php-general Digest 24 Jun 2013 10:57:20 -0000 Issue 8276
php-general Digest 24 Jun 2013 10:57:20 - Issue 8276 Topics (messages 321466 through 321467): php, openssl and GOST ciphers - problem with GOST R 34.10-2001 321466 by: Eugene M. Zheganin Re: One more newbie question. About foreach.. 321467 by: Karl-Arne Gjersøyen Administrivia: To subscribe to the digest, e-mail: php-general-digest-subscr...@lists.php.net To unsubscribe from the digest, e-mail: php-general-digest-unsubscr...@lists.php.net To post to the list, e-mail: php-gene...@lists.php.net -- ---BeginMessage--- Hi. So, back to the GOST ciphers problem. This is kinda a long story. Basically, there's tow sides of it. On one side there's a lack of OPENSSL_config() calls in ext/openssl/openssl.c. On the other hand, there's also a curl, which is also linked to Openssl. In case you want any encryption, you will probably want to use both modules, for obvious reasons. Curl (in this case - the upstream curl) also lacks OPENSSL_config() calls, so one would think he should add OPENSSL_config() call in every place. This isn't correct, because being called sequentlially, this leads to openssl initialization error, so OPENSSL_config() call should be called once, and it should be called in the module that is loaded first. In case you are using curl AND openssl, this definitely is curl module, because openssl initialization is done in the upstream library. Considering this, no curl/openssl modification is needed in PHP distribution, - you can patch curl upstream distribution by the method described above, and use GOST ciphers. In case you aren't using curl, you need to patch the openssl module in it's code. Curl guys are aware of the problem, but they don't want to make things even worse, so they decided to do nothing at this moment: http://sourceforge.net/p/curl/bugs/1208/ . So, why am I writing all of this ? Because I have next problem. I have a patched curl, php linked with it, fresh openssl with GOST ciphers and one of the ciphers not accessible by php: this is GOST R 34.10-2001 cipher. Here's what I have: /usr/local/openssl/bin/openssl ciphers aGOST01 GOST2001-GOST89-GOST89:GOST2001-NULL-GOST94 (so, openssl has it, according to is manual - aGOST01 - cipher suites using GOST R 34.10-2001 authentication.) Curl also has it: /usr/local/curl/bin/curl --engine gost --ciphers GOST2001-GOST89-GOST89 https://google.com curl: (35) error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure I got a failure, but when the non-existent cipher suite is used, the error is different: /usr/local/curl/bin/curl --engine gost --ciphers GOST2001-GOST89-GOST666 https://google.com curl: (59) failed setting cipher list So, openssl has it, curl has it, but for some reason php doesn't. openssl_get_md_methods() shows a couple of GOST digest but not GOST R 34.11-94: array(30) { [0]= string(3) DSA [1]= string(7) DSA-SHA [2]= string(17) GOST 28147-89 MAC [3]= string(15) GOST R 34.11-94 [4]= string(3) MD4 [5]= string(3) MD5 [6]= string(4) MDC2 [7]= string(9) RIPEMD160 [8]= string(3) SHA [9]= string(4) SHA1 [10]= string(6) SHA224 [11]= string(6) SHA256 [12]= string(6) SHA384 [13]= string(6) SHA512 [14]= string(13) dsaEncryption [15]= string(10) dsaWithSHA [16]= string(15) ecdsa-with-SHA1 [17]= string(8) gost-mac [18]= string(3) md4 [19]= string(3) md5 [20]= string(9) md_gost94 [21]= string(4) mdc2 [22]= string(9) ripemd160 [23]= string(3) sha [24]= string(4) sha1 [25]= string(6) sha224 [26]= string(6) sha256 [27]= string(6) sha384 [28]= string(6) sha512 [29]= string(9) whirlpool } Why ? How to investigate it ? Thanks. Eugene. ---End Message--- ---BeginMessage--- WOW! Thank you very, very much! This is so good! Thanks to all of you for spending time to learning me programming! Karl 2013/6/23 Maciek Sokolewicz maciek.sokolew...@gmail.com On 23-6-2013 17:11, Karl-Arne Gjersøyen wrote: Hello again. I Got the solution for my last mention problem. Now I can update several rows at once by one single submit action. [...] I have tried to search in google and on PHP.net but can't fine anything that explain my problem. I like to have new $sql = SELECT queries for every given serialnumber ($snr) Thanks for your help. Karl Ok, Karl, I've seen quite a few messages from you to this list with various questions; from all these questions it becomes clear that you're trying to work with lists in a single form without understanding the basics of a form in the first place. You also seem to not understand what an array is exactly, or how to process it. So let's answer all these questions at once; I will attempt to explain (in short) how to do all this, using a custom form here. I don't speak Norwegian, and I find your variable names to be horribly long and
[PHP] php, openssl and GOST ciphers - problem with GOST R 34.10-2001
Hi. So, back to the GOST ciphers problem. This is kinda a long story. Basically, there's tow sides of it. On one side there's a lack of OPENSSL_config() calls in ext/openssl/openssl.c. On the other hand, there's also a curl, which is also linked to Openssl. In case you want any encryption, you will probably want to use both modules, for obvious reasons. Curl (in this case - the upstream curl) also lacks OPENSSL_config() calls, so one would think he should add OPENSSL_config() call in every place. This isn't correct, because being called sequentlially, this leads to openssl initialization error, so OPENSSL_config() call should be called once, and it should be called in the module that is loaded first. In case you are using curl AND openssl, this definitely is curl module, because openssl initialization is done in the upstream library. Considering this, no curl/openssl modification is needed in PHP distribution, - you can patch curl upstream distribution by the method described above, and use GOST ciphers. In case you aren't using curl, you need to patch the openssl module in it's code. Curl guys are aware of the problem, but they don't want to make things even worse, so they decided to do nothing at this moment: http://sourceforge.net/p/curl/bugs/1208/ . So, why am I writing all of this ? Because I have next problem. I have a patched curl, php linked with it, fresh openssl with GOST ciphers and one of the ciphers not accessible by php: this is GOST R 34.10-2001 cipher. Here's what I have: /usr/local/openssl/bin/openssl ciphers aGOST01 GOST2001-GOST89-GOST89:GOST2001-NULL-GOST94 (so, openssl has it, according to is manual - aGOST01 - cipher suites using GOST R 34.10-2001 authentication.) Curl also has it: /usr/local/curl/bin/curl --engine gost --ciphers GOST2001-GOST89-GOST89 https://google.com curl: (35) error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure I got a failure, but when the non-existent cipher suite is used, the error is different: /usr/local/curl/bin/curl --engine gost --ciphers GOST2001-GOST89-GOST666 https://google.com curl: (59) failed setting cipher list So, openssl has it, curl has it, but for some reason php doesn't. openssl_get_md_methods() shows a couple of GOST digest but not GOST R 34.11-94: array(30) { [0]= string(3) DSA [1]= string(7) DSA-SHA [2]= string(17) GOST 28147-89 MAC [3]= string(15) GOST R 34.11-94 [4]= string(3) MD4 [5]= string(3) MD5 [6]= string(4) MDC2 [7]= string(9) RIPEMD160 [8]= string(3) SHA [9]= string(4) SHA1 [10]= string(6) SHA224 [11]= string(6) SHA256 [12]= string(6) SHA384 [13]= string(6) SHA512 [14]= string(13) dsaEncryption [15]= string(10) dsaWithSHA [16]= string(15) ecdsa-with-SHA1 [17]= string(8) gost-mac [18]= string(3) md4 [19]= string(3) md5 [20]= string(9) md_gost94 [21]= string(4) mdc2 [22]= string(9) ripemd160 [23]= string(3) sha [24]= string(4) sha1 [25]= string(6) sha224 [26]= string(6) sha256 [27]= string(6) sha384 [28]= string(6) sha512 [29]= string(9) whirlpool } Why ? How to investigate it ? Thanks. Eugene.
[PHP] Re: One more newbie question. About foreach..
WOW! Thank you very, very much! This is so good! Thanks to all of you for spending time to learning me programming! Karl 2013/6/23 Maciek Sokolewicz maciek.sokolew...@gmail.com On 23-6-2013 17:11, Karl-Arne Gjersøyen wrote: Hello again. I Got the solution for my last mention problem. Now I can update several rows at once by one single submit action. [...] I have tried to search in google and on PHP.net but can't fine anything that explain my problem. I like to have new $sql = SELECT queries for every given serialnumber ($snr) Thanks for your help. Karl Ok, Karl, I've seen quite a few messages from you to this list with various questions; from all these questions it becomes clear that you're trying to work with lists in a single form without understanding the basics of a form in the first place. You also seem to not understand what an array is exactly, or how to process it. So let's answer all these questions at once; I will attempt to explain (in short) how to do all this, using a custom form here. I don't speak Norwegian, and I find your variable names to be horribly long and complex, so let's not use them :) Say you want a simple form online which gives you a product name and asks you to update the amount of it in stock. form action=... method=post input type=text name=number_in_stock value=0 input type=submit name=submit value=store /form When you submit this simple form, the PHP script defined in the action property is called, and the $_POST array looks like: $_POST = array( 'number_in_stock' = '0' ); You can then run your simple query mysql_query(UPDATE some_table SET stock=' . $_POST['number_in_stock']); // note: you should always sanitize these values; i.e. make sure it is EXACTLY what you expect, and CAN NOT possibly be anything else. So if you expect it to be a number, check if it IS a number before running this query!!! Now, you said you wanted to update multiple items. Imagine you have a form showing multiple items: form action=... method=post Item A: input type=text name=number_in_stock value=8 Item B: input type=text name=number_in_stock value=2 Item C: input type=text name=number_in_stock value=258 input type=submit name=submit value=store /form If you do this, PHP will have no idea what is what, and it will just keep overwriting the number_in_stock value until it reaches the last one. So you would end up with a $_POST array looking like this: $_POST = array( 'number_in_stock' = '258' ); Obviously, you don't want that. The solution would be to tell PHP to turn all recieved values into an array. This can be done by manually specifying the key for each array item; or letting PHP do it automatically. This automatic way was suggested earlier, like so: form action=... method=post Item A: input type=text name=number_in_stock[] value=8 Item B: input type=text name=number_in_stock[] value=2 Item C: input type=text name=number_in_stock[] value=258 input type=submit name=submit value=store /form This then results in a $_POST array like this: $_POST = array( 'number_in_stock' = array( 0 = '8', 1 = '2', 2 = '258' ) ); So now, do you have any idea what is what? No. You don't. Why? because you don't supply a link between the value and the meaning. Instead, you could decide to supply a certain unique key per item, like so: form action=... method=post Item A: input type=text name=number_in_stock['ItemA']** value=8 Item B: input type=text name=number_in_stock['ItemB']** value=2 Item C: input type=text name=number_in_stock['ItemC']** value=258 input type=submit name=submit value=store /form This results in: $_POST = array( 'number_in_stock' = array( 'ItemA' = '8', 'ItemB' = '2', 'ItemC' = '258' ) ); Wow, now you can actually use this info when updating your table in the DB! foreach($_POST['number_in_**stock'] as $item=$number) { mysql_query(UPDATE table SET stock='.$number.' WHERE itemId='.$item); } This will run over each element in the $_POST['number_in_stock'] array. It will (for that single loop-run) stick the key in $item and the value in $number. For each run, it will run the update query. Then in the next run, a new set of values is supplied, and a new query is ran. If you want to expand this to give you the ability to define which items should be updated and which should not, you could add checkboxes. When checked, the item will be updated; otherwise it won't. Checkboxes have a great feature where if they are checked, they have the value supplied in their value attribute. If they are not checked, they have no value. So, you could add something like: form action=... method=post input type=checkbox name=item_list['ItemA'] value=1 Item A: input type=text name=number_in_stock['ItemA']** value=8 input type=checkbox name=item_list['ItemB'] value=1Item B: input type=text name=number_in_stock['ItemB']** value=2 input
[PHP] Is it possible???
$item_amount_in_store = 223; $update_amount = 7; $update_item_amount_in_store += $update_amount; $update_amoint_in_store is now 227; Why? That should be 230! Karl
Re: [PHP] Is it possible???
On 24 Jun 2013, at 12:59, Karl-Arne Gjersøyen karlar...@gmail.com wrote: $item_amount_in_store = 223; $update_amount = 7; $update_item_amount_in_store += $update_amount; $update_amoint_in_store is now 227; Why? That should be 230! Because you're using $item_amount_in_store and $update_item_amount_in_store as if PHP should know you mean the same thing. -Stuart -- Stuart Dallas 3ft9 Ltd http://3ft9.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Is it possible???
Hi, Shouldn't it be: $item_amount_in_store = 223; $update_amount = 7; $item_amount_in_store += $update_amount; $update_amoint_in_store is now 227; The 3rd line seems wrong as you didn't use the same variable. -- Raphaël Khaïat 06.72.89.57.29 On Mon, Jun 24, 2013 at 1:59 PM, Karl-Arne Gjersøyen karlar...@gmail.comwrote: $item_amount_in_store = 223; $update_amount = 7; $update_item_amount_in_store += $update_amount; $update_amoint_in_store is now 227; Why? That should be 230! Karl
[PHP] Fwd: Is it possible???
Error in my last post This is corrected: $item_amount_in_store = 223; $update_amount = 7; $item_amount_in_Store += $update_amount; It show the result = 227 and not 230. Why is this happen? Karl -- Forwarded message -- From: Karl-Arne Gjersøyen karlar...@gmail.com Date: 2013/6/24 Subject: Is it possible??? To: PHP Mailinglist php-general@lists.php.net $item_amount_in_store = 223; $update_amount = 7; $update_item_amount_in_store += $update_amount; $update_amoint_in_store is now 227; Why? That should be 230! Karl -- Hjemmeside: http://www.karl-arne.name/
Re: [PHP] Fwd: Is it possible???
On 24 Jun 2013, at 13:02, Karl-Arne Gjersøyen karlar...@gmail.com wrote: Error in my last post This is corrected: $item_amount_in_store = 223; $update_amount = 7; $item_amount_in_Store += $update_amount; It show the result = 227 and not 230. Why is this happen? Something else is going on to give you 227, but variable names are case sensitive which is why you're not getting what you expect. ?php $item_amount_in_store = 223; $update_amount = 7; $item_amount_in_Store += $update_amount; var_dump($item_amount_in_store); var_dump($item_amount_in_Store); ? Output: int(223) int(7) -Stuart -- Stuart Dallas 3ft9 Ltd http://3ft9.com/ -- Forwarded message -- From: Karl-Arne Gjersøyen karlar...@gmail.com Date: 2013/6/24 Subject: Is it possible??? To: PHP Mailinglist php-general@lists.php.net $item_amount_in_store = 223; $update_amount = 7; $update_item_amount_in_store += $update_amount; $update_amoint_in_store is now 227; Why? That should be 230! Karl -- Hjemmeside: http://www.karl-arne.name/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Fwd: Is it possible???
You should give a complete programm so we can run exactly the same you do, like this: ?php $item_amount_in_store = 223; print ($item_amount_in_store); $update_amount = 7; $item_amount_in_store += $update_amount; print ( + $update_amount = $item_amount_in_store ); ? which gives this result: 223 + 7 = 230 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Fwd: Is it possible???
variables are case-sensitive. $item_amount_in_store is different from $item_amount_in_Store 1st variable contains all lowercase characters, while the 2nd one contains S uppercase character. happy coding sachin On Mon, Jun 24, 2013 at 5:32 PM, Karl-Arne Gjersøyen karlar...@gmail.comwrote: Error in my last post This is corrected: $item_amount_in_store = 223; $update_amount = 7; $item_amount_in_Store += $update_amount; It show the result = 227 and not 230. Why is this happen? Karl -- Forwarded message -- From: Karl-Arne Gjersøyen karlar...@gmail.com Date: 2013/6/24 Subject: Is it possible??? To: PHP Mailinglist php-general@lists.php.net $item_amount_in_store = 223; $update_amount = 7; $update_item_amount_in_store += $update_amount; $update_amoint_in_store is now 227; Why? That should be 230! Karl -- Hjemmeside: http://www.karl-arne.name/
[PHP] Re: Fwd: Is it possible???
Hi Karl, i dont know what you want to do. But i can say: The $item_amount_in_store variable is not the same to $item_amount_in_Store (case sensitive). It work for me... Regards Carlos Medina Am 24.06.2013 14:02, schrieb Karl-Arne Gjersøyen: Error in my last post This is corrected: $item_amount_in_store = 223; $update_amount = 7; $item_amount_in_Store += $update_amount; It show the result = 227 and not 230. Why is this happen? Karl -- Forwarded message -- From: Karl-Arne Gjersøyen karlar...@gmail.com Date: 2013/6/24 Subject: Is it possible??? To: PHP Mailinglist php-general@lists.php.net $item_amount_in_store = 223; $update_amount = 7; $update_item_amount_in_store += $update_amount; $update_amoint_in_store is now 227; Why? That should be 230! Karl -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Fwd: Is it possible???
On 24-6-2013 14:27, n...@nobswolf.info wrote: You should give a complete programm so we can run exactly the same you do, like this: ?php $item_amount_in_store = 223; print ($item_amount_in_store); Please please please please don't do this! First of all, I don't know why you would use the print *function* when you can also use the echo language construct (better and faster). But that's not that important; it's not bad to use it, just imo a bit ugly (pet peeve ;)). But more importantly: $variable is completely and utterly useless. You're basically creating a string, interpolating a variable in it, and adding no more content. This is effectively the same as saying: print(.$var.) Does that look right to you? To me it looks... wrong... Why not just a simple: echo $var; or print($var) if you really must. And if you really really must cast the variable to a string, you can always use the explicit: (string) $var $update_amount = 7; $item_amount_in_store += $update_amount; print ( + $update_amount = $item_amount_in_store ); ? which gives this result: 223 + 7 = 230 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Fwd: Is it possible???
Amen! Am 24.06.2013 18:17, schrieb Maciek Sokolewicz: On 24-6-2013 14:27, n...@nobswolf.info wrote: You should give a complete programm so we can run exactly the same you do, like this: ?php $item_amount_in_store = 223; print ($item_amount_in_store); Please please please please don't do this! First of all, I don't know why you would use the print *function* when you can also use the echo language construct (better and faster). But that's not that important; it's not bad to use it, just imo a bit ugly (pet peeve ;)). But more importantly: $variable is completely and utterly useless. You're basically creating a string, interpolating a variable in it, and adding no more content. This is effectively the same as saying: print(.$var.) Does that look right to you? To me it looks... wrong... Why not just a simple: echo $var; or print($var) if you really must. And if you really really must cast the variable to a string, you can always use the explicit: (string) $var $update_amount = 7; $item_amount_in_store += $update_amount; print ( + $update_amount = $item_amount_in_store ); ? which gives this result: 223 + 7 = 230 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Fwd: Is it possible???
Am 24.06.2013 18:17, schrieb Maciek Sokolewicz: On 24-6-2013 14:27, n...@nobswolf.info wrote: You should give a complete programm so we can run exactly the same you do, like this: ?php $item_amount_in_store = 223; print ($item_amount_in_store); Please please please please don't do this! First of all, I don't know why you would use the print *function* when you can also use the echo language construct (better and faster). But read and learn http://de2.php.net/manual/en/function.print.php print is not actually a real function (it is a language construct) -- Marco Behnke Dipl. Informatiker (FH), SAE Audio Engineer Zend Certified Engineer PHP 5.3 Tel.: 0174 / 9722336 e-Mail: ma...@behnke.biz Softwaretechnik Behnke Heinrich-Heine-Str. 7D 21218 Seevetal http://www.behnke.biz smime.p7s Description: S/MIME Kryptografische Unterschrift