it with the DB entry, but storing the password in the session is not advisable, as other users in the host system may have access to that information. Please advise. Thank you ver much for your time. -- Pedro Alberto Pontes -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Secure user authentication
my current project for a multi-national org is providing a service to them which requires that, I also go a stage further and allow only ip's from their domain for this site ;) as well as SSL, and my own form of encryption. -Original Message- From: The_RadiX [mailto:[EMAIL PROTECTED]] Sent: 03 May 2002 15:14 To: [EMAIL PROTECTED]; Brian McGarvie Subject: Re: [PHP] Secure user authentication that is a good suggestion.. Using SSL to perform sensitive logins.. and then using some sort of hidden or encrypted passwords in your sessions should provide a nice level of security and comfort.. ::: : Julien Bonastre [The-Spectrum.org CEO] : A.K.A. The_RadiX : [EMAIL PROTECTED] : ABN: 64 235 749 494 : QUT Student :: 04475739 ::: - Original Message - From: Brian McGarvie [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Saturday, May 04, 2002 12:12 AM Subject: RE: [PHP] Secure user authentication another option is to use SSL for the login page/sensitive parts of the site that deal with any transfer of 'sensitive' data? -Original Message- From: Jon Haworth [mailto:[EMAIL PROTECTED]] Sent: 03 May 2002 15:08 To: 'The_RadiX'; [EMAIL PROTECTED] Subject: RE: [PHP] Secure user authentication Hi, but the password is put through my own fairly unbreakable (yes.. I am serious) password key system.. SO basically you'll end up with a nice 32 char string which is QUITE safe to pass around and the chance anyone's gonna decrypt it IMHO is about zilch, And all you have to do, is when they login once, just run the password they entered through this algorithm and check it against the stored algo'd password.. Presumably you have a Javascript implementation of your algorithm, which runs on the login page - otherwise you'd just be transmitting the password in clear text from the browser to the server, right? If you don't do this, how do you deal with getting the password from the user to the server so you can authenticate them? If you do, how do you deal with people who have Javascript disabled? Cheers Jon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Turning OFF 'auto_prepend_file' on a page by page basis
Usually, I use the Apache directive to add the prepend option. I already tried setting another prepend option in the apache directives, but it seems one does not overwite the other. I tried prepending a blank file. But that did not work. The other prepend file was prepended. When you say use ini_set(), do you mean ini_set(auto_prepend_file, /a/blank/file.php); ?? From: Maxim Maletsky \(PHPBeginner.com\) [EMAIL PROTECTED] To: 'Stefen Lars' [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: RE: [PHP] Turning OFF 'auto_prepend_file' on a page by page basis Date: Fri, 3 May 2002 15:53:16 +0200 .htaccess Not sure if ini_set() will work in your case. But try. Sincerely, Maxim Maletsky Founder, Chief Developer www.PHPBeginner.com // where PHP Begins -Original Message- From: Stefen Lars [mailto:[EMAIL PROTECTED]] Sent: Friday, May 03, 2002 3:02 PM To: [EMAIL PROTECTED] Subject: [PHP] Turning OFF 'auto_prepend_file' on a page by page basis Hello all I am using 'auto_prepend_file' to include a load of files. This is prepended to all PHP parsed files. The prepend files contain the HTML for the framework of my site. How I want to create an XML file for other web sites to use. I do this by getting some data from a database and packaging it as RSS. Correctly, PHP appends my prepend file HTML on top of the XML. I do not want that, as it produced invalid XML. :-(( Is there a way to say, for example: Prepend this file to all files, but NOT this one? i.e. is it possible to 'turn off' the prepend functionality on a page by page basis?? Thanks for your comments S. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ Send and receive Hotmail on your mobile device: http://mobile.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Replacing non exact strings
Julio,
Try this
$search = Joe Doe;
$original = Joe Cougar Doe;
$final = bJoe/b Cougar bDoe/b;
$terms = explode( ,$search);
for($i=0; $icount($terms); $i++)
{
$original = eregi_replace($terms[$i], b.$terms[$i]./b,
$original);
}
echo $original;
Should get you started.
Thank You
Brian Paulson
Sr. Web Developer
[EMAIL PROTECTED]
http://www.chieftain.com
-Original Message-
From: Julio Nobrega Trabalhando [mailto:[EMAIL PROTECTED]]
Sent: Friday, May 03, 2002 8:36 AM
To: [EMAIL PROTECTED]
Subject: [PHP] Replacing non exact strings
Hi List,
Imagine a form where user can search for clients using a 'name' field.
When submitted, there's a result page, linking results to another page
with
the client information.
I need to make the terms inputted at the form bold when they appear at
the
client information page. Problem is: When someone searchs for Joe Doe,
and
the client's name is Joe Doe, I can make it bJoe Doe/b.
But when the name is Joe Cougar Doe, I can't bold it (parts Joe
Doe)
because there's this Cougar in the middle. The result I am looking for
is
bJoe/b Cougar bDoe/b.
So:
$searched = Joe Doe;
$original = Joe Cougar Doe;
$final = bJoe/b Cougar bDoe/b;
Any ideas about how can I achieve this result? I am currently using
eregi_replace($searched, b$searched/b, $original), so that's why
it
only accepts the whole string.
Thanks a lot,
Julio Nobrega.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Help compiling Dynamically Linked Module
I am trying to compile and run the tutorial, from the php documentation, on extending php. I am currently working in SunOS v5.7 with gcc version 2.95 19990728. I am running PHP 4.2.0 statically in Apache 1.3.24 I have copied the first_module.c file and I can compile it with the following command ~~~/php-4.2.0/ext gcc -fpic -DCOMPILE_DL=1 -I/usr/local/include -I../main -I../TSRM -I. -I.. -I../Zend -c -o first_module/first_module.o first_module/first_module.c I can also link with the following command ~~~/php-4.2.0/extgcc -shared -L/usr/local/lib -dynamic -o first_module/first_module.so first_module/first_module.o I then copy this module to the working directory of my php script and call it like this: ? dl(first_module.so); $param = 2; $return = first_module($param); print(We sent '$param' and got '$return'); ? the file has execute and read permissions set for all users. the file is located by php, but I get this error: Warning: Invalid library (maybe not a PHP library) 'first_module.so' in /export/home/jlang/htdocs/phpscript/modtest.php on line 5 can anyone help me find out why this file is not correctly loading Thanks, Jeff Lang -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] MySQL Set Type
How does PHP 4 handle MySQL fields that are of type SET? Are the strings, arrays, or something else? Thanks, Brad -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Secure user authentication
Hi, The method I was thinking about before was to pass the md5 hash of the password around, as the passwords are already md5'ed in the DB. Your method seems more secure as you use a totally spiced-up and personalized encryption engine. *boggle* Why are you passing the password around, hashed or not, in the first place? Just have a yes/no flag for whether the session is an authenticated user or not. Is there any particular reason why you'd need to reauthenticate on every page? Cheers Jon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Replacing non exact strings
On 3 May 2002 at 11:36, Julio Nobrega Trabalhando wrote:
$searched = Joe Doe;
$original = Joe Cougar Doe;
$final = bJoe/b Cougar bDoe/b;
Any ideas about how can I achieve this result? I am currently using
eregi_replace($searched, b$searched/b, $original), so that's why
it only accepts the whole string.
Split $searched using explode, then do the replace on each element of the resulting
array...
$searched = Joe Doe;
$original = Joe Cougar Doe;
$searchedwords = explode( , $searched);
$final = $original;
foreach ($searchedwords as $word)
{
$final = eregi_replace($word, b$word/b, $final);
}
$final = bJoe/b Cougar bDoe/b;
--
Stuart
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Replacing non exact strings
Thanks Brian, it's working! -- Julio Nobrega. Brian Paulson [EMAIL PROTECTED] wrote in message 005101c1f2af$fa59eb00$89010a0a@bpaulson">news:005101c1f2af$fa59eb00$89010a0a@bpaulson... Julio, Try this -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Secure user authentication
Hi Jon, I am considering doing that because any user can create a simple PHP script with his/her object with the authenticated flag set to authorized, register that object with the session and then link to any of my pages, which if they don't make any kind of password test, they will unsuspectly accept the intrusion. What kind of test do you do in each of your pages? I just test if there is a user object registered and if its type (group), set upon successfully login, is allowed in the specified page. But if I create a separate script that just creates a simmilar object (with the same fields), artificially attribute a group and login to it, register it with the session and then link to any of my pages (without passing through the login page), they won't suspect that the access rights were forged. Thank you. -- Pedro Alberto Pontes Jon Haworth [EMAIL PROTECTED] wrote in message 67DF9B67CEFAD4119E4200D0B720FA3F010C4017@BOOTROS">news:67DF9B67CEFAD4119E4200D0B720FA3F010C4017@BOOTROS... Hi, The method I was thinking about before was to pass the md5 hash of the password around, as the passwords are already md5'ed in the DB. Your method seems more secure as you use a totally spiced-up and personalized encryption engine. *boggle* Why are you passing the password around, hashed or not, in the first place? Just have a yes/no flag for whether the session is an authenticated user or not. Is there any particular reason why you'd need to reauthenticate on every page? Cheers Jon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: file() and macintosh line break
I was having a tough time with a Mac file uploaded and squeezed into one line. My friend Shawn helped me write the following which cleans it up. Remove the echo statement to just change it and not see the change. Also, avoid trying to fix the file, make a new one, if you can. Hope this helps. Josh 1 ? 2 $data_file = data.csv; 3 $newdatafile = new_data.csv; 4 5 $file=fopen($data_file, r); 6 $newfile = fopen($newdatafile,w); 7 8 $filecontents = fread($file,filesize($data_file)); 9 echo $filecontents; 10 echo brbr; 11 $newfilecontents = preg_replace((\r\n|\n|\r),\n,$filecontents); 12 13 echo nl2br($newfilecontents); 14 15 fwrite($newfile,$newfilecontents); 16 fclose($file); 17 fclose($newfile); 18 ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php/.htaccess/.htpasswd
I've used the script phtaccess, which I think used the mentioned class. Super easy to use. Josh On Wed, 1 May 2002, Kelly Meeks wrote: Is is possible to use php to admin a password file used by a .htaccess file? You should check the File_Passwd class from PEAR. http://chora.php.net/cvs.php/php4/pear/File -- Mika Tuupola http://www.appelsiini.net/~tuupola/
[PHP] Newbie - still working on my first script.
I got the file to upload to my folder. But when I go to download it to my PC
using FTP, it tells me NO SUCH FILE, but I can see it in the folder. The
folder has read, write, execute permissions. I included the script below.
I would appreciate any help.
HTML
HEAD
TITLEAdvertisement Application/TITLE
/HEAD
BODY
?php
error_reporting(E_ALL);
/* This next conditional determines whether or not to handle the form,
depending upon whether or not $File exists. */
if (isset($File)) {
print (File name: $File_nameP\n);
print (File size: $File_sizeP\n);
if(copy ($File, ads/ $File_name)) {
print (Your file was successfully uploaded!P\n);
} else {
print (Your file could not be copied.P\n);
}
unlink ($File);
}
print (Upload a file to the server:\n);
print (FORM ACTION=\ad_app.php\ METHOD=POST
ENCTYPE=\multipart/form-data\\n);
print (File INPUT TYPE=FILE NAME=\File\ SIZE=20BR\n);
print (INPUT TYPE=SUBMIT NAME=\SUBMIT\ VALUE=\Submit!\/FORM\n);
?
/BODY
/HTML
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] date(), strtotime(), Wed, Dec 31, 1969 ??
Running PHP3 on a Linux box and I've got trouble with date(). Here's the code: $blah=2002-05-02; $thedate = date(D, M d, Y, strtotime($blah)); $echo $thedate; Why is $thedate resolving to Wed, Dec 31, 1969. Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] date(), strtotime(), Wed, Dec 31, 1969 ??
Because your strtotime() call is returning 0. Replace the '-' with '/' and I bet it would work. -Rasmus On Fri, 3 May 2002, ROBERT MCPEAK wrote: Running PHP3 on a Linux box and I've got trouble with date(). Here's the code: $blah=2002-05-02; $thedate = date(D, M d, Y, strtotime($blah)); $echo $thedate; Why is $thedate resolving to Wed, Dec 31, 1969. Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] date(), strtotime(), Wed, Dec 31, 1969 ??
On 3 May 2002 at 12:04, ROBERT MCPEAK wrote: $blah=2002-05-02; $thedate = date(D, M d, Y, strtotime($blah)); $echo $thedate; $blah will = 1995. Try putting quotes around the date... $blah = 2002-05-02; -- Stuart -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] phpMyAdmin
Hi guys, I need some help using the phpMyAdmin, I'm trying to create a table with three fields, one for the indexing of the database, the second for the logins and the third for the password. I get the following doubts: On the table of the phpMyAdmin there are the following fields: A field for the name of the field. A field for the kind of information that will be stored in the field (TINYINT,DOUBLE,TEXT...) A field for the size of the field. A field for the atributes of the field (BINARY, UNSIGNED, UNSIGNED ZERO FILL) A field for the null option (NULL, NOT NULL). A field for an information that I don't know... A field for the Extra(AUTO_INCREMENT). A selectable field named primary(check it or not). A selectable field named index(check it or not). A selectable field named unique(check it or not). A selectable field named Fulltext(Check it or not). The information that I would need would be what are the configurations that I have to put in each of these fields. And also I would need to know a php script to access the fields, and write to new fields. Thanx, Rodrigo
Re: [PHP] rather a mysql question
Depending on your OS, there's a good possibility that the OS is caching HD data. So instead of mysql reading directly from disk, it's getting it from the memory cache. Depending on how heavily your server is used, wait 10 or 15 mins (to let the memory cache clear out) and try it again. Mike... Ando Saabas wrote: Sorry that this is more of a mysql question, but since most php programmers use it a lot, i though i might find the answer without subscribing to mysql list, here goes: When i do a query from a big table using indexes,it takes for example 5 seconds. Now if i, after some time repeat the query, the query takes about 0.5 secs. So far i thought it was because of caching, but now i read mysql (v3.23) doesnt support query cache. So this really gets me wondering, where does the speed increase come from? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] date(), strtotime(), Wed, Dec 31, 1969 ??
Hi Robert- You may want to spend a little more time with basic PHP tutorials, see: http://www.php.net/links To answer your question, the problem is with variable/string use, not any PHP functions. $blah in particular. Use quotes around strings: $blah = '2002-05-02'; Read about strings: http://uk.php.net/manual/en/language.types.string.php http://www.zend.com/zend/tut/using-strings.php As you are basically doing this: $blah = 2002 - 5 - 2; // 1995 Anyway, also consider: echo $thedate; Although the behavoir of strtotime(1995) does seem a little odd, in later versions of PHP it does try to do something but not sure exactly what ... yet. I'm assuming it returns -1 for you, in PHP3. Regards, Philip Olson On Fri, 3 May 2002, ROBERT MCPEAK wrote: Running PHP3 on a Linux box and I've got trouble with date(). Here's the code: $blah=2002-05-02; $thedate = date(D, M d, Y, strtotime($blah)); $echo $thedate; Why is $thedate resolving to Wed, Dec 31, 1969. Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] mssql_prev_result()???
Does anybody know of a good way to get the previous result in a query result? The query looks like this: SELECT * FROM [users]. This will return a result set of 30 to 40 users. The reason I need to grab the previous is because I would like to be able to virtually scroll through my data in the table. Here is some psuedocode of what I am trying to do: the form //fields to be filled by the user data that comes in from each query button value=previous user onClick=get_prev_user() button value=next user onClick=get_next_user() /the form -- Joshua E Minnie/CIO [EMAIL PROTECTED] Phone: 616.276.9690 Fax: 616.342.8750 Nextel: 616.862.2847 Don't work for recognition, but always do work worthy of recognition. ~ Unknown -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: PHP editing environment
Pag [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Anyone know how i can make my work more efficient? Like install MySQL and PHP and get everything working normally when i preview the code in internet explorer, that would be perfect, is it possible? How do you guys and girls work with php, what editors and/or tools you use? 1. Install Apache from apache.org 2. Install PHP from php.net 3. Install MySQL from mysql.com 4. I use HomePage 4.5.2; it has a setting that is very useful: under Options - Settings - Browse, check 'Enable Server Mappings', click Add, set 'C:\program files\ Apache Group\Apache\htdocs' (or wherever you put your web directory) to 'http:/localhost/' and Voila! You can browse the page results directly in HomePage. Very handy. I assume version 5 has something closely equivalent. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php converts \ to \\, how can I stop that
You could also set these values in your php.ini:
magic_quotes_gpc = off
magic_quotes_runtime = off
If you do this, then remember when inserting the data into a mysql
database, it still needs to be escaped:
$sql = sprintf(
insert into table (id, field) values ('', '%s'),
mysql_escape_string($fieldvalue)
);
Mike
Mikael Syska wrote:
[EMAIL PROTECTED] (Jason Wong) wrote in news:php.general-95848
@news.php.net:
@news.php.net:
stripslashes()
thanks, now it works
Do read up on /why/ you need it.
ohhh, what do u mean???
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] phpMyAdmin
Could be something like.. Field: keynum Type: BIGINT Length/Values: (blank) Attributes: (blank) Null: NOT NULL Default: (blank) Extra: AUTO_INCREMENT Primary: CHECKED Index: CHECKED Unique: CHECKED Field: username Type: VARCHAR Length/Values: 20 Attributes: (blank) Null: NOT NULL Default: (blank) Extra: (blank) Primary: UNCHECKED Index: UNCHECKED Unique: UNCHECKED Field: password Type: VARCHAR Length/Values: 20 Attributes: (blank) Null: NOT NULL Default: (blank) Extra: (blank) Primary: UNCHECKED Index: UNCHECKED Unique: UNCHECKED Note I prefer to use VARCHAR instead of PASSWORD becuase I am more comfortable checking the database contents in PHP rather than SQL. But you can do a PASSWORD field then in your query statment use the SQL funciton PASSWORD($pwd) to encrypt the string. Either way, for security, it is imparative that you encrypt it. The field 'keynum' is just a standard thing that I do. It's set up to auto_increment so you always have a unique key to delete and update records on. For more information view the SQL documentation on www.mysql.com. Hope this helps! -Kevin - Original Message - From: Rodrigo [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, May 03, 2002 10:18 AM Subject: [PHP] phpMyAdmin Hi guys, I need some help using the phpMyAdmin, I'm trying to create a table with three fields, one for the indexing of the database, the second for the logins and the third for the password. I get the following doubts: On the table of the phpMyAdmin there are the following fields: A field for the name of the field. A field for the kind of information that will be stored in the field (TINYINT,DOUBLE,TEXT...) A field for the size of the field. A field for the atributes of the field (BINARY, UNSIGNED, UNSIGNED ZERO FILL) A field for the null option (NULL, NOT NULL). A field for an information that I don't know... A field for the Extra(AUTO_INCREMENT). A selectable field named primary(check it or not). A selectable field named index(check it or not). A selectable field named unique(check it or not). A selectable field named Fulltext(Check it or not). The information that I would need would be what are the configurations that I have to put in each of these fields. And also I would need to know a php script to access the fields, and write to new fields. Thanx, Rodrigo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Newbie - still working on my first script.
Seems to me that space in the file copy is what's causing problems. Try
changing ads/ $File_name to ads/${File_Name}.
Just a note that doing things that way can cause big problems,
especially on unix systems.. imagine if you went to your website and type:
http://site/index.php?File=%2Fetc%2FpasswdFile_name=hacked.txt
Also instead of copying then unlinking the file, you can avoid the above
problem by using move_uploaded_file().
See the documentation for this command here:
http://www.php.net/manual/en/function.move-uploaded-file.php
Mike
Tgl wrote:
I got the file to upload to my folder. But when I go to download it to my PC
using FTP, it tells me NO SUCH FILE, but I can see it in the folder. The
folder has read, write, execute permissions. I included the script below.
I would appreciate any help.
HTML
HEAD
TITLEAdvertisement Application/TITLE
/HEAD
BODY
?php
error_reporting(E_ALL);
/* This next conditional determines whether or not to handle the form,
depending upon whether or not $File exists. */
if (isset($File)) {
print (File name: $File_nameP\n);
print (File size: $File_sizeP\n);
if(copy ($File, ads/ $File_name)) {
print (Your file was successfully uploaded!P\n);
} else {
print (Your file could not be copied.P\n);
}
unlink ($File);
}
print (Upload a file to the server:\n);
print (FORM ACTION=\ad_app.php\ METHOD=POST
ENCTYPE=\multipart/form-data\\n);
print (File INPUT TYPE=FILE NAME=\File\ SIZE=20BR\n);
print (INPUT TYPE=SUBMIT NAME=\SUBMIT\ VALUE=\Submit!\/FORM\n);
?
/BODY
/HTML
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Secure user authentication
This would only work if some other user is able to create files that the web server thinks are part of your domain (since the session cookies are domain-specific). Sounds to me like your problem here is severe server misconfiguration. If your server environment is that insecure, then worrying about anything else is sort of a waste of time. miguel On Fri, 3 May 2002, Pedro Pontes wrote: I am considering doing that because any user can create a simple PHP script with his/her object with the authenticated flag set to authorized, register that object with the session and then link to any of my pages, which if they don't make any kind of password test, they will unsuspectly accept the intrusion. What kind of test do you do in each of your pages? I just test if there is a user object registered and if its type (group), set upon successfully login, is allowed in the specified page. But if I create a separate script that just creates a simmilar object (with the same fields), artificially attribute a group and login to it, register it with the session and then link to any of my pages (without passing through the login page), they won't suspect that the access rights were forged. Thank you. -- Pedro Alberto Pontes Jon Haworth [EMAIL PROTECTED] wrote in message 67DF9B67CEFAD4119E4200D0B720FA3F010C4017@BOOTROS">news:67DF9B67CEFAD4119E4200D0B720FA3F010C4017@BOOTROS... Hi, The method I was thinking about before was to pass the md5 hash of the password around, as the passwords are already md5'ed in the DB. Your method seems more secure as you use a totally spiced-up and personalized encryption engine. *boggle* Why are you passing the password around, hashed or not, in the first place? Just have a yes/no flag for whether the session is an authenticated user or not. Is there any particular reason why you'd need to reauthenticate on every page? Cheers Jon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Secure user authentication
Pedro Pontes wrote: Hi Jon, I am considering doing that because any user can create a simple PHP script with his/her object with the authenticated flag set to authorized, register that object with the session and then link to any of my pages, which if they don't make any kind of password test, they will unsuspectly accept the intrusion. What kind of test do you do in each of your pages? I just test if there is a user object registered and if its type (group), set upon successfully login, is allowed in the specified page. But if I create a separate script that just creates a simmilar object (with the same fields), artificially attribute a group and login to it, register it with the session and then link to any of my pages (without passing through the login page), they won't suspect that the access rights were forged. What I can't figure out is why you're allowing people to just randomly put pages on your server. If someone was to randomly register a similar user object, etc - why bother? If I can put pages on your server and execute them, I'd do some something far more malicious than just pretend I'm user X. Michael Kimsal http://www.logicreate.com 734-480-9961 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] phpMyAdmin
I've always found it's good to set numeric primary keys to UNSIGNED. Gives you a larger range, and it's not very likely those numbers are ever going to be negative. Also, there is absolutely no need to check Index or Unique when you have selected Primary, as Primary implies both (hence why in newer versions, Primary/Index/Unique are radio buttons). Lastly, unless you expect to have a rediculous amount of records, an INT is more that sufficient (giving you a maximum record count of 4,294,967,295). Also, PHP's mysql_insert_id() doesn't support BIGINT data types. So, the more optimised version of the keyfield would be: Field: keynum Type: INT Length/Values: (blank) Attributes: UNSIGNED Null: NOT NULL Default: (blank) Extra: AUTO_INCREMENT Primary: SELECTED Index: UN-SELECTED Unique: UN-SELECTED Mike Kevin Stone wrote: Could be something like.. Field: keynum Type: BIGINT Length/Values: (blank) Attributes: (blank) Null: NOT NULL Default: (blank) Extra: AUTO_INCREMENT Primary: CHECKED Index: CHECKED Unique: CHECKED Field: username Type: VARCHAR Length/Values: 20 Attributes: (blank) Null: NOT NULL Default: (blank) Extra: (blank) Primary: UNCHECKED Index: UNCHECKED Unique: UNCHECKED Field: password Type: VARCHAR Length/Values: 20 Attributes: (blank) Null: NOT NULL Default: (blank) Extra: (blank) Primary: UNCHECKED Index: UNCHECKED Unique: UNCHECKED Note I prefer to use VARCHAR instead of PASSWORD becuase I am more comfortable checking the database contents in PHP rather than SQL. But you can do a PASSWORD field then in your query statment use the SQL funciton PASSWORD($pwd) to encrypt the string. Either way, for security, it is imparative that you encrypt it. The field 'keynum' is just a standard thing that I do. It's set up to auto_increment so you always have a unique key to delete and update records on. For more information view the SQL documentation on www.mysql.com. Hope this helps! -Kevin - Original Message - From: Rodrigo [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, May 03, 2002 10:18 AM Subject: [PHP] phpMyAdmin Hi guys, I need some help using the phpMyAdmin, I'm trying to create a table with three fields, one for the indexing of the database, the second for the logins and the third for the password. I get the following doubts: On the table of the phpMyAdmin there are the following fields: A field for the name of the field. A field for the kind of information that will be stored in the field (TINYINT,DOUBLE,TEXT...) A field for the size of the field. A field for the atributes of the field (BINARY, UNSIGNED, UNSIGNED ZERO FILL) A field for the null option (NULL, NOT NULL). A field for an information that I don't know... A field for the Extra(AUTO_INCREMENT). A selectable field named primary(check it or not). A selectable field named index(check it or not). A selectable field named unique(check it or not). A selectable field named Fulltext(Check it or not). The information that I would need would be what are the configurations that I have to put in each of these fields. And also I would need to know a php script to access the fields, and write to new fields. Thanx, Rodrigo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mssql_prev_result()???
You can navigate through records with Next and Previous buttons by using LIMIT in your query statment. ? // index.php if (!isset($i))$i=0; // Retrieve 1 rows starting at row $i $query = SELECT * FROM mytable LIMIT $i,1; $result = mysql_query($query, $db); ? lt;lt; a href=index.php?i=?echo $i--;?PREVIOUS/a || a href=index.php?i=?echo $i++;?NEXT/a gt;gt; ? // ... print result from query here... ? -- Hope this helps, Kevin - Original Message - From: Joshua E Minnie [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, May 03, 2002 10:35 AM Subject: [PHP] mssql_prev_result()??? Does anybody know of a good way to get the previous result in a query result? The query looks like this: SELECT * FROM [users]. This will return a result set of 30 to 40 users. The reason I need to grab the previous is because I would like to be able to virtually scroll through my data in the table. Here is some psuedocode of what I am trying to do: the form //fields to be filled by the user data that comes in from each query button value=previous user onClick=get_prev_user() button value=next user onClick=get_next_user() /the form -- Joshua E Minnie/CIO [EMAIL PROTECTED] Phone: 616.276.9690 Fax: 616.342.8750 Nextel: 616.862.2847 Don't work for recognition, but always do work worthy of recognition. ~ Unknown -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] phpMyAdmin
Thanks for the tip Mike. -Kevin - Original Message - From: Mike Eheler [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, May 03, 2002 10:49 AM Subject: Re: [PHP] phpMyAdmin I've always found it's good to set numeric primary keys to UNSIGNED. Gives you a larger range, and it's not very likely those numbers are ever going to be negative. Also, there is absolutely no need to check Index or Unique when you have selected Primary, as Primary implies both (hence why in newer versions, Primary/Index/Unique are radio buttons). Lastly, unless you expect to have a rediculous amount of records, an INT is more that sufficient (giving you a maximum record count of 4,294,967,295). Also, PHP's mysql_insert_id() doesn't support BIGINT data types. So, the more optimised version of the keyfield would be: Field: keynum Type: INT Length/Values: (blank) Attributes: UNSIGNED Null: NOT NULL Default: (blank) Extra: AUTO_INCREMENT Primary: SELECTED Index: UN-SELECTED Unique: UN-SELECTED Mike Kevin Stone wrote: Could be something like.. Field: keynum Type: BIGINT Length/Values: (blank) Attributes: (blank) Null: NOT NULL Default: (blank) Extra: AUTO_INCREMENT Primary: CHECKED Index: CHECKED Unique: CHECKED Field: username Type: VARCHAR Length/Values: 20 Attributes: (blank) Null: NOT NULL Default: (blank) Extra: (blank) Primary: UNCHECKED Index: UNCHECKED Unique: UNCHECKED Field: password Type: VARCHAR Length/Values: 20 Attributes: (blank) Null: NOT NULL Default: (blank) Extra: (blank) Primary: UNCHECKED Index: UNCHECKED Unique: UNCHECKED Note I prefer to use VARCHAR instead of PASSWORD becuase I am more comfortable checking the database contents in PHP rather than SQL. But you can do a PASSWORD field then in your query statment use the SQL funciton PASSWORD($pwd) to encrypt the string. Either way, for security, it is imparative that you encrypt it. The field 'keynum' is just a standard thing that I do. It's set up to auto_increment so you always have a unique key to delete and update records on. For more information view the SQL documentation on www.mysql.com. Hope this helps! -Kevin - Original Message - From: Rodrigo [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, May 03, 2002 10:18 AM Subject: [PHP] phpMyAdmin Hi guys, I need some help using the phpMyAdmin, I'm trying to create a table with three fields, one for the indexing of the database, the second for the logins and the third for the password. I get the following doubts: On the table of the phpMyAdmin there are the following fields: A field for the name of the field. A field for the kind of information that will be stored in the field (TINYINT,DOUBLE,TEXT...) A field for the size of the field. A field for the atributes of the field (BINARY, UNSIGNED, UNSIGNED ZERO FILL) A field for the null option (NULL, NOT NULL). A field for an information that I don't know... A field for the Extra(AUTO_INCREMENT). A selectable field named primary(check it or not). A selectable field named index(check it or not). A selectable field named unique(check it or not). A selectable field named Fulltext(Check it or not). The information that I would need would be what are the configurations that I have to put in each of these fields. And also I would need to know a php script to access the fields, and write to new fields. Thanx, Rodrigo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] phpMyAdmin
Hi guys, I need to know the script to insert some fields into the database. Like this: I need to get from a form the email, login, password and store it on the database. I'd like to know how this script would be. Code is apreciated. ;) Thanks, Rodrigo
Re: [PHP] Newbie - still working on my first script.
On Fri, 3 May 2002, TGL wrote:
I got the file to upload to my folder. But when I go to download it to my PC
using FTP, it tells me NO SUCH FILE, but I can see it in the folder. The
folder has read, write, execute permissions. I included the script below.
if(copy ($File, ads/ $File_name)) {
Do you really want that space after the slash? That sounds like a recipe
for trouble. Maybe the reason you can't download it with FTP is because
there's a space in the beginning of the name now.
Also, use 'move_uploaded_file' rather than 'copy' for files that have been
uploaded to temp space. It's more secure.
miguel
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] getting pages with FILE
hello all, i'm using FILE to read a page via HTTP and construct an array of HTML lines. After that i modify the page and echo it out. this all works great. The web server delivers pages depending on browser types. Now i need to pretend a certain browser. Can this be done ? What kind of HTTP-request does FILE send to the webserver ? juergen -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Batch processing HTML2PS
In article [EMAIL PROTECTED], [EMAIL PROTECTED] (Jason Wong) wrote: On Friday 03 May 2002 07:03, Mrdini wrote: I think using the PDF functions would be a much better solution. You have full control over what gets printed where. Search on sourceforge for wrapper classes which make the PDF functions easier to use. Well, I didn't really look into this way of doing PDFs as I want to dump straight to lpr (it's a postscript laser printer). Also, I don't feel up to learning how to create PDFs -_-. I had a look a while back, and it sounds VERY complicated. I as said, take a look at some of those classes. It's a lot easier that you think. And whatever little learning curve there is, is more than made up for by not having to deal with the uncertainties of HTML layout :) (a day later). *bows* You are, of course, right. :) Whilst I haven't quite gotten there yet, I've been experimenting a bit with http://sourceforge.net/projects/pdf-php/ and it's _easy_! Whilst not as flexible as something like PDFlib, it suits my purposes very well nevertheless. The end is in sight! Thanks. -- Yoav Felberbaum E-Mail: [EMAIL PROTECTED] Website (Not worth looking ^_^) : http://www.wlv.ac.uk/~c9807379/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Export selected data to a text file
On Fri, 3 May 2002, Miva Guy wrote: I'm want to read a member's record and export the selected data to a downloadable vCard. The vCard is simply a text file with a .vcf extension. Once I've read all the data for that user, I need to create the file line by line with a \r\n at the end of each. Example: BEGIN:VCARD VERSION:2.1 N:List;PHP;Mailing FN:PHP Mailing List EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20020503T111208Z END:VCARD How do I export each line to a text file then move that newly created file to a web root subdirectory? Unless you're doing a zillion of these at once, or you expect truly high levels of downloads, wouldn't you want to just generate these on the fly and hand them out with the appropriate Content-Type header? Doesn't seem like there's much point in storing them on disk, as creating them in memory is very cheap. miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: How do I Install PHP on Apache 2, on win32
On Fri, 3 May 2002, Herbert Mraz wrote: Vincent, as register_globals is off, I use echo $SERVER['PHP_SELF']; which works fine... Does it work as well as echo $_SERVER['PHP_SELF'] (with that underscore)? miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
