php-general Digest 24 Jun 2013 10:57:20 -0000 Issue 8276
php-general Digest 24 Jun 2013 10:57:20 - Issue 8276
Topics (messages 321466 through 321467):
php, openssl and GOST ciphers - problem with GOST R 34.10-2001
321466 by: Eugene M. Zheganin
Re: One more newbie question. About foreach..
321467 by: Karl-Arne Gjersøyen
Administrivia:
To subscribe to the digest, e-mail:
php-general-digest-subscr...@lists.php.net
To unsubscribe from the digest, e-mail:
php-general-digest-unsubscr...@lists.php.net
To post to the list, e-mail:
php-gene...@lists.php.net
--
---BeginMessage---
Hi.
So, back to the GOST ciphers problem. This is kinda a long story.
Basically, there's tow sides of it. On one side there's a lack of
OPENSSL_config() calls in ext/openssl/openssl.c.
On the other hand, there's also a curl, which is also linked to Openssl.
In case you want any encryption, you will probably want to use both
modules, for obvious reasons. Curl (in this case - the upstream curl)
also lacks OPENSSL_config() calls, so one would think he should add
OPENSSL_config() call in every place. This isn't correct, because being
called sequentlially, this leads to openssl initialization error, so
OPENSSL_config() call should be called once, and it should be called in
the module that is loaded first. In case you are using curl AND openssl,
this definitely is curl module, because openssl initialization is done
in the upstream library. Considering this, no curl/openssl modification
is needed in PHP distribution, - you can patch curl upstream
distribution by the method described above, and use GOST ciphers. In
case you aren't using curl, you need to patch the openssl module in it's
code.
Curl guys are aware of the problem, but they don't want to make things
even worse, so they decided to do nothing at this moment:
http://sourceforge.net/p/curl/bugs/1208/ .
So, why am I writing all of this ? Because I have next problem. I have a
patched curl, php linked with it, fresh openssl with GOST ciphers and
one of the ciphers not accessible by php: this is GOST R 34.10-2001 cipher.
Here's what I have:
/usr/local/openssl/bin/openssl ciphers aGOST01
GOST2001-GOST89-GOST89:GOST2001-NULL-GOST94
(so, openssl has it, according to is manual - aGOST01 - cipher suites
using GOST R 34.10-2001 authentication.)
Curl also has it:
/usr/local/curl/bin/curl --engine gost --ciphers GOST2001-GOST89-GOST89
https://google.com
curl: (35) error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3
alert handshake failure
I got a failure, but when the non-existent cipher suite is used, the
error is different:
/usr/local/curl/bin/curl --engine gost --ciphers GOST2001-GOST89-GOST666
https://google.com
curl: (59) failed setting cipher list
So, openssl has it, curl has it, but for some reason php doesn't.
openssl_get_md_methods() shows a couple of GOST digest but not GOST R
34.11-94:
array(30) {
[0]=
string(3) DSA
[1]=
string(7) DSA-SHA
[2]=
string(17) GOST 28147-89 MAC
[3]=
string(15) GOST R 34.11-94
[4]=
string(3) MD4
[5]=
string(3) MD5
[6]=
string(4) MDC2
[7]=
string(9) RIPEMD160
[8]=
string(3) SHA
[9]=
string(4) SHA1
[10]=
string(6) SHA224
[11]=
string(6) SHA256
[12]=
string(6) SHA384
[13]=
string(6) SHA512
[14]=
string(13) dsaEncryption
[15]=
string(10) dsaWithSHA
[16]=
string(15) ecdsa-with-SHA1
[17]=
string(8) gost-mac
[18]=
string(3) md4
[19]=
string(3) md5
[20]=
string(9) md_gost94
[21]=
string(4) mdc2
[22]=
string(9) ripemd160
[23]=
string(3) sha
[24]=
string(4) sha1
[25]=
string(6) sha224
[26]=
string(6) sha256
[27]=
string(6) sha384
[28]=
string(6) sha512
[29]=
string(9) whirlpool
}
Why ? How to investigate it ?
Thanks.
Eugene.
---End Message---
---BeginMessage---
WOW! Thank you very, very much!
This is so good! Thanks to all of you for spending time to learning me
programming!
Karl
2013/6/23 Maciek Sokolewicz maciek.sokolew...@gmail.com
On 23-6-2013 17:11, Karl-Arne Gjersøyen wrote:
Hello again. I Got the solution for my last mention problem. Now I can
update several rows at once by one single submit action.
[...]
I have tried to search in google and on PHP.net but can't fine anything
that explain my problem.
I like to have new $sql = SELECT queries for every given serialnumber
($snr)
Thanks for your help.
Karl
Ok, Karl, I've seen quite a few messages from you to this list with
various questions; from all these questions it becomes clear that you're
trying to work with lists in a single form without understanding the basics
of a form in the first place. You also seem to not understand what an array
is exactly, or how to process it.
So let's answer all these questions at once; I will attempt to explain (in
short) how to do all this, using a custom form here. I don't speak
Norwegian, and I find your variable names to be horribly long and
[PHP] php, openssl and GOST ciphers - problem with GOST R 34.10-2001
Hi.
So, back to the GOST ciphers problem. This is kinda a long story.
Basically, there's tow sides of it. On one side there's a lack of
OPENSSL_config() calls in ext/openssl/openssl.c.
On the other hand, there's also a curl, which is also linked to Openssl.
In case you want any encryption, you will probably want to use both
modules, for obvious reasons. Curl (in this case - the upstream curl)
also lacks OPENSSL_config() calls, so one would think he should add
OPENSSL_config() call in every place. This isn't correct, because being
called sequentlially, this leads to openssl initialization error, so
OPENSSL_config() call should be called once, and it should be called in
the module that is loaded first. In case you are using curl AND openssl,
this definitely is curl module, because openssl initialization is done
in the upstream library. Considering this, no curl/openssl modification
is needed in PHP distribution, - you can patch curl upstream
distribution by the method described above, and use GOST ciphers. In
case you aren't using curl, you need to patch the openssl module in it's
code.
Curl guys are aware of the problem, but they don't want to make things
even worse, so they decided to do nothing at this moment:
http://sourceforge.net/p/curl/bugs/1208/ .
So, why am I writing all of this ? Because I have next problem. I have a
patched curl, php linked with it, fresh openssl with GOST ciphers and
one of the ciphers not accessible by php: this is GOST R 34.10-2001 cipher.
Here's what I have:
/usr/local/openssl/bin/openssl ciphers aGOST01
GOST2001-GOST89-GOST89:GOST2001-NULL-GOST94
(so, openssl has it, according to is manual - aGOST01 - cipher suites
using GOST R 34.10-2001 authentication.)
Curl also has it:
/usr/local/curl/bin/curl --engine gost --ciphers GOST2001-GOST89-GOST89
https://google.com
curl: (35) error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3
alert handshake failure
I got a failure, but when the non-existent cipher suite is used, the
error is different:
/usr/local/curl/bin/curl --engine gost --ciphers GOST2001-GOST89-GOST666
https://google.com
curl: (59) failed setting cipher list
So, openssl has it, curl has it, but for some reason php doesn't.
openssl_get_md_methods() shows a couple of GOST digest but not GOST R
34.11-94:
array(30) {
[0]=
string(3) DSA
[1]=
string(7) DSA-SHA
[2]=
string(17) GOST 28147-89 MAC
[3]=
string(15) GOST R 34.11-94
[4]=
string(3) MD4
[5]=
string(3) MD5
[6]=
string(4) MDC2
[7]=
string(9) RIPEMD160
[8]=
string(3) SHA
[9]=
string(4) SHA1
[10]=
string(6) SHA224
[11]=
string(6) SHA256
[12]=
string(6) SHA384
[13]=
string(6) SHA512
[14]=
string(13) dsaEncryption
[15]=
string(10) dsaWithSHA
[16]=
string(15) ecdsa-with-SHA1
[17]=
string(8) gost-mac
[18]=
string(3) md4
[19]=
string(3) md5
[20]=
string(9) md_gost94
[21]=
string(4) mdc2
[22]=
string(9) ripemd160
[23]=
string(3) sha
[24]=
string(4) sha1
[25]=
string(6) sha224
[26]=
string(6) sha256
[27]=
string(6) sha384
[28]=
string(6) sha512
[29]=
string(9) whirlpool
}
Why ? How to investigate it ?
Thanks.
Eugene.
[PHP] Re: One more newbie question. About foreach..
WOW! Thank you very, very much!
This is so good! Thanks to all of you for spending time to learning me
programming!
Karl
2013/6/23 Maciek Sokolewicz maciek.sokolew...@gmail.com
On 23-6-2013 17:11, Karl-Arne Gjersøyen wrote:
Hello again. I Got the solution for my last mention problem. Now I can
update several rows at once by one single submit action.
[...]
I have tried to search in google and on PHP.net but can't fine anything
that explain my problem.
I like to have new $sql = SELECT queries for every given serialnumber
($snr)
Thanks for your help.
Karl
Ok, Karl, I've seen quite a few messages from you to this list with
various questions; from all these questions it becomes clear that you're
trying to work with lists in a single form without understanding the basics
of a form in the first place. You also seem to not understand what an array
is exactly, or how to process it.
So let's answer all these questions at once; I will attempt to explain (in
short) how to do all this, using a custom form here. I don't speak
Norwegian, and I find your variable names to be horribly long and complex,
so let's not use them :)
Say you want a simple form online which gives you a product name and asks
you to update the amount of it in stock.
form action=... method=post
input type=text name=number_in_stock value=0
input type=submit name=submit value=store
/form
When you submit this simple form, the PHP script defined in the action
property is called, and the $_POST array looks like:
$_POST = array(
'number_in_stock' = '0'
);
You can then run your simple query
mysql_query(UPDATE some_table SET stock=' . $_POST['number_in_stock']);
// note: you should always sanitize these values; i.e. make sure it is
EXACTLY what you expect, and CAN NOT possibly be anything else. So if you
expect it to be a number, check if it IS a number before running this
query!!!
Now, you said you wanted to update multiple items.
Imagine you have a form showing multiple items:
form action=... method=post
Item A: input type=text name=number_in_stock value=8
Item B: input type=text name=number_in_stock value=2
Item C: input type=text name=number_in_stock value=258
input type=submit name=submit value=store
/form
If you do this, PHP will have no idea what is what, and it will just keep
overwriting the number_in_stock value until it reaches the last one. So you
would end up with a $_POST array looking like this:
$_POST = array(
'number_in_stock' = '258'
);
Obviously, you don't want that. The solution would be to tell PHP to turn
all recieved values into an array. This can be done by manually specifying
the key for each array item; or letting PHP do it automatically. This
automatic way was suggested earlier, like so:
form action=... method=post
Item A: input type=text name=number_in_stock[] value=8
Item B: input type=text name=number_in_stock[] value=2
Item C: input type=text name=number_in_stock[] value=258
input type=submit name=submit value=store
/form
This then results in a $_POST array like this:
$_POST = array(
'number_in_stock' = array(
0 = '8',
1 = '2',
2 = '258'
)
);
So now, do you have any idea what is what? No. You don't. Why? because you
don't supply a link between the value and the meaning. Instead, you could
decide to supply a certain unique key per item, like so:
form action=... method=post
Item A: input type=text name=number_in_stock['ItemA']** value=8
Item B: input type=text name=number_in_stock['ItemB']** value=2
Item C: input type=text name=number_in_stock['ItemC']** value=258
input type=submit name=submit value=store
/form
This results in:
$_POST = array(
'number_in_stock' = array(
'ItemA' = '8',
'ItemB' = '2',
'ItemC' = '258'
)
);
Wow, now you can actually use this info when updating your table in the DB!
foreach($_POST['number_in_**stock'] as $item=$number) {
mysql_query(UPDATE table SET stock='.$number.' WHERE
itemId='.$item);
}
This will run over each element in the $_POST['number_in_stock'] array. It
will (for that single loop-run) stick the key in $item and the value in
$number. For each run, it will run the update query. Then in the next run,
a new set of values is supplied, and a new query is ran.
If you want to expand this to give you the ability to define which items
should be updated and which should not, you could add checkboxes. When
checked, the item will be updated; otherwise it won't. Checkboxes have a
great feature where if they are checked, they have the value supplied in
their value attribute. If they are not checked, they have no value. So, you
could add something like:
form action=... method=post
input type=checkbox name=item_list['ItemA'] value=1 Item A: input
type=text name=number_in_stock['ItemA']** value=8
input type=checkbox name=item_list['ItemB'] value=1Item B: input
type=text name=number_in_stock['ItemB']** value=2
input
[PHP] Is it possible???
$item_amount_in_store = 223; $update_amount = 7; $update_item_amount_in_store += $update_amount; $update_amoint_in_store is now 227; Why? That should be 230! Karl
Re: [PHP] Is it possible???
On 24 Jun 2013, at 12:59, Karl-Arne Gjersøyen karlar...@gmail.com wrote: $item_amount_in_store = 223; $update_amount = 7; $update_item_amount_in_store += $update_amount; $update_amoint_in_store is now 227; Why? That should be 230! Because you're using $item_amount_in_store and $update_item_amount_in_store as if PHP should know you mean the same thing. -Stuart -- Stuart Dallas 3ft9 Ltd http://3ft9.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Is it possible???
Hi, Shouldn't it be: $item_amount_in_store = 223; $update_amount = 7; $item_amount_in_store += $update_amount; $update_amoint_in_store is now 227; The 3rd line seems wrong as you didn't use the same variable. -- Raphaël Khaïat 06.72.89.57.29 On Mon, Jun 24, 2013 at 1:59 PM, Karl-Arne Gjersøyen karlar...@gmail.comwrote: $item_amount_in_store = 223; $update_amount = 7; $update_item_amount_in_store += $update_amount; $update_amoint_in_store is now 227; Why? That should be 230! Karl
[PHP] Fwd: Is it possible???
Error in my last post This is corrected: $item_amount_in_store = 223; $update_amount = 7; $item_amount_in_Store += $update_amount; It show the result = 227 and not 230. Why is this happen? Karl -- Forwarded message -- From: Karl-Arne Gjersøyen karlar...@gmail.com Date: 2013/6/24 Subject: Is it possible??? To: PHP Mailinglist php-general@lists.php.net $item_amount_in_store = 223; $update_amount = 7; $update_item_amount_in_store += $update_amount; $update_amoint_in_store is now 227; Why? That should be 230! Karl -- Hjemmeside: http://www.karl-arne.name/
Re: [PHP] Fwd: Is it possible???
On 24 Jun 2013, at 13:02, Karl-Arne Gjersøyen karlar...@gmail.com wrote: Error in my last post This is corrected: $item_amount_in_store = 223; $update_amount = 7; $item_amount_in_Store += $update_amount; It show the result = 227 and not 230. Why is this happen? Something else is going on to give you 227, but variable names are case sensitive which is why you're not getting what you expect. ?php $item_amount_in_store = 223; $update_amount = 7; $item_amount_in_Store += $update_amount; var_dump($item_amount_in_store); var_dump($item_amount_in_Store); ? Output: int(223) int(7) -Stuart -- Stuart Dallas 3ft9 Ltd http://3ft9.com/ -- Forwarded message -- From: Karl-Arne Gjersøyen karlar...@gmail.com Date: 2013/6/24 Subject: Is it possible??? To: PHP Mailinglist php-general@lists.php.net $item_amount_in_store = 223; $update_amount = 7; $update_item_amount_in_store += $update_amount; $update_amoint_in_store is now 227; Why? That should be 230! Karl -- Hjemmeside: http://www.karl-arne.name/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Fwd: Is it possible???
You should give a complete programm so we can run exactly the same you do, like this: ?php $item_amount_in_store = 223; print ($item_amount_in_store); $update_amount = 7; $item_amount_in_store += $update_amount; print ( + $update_amount = $item_amount_in_store ); ? which gives this result: 223 + 7 = 230 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Fwd: Is it possible???
variables are case-sensitive. $item_amount_in_store is different from $item_amount_in_Store 1st variable contains all lowercase characters, while the 2nd one contains S uppercase character. happy coding sachin On Mon, Jun 24, 2013 at 5:32 PM, Karl-Arne Gjersøyen karlar...@gmail.comwrote: Error in my last post This is corrected: $item_amount_in_store = 223; $update_amount = 7; $item_amount_in_Store += $update_amount; It show the result = 227 and not 230. Why is this happen? Karl -- Forwarded message -- From: Karl-Arne Gjersøyen karlar...@gmail.com Date: 2013/6/24 Subject: Is it possible??? To: PHP Mailinglist php-general@lists.php.net $item_amount_in_store = 223; $update_amount = 7; $update_item_amount_in_store += $update_amount; $update_amoint_in_store is now 227; Why? That should be 230! Karl -- Hjemmeside: http://www.karl-arne.name/
[PHP] Re: Fwd: Is it possible???
Hi Karl, i dont know what you want to do. But i can say: The $item_amount_in_store variable is not the same to $item_amount_in_Store (case sensitive). It work for me... Regards Carlos Medina Am 24.06.2013 14:02, schrieb Karl-Arne Gjersøyen: Error in my last post This is corrected: $item_amount_in_store = 223; $update_amount = 7; $item_amount_in_Store += $update_amount; It show the result = 227 and not 230. Why is this happen? Karl -- Forwarded message -- From: Karl-Arne Gjersøyen karlar...@gmail.com Date: 2013/6/24 Subject: Is it possible??? To: PHP Mailinglist php-general@lists.php.net $item_amount_in_store = 223; $update_amount = 7; $update_item_amount_in_store += $update_amount; $update_amoint_in_store is now 227; Why? That should be 230! Karl -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Fwd: Is it possible???
On 24-6-2013 14:27, n...@nobswolf.info wrote: You should give a complete programm so we can run exactly the same you do, like this: ?php $item_amount_in_store = 223; print ($item_amount_in_store); Please please please please don't do this! First of all, I don't know why you would use the print *function* when you can also use the echo language construct (better and faster). But that's not that important; it's not bad to use it, just imo a bit ugly (pet peeve ;)). But more importantly: $variable is completely and utterly useless. You're basically creating a string, interpolating a variable in it, and adding no more content. This is effectively the same as saying: print(.$var.) Does that look right to you? To me it looks... wrong... Why not just a simple: echo $var; or print($var) if you really must. And if you really really must cast the variable to a string, you can always use the explicit: (string) $var $update_amount = 7; $item_amount_in_store += $update_amount; print ( + $update_amount = $item_amount_in_store ); ? which gives this result: 223 + 7 = 230 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Fwd: Is it possible???
Amen! Am 24.06.2013 18:17, schrieb Maciek Sokolewicz: On 24-6-2013 14:27, n...@nobswolf.info wrote: You should give a complete programm so we can run exactly the same you do, like this: ?php $item_amount_in_store = 223; print ($item_amount_in_store); Please please please please don't do this! First of all, I don't know why you would use the print *function* when you can also use the echo language construct (better and faster). But that's not that important; it's not bad to use it, just imo a bit ugly (pet peeve ;)). But more importantly: $variable is completely and utterly useless. You're basically creating a string, interpolating a variable in it, and adding no more content. This is effectively the same as saying: print(.$var.) Does that look right to you? To me it looks... wrong... Why not just a simple: echo $var; or print($var) if you really must. And if you really really must cast the variable to a string, you can always use the explicit: (string) $var $update_amount = 7; $item_amount_in_store += $update_amount; print ( + $update_amount = $item_amount_in_store ); ? which gives this result: 223 + 7 = 230 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Fwd: Is it possible???
Am 24.06.2013 18:17, schrieb Maciek Sokolewicz: On 24-6-2013 14:27, n...@nobswolf.info wrote: You should give a complete programm so we can run exactly the same you do, like this: ?php $item_amount_in_store = 223; print ($item_amount_in_store); Please please please please don't do this! First of all, I don't know why you would use the print *function* when you can also use the echo language construct (better and faster). But read and learn http://de2.php.net/manual/en/function.print.php print is not actually a real function (it is a language construct) -- Marco Behnke Dipl. Informatiker (FH), SAE Audio Engineer Zend Certified Engineer PHP 5.3 Tel.: 0174 / 9722336 e-Mail: ma...@behnke.biz Softwaretechnik Behnke Heinrich-Heine-Str. 7D 21218 Seevetal http://www.behnke.biz smime.p7s Description: S/MIME Kryptografische Unterschrift
