Re: [PHP] Preventing Multiple Log-Ins after Authentication
I agree. Using a database is usually a good way of storing session information. But as noted by Dennis below, automatic logout may require additional scripts running in the background. This is a bit inferior in PHP compared to ASP. In ASP, support for automatic session destruction is implemented by having a "magic" function (called Session_End) which will be called automagically by the web server whenever a session expires. Having this in PHP would be very nice too! /lasso ([EMAIL PROTECTED]) Dennis Moore wrote: > If you do not want to use cookes and use SID or trans SID; Another method is > to track your logins via a database. This can be resource intensive > though.You need to update the database upon each click or have an empty > window refresh every 1-5 minutes. If there is no activity for 15 or 30 > minutes automatically log the person off in the database. This requires a > process to run in cron or a separate background program. The advantage of > this is that is very easy to add time based accounting to the session > management system. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Require some help about the date comparison
I am writing one program - I want to display some text on web. This text should appear for limited period e.g from 20th July 12pm till 25th July 3pm. After 25th July 3pm the text should disappear from screen. I tried to look for date comparison / string conversion to date etc, I got lot info but could not figure out which would be best for above (rather how can I do it). Anybody can share some expert comments please ? Thanking in advance, Manisha -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Opening and Editing Quark Binaries
On Sun, 14 Jul 2002, Simon Troup wrote: > ... quark reports things like unexpected EOF (even though when I open > the file in a text editor they have same number of lines and "look" > identical), I've also tried a few things with the Mac resource forks to > no avail. > > Has anyone tried something like this before? Does the fread() fwrite() > change line endings from mac to unix or something? I am guessing the problem is that you're changing string lenghts and the data structure used by QuarkXPress contains string length indicators. Once you make a change to the length of a string without changing the length indicator, it gets hopelessly confused. Frankly, I do not think this will be an easy project. The QuarkXPress data file is a pretty complex beast. What are you actually trying to achieve? Perhaps there is another way. miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: PHP and Jigsaw
Some careful testing and results... All tests invoke the URL "http://myserver:jigsawport/phpinfo.php"; Test 1: * phpinfo.php contains exactly one line * Jigsaw's debug flag in the default extension indexer cgiframe definition for ".php" files is "true". The browser shows a white page with the text: X-Powered-By: PHP/4.2.1 Content-type: text/html Invoking the "view->source" menu path launches a notepad session showing exactly the same text as the browser with NO html tags. Test 2. * phpinfo.php contains exactly one line * Jigsaw's debug flag is "false". The browser shows an empty white page. Invoking the "view->source" menu path launches a notepad session showing the following: Test 3. * phpinfo.php now contains some trivial container html. phpinfo page phpinfo follows... * Jigsaw's debug flag is "false". The browser shows an empty white page. Invoking the "view->source" menu path launches a notepad session showing the following: The DOS prompt running Jigsaw has the process name "JAVA" until the php page is invoked. At this time it is renamed to php and stays that way. The Jigsaw server, however, does still respond to JigAdmin commands and can be stopped correctly. Ummm Murray Nicholas -Original Message- From: Richard Lynch [mailto:[EMAIL PROTECTED]] Sent: Tuesday, 16 July 2002 15:13 To: [EMAIL PROTECTED] Subject: [PHP] Re: PHP and Jigsaw >With Jigsaw's debug facility Enabled, I get two lines on the page and the >same two lines (without html tags of any sort) in "view source" display: >X-Powered-By: PHP/4.2.1 >Content-type: text/html If these two lines are showing up in the BROWSER, then something is pretty wrong... They're supposed to be headers... So something could be sending out a blank line or something before these, somehow... If they are just showing up in debugging output, and they *ARE* headers, then PHP *IS* getting invoked, and then dying when it tries to execute your code. Try using *JUST* this in your PHP document: It's pretty hard to screw up something that short, so you'll know the PHP is valid :-) And, if it works, you get a wonderfully long HTML document spewed out. It's so fun to type so little and get so much :-) -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Strong Web Hosts in Canada?
Hi Folks: A client of mine has a large series of high traffic, PHP/MySQL intensive websites. They're looking for dedicated hosting in Canada. Any recommendations? Enjoy, --Dan -- PHP classes that make web design easier SQL Solution | Layout Solution | Form Solution sqlsolution.info | layoutsolution.info | formsolution.info T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sessions / logins / cookies / security
I came across the same problem a few week ago, and thought (didn't do it though) that the best way to handle this kind of security, would be to make an ID/cookie for the user/session which deletes itself after the browser is closed, but not storing the password. Then, if that same user wants to open a new session in other computer at the same time, I would have a *REPLICATION* script which looks up that user and tells him that he already has an open session and that should type the password again (like Hotmail does). Makes sense? C. > -Original Message- > From: 1LT John W. Holmes [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, July 16, 2002 4:51 PM > To: Chad Day; [EMAIL PROTECTED] > Subject: Re: [PHP] Sessions / logins / cookies / security > > There really isn't a good way to do this, I think. > > Any time you're taking just a cookie, and using that data to assume who > the > user is, it's open to hijacking. I can sniff the cookie or maybe find a > cross-site scripting bug to steal it, create the same cookie on my > machine, > and poof, i'm that user. > > Now, if it's just for a forum, or something simple, then just do it. It's > not worth worrying about someone hijacking my forum user. > > Anyway, the best way to create the unique id is to use uniqid() in combo > with md5(). That'll give you a 32 character string that's hard to predict > and isn't based on any of the user data. > > www.php.net/uniqid > > ---John Holmes... > > - Original Message - > From: "Chad Day" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Tuesday, July 16, 2002 3:30 PM > Subject: RE: [PHP] Sessions / logins / cookies / security > > > > Anyone? Can someone at least point me to some web article for > > recommendations? I saw some examples where a password variable was > stored, > > but is that really safe (as long as I MD5 it first?) > > > > Chad > > > > -Original Message- > > From: Chad Day [mailto:[EMAIL PROTECTED]] > > Sent: Tuesday, July 16, 2002 12:30 PM > > To: [EMAIL PROTECTED] > > Subject: [PHP] Sessions / logins / cookies / security > > > > > > I asked something similar a little while ago, but didn't do a good job > > clarifying. > > > > What I'm looking to do is when a user logs in, I start up the session.. > I > > then have the registered session var to verify they are authenticated as > > they move throughout the site. > > > > Now, when they close the browser and come back, I want them to still be > > authenticated. Obviously, I have to set a cookie. But what do I set? > Do > I > > set just their user ID? The MD5 of their password? What's the most > secure > > way, that's not easily spoofed? I don't know that much about cookies, > but > > if I just use a user ID, couldn't someone just change that ID value and > > 'become' another user? > > > > Thanks for any advice, > > Chad > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Bug in PHP?
check that the gaps between the domains are really spaces
eg: echo ord($HTTP_POST_VARS["domains"]{11});
I did this through a test script:
and got this as the output
Array
(
[0] => www.php.net
[1] => www.jokaroo.com
[2] => www.gnu.org
)
But the email program (yours or mine) might be converting the gap to
spaces... (??)
-Original Message-
From: Aleks D. [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 17, 2002 5:35 PM
To: [EMAIL PROTECTED]
Subject: [PHP] Bug in PHP?
Hello,
I'm trying to explode an associative array element in $HTTP_POST_VARS
retrieved from submitting am html form. The URL to the form is:
http://www.funfry.com/form.html
Now when I try to explode $HTTP_POST_VARS["domains"] it doesn't seem to have
the desired effect. I use the syntax "$site = explode("
",$HTTP_POST_VARS["domains"]);" and instead of the expected result of:
$site[0] = "www.php.net";
$site[1] = "www.jokaroo.com";
$site[2] = "www.gnu.org";
I get: $site[0] = "www.php.net www.jokaroo.com www.gnu.org";
The value of $HTTP_POST_VARS["domains"] after submitting the form is
"www.php.net www.jokaroo.com www.gnu.org". Does anyone have an idea of how
I can get each domain in a seperate array index?
regards,
Aleks
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Bug in PHP?
Hello,
I'm trying to explode an associative array element in $HTTP_POST_VARS
retrieved from submitting am html form. The URL to the form is:
http://www.funfry.com/form.html
Now when I try to explode $HTTP_POST_VARS["domains"] it doesn't seem to have
the desired effect. I use the syntax "$site = explode("
",$HTTP_POST_VARS["domains"]);" and instead of the expected result of:
$site[0] = "www.php.net";
$site[1] = "www.jokaroo.com";
$site[2] = "www.gnu.org";
I get: $site[0] = "www.php.net www.jokaroo.com www.gnu.org";
The value of $HTTP_POST_VARS["domains"] after submitting the form is
"www.php.net www.jokaroo.com www.gnu.org". Does anyone have an idea of how
I can get each domain in a seperate array index?
regards,
Aleks
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Break message in code.
On Tue, Jul 16, 2002 at 11:11:57PM -0500, W. Andy Roche wrote:
>
> If (empty ($sndrname)) {
> $error_report_msg = "Please provide a contact name.";
> error_msg_form($error_report_msg);
> break 1;
> }
Where's the while loop, for loop or case statement the break is meant to
break out of? If there isn't one, break is inappropriate. Do you mean
exit()?
--Dan
--
PHP classes that make web design easier
SQL Solution | Layout Solution | Form Solution
sqlsolution.info | layoutsolution.info | formsolution.info
T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Break message in code.
Have you tried using just break? without the 1?
Jason Reid
[EMAIL PROTECTED]
- Original Message -
From: "W. Andy Roche" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, July 16, 2002 10:11 PM
Subject: [PHP] Break message in code.
> Please forgive me, I am still rather new to coding in PHP. I have looked
up
> this problem on the PHP.net site, and check my syntax, but I am just not
> getting it.
>
> Here is my problem:
> I am working on an email page that will vaildate that there is content in
> the variables, and respond if there is not. Here is the code to check the
> variable:
>
> If (empty ($sndrname)) {
>$error_report_msg = "Please provide a contact name.";
> error_msg_form($error_report_msg);
>break 1;
>}
>
> When this is run, the server returns the expected output, but adds the
> following below it:
>
> Fatal error: Cannot break/continue 1 levels in
> /home/igraph/public_html/rhc/inforeq.php on line 82
>
> Line 82 is the break statement. This code was working at one, time, and I
> changed nothing other than PHP versions. Is there is change due to the
> versions that I didn't find?
>
> TIA,
> W. Andy Roche
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Newbie Question on Efficiency : Follow-up Question
Exactly- I could see uses in PHP, but they're so limited that it's obvious to see why it works the way it does. Michael Kennedy -Original Message- From: Martin Towell [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 16, 2002 10:46 PM To: '[EMAIL PROTECTED]'; [EMAIL PROTECTED] Subject: RE: [PHP] Newbie Question on Efficiency : Follow-up Question The only reason a compiled language would not include a function/module/etc is to reduce the size of the final executable. Since php doesn't store (barring the caching engines, but they work differently anyway) a compiled version, it doesn't need to worry about not including something. Martin -Original Message- From: Michael Kennedy [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 17, 2002 1:36 PM To: [EMAIL PROTECTED] Subject: RE: [PHP] Newbie Question on Efficiency : Follow-up Question Yeah, that's what I figured. With C++ you could find evidence that it only grabbed the used portions, but in PHP I didn't see anything to support that. Of course, like I said, the answer likely wouldn't have made a difference in anything I did, but it's nice to delve a little deeper sometimes. Thanks. Michael -Original Message- From: John Holmes [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 16, 2002 8:05 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: [PHP] Newbie Question on Efficiency : Follow-up Question PHP loads everything up before it starts doing anything. It's only going to execute the code it needs to, though, of course. I asked this question a while ago and got that answer. The process of loading all of the code is minimal, though, compared the actually executing the code. ---John Holmes... > -Original Message- > From: Michael Kennedy [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, July 16, 2002 7:26 PM > To: [EMAIL PROTECTED] > Subject: RE: [PHP] Newbie Question on Efficiency : Follow-up Question > > OK, if I understand C++ correctly, if I write a program and #include > or something similar and compile the program it only > compiles with the used functions in it, right? So, if I never use 'cin' > it leaves that function out of the final complied app. > > Does/can PHP do anything similar? I'm always much more comfortable with > a language when I can understand how it works and I'm sure some of you > feel the same. > > Now, I fully understand that PHP documents are not even close to being > compiled in the traditional sense. But, I'm wondering if it pulls all > the necessary functions into memory when the page is accessed, then uses > them when needed, or does it pull the whole include()d file into memory > and just combine the whole mess together into one big memory heap and > run like that? > > My gut tells me that it's the second one, but I'm just wanting to be > sure. Of course, the answer likely won't make a single difference in my > life, but I'm just curious... Also, I hope the above question isn't > stupid. I do have a habit of thinking about something for a while and > then having it suddenly hit me later that the answer is simple very > trivial. Ah, well... > > Thanks for humoring me. > Michael > > -Original Message- > From: Monty [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, July 16, 2002 5:44 PM > To: [EMAIL PROTECTED] > Subject: Re: [PHP] Newbie Question on Efficiency > > If you have have a large number of functions, it might be better to > separate > them into a few files that you can include as needed. I use one file > that > contains functions needed by every page. I have a few other files that > contain functions that aren't needed by every page, so, I include them > only > on pages that need them. But most functions go in the main include file > used > on every page. > > Separating them will also minimize some overhead if you have a lot of > functions. Otherwise, if your include files aren't War & Peace in > length, > one include file is fine. > > > [EMAIL PROTECTED] 07/16/02 04:59PM >>> > > Hello everyone, I'm a newbie and have a question on style that I've > not > > seen addressed anywhere. I have a large number of frequently used > > functions that I'm trying to find a good way to organize. The method > > I'm thinking of using is to simply create a .php file called, for > > example, functions.php. Then, just include the file at the top of > each > > page that needs any of the functions, and just call them as needed. > My > > question is this- if that file gets very large with tons of different > > functions, is that an inefficient method? I'm not entirely clear on > how > > PHP is parsed and passed to the client. I assume it would be best to > > divide up the functions into multiple files (ex. dbfunctions.php, > etc.), > > but is that still the best method? Basically, I'm just curious on how > > you guys handle things like this. > > > > Thanks in advance. > > Michael Kennedy > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: h
Re: [PHP] transparent clusters + sessions
> >If I have say 20 web servers in a cluster behind something like a Cisco > >LocalDirector, will session data remain constant over the 20 web servers if > >they use a shared NFS or similar mount to save session data on? > Have a look at msession at http://www.mohawksoft.com/phoenix/ > It works very well, I would not run the patch on the standard php session > code as it seems to cause problems if you want to switch between session > types. (at least on my setup php-4.2.1 apache linux) > I have a class to manipulate msession as a user session if you need it. I'll have a look at it... I'd definitely need something that is server side however. People doing PHP code, and hosting it on these "clusters" do not even know that their sites are on clusters. The content is uploaded on servers that do not even have web servers on them, all sorts of very nifty advance stuff. By your reply however, I take it simply using a "shared" directory for session data isn't going to work? -- me -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Break message in code.
Please forgive me, I am still rather new to coding in PHP. I have looked up
this problem on the PHP.net site, and check my syntax, but I am just not
getting it.
Here is my problem:
I am working on an email page that will vaildate that there is content in
the variables, and respond if there is not. Here is the code to check the
variable:
If (empty ($sndrname)) {
$error_report_msg = "Please provide a contact name.";
error_msg_form($error_report_msg);
break 1;
}
When this is run, the server returns the expected output, but adds the
following below it:
Fatal error: Cannot break/continue 1 levels in
/home/igraph/public_html/rhc/inforeq.php on line 82
Line 82 is the break statement. This code was working at one, time, and I
changed nothing other than PHP versions. Is there is change due to the
versions that I didn't find?
TIA,
W. Andy Roche
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Newbie Question on Efficiency : Follow-up Question
The only reason a compiled language would not include a function/module/etc is to reduce the size of the final executable. Since php doesn't store (barring the caching engines, but they work differently anyway) a compiled version, it doesn't need to worry about not including something. Martin -Original Message- From: Michael Kennedy [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 17, 2002 1:36 PM To: [EMAIL PROTECTED] Subject: RE: [PHP] Newbie Question on Efficiency : Follow-up Question Yeah, that's what I figured. With C++ you could find evidence that it only grabbed the used portions, but in PHP I didn't see anything to support that. Of course, like I said, the answer likely wouldn't have made a difference in anything I did, but it's nice to delve a little deeper sometimes. Thanks. Michael -Original Message- From: John Holmes [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 16, 2002 8:05 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: [PHP] Newbie Question on Efficiency : Follow-up Question PHP loads everything up before it starts doing anything. It's only going to execute the code it needs to, though, of course. I asked this question a while ago and got that answer. The process of loading all of the code is minimal, though, compared the actually executing the code. ---John Holmes... > -Original Message- > From: Michael Kennedy [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, July 16, 2002 7:26 PM > To: [EMAIL PROTECTED] > Subject: RE: [PHP] Newbie Question on Efficiency : Follow-up Question > > OK, if I understand C++ correctly, if I write a program and #include > or something similar and compile the program it only > compiles with the used functions in it, right? So, if I never use 'cin' > it leaves that function out of the final complied app. > > Does/can PHP do anything similar? I'm always much more comfortable with > a language when I can understand how it works and I'm sure some of you > feel the same. > > Now, I fully understand that PHP documents are not even close to being > compiled in the traditional sense. But, I'm wondering if it pulls all > the necessary functions into memory when the page is accessed, then uses > them when needed, or does it pull the whole include()d file into memory > and just combine the whole mess together into one big memory heap and > run like that? > > My gut tells me that it's the second one, but I'm just wanting to be > sure. Of course, the answer likely won't make a single difference in my > life, but I'm just curious... Also, I hope the above question isn't > stupid. I do have a habit of thinking about something for a while and > then having it suddenly hit me later that the answer is simple very > trivial. Ah, well... > > Thanks for humoring me. > Michael > > -Original Message- > From: Monty [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, July 16, 2002 5:44 PM > To: [EMAIL PROTECTED] > Subject: Re: [PHP] Newbie Question on Efficiency > > If you have have a large number of functions, it might be better to > separate > them into a few files that you can include as needed. I use one file > that > contains functions needed by every page. I have a few other files that > contain functions that aren't needed by every page, so, I include them > only > on pages that need them. But most functions go in the main include file > used > on every page. > > Separating them will also minimize some overhead if you have a lot of > functions. Otherwise, if your include files aren't War & Peace in > length, > one include file is fine. > > > [EMAIL PROTECTED] 07/16/02 04:59PM >>> > > Hello everyone, I'm a newbie and have a question on style that I've > not > > seen addressed anywhere. I have a large number of frequently used > > functions that I'm trying to find a good way to organize. The method > > I'm thinking of using is to simply create a .php file called, for > > example, functions.php. Then, just include the file at the top of > each > > page that needs any of the functions, and just call them as needed. > My > > question is this- if that file gets very large with tons of different > > functions, is that an inefficient method? I'm not entirely clear on > how > > PHP is parsed and passed to the client. I assume it would be best to > > divide up the functions into multiple files (ex. dbfunctions.php, > etc.), > > but is that still the best method? Basically, I'm just curious on how > > you guys handle things like this. > > > > Thanks in advance. > > Michael Kennedy > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --
RE: [PHP] Newbie Question on Efficiency : Follow-up Question
Yeah, that's what I figured. With C++ you could find evidence that it only grabbed the used portions, but in PHP I didn't see anything to support that. Of course, like I said, the answer likely wouldn't have made a difference in anything I did, but it's nice to delve a little deeper sometimes. Thanks. Michael -Original Message- From: John Holmes [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 16, 2002 8:05 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: [PHP] Newbie Question on Efficiency : Follow-up Question PHP loads everything up before it starts doing anything. It's only going to execute the code it needs to, though, of course. I asked this question a while ago and got that answer. The process of loading all of the code is minimal, though, compared the actually executing the code. ---John Holmes... > -Original Message- > From: Michael Kennedy [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, July 16, 2002 7:26 PM > To: [EMAIL PROTECTED] > Subject: RE: [PHP] Newbie Question on Efficiency : Follow-up Question > > OK, if I understand C++ correctly, if I write a program and #include > or something similar and compile the program it only > compiles with the used functions in it, right? So, if I never use 'cin' > it leaves that function out of the final complied app. > > Does/can PHP do anything similar? I'm always much more comfortable with > a language when I can understand how it works and I'm sure some of you > feel the same. > > Now, I fully understand that PHP documents are not even close to being > compiled in the traditional sense. But, I'm wondering if it pulls all > the necessary functions into memory when the page is accessed, then uses > them when needed, or does it pull the whole include()d file into memory > and just combine the whole mess together into one big memory heap and > run like that? > > My gut tells me that it's the second one, but I'm just wanting to be > sure. Of course, the answer likely won't make a single difference in my > life, but I'm just curious... Also, I hope the above question isn't > stupid. I do have a habit of thinking about something for a while and > then having it suddenly hit me later that the answer is simple very > trivial. Ah, well... > > Thanks for humoring me. > Michael > > -Original Message- > From: Monty [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, July 16, 2002 5:44 PM > To: [EMAIL PROTECTED] > Subject: Re: [PHP] Newbie Question on Efficiency > > If you have have a large number of functions, it might be better to > separate > them into a few files that you can include as needed. I use one file > that > contains functions needed by every page. I have a few other files that > contain functions that aren't needed by every page, so, I include them > only > on pages that need them. But most functions go in the main include file > used > on every page. > > Separating them will also minimize some overhead if you have a lot of > functions. Otherwise, if your include files aren't War & Peace in > length, > one include file is fine. > > > [EMAIL PROTECTED] 07/16/02 04:59PM >>> > > Hello everyone, I'm a newbie and have a question on style that I've > not > > seen addressed anywhere. I have a large number of frequently used > > functions that I'm trying to find a good way to organize. The method > > I'm thinking of using is to simply create a .php file called, for > > example, functions.php. Then, just include the file at the top of > each > > page that needs any of the functions, and just call them as needed. > My > > question is this- if that file gets very large with tons of different > > functions, is that an inefficient method? I'm not entirely clear on > how > > PHP is parsed and passed to the client. I assume it would be best to > > divide up the functions into multiple files (ex. dbfunctions.php, > etc.), > > but is that still the best method? Basically, I'm just curious on how > > you guys handle things like this. > > > > Thanks in advance. > > Michael Kennedy > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Classes vs. Functions
[snip] > A CLASS after all is just a collection of functions with a > data model. But ... there is modular and then there is OO imho. [snip] A class is more than just a bunch of functions that have been placed together. If you want to do that, then you might as well just throw them all into the same include file and that's it. There's no added benefit in wrapping a class around them. Agreed, a class can be used to simulate the C-style struct, or to collect a bunch of functions, but the real power of classes is when you start to model the "real world" objects (ie, methods and properties, not just functions and variables.) I'm not saying to go all OO (or all procedule, I use both...), just that when used correctly, they can be really helpful. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Classes vs. Functions
On 17 Jul 2002 at 12:43, Michael Hall wrote: > There is no simple answer here. I have started using classes where I > find I am writing a lot of related functions that share similar > parameters. Database connection and queries are a good example. > Authentication is another. Yeah. > I have another class that builds forms, because I just hate the tedium > of coding HTML forms by hand. It is really just a collection of > functions, though, and could work fine as such. This is a gray area imho. I'd leave all html to the person who cares what it looks like, not what it does. I usually also use a code generator to create html and their forms but they are a separate layer. I use templates, wish a lot more php people would as well although I've seen some weird stuff where in this one bb they store templates in the database. That's interesting. > I'm still learning/exploring ... I am always guided by the principle > that whatever makes less work for me (but achieves the same result) is > probably a good thing. > > IMHO classes are best for more universal code that really can be used > in many different places. My functions tend to be more application > specific. Yeah, can't say too much more than that. There is the style of coding where one application is completely independent of another. Then you begin to realize, gee ... I could just cut and paste this code. And then there's always the funny repetion of the exact same code every 30 lines or so (depending on memory of programmer I guesss). Eventually you begin to realize gee ... could I put this stuff in a library. A CLASS after all is just a collection of functions with a data model. But ... there is modular and then there is OO imho. I'm a die hard modular programmer who is trying to think in a more OO way. But of course when you just gotta get something done, do it. The value in spending a bit more time going the modular/OO route is that your application will be easier to evolve and debug. Peter-- http://www.readbrazil.com/ Answering Your Questions About Brazil -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] transparent clusters + sessions
Hi At 02:05 AM 17/07/2002 +0200, you wrote: >Lo all, > >If I have say 20 web servers in a cluster behind something like a Cisco >LocalDirector, will session data remain constant over the 20 web servers if >they use a shared NFS or similar mount to save session data on? Have a look at msession at http://www.mohawksoft.com/phoenix/ It works very well, I would not run the patch on the standard php session code as it seems to cause problems if you want to switch between session types. (at least on my setup php-4.2.1 apache linux) I have a class to manipulate msession as a user session if you need it. Tom -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sessions / logins / cookies / security
on 17/07/02 1:05 PM, John Holmes ([EMAIL PROTECTED]) wrote: > Sure, why not? Users can't create session variables (unless you're on a > virtual server...) ... and I am -- A shared host server that is. Justin French -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sessions / logins / cookies / security
> > You shouldn't even have to do this. Just set a $_SESSION['logged_on'] > > variable to true and check for that. Why carry around the username and > > password?? > > Well, I guess it's because I started with someone else's script, and built > my own from there. Not being a security expert, I assumed that they did > this for a reason. > > Are you saying that setting $_SESSION['logged_on'] after I've validated > their login (once) is just as safe as $_SESSION['uid'], $_SESSION['pwd'] ? Sure, why not? Users can't create session variables (unless you're on a virtual server...) > Interesting stuff... > > So the real problem with sessions is hijacking the session ID, not fake > $_SESSION vars. Correct. The good thing with sessions is that they only last for as long as the browser is open. So you can't come back and hijack a user. You'd have to do it at the same time that the user is online. > > I guess I need to look into session hijacking next. > > > >> So, how do you implement a "remember me" safely? > > > > You don't, if you have anything to protect. If it's just for a forum or > > convenience and might just cause a little headache is someone's user is > > hijacked, then you can do it with a cookie. > > What about if the cookie was set under https / SSL It makes it secure from sniffing... I don't think it would help for a cross site scripting vulnerability, though... ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Using index.php instead of index.html
On Wednesday 17 July 2002 10:57, Michael Hall wrote: > The only security consideration here is whether you want to advertise the > fact that you're using PHP or not. If not: > > DirectoryIndex index.html > > AddType application/x-httpd-php .html If you don't want people to know you're using PHP then you need to at least disable "expose_php" in php.ini. Also depending on your error reporting settings, any error _may_ potentially advertise the fact that you're using PHP. -- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * /* Software production is assumed to be a line function, but it is run like a staff function. -- Paul Licker */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sessions / logins / cookies / security
on 17/07/02 12:35 PM, John Holmes ([EMAIL PROTECTED]) wrote: > You shouldn't even have to do this. Just set a $_SESSION['logged_on'] > variable to true and check for that. Why carry around the username and > password?? Well, I guess it's because I started with someone else's script, and built my own from there. Not being a security expert, I assumed that they did this for a reason. Are you saying that setting $_SESSION['logged_on'] after I've validated their login (once) is just as safe as $_SESSION['uid'], $_SESSION['pwd'] ? Interesting stuff... So the real problem with sessions is hijacking the session ID, not fake $_SESSION vars. I guess I need to look into session hijacking next. >> So, how do you implement a "remember me" safely? > > You don't, if you have anything to protect. If it's just for a forum or > convenience and might just cause a little headache is someone's user is > hijacked, then you can do it with a cookie. What about if the cookie was set under https / SSL > Why do people insist on it being something related to the username and > password. Just use uniqid() and md5() to create a unique id for the use, > save it in their table, and use that in the cookie. If you base it off > of something, it makes it easier to crack... Good point. Thanks for your advice. Justin French -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] problem with IMAP support
On Wednesday 17 July 2002 10:14, Jeff Schwartz wrote: > We've installed and recompiled PHP but I still get "undefined function" > errors when I try to use imap_open(). > > Does anybody have any ideas? 1) Have you installed the imap libraries? 2) Did you configure php to compile with imap support? -- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * /* When your work speaks for itself, don't interrupt. -- Henry J. Kaiser */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] activating php scripts via cron
On Wednesday 17 July 2002 04:21, Andy wrote: > sounds logical, but what happens with my other php version, where I need > the flags? Nothing. It will stay as it is. > will it still be working? Yes. > And where is this standalone php version gonna be installed? ./configure --help to find out how to specify where to install it. Or better still, after "make" do NOT "make install". Then manually copy the php binary to wherever you want. Again this is all covered in the manual. -- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * /* It is better to live rich than to die rich. -- Samuel Johnson */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Classes vs. Functions
There is no simple answer here. I have started using classes where I find I am writing a lot of related functions that share similar parameters. Database connection and queries are a good example. Authentication is another. I have another class that builds forms, because I just hate the tedium of coding HTML forms by hand. It is really just a collection of functions, though, and could work fine as such. I'm still learning/exploring ... I am always guided by the principle that whatever makes less work for me (but achieves the same result) is probably a good thing. IMHO classes are best for more universal code that really can be used in many different places. My functions tend to be more application specific. My 2 cents Michael On Tue, 16 Jul 2002, Chris Crane wrote: > Could someone please explain the difference between classes and functions > and how to use a class. I write alot of PHP, but I never understood this at > all. I use an include statement in many of my pages and include a file with > a bunch of functions. For instance, I might have a function called stock(); > In the page I am using I include the file that has this function and I call > it like this: > > stock($Sym); > > I am wondering if I am doing it the wrong way. So I need to better > understand classes. What is one, and why would you use it? > > Thanks. > > > > -- n i n t i . c o m php-python-perl-mysql-postgresql Michael Hall [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sessions / logins / cookies / security
> So as a basic rule, having a uid and pwd stored as session variables is > NOT > the problem, but storing the uid and/or pwd in a cookie on the browser is > just plain asking for it :) You shouldn't even have to do this. Just set a $_SESSION['logged_on'] variable to true and check for that. Why carry around the username and password?? > So, how do you implement a "remember me" safely? You don't, if you have anything to protect. If it's just for a forum or convenience and might just cause a little headache is someone's user is hijacked, then you can do it with a cookie. > Setting JUST the uid in a cookie prevents people from knowing the pwd, but > I > have to validate the user before granting access to pages... without a > pwd, > it seems, e, impossible :) Why do people insist on it being something related to the username and password. Just use uniqid() and md5() to create a unique id for the use, save it in their table, and use that in the cookie. If you base it off of something, it makes it easier to crack... ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sessions / logins / cookies / security
Thanks heaps John,
So as a basic rule, having a uid and pwd stored as session variables is NOT
the problem, but storing the uid and/or pwd in a cookie on the browser is
just plain asking for it :)
So, how do you implement a "remember me" safely?
Setting JUST the uid in a cookie prevents people from knowing the pwd, but I
have to validate the user before granting access to pages... without a pwd,
it seems, e, impossible :)
Justin
> Just search google for Cross Site Scripting and you'll find a ton of
> articles about that specifically. It all comes down to validating user
> input and not displaying it directly back to the screen.
>
> Here is a link, for example, that'll pop up your cookies for cnn.com.
> (watch the wrapping!)
>
> http://cnn.looksmart.com/r_search?l&izch&qc=&col=cnni&qm=0&st=1&nh=10&rf
> =1&venue=all&keyword=&qp=&search=0&key=%3Cscript%3Ealert%28%27Hi%27%29%3
> B%3C%2Fscript%3E
>
> Now, how about instead of just executing alert("Hi"), I do a
> location.href='www.myserver.com?var='+document.cookie; and send myself
> your cookie. Then I just simply make my cookie match yours, and poof,
> I'm you. :)
>
> It all comes down to validating user input and never showing it directly
> back to the browser/screen.
>
> Similar problems exist for variables you use in database queries...
>
> ---John Holmes...
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Using index.php instead of index.html
The only security consideration here is whether you want to advertise the fact that you're using PHP or not. If not: DirectoryIndex index.html AddType application/x-httpd-php .html This is OK if most/all your pages use PHP. Otherwise, normal html gets parsed as well with unnecessary performance costs. Security through obscurity is not a good standalone policy, but every little bit can help. Michael On Wed, 17 Jul 2002, Mark Gallagher wrote: > Sailom wrote: > > > I am a novice on PHP and web programming. Can any one suggest me if I can > > use index.php in place of index.html? I really need to concern about > > Sure you can! > > If you're using an Apache webserver, create a file named .htaccess > containing the following: > > DirectoryIndex index.php index.html > Redirect index.html http://www.bar.net/index.php > > The first line says "the directory index file is index.php, not > index.html". The second line says "whenever you get a request for > index.html, send them index.php instead". > > > security issue too. > > Umm... *what*? > > > > -- n i n t i . c o m php-python-perl-mysql-postgresql Michael Hall [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] calling a cgi script from php
On Wednesday 17 July 2002 07:57, [EMAIL PROTECTED] wrote: > Hello , > > I am trying to call a cgi script from a PHP script and get it to return > some data. > I am using the script below but it does not seam to work. > The cgi script (or I should say function) I am trying to call is in a > perl pm file. I have include a copy of the function I am trying to > call. Does anybody know what I am doing wrong. > > $username= "sdfsfs"; > $cmd="/usr/lib/perl5/site_perl/5.005/Email.pm::mail_virtuser_get_byuser > $username"; $returndata=exec($cmd); > echo $returndata; What _should_ your perl script return? Also RTFM for exec(). -- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * /* Prediction is very difficult, especially of the future. -- Niels Bohr */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] activating php scripts via cron
The most important difference is, I believe, whether you use apxs during compilation or not. Using ./configure --with-apxs will build a DSO module, leaving --with-apxs out will build a standalone module. There may be more to it than that, though. Michael On Tue, 16 Jul 2002, Andy wrote: > sounds logical, but what happens with my other php version, where I need the > flags? will it still be working? And where is this standalone php version > gonna be installed? > > Andy > > > "Jason Wong" <[EMAIL PROTECTED]> schrieb im Newsbeitrag > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > On Tuesday 16 July 2002 23:36, Andy wrote: > > > so how do you install a second php version?? If you compile it (besides > > > with what kind of flags) and then do a make and a make install the > original > > > version will be replaced, right? > > > > Just doing: > > > > ./configure; make; make install > > > > will compile and install the standalone php binary by default. > > > > Add whatever other options you need to the ./configure command. It's all > in > > the manual. > > > > -- > > Jason Wong -> Gremlins Associates -> www.gremlins.com.hk > > Open Source Software Systems Integrators > > * Web Design & Hosting * Internet & Intranet Applications Development * > > > > /* > >THE DAILY PLANET > > > > SUPERMAN SAVES DESSERT! > > Plans to "Eat it later" > > */ > > > > > > -- n i n t i . c o m php-python-perl-mysql-postgresql Michael Hall [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sessions / logins / cookies / security
> > Or steal it. :)
> >
> > I hope you have checked your site for any cross-site scripting
> > vulnerabilities. This is exactly where vulnerabilities like this
come
> > into play...
>
> Interesting -- I'm only a few days away from launching this... could
you
> elaborate on the potential risk, or point me to some documentation?
Just search google for Cross Site Scripting and you'll find a ton of
articles about that specifically. It all comes down to validating user
input and not displaying it directly back to the screen.
Here is a link, for example, that'll pop up your cookies for cnn.com.
(watch the wrapping!)
http://cnn.looksmart.com/r_search?l&izch&qc=&col=cnni&qm=0&st=1&nh=10&rf
=1&venue=all&keyword=&qp=&search=0&key=%3Cscript%3Ealert%28%27Hi%27%29%3
B%3C%2Fscript%3E
Now, how about instead of just executing alert("Hi"), I do a
location.href='www.myserver.com?var='+document.cookie; and send myself
your cookie. Then I just simply make my cookie match yours, and poof,
I'm you. :)
It all comes down to validating user input and never showing it directly
back to the browser/screen.
Similar problems exist for variables you use in database queries...
---John Holmes...
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] problem with IMAP support
We've installed and recompiled PHP but I still get "undefined function" errors when I try to use imap_open(). Does anybody have any ideas? Thanks, Jeff __ Do You Yahoo!? Yahoo! Autos - Get free new car price quotes http://autos.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sessions / logins / cookies / security
on 17/07/02 11:11 AM, John Holmes ([EMAIL PROTECTED]) wrote: > Or steal it. :) > > I hope you have checked your site for any cross-site scripting > vulnerabilities. This is exactly where vulnerabilities like this come > into play... Interesting -- I'm only a few days away from launching this... could you elaborate on the potential risk, or point me to some documentation? Thanks heaps, Justin French -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sessions / logins / cookies / security
on 17/07/02 11:11 AM, Analysis & Solutions ([EMAIL PROTECTED]) wrote: > On Wed, Jul 17, 2002 at 10:43:24AM +1000, Justin French wrote: >> I set a >> cookie on their system which remembers them, which is just their username >> and an md5() of their pasword (the same data I add to the session). > > OUCH! Sending the password back out to the net is a scarry prospect. Interesting -- I haven't actually implemented this on a live site, but was about to in the next few days... might hold off :) How else can you verify the user in a "remember me" situation? Justin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Using index.php instead of index.html
> Why not just add it to the httpd.conf, this would allow it to work within the whole server > And not just one director / vhost ect Maybe he doesn't have access to alter server configurations? -eg- -- me -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sessions / logins / cookies / security
On Wed, Jul 17, 2002 at 10:43:24AM +1000, Justin French wrote: > I set a > cookie on their system which remembers them, which is just their username > and an md5() of their pasword (the same data I add to the session). OUCH! Sending the password back out to the net is a scarry prospect. --Dan -- PHP classes that make web design easier SQL Solution | Layout Solution | Form Solution sqlsolution.info | layoutsolution.info | formsolution.info T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sessions / logins / cookies / security
> So, if there is no uid and pwd in $_SESSION, I check in $_COOKIE. If > there's nothing there, they aren't logged in as far as I can tell. On > every > page I validate the uid and pwd against the database, so the only way you > could fake being another user is to know the uid AND md5()'d pwd. Or steal it. :) I hope you have checked your site for any cross-site scripting vulnerabilities. This is exactly where vulnerabilities like this come into play... ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Newbie Question on Efficiency : Follow-up Question
On Tue, Jul 16, 2002 at 06:25:42PM -0500, Michael Kennedy wrote: > OK, if I understand C++ correctly, if I write a program and #include > or something similar and compile the program it only > compiles with the used functions in it, right? So, if I never use 'cin' > it leaves that function out of the final complied app. > > Does/can PHP do anything similar? Nope. Everything is brought into memory at compile time. Or at least that's the way I understood it to be. I suspect it's still the case. --Dan -- PHP classes that make web design easier SQL Solution | Layout Solution | Form Solution sqlsolution.info | layoutsolution.info | formsolution.info T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] calling a cgi script from php
How about using the virtual() function?
www.php.net/virtual
---John Holmes...
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, July 16, 2002 7:57 PM
> To: php-general
> Subject: [PHP] calling a cgi script from php
>
> Hello ,
>
> I am trying to call a cgi script from a PHP script and get it to
return
> some data.
> I am using the script below but it does not seam to work.
> The cgi script (or I should say function) I am trying to call is in a
> perl pm file. I have include a copy of the function I am trying to
> call. Does anybody know what I am doing wrong.
>
> $username= "sdfsfs";
>
$cmd="/usr/lib/perl5/site_perl/5.005/Email.pm::mail_virtuser_get_byuser
> $username";
> $returndata=exec($cmd);
> echo $returndata;
>
>
>
>
> sub mail_virtuser_get_byuser
> # Parses a list of aliases a user owns
> # Arguments: username
> # Return value: Array of aliases
> {
> my($username) = @_;
> my(%virtuser) = Email::mail_virtuser_list_alias();
> my($alias,$user,@alii);
> foreach $alias (keys %virtuser) {
> push(@alii,$alias) if ($virtuser{$alias} eq $username);
> }
> return(@alii);
> }
>
> --
> Best regards,
> rdkurth mailto:[EMAIL PROTECTED]
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Newbie Question on Efficiency : Follow-up Question
PHP loads everything up before it starts doing anything. It's only going to execute the code it needs to, though, of course. I asked this question a while ago and got that answer. The process of loading all of the code is minimal, though, compared the actually executing the code. ---John Holmes... > -Original Message- > From: Michael Kennedy [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, July 16, 2002 7:26 PM > To: [EMAIL PROTECTED] > Subject: RE: [PHP] Newbie Question on Efficiency : Follow-up Question > > OK, if I understand C++ correctly, if I write a program and #include > or something similar and compile the program it only > compiles with the used functions in it, right? So, if I never use 'cin' > it leaves that function out of the final complied app. > > Does/can PHP do anything similar? I'm always much more comfortable with > a language when I can understand how it works and I'm sure some of you > feel the same. > > Now, I fully understand that PHP documents are not even close to being > compiled in the traditional sense. But, I'm wondering if it pulls all > the necessary functions into memory when the page is accessed, then uses > them when needed, or does it pull the whole include()d file into memory > and just combine the whole mess together into one big memory heap and > run like that? > > My gut tells me that it's the second one, but I'm just wanting to be > sure. Of course, the answer likely won't make a single difference in my > life, but I'm just curious... Also, I hope the above question isn't > stupid. I do have a habit of thinking about something for a while and > then having it suddenly hit me later that the answer is simple very > trivial. Ah, well... > > Thanks for humoring me. > Michael > > -Original Message- > From: Monty [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, July 16, 2002 5:44 PM > To: [EMAIL PROTECTED] > Subject: Re: [PHP] Newbie Question on Efficiency > > If you have have a large number of functions, it might be better to > separate > them into a few files that you can include as needed. I use one file > that > contains functions needed by every page. I have a few other files that > contain functions that aren't needed by every page, so, I include them > only > on pages that need them. But most functions go in the main include file > used > on every page. > > Separating them will also minimize some overhead if you have a lot of > functions. Otherwise, if your include files aren't War & Peace in > length, > one include file is fine. > > > [EMAIL PROTECTED] 07/16/02 04:59PM >>> > > Hello everyone, I'm a newbie and have a question on style that I've > not > > seen addressed anywhere. I have a large number of frequently used > > functions that I'm trying to find a good way to organize. The method > > I'm thinking of using is to simply create a .php file called, for > > example, functions.php. Then, just include the file at the top of > each > > page that needs any of the functions, and just call them as needed. > My > > question is this- if that file gets very large with tons of different > > functions, is that an inefficient method? I'm not entirely clear on > how > > PHP is parsed and passed to the client. I assume it would be best to > > divide up the functions into multiple files (ex. dbfunctions.php, > etc.), > > but is that still the best method? Basically, I'm just curious on how > > you guys handle things like this. > > > > Thanks in advance. > > Michael Kennedy > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Printer margins
You can't change this type of setting on a client's browser The only way you'd be able to do this is to tell the user that the page prints best when margins are set to 0.25" -Original Message- From: Manuel [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 17, 2002 10:52 AM To: PHP General Subject: [PHP] Printer margins I'm creating an HTML file that will be printed by my website users. I've notices that most browser have the default print margins set to 0.75". Is there any way to change the print margins to 0.25"? - Do You Yahoo!? Yahoo! Autos - Get free new car price quotes -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Using index.php instead of index.html
Why not just add it to the httpd.conf, this would allow it to work within the whole server And not just one director / vhost ect --- Chris Kay Technical Support - Techex Communications Website: www.techex.com.au Email: [EMAIL PROTECTED] Telephone: 1300 88 111 2 - Fax: (02) 9970 5788 Address: Suite 13, 5 Vuko Place, Warriewood, NSW 2102 Platinum Channel Partner of the Year - Request DSL - Broadband for Business --- > -Original Message- > From: Mark Gallagher [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, 17 July 2002 4:05 AM > To: Sailom > Cc: [EMAIL PROTECTED] > Subject: Re: [PHP] Using index.php instead of index.html > > > Sailom wrote: > > > I am a novice on PHP and web programming. Can any one > suggest me if > > I can use index.php in place of index.html? I really need > to concern > > about > > Sure you can! > > If you're using an Apache webserver, create a file named .htaccess > containing the following: > > DirectoryIndex index.php index.html > Redirect index.html http://www.bar.net/index.php > > The first line says "the directory index file is index.php, not > index.html". The second line says "whenever you get a request for > index.html, send them index.php instead". > > > security issue too. > > Umm... *what*? > > > > -- > Mark Gallagher > http://cyberfuddle.com/infinitebabble/ > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
[PHP] Printer margins
I'm creating an HTML file that will be printed by my website users. I've notices that most browser have the default print margins set to 0.75". Is there any way to change the print margins to 0.25"? - Do You Yahoo!? Yahoo! Autos - Get free new car price quotes
Re: [PHP] Preventing Multiple Log-Ins after Authentication
On Tue, Jul 16, 2002 at 01:57:51PM -0400, Monty wrote: > Is there a standard method in PHP for preventing multiple people from using > the same log-in username/password simultaneously on a membership site? Any > suggestions are greatly appreciated. My session management system uses a database backend. Each hit updates a timestamp in the database, among other things. If the time of the new hit is too long since the last hit, it denies access. Now, if a person logs in again and their User ID is in the session table, that means either their old session timed out or they're being hijacked. Either way, terminate the old session and move what they were doing into the new session. THEN, if the person in the first session is still browsing, they'll get a message saying their session was terminated. They'll be prompted for a login. That successful login will terminate the second session. --Dan -- PHP classes that make web design easier SQL Solution | Layout Solution | Form Solution sqlsolution.info | layoutsolution.info | formsolution.info T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Using index.php instead of index.html
Sailom wrote: > I am a novice on PHP and web programming. Can any one suggest me if I can > use index.php in place of index.html? I really need to concern about Sure you can! If you're using an Apache webserver, create a file named .htaccess containing the following: DirectoryIndex index.php index.html Redirect index.html http://www.bar.net/index.php The first line says "the directory index file is index.php, not index.html". The second line says "whenever you get a request for index.html, send them index.php instead". > security issue too. Umm... *what*? -- Mark Gallagher http://cyberfuddle.com/infinitebabble/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sessions / logins / cookies / security
On my sites, I have a check box next to the login form which says "remember me". If they tick this box, and they userid/password is valid, I set a cookie on their system which remembers them, which is just their username and an md5() of their pasword (the same data I add to the session). When maintaining the session, I first check if there is a $_SESSION['uid'] and $_SESSION['pwd'] -- if there is, I validate them (check against the db). If not, I then look for them in my cookie... if they exist, I validate them (check against the db), and assign them to the session. So, if there is no uid and pwd in $_SESSION, I check in $_COOKIE. If there's nothing there, they aren't logged in as far as I can tell. On every page I validate the uid and pwd against the database, so the only way you could fake being another user is to know the uid AND md5()'d pwd. Justin French on 17/07/02 2:30 AM, Chad Day ([EMAIL PROTECTED]) wrote: > I asked something similar a little while ago, but didn't do a good job > clarifying. > > What I'm looking to do is when a user logs in, I start up the session.. I > then have the registered session var to verify they are authenticated as > they move throughout the site. > > Now, when they close the browser and come back, I want them to still be > authenticated. Obviously, I have to set a cookie. But what do I set? Do I > set just their user ID? The MD5 of their password? What's the most secure > way, that's not easily spoofed? I don't know that much about cookies, but > if I just use a user ID, couldn't someone just change that ID value and > 'become' another user? > > Thanks for any advice, > Chad > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mcrypt
ftp://mcrypt.hellug.gr/pub/crypto/mcrypt/ - Original Message - From: "Peter" <[EMAIL PROTECTED]> To: "php_gen" <[EMAIL PROTECTED]> Sent: Wednesday, July 17, 2002 1:16 AM Subject: [PHP] mcrypt > Howdy all.. > does any one know of another place i can download a win32 ver of mcrypt other than > http://mcrypt.hellug.gr/ ? > > as that site crashes my browser when i click any link on the page... > > Cheers > > Peter > "the only dumb question is the one that wasn't asked" > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Editing files by line
On Tue, Jul 16, 2002 at 06:38:04PM -0400, Onaje Johnston wrote:
>
> It works using "if ($insert && isset($linenumber)) {".
>
> So because the value of linenumber is 0 on the first line, the if statement
> was evaluating to false and therefore the update wouldn't occur, correct?
Exactly. If statements need something that's not '' or 0 in order to
evaluate as positive.
--Dan
--
PHP classes that make web design easier
SQL Solution | Layout Solution | Form Solution
sqlsolution.info | layoutsolution.info | formsolution.info
T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] mcrypt
Howdy all.. does any one know of another place i can download a win32 ver of mcrypt other than http://mcrypt.hellug.gr/ ? as that site crashes my browser when i click any link on the page... Cheers Peter "the only dumb question is the one that wasn't asked"
Re: [PHP] I can't echo object variables
On Tue, Jul 16, 2002 at 01:45:01PM -0400, Michael Zornek wrote:
>
> I know this slight variation will make it work:
>
> echo "" . $db->field('name_long');
That's not an "object variable name." That's a function call. You're
asking to echo "" and then echoing the value returned by the field()
function in the $db object when called with the 'name_long' argument.
That's the way you have to do it.
--Dan
--
PHP classes that make web design easier
SQL Solution | Layout Solution | Form Solution
sqlsolution.info | layoutsolution.info | formsolution.info
T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Fopen errors out when opening a URL
On Tue, Jul 16, 2002 at 11:08:19AM -0400, Conover, Ryan wrote:
>
> I am trying to do a simple fopen("http://www.weather.com/index.html";, "r");
> For some reason I cannot Open any URL's after trying several.
>
> Warning: stat failed for Resource id #1 (errno=2 - No such file or
> directory)
If you're getting a resource id, your fopen() worked fine. The failure is
on some other line in your code. You need to pin down exactly which line
it is.
--Dan
--
PHP classes that make web design easier
SQL Solution | Layout Solution | Form Solution
sqlsolution.info | layoutsolution.info | formsolution.info
T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: contents from a database
You need to use the concatenating assignment operator .= after $sub. The
way you had it the variable $sub was getting assigned a new value each time
through the while loop. The .= oprerator will add to the existing value of
$sub each time through the loop.
Try this:
$query = "SELECT * FROM content WHERE section='$section' ";
$result = mysql_query($query);
while ($row = mysql_fetch_array($result))
{
$sub .= "" . $res[art_name] . "\n";
}
Good luck :-)
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Classes vs. Functions
> > Martin Clifford wrote: > > Could someone please explain the difference between classes and functions > > and how to use a class. > > Whether you should like OOP or not is a religious matter, so I will not > enter the field. OOP has its pluses and its minuses. It's a technique, > not an ultimate truth, although it is often presented as such. And as > any technique, it can do wonders and it can do plain bull**t when not > properly used. > > Nowadays 100% of my work is OOP based, but I worked some 15 years on > functions and I cannot blame those who keep working that way. There are > reasons for doing it and reason for not to do it. Get yourself a good > clear book, then make a decision. [snip] I have to agree here. IMO, there are benefits in using classes over functions, and there's benefits in using functions over classes. Once you get to know oop a little better, you should be able to determine which is better is any given situation. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] GIF Manipulation
GD2 does have a compile time option which will re-enable support for writing GIFs. AFAIK you're only legally allowed to enable it if you live outside of the US/Canada. HTH Danny. - Original Message - From: "Jason Reid" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; "Nick Oostveen" <[EMAIL PROTECTED]> Sent: Wednesday, July 17, 2002 12:04 AM Subject: Re: [PHP] GIF Manipulation > AFAIK there is a patch to re-add gif support to gd 1.8.4 (not sure about > 2.x). I saw the url for it the other day on a newsgroup, I'll see if i can > dig it up and post it. > > Jason Reid > [EMAIL PROTECTED] > > - Original Message - > From: "Nick Oostveen" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Tuesday, July 16, 2002 3:58 PM > Subject: [PHP] GIF Manipulation > > > > I'm currently developing a site which needs the ability to do server-side > > image cropping and resizing. I currently have a current version of GD > > installed with PHP, however the lack of support for GIFs is causing > endless > > headaches. > > > > Is there any way to support GIFs in PHP without reverting to an older > > version of GD (and loosing PNG support in the process)? > > > > Nick Oostveen > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] calling a cgi script from php
Hello ,
I am trying to call a cgi script from a PHP script and get it to return
some data.
I am using the script below but it does not seam to work.
The cgi script (or I should say function) I am trying to call is in a
perl pm file. I have include a copy of the function I am trying to
call. Does anybody know what I am doing wrong.
$username= "sdfsfs";
$cmd="/usr/lib/perl5/site_perl/5.005/Email.pm::mail_virtuser_get_byuser $username";
$returndata=exec($cmd);
echo $returndata;
sub mail_virtuser_get_byuser
# Parses a list of aliases a user owns
# Arguments: username
# Return value: Array of aliases
{
my($username) = @_;
my(%virtuser) = Email::mail_virtuser_list_alias();
my($alias,$user,@alii);
foreach $alias (keys %virtuser) {
push(@alii,$alias) if ($virtuser{$alias} eq $username);
}
return(@alii);
}
--
Best regards,
rdkurth mailto:[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Newbie Question on Efficiency : Follow-up Question
OK, if I understand C++ correctly, if I write a program and #include or something similar and compile the program it only compiles with the used functions in it, right? So, if I never use 'cin' it leaves that function out of the final complied app. Does/can PHP do anything similar? I'm always much more comfortable with a language when I can understand how it works and I'm sure some of you feel the same. Now, I fully understand that PHP documents are not even close to being compiled in the traditional sense. But, I'm wondering if it pulls all the necessary functions into memory when the page is accessed, then uses them when needed, or does it pull the whole include()d file into memory and just combine the whole mess together into one big memory heap and run like that? My gut tells me that it's the second one, but I'm just wanting to be sure. Of course, the answer likely won't make a single difference in my life, but I'm just curious... Also, I hope the above question isn't stupid. I do have a habit of thinking about something for a while and then having it suddenly hit me later that the answer is simple very trivial. Ah, well... Thanks for humoring me. Michael -Original Message- From: Monty [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 16, 2002 5:44 PM To: [EMAIL PROTECTED] Subject: Re: [PHP] Newbie Question on Efficiency If you have have a large number of functions, it might be better to separate them into a few files that you can include as needed. I use one file that contains functions needed by every page. I have a few other files that contain functions that aren't needed by every page, so, I include them only on pages that need them. But most functions go in the main include file used on every page. Separating them will also minimize some overhead if you have a lot of functions. Otherwise, if your include files aren't War & Peace in length, one include file is fine. [EMAIL PROTECTED] 07/16/02 04:59PM >>> > Hello everyone, I'm a newbie and have a question on style that I've not > seen addressed anywhere. I have a large number of frequently used > functions that I'm trying to find a good way to organize. The method > I'm thinking of using is to simply create a .php file called, for > example, functions.php. Then, just include the file at the top of each > page that needs any of the functions, and just call them as needed. My > question is this- if that file gets very large with tons of different > functions, is that an inefficient method? I'm not entirely clear on how > PHP is parsed and passed to the client. I assume it would be best to > divide up the functions into multiple files (ex. dbfunctions.php, etc.), > but is that still the best method? Basically, I'm just curious on how > you guys handle things like this. > > Thanks in advance. > Michael Kennedy > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] GIF Manipulation
AFAIK there is a patch to re-add gif support to gd 1.8.4 (not sure about 2.x). I saw the url for it the other day on a newsgroup, I'll see if i can dig it up and post it. Jason Reid [EMAIL PROTECTED] - Original Message - From: "Nick Oostveen" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, July 16, 2002 3:58 PM Subject: [PHP] GIF Manipulation > I'm currently developing a site which needs the ability to do server-side > image cropping and resizing. I currently have a current version of GD > installed with PHP, however the lack of support for GIFs is causing endless > headaches. > > Is there any way to support GIFs in PHP without reverting to an older > version of GD (and loosing PNG support in the process)? > > Nick Oostveen > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sessions / logins / cookies / security
Chad Day wrote: >What I'm looking to do is when a user logs in, I start up the session.. I >then have the registered session var to verify they are authenticated as >they move throughout the site. > >Now, when they close the browser and come back, I want them to still be >authenticated. Obviously, I have to set a cookie. But what do I set? Do I >set just their user ID? The MD5 of their password? What's the most secure >way, that's not easily spoofed? I don't know that much about cookies, but >if I just use a user ID, couldn't someone just change that ID value and >'become' another user? > Chad, It sounds like you already have a good idea about the insecurity of the method you mentioned. For the most part, trust your instincts, especially when something seems insecure. :-) You just need to try to come up with a method that is difficult to break. Use your creativity, and for each method you can think of, consider what steps must be taken to break the security of that method. There is always a way, but "changing the user ID" isn't very difficult to achieve. The cookie is a good idea, but the value of the cookie is what you need to think about. If its value is, as you mentioned, a user ID, someone could try to guess another valid user ID to impersonate another user. Remember that the cookie is data coming from the client that should not be trusted at all. Take the same precautions against client data as you would candy from a stranger; it doesn't mean it's necessarily bad candy, but you need to create some methods to give yourself pretty good assurance that it's not poisoned, etc. You want to inspect it. In your case, you want to create some methods of assuring, to a reasonable extent, that the cookie is coming from the same client as before. With each connection, there are several things you can check, and you can decide whether its more appropriate to store the data you want to check on the client or on the server. For example, if you were to store the IP address in the cookie also, then someone would have to be coming from the same IP address as before (it would seem). Of course, an observant attacker would change the value of this cookie to their own IP to see if that helped them bypass this check, which it would. What if, instead, you stored the IP address on the server in a database associated with the unique ID? Then you can at least be fairly assured that this value cannot be changed. Another option for you might be to encrypt the IP address and keep it in the cookie. This way, if someone else tried to use the same cookie, their IP address would have to appear to be the same (which of course would happen if it's the same computer). Other information you can get from the client includes the browser type, date, etc. The more things you check, and the more difficult you make it for the client to change this data (otherwise your checks aren't very useful), the more difficult you make impersonation. Just make sure to also cater to your legitimate users, which hopefully there will be more of. :-) If your users connect through a large LAN with multiple proxies, their IP address may fluctuate. Dialup users may have fluctuating IPs as well. If you require someone who fails your checks to only provide their password to continue, then the hassle you give your legitimate users is very minimal, and they might appreciate knowing you're looking out for the safety of their data. These are just some ideas. You're ultimately the best person to decide what security model is best for your needs. Like I said, try to be creative and trust your instincts. A good procedure might be to design what you think is a sufficiently strong and useful security model for your needs and ask the list to come up with hypothetical methods that could be used to break it. If the attacks seem very easy to accomplish, you might need to rethink your methods. Anyway, my point is that you want to educate yourself enough that *you* design the security of your site. Trusting others for your security is no better than trusting candy from strangers. :-) Happy hacking. Chris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Newbie Question on Efficiency
If you have have a large number of functions, it might be better to separate them into a few files that you can include as needed. I use one file that contains functions needed by every page. I have a few other files that contain functions that aren't needed by every page, so, I include them only on pages that need them. But most functions go in the main include file used on every page. Separating them will also minimize some overhead if you have a lot of functions. Otherwise, if your include files aren't War & Peace in length, one include file is fine. [EMAIL PROTECTED] 07/16/02 04:59PM >>> > Hello everyone, I'm a newbie and have a question on style that I've not > seen addressed anywhere. I have a large number of frequently used > functions that I'm trying to find a good way to organize. The method > I'm thinking of using is to simply create a .php file called, for > example, functions.php. Then, just include the file at the top of each > page that needs any of the functions, and just call them as needed. My > question is this- if that file gets very large with tons of different > functions, is that an inefficient method? I'm not entirely clear on how > PHP is parsed and passed to the client. I assume it would be best to > divide up the functions into multiple files (ex. dbfunctions.php, etc.), > but is that still the best method? Basically, I'm just curious on how > you guys handle things like this. > > Thanks in advance. > Michael Kennedy > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Editing files by line
-Original Message-
From: Analysis & Solutions
Sent: Tuesday, July 16, 2002 4:40 PM
To: PHP List
Subject: Re: [PHP] Re: Editing files by line
On Tue, Jul 16, 2002 at 04:25:25PM -0400, Onaje Johnston wrote:
>>
>> if ($insert && $linenumber) {
>But, if $linenumber is 0, this process won't happen. And, that was the
>complaint you mentioned up front.
>
>So, you should do an "isset($linenumber)" instead.
>--Dan
Thanks.
It works using "if ($insert && isset($linenumber)) {".
So because the value of linenumber is 0 on the first line, the if statement
was evaluating to false and therefore the update wouldn't occur, correct?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] contents from a database
I have a script that can desplay all the contents from a database but I need
the result to equil a variable, but when I do this it only desplays one line
from the database. I used to know this but I lost the info that I was given.
this is the script I am using..
$query = "SELECT * FROM content WHERE section='$section' ";
$result = mysql_query($query);
while($res = mysql_fetch_array($result)) {
$sub="".$res[art_
name]."
"; }
I know there is something I can add after $sub. Please can you tell me what
it is?
thanks heaps,
Dan
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] pros and cons of ezpublish
Hi, Someone wants to know what I can do with ezpublish and so I've downloaded it. Wow ... just looking at it now. What a package. ezpublish. I'd like to test this on a virtural server (can't afford my own box on the net) and I have a host where I can modify my apache conf files ... but I wonder. I've even got access to imagemagick but I have to call it direct. Anyone with some experience or advice on ezpublish? It's about 14 meg uncompressed. Bloatware or is it worth the effort? Thanks, Peter -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] GIF Manipulation
I'm currently developing a site which needs the ability to do server-side image cropping and resizing. I currently have a current version of GD installed with PHP, however the lack of support for GIFs is causing endless headaches. Is there any way to support GIFs in PHP without reverting to an older version of GD (and loosing PNG support in the process)? Nick Oostveen -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Classes vs. Functions
ðÒÉ×ÅÔ!
Martin Clifford wrote:
> Could someone please explain the difference between classes and functions
> and how to use a class.
Well, that's a 1 billion $$ question. I don't think one can fully grasp
that difference by reading an email. I strongly suggest you to buy
yourself a book about OOP and have a go at it. That is, if you really
care about knowing.
Whether you should like OOP or not is a religious matter, so I will not
enter the field. OOP has its pluses and its minuses. It's a technique,
not an ultimate truth, although it is often presented as such. And as
any technique, it can do wonders and it can do plain bull**t when not
properly used.
Nowadays 100% of my work is OOP based, but I worked some 15 years on
functions and I cannot blame those who keep working that way. There are
reasons for doing it and reason for not to do it. Get yourself a good
clear book, then make a decision.
ÐÏËÁ
áÌØÂÅÒÔÏ
ëÉÅ×
@-_=}{=_-@-_=}{=_-@-_=}{=_-@-_=}{=_-@-_=}{=_-@-_=}{=_-@-_=}{=_-@
LoRd, CaN yOu HeAr Me, LiKe I'm HeArInG yOu?
lOrD i'M sHiNiNg...
YoU kNoW I AlMoSt LoSt My MiNd, BuT nOw I'm HoMe AnD fReE
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is...
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] I can't echo object variables
ðÒÉ×ÅÔ!
Michael Zornek wrote:
> We all know this works:
>
> echo "$someVar";
>
> However this does not:
>
> echo "$db->field('name_long')";
>
> I know this slight variation will make it work:
>
> echo "" . $db->field('name_long');
>
> But it's cumbersome .. Anyway to get the first way to work?
>
> ~ Mike
In your example you try and execute a "method" within a quoted string.
That would not work even with a traditional function call, AFAIK.
ðÏËÁ
áÌØÂÅÒÔÏ
ëÉÅ×
@-_=}{=_-@-_=}{=_-@-_=}{=_-@-_=}{=_-@-_=}{=_-@-_=}{=_-@-_=}{=_-@
LoRd, CaN yOu HeAr Me, LiKe I'm HeArInG yOu?
lOrD i'M sHiNiNg...
YoU kNoW I AlMoSt LoSt My MiNd, BuT nOw I'm HoMe AnD fReE
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is...
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Good instruction for installing webserver using RPM and tar.gz files???
I'm pretty used to installing OpenSSL, Mod_SSL, Mcrypt, cURL, PHP and Apache with all of them in tar.gz files. Now I'm experiementing it on the Linux and mySQL. Never tried it on both Linux and mySQL before. The tricky part I found is that some come in RPM. I am familar with installing using RPM. But from my understanding, I would have to uninstall the existing RPM software. The tricky part is to knit together RPMs and tar.gz(s) for those software because they all depend on each other. For example in order of installation 1) IBM DB2 (or mySQL) 2) Mcrypt 3) OpenSSL 2) cURL --> (depend on OpenSSL) 3) Mod_SSL --> (it depend on OpenSSL) 4) PHP --> (depend on Mod_SSL, cURL, OpenSSL, Mcrypt & DB2) 5) Apache --> 5th (it depend on Mod_SSL, OpenSSL, PHP) So, anyone know of good instruction on the website somewhere? It does not have to be a complete instruction or a perfect instruction. Just something that can give me some understanding before I start working it. Or should I just use all tar.gz files instead? Like forget about the RPM stuffs. The reason I'm posting this is becuase I realize that PHP can easily not work with some softwares if it is not installed correctly. You know! Thanks, FletchSOD -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Newbie Question on Efficiency
Yeah, that's what I was thinking. Mostly I was curious if the procedure I mentioned was a good one or if there was something better to be doing. Thanks for the super quick reply. :) Michael -Original Message- From: Martin Clifford [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 16, 2002 4:01 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: [PHP] Newbie Question on Efficiency Unless the file is getting retartedly big (10-20K), then I wouldn't separate them. Though if you have enough functions, you could justify making separate files for your database functions, output functions, backend functions, etc. Martin Clifford Homepage: http://www.completesource.net Developer's Forums: http://www.completesource.net/forums/ >>> [EMAIL PROTECTED] 07/16/02 04:59PM >>> Hello everyone, I'm a newbie and have a question on style that I've not seen addressed anywhere. I have a large number of frequently used functions that I'm trying to find a good way to organize. The method I'm thinking of using is to simply create a .php file called, for example, functions.php. Then, just include the file at the top of each page that needs any of the functions, and just call them as needed. My question is this- if that file gets very large with tons of different functions, is that an inefficient method? I'm not entirely clear on how PHP is parsed and passed to the client. I assume it would be best to divide up the functions into multiple files (ex. dbfunctions.php, etc.), but is that still the best method? Basically, I'm just curious on how you guys handle things like this. Thanks in advance. Michael Kennedy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Newbie Question on Efficiency
Unless the file is getting retartedly big (10-20K), then I wouldn't separate them. Though if you have enough functions, you could justify making separate files for your database functions, output functions, backend functions, etc. Martin Clifford Homepage: http://www.completesource.net Developer's Forums: http://www.completesource.net/forums/ >>> [EMAIL PROTECTED] 07/16/02 04:59PM >>> Hello everyone, I'm a newbie and have a question on style that I've not seen addressed anywhere. I have a large number of frequently used functions that I'm trying to find a good way to organize. The method I'm thinking of using is to simply create a .php file called, for example, functions.php. Then, just include the file at the top of each page that needs any of the functions, and just call them as needed. My question is this- if that file gets very large with tons of different functions, is that an inefficient method? I'm not entirely clear on how PHP is parsed and passed to the client. I assume it would be best to divide up the functions into multiple files (ex. dbfunctions.php, etc.), but is that still the best method? Basically, I'm just curious on how you guys handle things like this. Thanks in advance. Michael Kennedy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Newbie Question on Efficiency
Hello everyone, I'm a newbie and have a question on style that I've not seen addressed anywhere. I have a large number of frequently used functions that I'm trying to find a good way to organize. The method I'm thinking of using is to simply create a .php file called, for example, functions.php. Then, just include the file at the top of each page that needs any of the functions, and just call them as needed. My question is this- if that file gets very large with tons of different functions, is that an inefficient method? I'm not entirely clear on how PHP is parsed and passed to the client. I assume it would be best to divide up the functions into multiple files (ex. dbfunctions.php, etc.), but is that still the best method? Basically, I'm just curious on how you guys handle things like this. Thanks in advance. Michael Kennedy
Re: [PHP] Re: Editing files by line
On Tue, Jul 16, 2002 at 04:25:25PM -0400, Onaje Johnston wrote:
>
> if ($insert && $linenumber) {
But, if $linenumber is 0, this process won't happen. And, that was the
complaint you mentioned up front.
So, you should do an "isset($linenumber)" instead.
--Dan
--
PHP classes that make web design easier
SQL Solution | Layout Solution | Form Solution
sqlsolution.info | layoutsolution.info | formsolution.info
T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] file() and array values contain extra \n
>Start from scratch. You have a file with a single user on each line: > >tom\n >dick\n >harry\n > >You use file() to read into array $users. > >You compare as in above. > >You add a user by: > > $users[] = "NEW_USER\n"; > >You write out the file as above. curious... when I ran through that (before posting initially) was getting the following from print_r of the file() results... Array ( [0] => admin [1] => user1 [2] => user2 [3] => user3 [4] => ) which lead me to believe that the last \n was parsing as an extra element in the array... (not sure why), thus the dilema of either trimming each element of the array, or pop'ing an element off the end of the array. both seemed annoying, thus the post after recoding it with each/trim into new array and use that for checking validity... I redid the original file using the script and got different results; Array ( [0] => admin [1] => user1 [2] => user2 [3] => user3 ) which is what I expected in the first place... as such, the original code could now just check for the username with a ."\n" on the end (as you recommended). Futsed up there somewhere... thus the seemingly stupid question. cheers, Dave -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sessions and Header() - Retraction
Well, perhaps stepping away from the problem for a few minutes actually helps
clear the mind. Found that one of my mysql_query() statements wasn't completing
and everything after that didn't finish. Once I fixed that, all the session
variables work. Go fig. Let that be a lesson to me :-)
Greg Macek wrote:
> Forgive the long post here, but I'll give as much info up-front and see
> if anyone can help me out here...
>
> I've searched the PHP docs for some help, but I am still running into a
> strange problem. Let me explain: I'm working on an internal site that
> stores information into a database, but it can be retrieved at a later
> date. The data initially is entered over many pages ( ~10 forms), so
> I've used sessions to store that data across those pages so that if they
> decide to move out of order, their data is still there. Once they're
> done, they can save the data, etc... we've all heard this story.
>
> Now, on retrieval, I'm pulling all the information from the database and
> storing them in session variables, which all happen to be arrays. There
> is a lot of data to retrieved and put into variables. I have one PHP
> script perform all this and then re-direct the user to the start page.
> Unfortunately, the script isn't storing all the session variables, only
> the first 5 of 7 variable arrays.
>
>
> The page looks similar to this:
>
> session_start();
> require "include_file.inc";
> mysql_pconnect(...);
> mysql_select_db(...);
>
> $result1 = mysql_fetch_object(mysql_query(...));
>
> $sess_var1[formVar1] = $result1->data_field;
> .
> session_register("sess_var1");
> ...// (and so on)
>
> // and then the re-direct
> Header("Location:next_page.php");
> ?>
>
> Unfortunately when I place the Header() call at the end of the file, it
> just sits there and doesn't re-direct. If I place it after
> session_start(), it will re-direct, but only the first five session
> variables are registered. Is there something I'm missing here or trying
> to do too much?
>
> - Greg
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Sessions and Header()
Forgive the long post here, but I'll give as much info up-front and see if
anyone can help me out here...
I've searched the PHP docs for some help, but I am still running into a strange
problem. Let me explain: I'm working on an internal site that stores information
into a database, but it can be retrieved at a later date. The data initially is
entered over many pages ( ~10 forms), so I've used sessions to store that data
across those pages so that if they decide to move out of order, their data is
still there. Once they're done, they can save the data, etc... we've all heard
this story.
Now, on retrieval, I'm pulling all the information from the database and storing
them in session variables, which all happen to be arrays. There is a lot of data
to retrieved and put into variables. I have one PHP script perform all this and
then re-direct the user to the start page. Unfortunately, the script isn't
storing all the session variables, only the first 5 of 7 variable arrays.
The page looks similar to this:
data_field;
.
session_register("sess_var1");
...// (and so on)
// and then the re-direct
Header("Location:next_page.php");
?>
Unfortunately when I place the Header() call at the end of the file, it just
sits there and doesn't re-direct. If I place it after session_start(), it will
re-direct, but only the first five session variables are registered. Is there
something I'm missing here or trying to do too much?
- Greg
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Editing files by line
-Original Message-
>From: Analysis & Solutions
>Without seeing the script, it'd be hard for us to say. So, post the
>_relevant parts_ of the script to the list.
Here's the code:
I'm sorry, but I couldn't open a file!";
exit;
}
$array = file($file_name);
// this is the stuff we get from the form, we insert it into an array
$input = array ($id, $name, $creator, $myreview, $prefix, $directory,
$sort, $comments);
// note that we add a \n (line break) to the end of the string.
$output_line = implode ($input, "|")."\n";
// Now open the file (get a file pointer)
$output_stream = fopen($file_name, "w+");
$counter = 0;
foreach($array as $key => $line) {
if($counter == $linenumber) {
$line = $output_line;
}
$out[] = chop($line);
$counter++;
}
foreach($out as $key => $line) {
$result=fputs($output_stream, $line."\n");
}
// close the file pointer
fclose($output_stream);
// give feedback
if ($result) {
echo "Data has been sucessfully added.\n";
echo "View updated
record";
}
else {
echo "Uhoh. . . the database didn't like that.";
}
}else{
// Viewing data from file in a form
//to read the file use:
$fp2= fopen("data.txt", "r");
$line_cnt=0;
while ($servinfo=fgets($fp2,1024)){
if ($line_cnt == $line_num){
$right_line = $servinfo;
list($id, $name, $creator, $myreview, $prefix, $directory, $sort,
$comments)= explode("|",$right_line);
break;
}
$line_cnt++;
}
fclose($fp2);
?>
Racestyle data settings:)
Race ID:
Racestyle Name:
Creator:
MyReview:
Race Prefix
Race Directory:
Sort:
>small case
>Upper Case
Comments:
The data.txt file has this format:
5|8|4|2|7|2|ship_names|
2|3|7|2|1|9|ship_names_2L|7
4|3|2|7|5|6|ship_names|3
The default line_num is 0. The other entries - database3.php?line_num=1,
database3.php?line_num=2 etc.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] activating php scripts via cron
sounds logical, but what happens with my other php version, where I need the flags? will it still be working? And where is this standalone php version gonna be installed? Andy "Jason Wong" <[EMAIL PROTECTED]> schrieb im Newsbeitrag [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > On Tuesday 16 July 2002 23:36, Andy wrote: > > so how do you install a second php version?? If you compile it (besides > > with what kind of flags) and then do a make and a make install the original > > version will be replaced, right? > > Just doing: > > ./configure; make; make install > > will compile and install the standalone php binary by default. > > Add whatever other options you need to the ./configure command. It's all in > the manual. > > -- > Jason Wong -> Gremlins Associates -> www.gremlins.com.hk > Open Source Software Systems Integrators > * Web Design & Hosting * Internet & Intranet Applications Development * > > /* >THE DAILY PLANET > > SUPERMAN SAVES DESSERT! > Plans to "Eat it later" > */ > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sessions / logins / cookies / security
There really isn't a good way to do this, I think. Any time you're taking just a cookie, and using that data to assume who the user is, it's open to hijacking. I can sniff the cookie or maybe find a cross-site scripting bug to steal it, create the same cookie on my machine, and poof, i'm that user. Now, if it's just for a forum, or something simple, then just do it. It's not worth worrying about someone hijacking my forum user. Anyway, the best way to create the unique id is to use uniqid() in combo with md5(). That'll give you a 32 character string that's hard to predict and isn't based on any of the user data. www.php.net/uniqid ---John Holmes... - Original Message - From: "Chad Day" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, July 16, 2002 3:30 PM Subject: RE: [PHP] Sessions / logins / cookies / security > Anyone? Can someone at least point me to some web article for > recommendations? I saw some examples where a password variable was stored, > but is that really safe (as long as I MD5 it first?) > > Chad > > -Original Message- > From: Chad Day [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, July 16, 2002 12:30 PM > To: [EMAIL PROTECTED] > Subject: [PHP] Sessions / logins / cookies / security > > > I asked something similar a little while ago, but didn't do a good job > clarifying. > > What I'm looking to do is when a user logs in, I start up the session.. I > then have the registered session var to verify they are authenticated as > they move throughout the site. > > Now, when they close the browser and come back, I want them to still be > authenticated. Obviously, I have to set a cookie. But what do I set? Do I > set just their user ID? The MD5 of their password? What's the most secure > way, that's not easily spoofed? I don't know that much about cookies, but > if I just use a user ID, couldn't someone just change that ID value and > 'become' another user? > > Thanks for any advice, > Chad > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sessions / logins / cookies / security
> What I'm looking to do is when a user logs in, I start up the > session.. I > then have the registered session var to verify they are > authenticated as > they move throughout the site. > > Now, when they close the browser and come back, I want them > to still be authenticated. I don't think this can be a "secure" authentication. By relying on a cookie for the authentication, the computer is being authenticated, not the user. So anyone using the machine will be seen as "authenticated". Anyone who finds the cookie on a particular machine can place it on their own machine, then their machine becomes authenticated. If you need secure, real authentication, proof of the user's identity, the user has to be asked to login each visit, IMO. In theory, only they know their username and password. Am I understanding the goal? Kirk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] waiting for keyboard echo
On Tue, Apr 16, 2002 at 05:34:57PM +0200, David D wrote: > > I m trying to make a php command line script, and I m looking for a function > that can stop the script until a key is pressed. I don't believe PHP can do this. Perl has Term::ReadLine. Your computer's clock says it's April. Might I suggest updating it to July? Or are you transmitting from a foreign planet? --Dan -- PHP classes that make web design easier SQL Solution | Layout Solution | Form Solution sqlsolution.info | layoutsolution.info | formsolution.info T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sessions / logins / cookies / security
Anyone? Can someone at least point me to some web article for recommendations? I saw some examples where a password variable was stored, but is that really safe (as long as I MD5 it first?) Chad -Original Message- From: Chad Day [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 16, 2002 12:30 PM To: [EMAIL PROTECTED] Subject: [PHP] Sessions / logins / cookies / security I asked something similar a little while ago, but didn't do a good job clarifying. What I'm looking to do is when a user logs in, I start up the session.. I then have the registered session var to verify they are authenticated as they move throughout the site. Now, when they close the browser and come back, I want them to still be authenticated. Obviously, I have to set a cookie. But what do I set? Do I set just their user ID? The MD5 of their password? What's the most secure way, that's not easily spoofed? I don't know that much about cookies, but if I just use a user ID, couldn't someone just change that ID value and 'become' another user? Thanks for any advice, Chad -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] libmcal for win32
Does anybody know where I can get the libmcal dll's precompiled for win32?
Re: [PHP] Preventing Multiple Log-Ins after Authentication
I forgot to mention that you can use Javascript to manage the open windows. We the user closes the main window, you can direct the empty window to log the user out and close its window as well. - Original Message - From: "Dennis Moore" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; "Monty" <[EMAIL PROTECTED]> Sent: Tuesday, July 16, 2002 3:22 PM Subject: Re: [PHP] Preventing Multiple Log-Ins after Authentication > If you do not want to use cookes and use SID or trans SID; Another method is > to track your logins via a database. This can be resource intensive > though.You need to update the database upon each click or have an empty > window refresh every 1-5 minutes. If there is no activity for 15 or 30 > minutes automatically log the person off in the database. This requires a > process to run in cron or a separate background program. The advantage of > this is that is very easy to add time based accounting to the session > management system. > > > - Original Message - > From: "Monty" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Tuesday, July 16, 2002 1:57 PM > Subject: [PHP] Preventing Multiple Log-Ins after Authentication > > > > Is there a standard method in PHP for preventing multiple people from > using > > the same log-in username/password simultaneously on a membership site? Any > > suggestions are greatly appreciated. > > > > Thanks! > > > > Monty > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP Functions Essential Reference??
does anyone have a copy of the electronic version (free, i believe?) of the book "PHP Functions Essential Reference" ? the website http://www.php-er.com has been down and i am trying to locate it... cheers, jaxon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Preventing Multiple Log-Ins after Authentication
If you do not want to use cookes and use SID or trans SID; Another method is to track your logins via a database. This can be resource intensive though.You need to update the database upon each click or have an empty window refresh every 1-5 minutes. If there is no activity for 15 or 30 minutes automatically log the person off in the database. This requires a process to run in cron or a separate background program. The advantage of this is that is very easy to add time based accounting to the session management system. - Original Message - From: "Monty" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, July 16, 2002 1:57 PM Subject: [PHP] Preventing Multiple Log-Ins after Authentication > Is there a standard method in PHP for preventing multiple people from using > the same log-in username/password simultaneously on a membership site? Any > suggestions are greatly appreciated. > > Thanks! > > Monty > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Exit script early
Why do you need to exit? If your code is layed out correctly, you shouldn't
have to.
if($something)
{ //part 1 }
else
{ //part 2 }
If $something evaluates to true, only Part 1 is executed...part 2 is never
seen. vice versa if $something is negative.
---John Holmes...
- Original Message -
From: "Michael Zornek" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, July 16, 2002 1:08 PM
Subject: [PHP] Exit script early
> Ok,
>
> So I'm creating a details.php page where I'm expecting the url to be
> something like:
>
> /details.php?id=12345
>
> Thus in my php I have the following:
>
> if (!isset($id))
> { // if no id exsits
>
> // Create a page saying ID not found, goto index
> writeHTMLTag();
> writeHeader("Error", "never");
> writeBodyTag();
> writeLogoNav();
>
> echo "Error: A hospital ID was not found.
> Goto: Nursing Career Match
> ";
>
> writeFooter();
> writeHTMLTagCloser();
>
> // what command can I use to end the script right here?
> }
> else
> { // Run MySQL stuff and display page
>
> }
>
> My question is "what command can I use to end the script [inside the top
> part of that if statement]?"
>
> ~ Mike
> --
> Mike Zornek | Project Leader
> Apple Student Developers
> The Insanely Great Site with the Insanely Long URL
> http://www.applestudentdevelopers.org
>
> Personal Site:
> http://www.mikezornek.com
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Preventing Multiple Log-Ins after Authentication
You'll have to assign each user a unique id each time they log on. If they attempt to log on again, check and see if they already have a unique id and if they do, don't let them log on again. the problems you'll run into with this is, though, is that if someone doesn't log out, they'll still have a session and will have to wait for your cron job to clear it out... It goes back to the old question of how do you know if someone is really online. what if they are viewing a page, accidently close the browser, and then try to log in again. your script will probably think it's someone else trying to log on... Not sure if there is a truly effective way to do this... ---John Holmes... - Original Message - From: "Monty" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, July 16, 2002 1:57 PM Subject: [PHP] Preventing Multiple Log-Ins after Authentication > Is there a standard method in PHP for preventing multiple people from using > the same log-in username/password simultaneously on a membership site? Any > suggestions are greatly appreciated. > > Thanks! > > Monty > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Is there a way?
Ok so let me ask one last question..
Which it faster, to run my function and part of the function would be to get
data from a website and break it into variables then make all the html and
variables one new variable for printing
or
Get my data put into variables made global and then in my HTML page use tags
like .
The last one is easier to design with, but may slow things down each time it
has to parse out the PHP tag, no?
"Jay Blanchard" <[EMAIL PROTECTED]> wrote in message
001a01c22cf3$ef2e01c0$8102a8c0@niigziuo4ohhdt">news:001a01c22cf3$ef2e01c0$8102a8c0@niigziuo4ohhdt...
> [snip]
> In Perl you could print a block of information as it was written like
this;
> print <
> This a whole bunch of HTML code!!!
>
> HTML_END
>
> The best part about this, was that you did not have to escape your " and
you
> could mix in your variables making it easy to design and layout the HTML.
Is
> there a similiar way to do this in PHP?
> [/snip]
>
> $variable = <<< HERE
>
> all kinds of stuff
>
> HERE;
>
> print("$variable");
>
> HTH!
>
> Jay
>
> "Two wrongs are only the beginning"
>
> *
> * Want to meet other PHP developers *
> * in your area? Check out: *
> * http://php.meetup.com/*
> * No developer is an island ... *
> *
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] I can't echo object variables
Twas 7/16/02 1:47 PM, when "Martin Clifford" <[EMAIL PROTECTED]> said:
> Try enclosing it in curly braces.
>
> echo "${db->field('name_long')}";
Parse error :-(
~ Mike
--
Mike Zornek | Project Leader
Apple Student Developers
The Insanely Great Site with the Insanely Long URL
http://www.applestudentdevelopers.org
Personal Site:
http://www.mikezornek.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session and output buffering
You have to give the variable value before registering it, from my experience.
$var = "123 Sesame Street";
session_register($var);
Also, I don't believe you need to use session_unset(), since you are already
destroying the session information. If you are getting errors, it would be helpful if
you include those in your message so that we might be able to deduce the error from
it's cryptic nature :o)
Martin Clifford
Homepage: http://www.completesource.net
Developer's Forums: http://www.completesource.net/forums/
>>> "Divyank Turakhia" <[EMAIL PROTECTED]> 07/16/02 02:46PM >>>
I have set output_buffering = On in my php.ini file, since I need this
for my application.
When the user logins I want to destroy any current session and start a
new session. I have included the below in my code for the same. But for
some reason all my old data is available in the session.
session_start();
session_unset();
session_destroy();
session_start();
session_register("somevariable");
Can anyone figure out where I may be going wrong.
Warm Regards,
Divyank Turakhia
--
http://www.directi.com
--
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Session and output buffering
I have set output_buffering = On in my php.ini file, since I need this
for my application.
When the user logins I want to destroy any current session and start a
new session. I have included the below in my code for the same. But for
some reason all my old data is available in the session.
session_start();
session_unset();
session_destroy();
session_start();
session_register("somevariable");
Can anyone figure out where I may be going wrong.
Warm Regards,
Divyank Turakhia
--
http://www.directi.com
--
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Apache 2.0 + PHP
On Mon, 2002-07-15 at 18:30, Gerard Samuel wrote: > I dont think Apache 2 or php 4.3.x are meant for production boxes.. > My opinion, the latest verion of apache 1.3.x and php 4.1.2 (my test > box > is 4.2.1 but thats ok) Apache2 is meant for production. Php 4.2.1 is meant for production. With most distros, this should not be a problem whatsoever, but people using gcc3 may have no luck until they use php 4.3. This has been my experience with it to date. > Michael Hall wrote: > > >I've had a hunt through the mail archives but can't find a definite > >answer: > > > >Is Apache 2.0.x and PHP 4.2.x/4.3.x on Linux a viable proposition yet > in a > >production environment? > > > >I guess the diversity of experiences described in the archives > probably > >means no, but what is the current opinion? Some of the archive > messages > >I read are quite old now. > > > > > > > >Michael Hall [EMAIL PROTECTED] > > > > > > > > > > > > -- > Gerard Samuel > http://www.trini0.org:81/ > http://dev.trini0.org:81/ > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php -- Austin Gonyou <[EMAIL PROTECTED]> Coremetrics, Inc. signature.asc Description: This is a digitally signed message part
Re: [PHP] Is there a way?
It's called "here doc" formatting, and follows the pattern below: $chunk = <<< EOF; // stuff here EOF; Hmm. For some reason that just doesn't look right. I'm sure someone will correct it if I'm wrong though :o) Martin Clifford Homepage: http://www.completesource.net Developer's Forums: http://www.completesource.net/forums/ >>> "Chris Crane" <[EMAIL PROTECTED]> 07/16/02 02:03PM >>> In Perl you could print a block of information as it was written like this; print
Re: [PHP] Preventing Multiple Log-Ins after Authentication
create cookie and at the end of the Script/page destroy cookies
Use if statements:
setcookie('cookie', $value, $expire, $path
$domain);
if(isset($cookie))
echo "Access Denied, Multiple Login
Attempted!";
else
run the page/script
or
Stick an fetch I.P Stick it in String array,
if duplicate exist die...
else run script
"Jay Blanchard" <[EMAIL PROTECTED]> wrote in message
001401c22cf2$db192080$8102a8c0@niigziuo4ohhdt">news:001401c22cf2$db192080$8102a8c0@niigziuo4ohhdt...
> [snip]
> Is there a standard method in PHP for preventing multiple people from
using
> the same log-in username/password simultaneously on a membership site? Any
> suggestions are greatly appreciated.
> [/snip]
>
> One way is to set a non-expiring cookie, which works if they don't delete
> cookies from time-to-time.
>
> HTH!
>
> Jay
>
> "Growing old is mandatory, growing up is optional"
>
> *
> * Want to meet other PHP developers *
> * in your area? Check out: *
> * http://php.meetup.com/*
> * No developer is an island ... *
> *
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Is there a way?
[snip] In Perl you could print a block of information as it was written like this; print
RE: [PHP] Is there a way?
Good day, > In Perl you could print a block of information as it was > written like this; > print < > This a whole bunch of HTML code!!! > > HTML_END > > The best part about this, was that you did not have to escape > your " and you > could mix in your variables making it easy to design and > layout the HTML. Is > there a similiar way to do this in PHP? Yeppers. It's lmost the same. echo <
[PHP] Is there a way?
In Perl you could print a block of information as it was written like this; print
RE: [PHP] Preventing Multiple Log-Ins after Authentication
[snip] Is there a standard method in PHP for preventing multiple people from using the same log-in username/password simultaneously on a membership site? Any suggestions are greatly appreciated. [/snip] One way is to set a non-expiring cookie, which works if they don't delete cookies from time-to-time. HTH! Jay "Growing old is mandatory, growing up is optional" * * Want to meet other PHP developers * * in your area? Check out: * * http://php.meetup.com/* * No developer is an island ... * * -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Preventing Multiple Log-Ins after Authentication
Is there a standard method in PHP for preventing multiple people from using the same log-in username/password simultaneously on a membership site? Any suggestions are greatly appreciated. Thanks! Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] I can't echo object variables
Try enclosing it in curly braces.
echo "${db->field('name_long')}";
Martin Clifford
Homepage: http://www.completesource.net
Developer's Forums: http://www.completesource.net/forums/
>>> Michael Zornek <[EMAIL PROTECTED]> 07/16/02 01:45PM >>>
We all know this works:
echo "$someVar";
However this does not:
echo "$db->field('name_long')";
I know this slight variation will make it work:
echo "" . $db->field('name_long');
But it's cumbersome .. Anyway to get the first way to work?
~ Mike
--
Mike Zornek | Project Leader
Apple Student Developers
The Insanely Great Site with the Insanely Long URL
http://www.applestudentdevelopers.org
Personal Site:
http://www.mikezornek.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Timer
How i know when 2 mins ellapsed? "Kevin Stone" <[EMAIL PROTECTED]> wrote in message 013f01c22cee$b3e17110$6501a8c0@kevin">news:013f01c22cee$b3e17110$6501a8c0@kevin... > Store a timestamp in a file. When the bot is activated retrieve the old > timestamp and calculate the difference between then and how. Store that > value in another file or database. Update the file with a fresh timestamp. > -Kevin > > - Original Message - > From: "Thomas "omega" Henning" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Tuesday, July 16, 2002 11:22 AM > Subject: [PHP] Timer > > > > Is this possible: > > > > Im making a bot in PHP and i need a timer. Lets say noone ses anything for > > 2mins in the channel after that the bot ses something. And if the bot > > recieves an msg the timer clears. Is this possible 2 be done? > > > > Thomas "omega" Henning > > > > > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] I can't echo object variables
We all know this works:
echo "$someVar";
However this does not:
echo "$db->field('name_long')";
I know this slight variation will make it work:
echo "" . $db->field('name_long');
But it's cumbersome .. Anyway to get the first way to work?
~ Mike
--
Mike Zornek | Project Leader
Apple Student Developers
The Insanely Great Site with the Insanely Long URL
http://www.applestudentdevelopers.org
Personal Site:
http://www.mikezornek.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
