[PHP] sessions
Hi, If i use sid in the url , is it dangerous - can hackers gain info on important variables storing username and passwords or is it save to use , if not what should i do. shaun -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sessions
[snip] This string is offered to the visitor in a cookie, but if they refuse it, PHP will just append it to the end of every URL automatically. _IF_ PHP is compiled with enable-trans-sid and you have it turned on in php.ini. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] sessions
Hi Shaun, If i use sid in the url , is it dangerous - can hackers gain info on important variables storing username and passwords or is it save to use , if not what should i do. Theoretically, if you guess or sniff someone's session ID, you can hijack their session. That doesn't mean you can find out the contents of every variable if they're not displayed; you'd need to compromise the web server for that (and if someone can get onto your server, you have bigger problems than session hijacking). What can you do? shrug Live with it or serve over HTTPS, I suppose. Nothing that travels via vanilla HTTP is secure. You can minimise the likelihood of a SID being *guessed* by generating your own and making them insanely long (128 chars, for example), but IMHO that's overkill. It might be an idea to reduce the expiry time as well - you can do this in php.ini. Even if you do have a session hijacked, you can limit any damage by good app design: for example, don't stored passwords in the session and then have a header at the top of every page saying hello $username, your password is $password :-) Cheers Jon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] John W. Holmes : User aborting a download and counting the filesize
I will give it a try and let you know what the results where..
Re: [PHP] sessions
You could, on the page where it initially creates there session, get there IP address and make that a session variable, then in one of your include files which is called on every page, check to see if the current users's IP match's the one of the $_SESSION[ip] variable, if it doesn't, just stop them dead with an exit; statement. Course this won't help for people behind the same public IP, but it's a start. You could also verify against what the browser identify's itself as, etc. Adam Voigt [EMAIL PROTECTED] On Thu, 2002-10-24 at 08:32, Shaun wrote: Hi, If i use sid in the url , is it dangerous - can hackers gain info on important variables storing username and passwords or is it save to use , if not what should i do. shaun -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: the xml functions
Robert Samuel White wrote: I am having a hard time understanding one of the features of the xml parser functions. If the string I am parsing includes nbsp; or something similar, it encounters an error. I've read the docs and I don't understand how to have the parser process these. Any advice would be great. Basically, unless you've coded something to deal with them ampersands are the ultimate reserved word in XML. The easiest way to deal with them is to scrub them to amp;nbsp; before they go through the XML parser. The right way to deal with them is to define nbsp; as a valid entity in your DTD and make sure that all XML strings have a DTD when they are fed through the parser. J Wynia phpgeek.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] sessions
While were on the subject, Is it possible/wise t register a person's session id in you useraccess db when they log in then always assign them the same id, then if the session has not expired the user will pick up vars stored there.. Cheers -Original Message- From: Adam Voigt [mailto:adam;cryptocomm.com] Sent: 24 October 2002 15:01 To: Shaun Cc: [EMAIL PROTECTED] Subject: Re: [PHP] sessions You could, on the page where it initially creates there session, get there IP address and make that a session variable, then in one of your include files which is called on every page, check to see if the current users's IP match's the one of the $_SESSION[ip] variable, if it doesn't, just stop them dead with an exit; statement. Course this won't help for people behind the same public IP, but it's a start. You could also verify against what the browser identify's itself as, etc. Adam Voigt [EMAIL PROTECTED] On Thu, 2002-10-24 at 08:32, Shaun wrote: Hi, If i use sid in the url , is it dangerous - can hackers gain info on important variables storing username and passwords or is it save to use , if not what should i do. shaun -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] sessions
Well I suppose you could, but I wouldn't. If your worried about someone stealing someone's sid when they are using a random one, then having a fixed one would be even worse in this respect since they only have to get it once instead of every time the session is re-initiated. Adam Voigt [EMAIL PROTECTED] On Thu, 2002-10-24 at 09:08, Simon Taylor wrote: While were on the subject, Is it possible/wise t register a person's session id in you useraccess db when they log in then always assign them the same id, then if the session has not expired the user will pick up vars stored there.. Cheers -Original Message- From: Adam Voigt [mailto:adam;cryptocomm.com] Sent: 24 October 2002 15:01 To: Shaun Cc: [EMAIL PROTECTED] Subject: Re: [PHP] sessions You could, on the page where it initially creates there session, get there IP address and make that a session variable, then in one of your include files which is called on every page, check to see if the current users's IP match's the one of the $_SESSION[ip] variable, if it doesn't, just stop them dead with an exit; statement. Course this won't help for people behind the same public IP, but it's a start. You could also verify against what the browser identify's itself as, etc. Adam Voigt [EMAIL PROTECTED] On Thu, 2002-10-24 at 08:32, Shaun wrote: Hi, If i use sid in the url , is it dangerous - can hackers gain info on important variables storing username and passwords or is it save to use , if not what should i do. shaun -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] sessions
Unfortunately, in a real world situation, verifying IP address does *NOT* work. On our sites we have the following: -- AOL. Their outgoing IP isn't necessarily the same IP address throughout the session. AOL assigns IP addresses as needed. -- People behind web caching servers. HTTP can be cached, HTTPS cannot. If you switch between HTTP and HTTPS, a person's IP address will change. -- Clients that have network connections that multiplex multiple pipes. If there are multiple IPs, then the connection may flipflop between the IPs in the session. And those are the most common problems with trying to force the same IP in a session. If you were to use IP to validate a session, it would be best to combine it with the Browser Agent string and perhaps the referrer. If all three aren't what you expect, then it may be a hijack attempt. Just using IP address will cause problems if you run into any of the problems above (and others that cause the IP Address to change during a session) Jaime Bozza -Original Message- From: Adam Voigt [mailto:adam;cryptocomm.com] You could, on the page where it initially creates there session, get there IP address and make that a session variable, then in one of your include files which is called on every page, check to see if the current users's IP match's the one of the $_SESSION[ip] variable, if it doesn't, just stop them dead with an exit; statement. Course this won't help for people behind the same public IP, but it's a start. You could also verify against what the browser identify itself as, etc. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] sessions
It's common for IP addresses to change while people are surfing. So you may be needlessly kicking people out. ---John Holmes... - Original Message - From: Adam Voigt [EMAIL PROTECTED] To: Shaun [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, October 24, 2002 9:01 AM Subject: Re: [PHP] sessions You could, on the page where it initially creates there session, get there IP address and make that a session variable, then in one of your include files which is called on every page, check to see if the current users's IP match's the one of the $_SESSION[ip] variable, if it doesn't, just stop them dead with an exit; statement. Course this won't help for people behind the same public IP, but it's a start. You could also verify against what the browser identify's itself as, etc. Adam Voigt [EMAIL PROTECTED] On Thu, 2002-10-24 at 08:32, Shaun wrote: Hi, If i use sid in the url , is it dangerous - can hackers gain info on important variables storing username and passwords or is it save to use , if not what should i do. shaun -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Var question
I am building a form that posts to itself. I have the following to detect the submit button being clicked: If($_POST[go] == add link) I am getting a warning that says 'go' is undefined. How do I define this? Thanks, Clint -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] sessions
Really? Your IP randomly changes when your surfing between say yahoo.com and msn.com does it? While it is true that you can force an IP change while your connected, I have not yet seen a provider which randomly decides to change your IP address in the middle of your surfing, if your talking about DHCP IP's on say Cable or ADSL modem's, then I can understand what your saying, but even then the IP change is almsot always at times when your computer is turned off or restarted. I have been using an extra IP check in our sessions on a website which get's somewhere in the area of 500,000 unique hits a month and we have not had a single complaint of people's session's being dropped. Adam Voigt, Cisco Certificed Network Associate [EMAIL PROTECTED] On Thu, 2002-10-24 at 09:35, 1LT John W. Holmes wrote: It's common for IP addresses to change while people are surfing. So you may be needlessly kicking people out. ---John Holmes... - Original Message - From: Adam Voigt [EMAIL PROTECTED] To: Shaun [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, October 24, 2002 9:01 AM Subject: Re: [PHP] sessions You could, on the page where it initially creates there session, get there IP address and make that a session variable, then in one of your include files which is called on every page, check to see if the current users's IP match's the one of the $_SESSION[ip] variable, if it doesn't, just stop them dead with an exit; statement. Course this won't help for people behind the same public IP, but it's a start. You could also verify against what the browser identify's itself as, etc. Adam Voigt [EMAIL PROTECTED] On Thu, 2002-10-24 at 08:32, Shaun wrote: Hi, If i use sid in the url , is it dangerous - can hackers gain info on important variables storing username and passwords or is it save to use , if not what should i do. shaun -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] sessions
-- AOL. Their outgoing IP isn't necessarily the same IP address throughout the session. AOL assigns IP addresses as needed. I have not seen it where AOL randomly shunts a new IP to a client, but then again I don't get to many AOL users on the websites which use these sessions, ofcourse of those who do, none have ever complained about there session being lost. -- People behind web caching servers. HTTP can be cached, HTTPS cannot. If you switch between HTTP and HTTPS, a person's IP address will change. I can see where this would be true. -- Clients that have network connections that multiplex multiple pipes. If there are multiple IPs, then the connection may flipflop between the IPs in the session. This is true, however most people with secondary connections are (or should) be operated in a BGP fashion where two pipe's can route the same IP subnet while maintaining two seperate routes to the internet. Adam Voigt [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Var question
You can just check for if(isset($_POST['go'])) You don't really care what the value is since it's just a button. ---John Holmes... - Original Message - From: Clint Tredway [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, October 24, 2002 9:33 AM Subject: [PHP] Var question I am building a form that posts to itself. I have the following to detect the submit button being clicked: If($_POST[go] == add link) I am getting a warning that says 'go' is undefined. How do I define this? Thanks, Clint -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Var question
is go a variable that is passed via post? I guess yes but you get this error without submitting yet. There are three solutions: 1. Change your error reporting level to 55: error_reporting(55). This will stop warning your undefined variables. 2. Prefix the variable with an at-mark: @$_POST['go']. This is a quickie. 3. Most elegant way: add one more check: if(isset($_POST['go']) and $_POST['go'] == 'add link'). -- Maxim Maletsky [EMAIL PROTECTED] www.PHPBeginner.com // PHP for Beginners www.maxim.cx // my Home // my Wish List: ( Get me something! ) http://www.amazon.com/exec/obidos/registry/2IXE7SMI5EDI3 Clint Tredway [EMAIL PROTECTED] wrote... : I am building a form that posts to itself. I have the following to detect the submit button being clicked: If($_POST[go] == add link) I am getting a warning that says 'go' is undefined. How do I define this? Thanks, Clint -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] sessions
Really? Your IP randomly changes when your surfing between say yahoo.com and msn.com does it? Does mine? No. Can it change with other people? Yes... I have been using an extra IP check in our sessions on a website which get's somewhere in the area of 500,000 unique hits a month and we have not had a single complaint of people's session's being dropped. Maybe they aren't complaining. Maybe they don't know why it's happening, if it is. If a 99% solution is good enough for you, then use it. It really doesn't matter to me. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Var question
Thanks guys.. I am moving away from ColdFusion to PHP and so I still forget about the isset() function. -Original Message- From: 1LT John W. Holmes [mailto:holmes072000;charter.net] Sent: Thursday, October 24, 2002 8:53 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: [PHP] Var question You can just check for if(isset($_POST['go'])) You don't really care what the value is since it's just a button. ---John Holmes... - Original Message - From: Clint Tredway [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, October 24, 2002 9:33 AM Subject: [PHP] Var question I am building a form that posts to itself. I have the following to detect the submit button being clicked: If($_POST[go] == add link) I am getting a warning that says 'go' is undefined. How do I define this? Thanks, Clint -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] sessions
Maybe they aren't complaining. Maybe they don't know why it's happening, if it is. If a 99% solution is good enough for you, then use it. It really doesn't matter to me. A 99% solution is what I strive to get, between javascript and CSS incompatibilty's between browsers, all kinds of HTML, table and form tags looking different between systems, and everything else which breaks design compatibility between the two, the programming side, having the IP check is great, with referer check the original user and the hacker who gets there SID just have both be runnign IE if it was a browser check, I'm willing to live with the possibility that someone could lose there session (though it hasn't happened yet) and if it does maybe we'll look at a different way to do it. Adam Voigt [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] dba_open, dba_popen, caches, not closing database, etc..
Hi People, I'm having problems with the dba extension. An application I've written using db2 is working beautifully on my machine, but due to various reasons, the machine it's supposed to work on can have anything but db2 as the database backend. I've tried gdbm, ndbm and db3, and they all have the same problem - if I've just written to the database, I can't open it again for about 5 minutes - the php page just prints the Warning: driver initialization failed in blahblah.php error. After leaving it for a while, it starts working again. I've abstracted the database through a class, which opens the database and syncs all writes, but it doesn't automatically close it (without the use of a destructor, there isn't anywhere I could sensibly put code to do it). I've tried dba_open and dba_popen, and both demonstrate the same problem. Anybody got any tips for this? -- Giles Constant, Systems Programmer Hyperlink Interactive http://www.hyperlink-interactive.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] sessions
Really? Your IP randomly changes when your surfing between say yahoo.com and msn.com does it? While it is true that you can force an IP change while your connected, I have not yet seen a Mine doesn't because it's fixed. But for the reasons I stated in my previous email, it may for someone else. In fact, I've *watched* a session's IP address flipflop back and forth when downloading data from one of our websites. There are products out there that multiplex dialup lines without using MPPP. How do they do that? They make multiple connections, each with their own IP Address, and then the unit load balances TCP/IP sessions across the connections. (One TCP/IP session will go out connection #1, the next out of session #2, and so forth) I have been using an extra IP check in our sessions on a website which get's somewhere in the area of 500,000 unique hits a month and we have not had a single complaint of people's session's being dropped. Perhaps the clients you have don't use the devices (or are on AOL, or have webcache devices). Perhaps the ones that have a problem just go away. There could be many reasons why you haven't had a complaint. Personally I find it easier to go somewhere else than complain to a website that I'm having problems with. I'm just pointing out the issues, I'm not forcing anyone to listen. :) Jaime Bozza -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] dba_open, dba_popen, caches, not closing database, etc..
You can use register_shutdown_function(). Giles Constant wrote: Hi People, I'm having problems with the dba extension. An application I've written using db2 is working beautifully on my machine, but due to various reasons, the machine it's supposed to work on can have anything but db2 as the database backend. I've tried gdbm, ndbm and db3, and they all have the same problem - if I've just written to the database, I can't open it again for about 5 minutes - the php page just prints the Warning: driver initialization failed in blahblah.php error. After leaving it for a while, it starts working again. I've abstracted the database through a class, which opens the database and syncs all writes, but it doesn't automatically close it (without the use of a destructor, there isn't anywhere I could sensibly put code to do it). I've tried dba_open and dba_popen, and both demonstrate the same problem. Anybody got any tips for this? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] sessions
Maybe they aren't complaining. Maybe they don't know why it's happening, if it is. If a 99% solution is good enough for you, then use it. It really doesn't matter to me. A 99% solution is what I strive to get, between javascript and CSS incompatibilty's between browsers, all kinds of HTML, table and form tags looking different between systems, and everything else which breaks design compatibility between the two, the programming side, having the IP check is great, with referer check the original user and the hacker who gets there SID just have both be runnign IE if it was a browser check, I'm willing to live with the possibility that someone could lose there session (though it hasn't happened yet) and if it does maybe we'll look at a different way to do it. Yes, overall, a 99% solution is all we can hope for. But all I'm saying is why even check the IP address? What added security does this give you? The hard part is hijacking the session ID. If you can figure out someone's session ID, then I'm pretty sure it wouldn't be hard to figure out their IP and browser type, also. It's not going to stop someone who is dedicated and just adds in extra checks that are 99.9% _always_ the same for regular users. and if they are different, you still can't tell if it's a hacker at a different IP address or a user who just switched IP addresses. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] String manipulation
Hi to all (again ;-) I need one or more PHP functions to handle a form input. i.e. you write: [EMAIL PROTECTED] I have to check that after the '@' comes 'test.com'. I think this is easy, Any help on this ? regards in advance... f. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] outputting articles in a certain format.
I tend to have the text as raw as possible... that way I can style the content, apply a layout to it, etc etc over and over again without effecting the content. To use a well used term, separate content from presentation. But, if you want bold, italics, paragraphs, headings, etc, then yes, some form of mark-up will need to be applied to the text by the writer. Commonly, this is done by allowing the writer to use a small sub-set of tags, like P, B, A, I. Things like nl2br() also help minimise what the writer needs to know. You can't really avoid them needing to know SOMETHING about mark-up. The other option is a (usually) Java based GUI, which allows users to add text via a web page (as with any CMS), but additionally allows bold tags, pictures, and general formatting of the text to be done in a Microsoft Word-like interface. http://www.editize.com/ comes to mind, but there are heaps more I'm sure. Justin French on 24/10/02 10:03 PM, rolf vreijdenberger ([EMAIL PROTECTED]) wrote: Hi, I have often seen articles on the internet with a certain layout. THese seem to by dynamically generated from a database as there are name/value pairs appended behind the url. My question: How can you control the layout? The way I do it is by specifying tags in the database, that is an impossibility for people that don't have html knowledge. Yet I see layout with different text styles like bold, seperated in paragraphs, and diverse pictures. (like this) Bhello/b normal text BRBR banother header/b etc I understand that it is possible to just link to properly formatted html pages in the database, but I would like people without knowledge of html to generate text based pages thanks in advance -- Rolf Vreijdenberger De Pannekoek en De Kale Maystraat 6 2593 VW Den Haag T: 06-24245719 E: [EMAIL PROTECTED] W: www.depannekoekendekale.nl -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] sessions
Half of them are paying users, trust me, if there was a problem, they would complain, god knows they do about every tiny comma missing in the text, etc. On Thu, 2002-10-24 at 10:06, Jaime Bozza wrote: Really? Your IP randomly changes when your surfing between say yahoo.com and msn.com does it? While it is true that you can force an IP change while your connected, I have not yet seen a Mine doesn't because it's fixed. But for the reasons I stated in my previous email, it may for someone else. In fact, I've *watched* a session's IP address flipflop back and forth when downloading data from one of our websites. There are products out there that multiplex dialup lines without using MPPP. How do they do that? They make multiple connections, each with their own IP Address, and then the unit load balances TCP/IP sessions across the connections. (One TCP/IP session will go out connection #1, the next out of session #2, and so forth) I have been using an extra IP check in our sessions on a website which get's somewhere in the area of 500,000 unique hits a month and we have not had a single complaint of people's session's being dropped. Perhaps the clients you have don't use the devices (or are on AOL, or have webcache devices). Perhaps the ones that have a problem just go away. There could be many reasons why you haven't had a complaint. Personally I find it easier to go somewhere else than complain to a website that I'm having problems with. I'm just pointing out the issues, I'm not forcing anyone to listen. :) Jaime Bozza -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: String manipulation
Francisco Vaucher [EMAIL PROTECTED] wrote in message news:3B966ABC166BAF47ACBF4639003B11AC848AE7;exchange.adtarg.com... Hi to all (again ;-) I need one or more PHP functions to handle a form input. i.e. you write: [EMAIL PROTECTED] I have to check that after the '@' comes 'test.com'. I think this is easy, Something like this? $address = explode( '@', $_POST['email'] ); if ( $address[1] == 'test.com' ) echo 'Valid'; else echo 'Not valid'; or: if ( preg_match( '/.*@test\.com$/', $_POST['email'] ) ) echo 'Valid'; else echo 'Not valid'; $_POST['email'] contains the email address, submitted by the form. HTH Erwin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] sessions
I agree with Jaime. The problems are out there, and documented. The fact that you haven't had complaints isn't really a good argument for. AOL (and many large ISP's) users' IP address can and will change from request to request... grab an AOL account for a month and try it for yourself. I did. Justin on 25/10/02 12:06 AM, Jaime Bozza ([EMAIL PROTECTED]) wrote: Really? Your IP randomly changes when your surfing between say yahoo.com and msn.com does it? While it is true that you can force an IP change while your connected, I have not yet seen a Mine doesn't because it's fixed. But for the reasons I stated in my previous email, it may for someone else. In fact, I've *watched* a session's IP address flipflop back and forth when downloading data from one of our websites. There are products out there that multiplex dialup lines without using MPPP. How do they do that? They make multiple connections, each with their own IP Address, and then the unit load balances TCP/IP sessions across the connections. (One TCP/IP session will go out connection #1, the next out of session #2, and so forth) I have been using an extra IP check in our sessions on a website which get's somewhere in the area of 500,000 unique hits a month and we have not had a single complaint of people's session's being dropped. Perhaps the clients you have don't use the devices (or are on AOL, or have webcache devices). Perhaps the ones that have a problem just go away. There could be many reasons why you haven't had a complaint. Personally I find it easier to go somewhere else than complain to a website that I'm having problems with. I'm just pointing out the issues, I'm not forcing anyone to listen. :) Jaime Bozza -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] sessions
... and a further note. In many corporations/schools, the entire network is behind a firewall, hence using only one IP address for 10's or 1000's of users. Depending on how you rely on IP address', this could also be a problem. Just say no to IP address' :) Justin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] sessions
I have not seen it where AOL randomly shunts a new IP to a client, but then again I don't get to many AOL users on the websites which use these sessions, ofcourse of those who do, none have ever complained about there session being lost. It doesn't always happen, but I think AOL's IP timeout is smaller than the session timeout on our websites. When tracking a login issue at one point, I lost track of the customer because his IP changed. He was using AOL. This is true, however most people with secondary connections are (or should) be operated in a BGP fashion where two pipe's can route the same IP subnet while maintaining two seperate routes to the internet. BGP on a dialup or ISDN connection? Multiplexing isn't multihoming. Two different issues. :) (Not to mention that your everyday person doesn't know anything about multihoming and BGP.) Even Linux has the ability (eql is one of the products) to combine multiple upstream gateways (whether they be dialup/ISDN/DSL/T1's, etc) in a simple round-robin form. Cisco routers even have the support (ip load-sharing per-destination) that doesn't require BGP or to have the routes be on the same provider. Jaime Bozza -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] sessions
Yes, overall, a 99% solution is all we can hope for. But all I'm saying is why even check the IP address? What added security does this give you? The hard part is hijacking the session ID. If you can figure out someone's session ID, then I'm pretty sure it wouldn't be hard to figure out their IP and browser type, also. It's not going to stop someone who is dedicated and just adds in extra checks that are 99.9% _always_ the same for regular users. and if they are different, you still can't tell if it's a hacker at a different IP address or a user who just switched IP addresses. The point of doing it is, even if someone gets your SID, they can't just paste it on to the URL because they don't have the IP that matches that session, so when they go to that page, your include file detects this, and stops them. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Building PHP extensions for MacOS X
I need to build a PHP extension that also talks to parts of the MacOS X API/frameworks. I could build simple, generic extensions in gcc, but for OS X APIs, I need to use something a bit bigger. Can anybody give me any tips of how to build PHP extensions in CodeWarrior or ProjectBuilder on MacOS X? Or perhaps a link to somewhere that might help? Thanks -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Sessions FINAL
Well whatever, it works for me just fine, I have haven't had a single complaint of session's being dropped from the site, with a great number of customers who live to complain and are on many diverse networks and configurations. Thats the end of what I'm going to say about it, and I'm just going to erase all future threads in reguard to it, because frankly I don't want to argue, and don't care what you think because it works perfectly for me. Adam Voigt, CCNA [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] String manipulation
Well, what you really trying to do? Validate the format of an email address? If so, what you really should be doing is looking for an existing library of code which validates email address formats against the RFC standard. phpclasses.org is bound to have some, but I really like this one: http://killersoft.com/modules.php?op=modloadname=Newsfile=articlesid=2 For your EXACT problem (making sure 'test.com' comes after the @), you could use regular expressions... BUT [EMAIL PROTECTED] IS a valid email address, so you'd be running into problems pretty quick :) I looked into HEAPS of regexp's that claim to validate email address'... HEAPS of them had problems that would bounce VALIDly formatted email address... the killersoft one is the best I found... Justin on 25/10/02 12:12 AM, Francisco Vaucher ([EMAIL PROTECTED]) wrote: Hi to all (again ;-) I need one or more PHP functions to handle a form input. i.e. you write: [EMAIL PROTECTED] I have to check that after the '@' comes 'test.com'. I think this is easy, Any help on this ? regards in advance... f. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] sessions
A 99% solution is what I strive to get, between javascript and CSS incompatibilty's between browsers, all kinds of HTML, table and form tags looking different between systems, and everything else which breaks design compatibility between the two, the programming side, having the IP check is great, with referer check the original user and the hacker who gets there SID just have both be runnign IE if it was a browser check, I'm willing to live with the possibility that someone could lose there session (though it hasn't happened yet) and if it does maybe we'll look at a different way to do it. Just to bring up your browser/referrer checks, have you seen this in your weblogs? Field blocked by Outpost (http://www.agnitum.com) That's the referrer (HTTP_REFERER) field. :) Another popular product (Norton Internet Security) will block HTTP_REFERER by default also. (It also has the ability to block the browser agent, but it's not on by default) I've seen others that change HTTP_REFERER into HTTP_WEFERER and hash the data so you can't see what it was originally. I'm not sure which product does this. Jaime Bozza -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Packaging files for download
Can anyone point me in the right direction for packaging multiple files together for a single download? Something like tar and gzip combo is what I'm looking for, but I need something that wouldn't work on multiple platforms (Windows, Mac 8,9,X). Something like creating a zip file would be ideal, but I haven't found anything can do this. -- Brent Baisley Systems Architect Landover Associates, Inc. Search Advisory Services for Advanced Technology Environments p: 212.759.6400/800.759.0577 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] outputting articles in a certain format.
Ok, so basically, what you are saying is: do it yourself, or use other programms to do it for you. The basic layout is IN the database! I understand the way you might do it in xml, with e.g. a text element that includes paragraph elements that might include bold elements etc. I thought people might do it with linked tables, where the article id referred to a linked article id that is a key with the paragraph id with other columns being e.g. header and paragraph text. but this might be an overkill. Or as I said before, just plain including of html pages ( which might be useful in framesets but not in standalone pages with sidemenus, banners etc.) thanks anyway.! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] String manipulation
Yes I know, but what I need is to check after the @. I think that regexp it's going to work fine. Erwin wrote something that i think it's going to work. Thanks! -Mensaje original- De: Justin French [mailto:justin;indent.com.au] Enviado el: jueves, 24 de octubre de 2002 11:29 Para: Francisco Vaucher; '[EMAIL PROTECTED]' Asunto: Re: [PHP] String manipulation Well, what you really trying to do? Validate the format of an email address? If so, what you really should be doing is looking for an existing library of code which validates email address formats against the RFC standard. phpclasses.org is bound to have some, but I really like this one: http://killersoft.com/modules.php?op=modloadname=Newsfile=articlesid=2 For your EXACT problem (making sure 'test.com' comes after the @), you could use regular expressions... BUT [EMAIL PROTECTED] IS a valid email address, so you'd be running into problems pretty quick :) I looked into HEAPS of regexp's that claim to validate email address'... HEAPS of them had problems that would bounce VALIDly formatted email address... the killersoft one is the best I found... Justin on 25/10/02 12:12 AM, Francisco Vaucher ([EMAIL PROTECTED]) wrote: Hi to all (again ;-) I need one or more PHP functions to handle a form input. i.e. you write: [EMAIL PROTECTED] I have to check that after the '@' comes 'test.com'. I think this is easy, Any help on this ? regards in advance... f. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Packaging files for download
Look at the user notes on the man page for zip http://www.php.net/manual/en/ref.zip.php, there are several solutions there -Original Message- From: Brent Baisley [mailto:brent;landover.com] Sent: Thursday, October 24, 2002 10:30 AM To: php-gen Subject: [PHP] Packaging files for download Can anyone point me in the right direction for packaging multiple files together for a single download? Something like tar and gzip combo is what I'm looking for, but I need something that wouldn't work on multiple platforms (Windows, Mac 8,9,X). Something like creating a zip file would be ideal, but I haven't found anything can do this. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] sessions
The point of doing it is, even if someone gets your SID, they can't just paste it on to the URL because they don't have the IP that matches that session, so when they go to that page, your include file detects this, and stops them. Definitely a problem. Which is why I recommend multiple checks (IP Address, Referrer, Browser - especially browser) to verify a connection. It's highly unlikely all three of those would change. But if IP Address changed and the referrer and Browser stayed the same it's possibly the same person. (You could also do a little check on how different the IP Address is and base it off of that) Or, if you want to make it more difficult and only accept cookies (which makes it harder for the average joe to accidentally hijack a session), PHP 4.3 will have session.use_only_cookies as a variable. Jaime Bozza -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] dba_open, dba_popen, caches, not closing database, etc..
that'll do it.. cheers :-) -- Giles Constant, Systems Programmer Hyperlink Interactive http://www.hyperlink-interactive.co.uk On Thu, 24 Oct 2002, Marek Kilimajer wrote: You can use register_shutdown_function(). Giles Constant wrote: Hi People, I'm having problems with the dba extension. An application I've written using db2 is working beautifully on my machine, but due to various reasons, the machine it's supposed to work on can have anything but db2 as the database backend. I've tried gdbm, ndbm and db3, and they all have the same problem - if I've just written to the database, I can't open it again for about 5 minutes - the php page just prints the Warning: driver initialization failed in blahblah.php error. After leaving it for a while, it starts working again. I've abstracted the database through a class, which opens the database and syncs all writes, but it doesn't automatically close it (without the use of a destructor, there isn't anywhere I could sensibly put code to do it). I've tried dba_open and dba_popen, and both demonstrate the same problem. Anybody got any tips for this? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: include_path in php.ini
I think my problem lies in the php.ini file. What should my include_path be set to in my php.ini file?? Whenever I try and include anything I get the error message below. Prachait Saxena [EMAIL PROTECTED] wrote in message news:20021023212920.66050.qmail;pb1.pair.com... Hello Paul Fine tell is the path of the file which u wourld like to include and in which u want to include Paul Reisinger [EMAIL PROTECTED] wrote in message news:20021023144811.38123.qmail;pb1.pair.com... I am new to installing and configuring php especially on a windowzzz server. I am having trouble getting php includes to work. example: (?php include(http://mywebsite.com/forum/ssi.php;); ?) I get this error: Warning: Failed opening 'http://mywebsite.com/forum/ssi.php'for inclusion (include_path='D:\Inetpub\NewIntraRoot') in D:\Inetpub\NewIntraRoot\test.php on line 6 I know the include path is wrong but I've tried so many different paths. I've searched the php manual but it doesnt give me a good understanding of what really needs to be configured and how to do it. I have also searched the web. It's probobly so simple that it doesnt need any more explanation. Could someone out there give me any advice? System Windows NT 5.0 build 2195 Build Date Sep 6 2002 10:38:51 Server API CGI Virtual Directory Support enabled Configuration File (php.ini) Path C:\WINNT\php.ini Debug Build no Thread Safety enabled implicit_flush Off Off include_path D:\Inetpub\NewIntraRoot D:\Inetpub\NewIntraRoot log_errors Off Off php is installed on C but the site is hosted on D. Does this make sense? Its dones not have any problem ?include(c:/myfile.php);? work fine where these lines are addedd in d:/index.php -- Bye, and Have a nice day. Prachait Saxena If you do for other's ! Other's will do for you !! Visit me at http://www.Prachait.Com/ http://www.SitesOnTesting.Com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] String manipulation
If you are trying to just validate the email you might also try to the email validation function that php.net uses. You can get it in the CSV area of the site. _ / Joshua Minnie\ ++---+ | Wild Web Technology| | Independent Web Consultant/Developer | | [EMAIL PROTECTED] | || | Tel : 616.890.1566 | ++ Francisco Vaucher [EMAIL PROTECTED] wrote in message news:3B966ABC166BAF47ACBF4639003B11AC848AE9;exchange.adtarg.com... : : Yes I know, but what I need is to check after the @. : : I think that regexp it's going to work fine. Erwin wrote something that i : think it's going to work. : : Thanks! : : -Mensaje original- : De: Justin French [mailto:justin;indent.com.au] : Enviado el: jueves, 24 de octubre de 2002 11:29 : Para: Francisco Vaucher; '[EMAIL PROTECTED]' : Asunto: Re: [PHP] String manipulation : : : Well, what you really trying to do? Validate the format of an email : address? If so, what you really should be doing is looking for an existing : library of code which validates email address formats against the RFC : standard. : : phpclasses.org is bound to have some, but I really like this one: : : http://killersoft.com/modules.php?op=modloadname=Newsfile=articlesid=2 : : : For your EXACT problem (making sure 'test.com' comes after the @), you could : use regular expressions... BUT [EMAIL PROTECTED] IS a valid email address, : so you'd be running into problems pretty quick :) : : : I looked into HEAPS of regexp's that claim to validate email address'... : HEAPS of them had problems that would bounce VALIDly formatted email : address... the killersoft one is the best I found... : : : : Justin : : : on 25/10/02 12:12 AM, Francisco Vaucher ([EMAIL PROTECTED]) wrote: : : : Hi to all (again ;-) : : I need one or more PHP functions to handle a form input. : : i.e. you write: [EMAIL PROTECTED] : : I have to check that after the '@' comes 'test.com'. I think this is easy, : : Any help on this ? : : regards in advance... : : f. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] pass globals to functions???
? // this is main $foo = 'bar'; test(); test2(); function test() { global $foo; echo foo is $foobr; } function test2() { echo foo is {$GLOBALS['foo']}br; } ? Kirk Some have eluded to this but I haven't seen a working example. I would like to declare globals in my main script and then inside functions that need these globals just somehow use the $GLOBALS or something to declare the variables global in the function. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Perl - PHP question
You either need to: 1) Set multiple cookies for each index: setCookie('session[foo]'...) setCookie('session[bar]'...) 2) Serialize/unserialize your array. setCookie('session', serialize($session_array) ); $session = unserialize($_COOKIE['session']); -js Tom Woody wrote: Did a google and archive search but I couldn't find anything related... I am migrating a bunch of perl CGI apps to PHP. In one of the perl pages a cookie is set and the value of the cookie is a perl hash. I am trying to duplicate that cookie in PHP to make my life 100 times easier. In perl: use CGI::Cookie; $session{value1} = something; $session{value2} = else; CGI::Cookie(-name='session',-value=%session); In another perl script: use CGI; $query = CGI-new(); %session = $query-cookie(-name='session'); print value1: $session{value1}\n; print value2: $session{value2}\n; Output: value1: something value2: else To try and duplicate this in PHP, I first examined the data in the cookie that was set by perl: value1somethingvalue2else So when I set the cookie in php I did: setcookie('session','value1somethingvalue2else'); Obviously this doesn't work... %session just results in a single value of value1somethingvalue2else rather than a hash. I also tried using Associative Arrays as they are the closest to the Perl Hash that I could find. $session[value1] = something; $session[value2] = else; setcookie('session',$session); The cookie then has the value Array Any suggestions...ideally I don't want to have to change anything in the perl scripts, I just want to retire them as PHP replacements are completed. The page that sets the cookie is the first page (obviously) and so would take the pressure off getting the other pages done in PHP. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] ldap_add problem
Hi, I wrote a simple page that tries to enter a string into a LDAP server. I get the following error: Warning: LDAP: add operation could not be completed. in /var/www/html/user/adduser_p.php on line 65 Where in my log files can I go to look for more detailed info on that error, I don't know if I have logging enabled for slapd. Thanks!! -GC -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Office XP pro - email attachments
Hello, I know XP (argh...) Anyways, I written a script where a user can upload a gif or jpeg and then I email it to an email address. Now, everything works fine, the reciever can view the attachments in Squirell Mail, Outlook Express, and Outlook (both are Office 2000 versions). But under outlook for Office XP pro, it doesn't even display that there is an attachment. I was wondering, are there some email headers that I must send as well for XP to see it? Also, Outlook Xp can see email attachments when I send from an email client so I don't think it's a Xp settings issue. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Sessions help please
Hi guys I'm a little confused on how sessions work. ok I use session_start(); to get started I know that but then the manual starts to confuse me with all of the garbled text about passing the SID. How do I tell if it was compiled with transparent SID passing? Also I'm not sure how to use cookies and this is just a small application for private use so I don't mind passing it using urls for this iteration of the project. Also I'm not quite sure how to auctually perserve the variables across pages. Thanks, Bryan
[PHP] Session Trouble
I'm trying to register a session for a poll by first opening the session (session_start()), then registering it like this: $_SESSION['voted'] = yes; Problem is, when I check to see if the session is there: if(isset($_SESSION['voted'])) I have it load up a page containing the poll results: ?php if(isset($_SESSION['voted'])) { include(poll_voted.php); } ? But it doesn't display it. It displays the default (which is the voting part). Any ideas why? Thanks, Stephen Craton http://www.melchior.us http://php.melchior.us
[PHP] Quick way to test series of integers
Hey there, I have around 50 checkboxes on an HTML form. Their value is 1. So, when a user check the box, then no problem -- the value returned by the form is 1 and I can enter that into my SQL database. HOWEVER... If the user does not check the box, I'm in trouble, because the value does not default to 0, but rather nil I'm guessing... mysql query doesn't like my trying to pass NOTHING. I COULD go through each of the 50 returned variables and, if they are not 1, assign 0 to them. But I'm wondering if there is a better way to go about this?? Thanks, Paul -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quick way to test series of integers
Actually that wouldn't work becuase if you tested this you would have noticed that no name or value at all is passed for a checkbox or radio button that is not checked. input type=checkbox name=a value=1 input type=checkbox name=b value=1 checked input type=checkbox name=c value=1 checked In this example $_POST['a'] is not set so you can not check it in a conditional statement. One possible solution here is to use Radio Buttons instead of check boxes. input type=checkbox name=a value=0 checkedinput type=checkbox name=a value=1 input type=checkbox name=b value=0input type=checkbox name=b value=1 checked input type=checkbox name=c value=0input type=checkbox name=c value=1 checked It's a bit more cumbersome visually but it's the proper way to get the functionality you want. Now $_POST['a'] is set and contains 0. -Kevin - Original Message - From: Paul Kaiser [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, October 24, 2002 3:35 PM Subject: [PHP] Quick way to test series of integers Hey there, I have around 50 checkboxes on an HTML form. Their value is 1. So, when a user check the box, then no problem -- the value returned by the form is 1 and I can enter that into my SQL database. HOWEVER... If the user does not check the box, I'm in trouble, because the value does not default to 0, but rather nil I'm guessing... mysql query doesn't like my trying to pass NOTHING. I COULD go through each of the 50 returned variables and, if they are not 1, assign 0 to them. But I'm wondering if there is a better way to go about this?? Thanks, Paul -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Quick way to test series of integers
One way you could do it is to put a hidden input before each checkbox with the same name as the checkbox and set the value to 0. This works because PHP will process all input fields in order overwriting previous ones if it comes accross one with the same name.. eg.. input type=hidden name=one value=0 / input type=checkbox name=one value=1 / input type=hidden name=two value=0 / input type=checkbox name=two value=1 / and so on Regards Jarrad Kabral -Original Message- From: Paul Kaiser [mailto:paukai;illinimedia.com] Sent: Friday, 25 October 2002 7:35 AM To: [EMAIL PROTECTED] Subject: [PHP] Quick way to test series of integers Hey there, I have around 50 checkboxes on an HTML form. Their value is 1. So, when a user check the box, then no problem -- the value returned by the form is 1 and I can enter that into my SQL database. HOWEVER... If the user does not check the box, I'm in trouble, because the value does not default to 0, but rather nil I'm guessing... mysql query doesn't like my trying to pass NOTHING. I COULD go through each of the 50 returned variables and, if they are not 1, assign 0 to them. But I'm wondering if there is a better way to go about this?? Thanks, Paul -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Quick way to test series of integers
Just add zero to the variables in your processing script... ie... $var_1 += 0; $var_2 += 0; That way if they are set to one, no difference. if they are set to then they become zero. It's worked for me in the past. On Thu, 24 Oct 2002, Paul Kaiser wrote: Hey there, I have around 50 checkboxes on an HTML form. Their value is 1. So, when a user check the box, then no problem -- the value returned by the form is 1 and I can enter that into my SQL database. HOWEVER... If the user does not check the box, I'm in trouble, because the value does not default to 0, but rather nil I'm guessing... mysql query doesn't like my trying to pass NOTHING. I COULD go through each of the 50 returned variables and, if they are not 1, assign 0 to them. But I'm wondering if there is a better way to go about this?? Thanks, Paul -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Office XP pro - email attachments
Hello, On 10/24/2002 04:19 PM, Bobby wrote: Hello, I know XP (argh...) Anyways, I written a script where a user can upload a gif or jpeg and then I email it to an email address. Now, everything works fine, the reciever can view the attachments in Squirell Mail, Outlook Express, and Outlook (both are Office 2000 versions). But under outlook for Office XP pro, it doesn't even display that there is an attachment. I was wondering, are there some email headers that I must send as well for XP to see it? Also, Outlook Xp can see email attachments when I send from an email client so I don't think it's a Xp settings issue. It may be one of many bugs of the mail function. You may want to try this class for composing and sending messages that can be used to send messages with attachments and has built-in workaround for many of the mail() function quirks: http://www.phpclasses.org/mimemessage -- Regards, Manuel Lemos -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] mkdir and directory permissions
Hi-ya all, here's a quickie... In my script I create a directory (mysql.backup.timestamp/) within a directory called backup/. I use the function mkdir(mysql.backup.timestamp, 0777); and it shows the permissions as after the function executes: drx--t 2 nobodydaemon1024 Oct 24 15:16 mysql.backup.October-24-2002-1516 Where's the permissions (drx--t 2 nobody daemon) coming from? Is it the php.ini, apache conf or the operating system? I would like to set the owner to root and the group to nc. How can this be achieved by the php script? Or do I have set this up in the other environments (OS or Apache)? Cheers! -Matias -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quick way to test series of integers
If they're the only input in the form, you could do something like: foreach($_GET as $key=$value){ if(!array_key_exists($key,$_GET)){ $_GET[$key] = 0; } } //Subsitute $_POST for $_GET if it's a post form. Paul Kaiser wrote: Hey there, I have around 50 checkboxes on an HTML form. Their value is 1. So, when a user check the box, then no problem -- the value returned by the form is 1 and I can enter that into my SQL database. HOWEVER... If the user does not check the box, I'm in trouble, because the value does not default to 0, but rather nil I'm guessing... mysql query doesn't like my trying to pass NOTHING. I COULD go through each of the 50 returned variables and, if they are not 1, assign 0 to them. But I'm wondering if there is a better way to go about this?? Thanks, Paul -- The above message is encrypted with double rot13 encoding. Any unauthorized attempt to decrypt it will be prosecuted to the full extent of the law. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] IMAP problem - How to open other folders
Hi all ! What I am missing? I have script using IMAP function to open my mailbox- First I open the IMAP using imap_open. After I read all my messages in my INBOX, up until now, everything goes well. Now I want to open other folders and I can't. I've trying these following functions: - imap_getmailboxes - imap_listmailbox - imap_scanmailbox // $list = imap_getmailboxes($mbox,{192.168.0.1:110/pop3},*); if (!is_null($list)) { while(list($key,$val)=each($list)) { print ($key) ; print imap_utf7_decode($val-name).,; print '.$val-delimiter.',; print $val-attributes.br\n; } $list = imap_listmailbox($mbox,{192.168.0.1:110/pop3},*); if(is_array($list)) { reset($list); while (list($key, $val) = each($list)) print imap_utf7_decode($val).br\n; } else print imap_listmailbox a échoué: .imap_last_error().\n; Nothing wouldn't work well with me? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] processing form checkboxes
Heya folks, not sure if this is more of a php question or an html question, though I'm right now leaning towards a 50% php, 50% html, so I think this is on topic still. I have a form filled with checkboxes, each representing one of the 50 states. A user can check as many states as they want, then post the data - The checkbox form would look *something* like: tdinput type=checkbox name=state value=1nbsp;nbsp;Alabama/td tdinput type=checkbox name=state value=2nbsp;nbsp;Alaska/td tdinput type=checkbox name=state value=3nbsp;nbsp;Arizona/td Instead of assigning a unique name to each checkbox, I know there's *some* way to make it so the same name has multiple values, as I've seen it done before (somehow). When posting the data though, the script is only recognizing the box checked with the highest value foreach ($_POST as $value) { echo $valuebr/\n; } ^^^ Only shows the highest value Any ideas on how to do this without having to check for isset($_POST['california']), isset($_POST['alabama']) etc. etc.? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: processing form checkboxes
you need brackets, so when php initializes the variables, it knows to make the variable state an array. name=state[] -Matias James Taylor [EMAIL PROTECTED] wrote in message news:DOEJIAGJHJHPBFMLOGOFKEJNCDAA.jtx;hatesville.com... Heya folks, not sure if this is more of a php question or an html question, though I'm right now leaning towards a 50% php, 50% html, so I think this is on topic still. I have a form filled with checkboxes, each representing one of the 50 states. A user can check as many states as they want, then post the data - The checkbox form would look *something* like: tdinput type=checkbox name=state value=1nbsp;nbsp;Alabama/td tdinput type=checkbox name=state value=2nbsp;nbsp;Alaska/td tdinput type=checkbox name=state value=3nbsp;nbsp;Arizona/td Instead of assigning a unique name to each checkbox, I know there's *some* way to make it so the same name has multiple values, as I've seen it done before (somehow). When posting the data though, the script is only recognizing the box checked with the highest value foreach ($_POST as $value) { echo $valuebr/\n; } ^^^ Only shows the highest value Any ideas on how to do this without having to check for isset($_POST['california']), isset($_POST['alabama']) etc. etc.? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Session Trouble
why don't you use the session_register(voted) function. Then if you want to check it you can use the session_is_registered(voted) . -Matias Stephen [EMAIL PROTECTED] wrote in message news:000a01c27ba1$d8871e00$0200a8c0;melchior... I'm trying to register a session for a poll by first opening the session (session_start()), then registering it like this: $_SESSION['voted'] = yes; Problem is, when I check to see if the session is there: if(isset($_SESSION['voted'])) I have it load up a page containing the poll results: ?php if(isset($_SESSION['voted'])) { include(poll_voted.php); } ? But it doesn't display it. It displays the default (which is the voting part). Any ideas why? Thanks, Stephen Craton http://www.melchior.us http://php.melchior.us -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sessions help please
Have a look through the articles and or tutorials that can be found on phpbeginner.com and also phpbuilder.com they will give u a good place to start learning about it all :) -Original Message- From: Bryan McLemore [mailto:Kaelten;worldnet.att.net] Sent: Friday, 25 October 2002 2:19 AM To: PHP - General Subject: [PHP] Sessions help please Hi guys I'm a little confused on how sessions work. ok I use session_start(); to get started I know that but then the manual starts to confuse me with all of the garbled text about passing the SID. How do I tell if it was compiled with transparent SID passing? Also I'm not sure how to use cookies and this is just a small application for private use so I don't mind passing it using urls for this iteration of the project. Also I'm not quite sure how to auctually perserve the variables across pages. Thanks, Bryan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Trouble
I'm trying to register a session for a poll by first opening the session (session_start()), then registering it like this: $_SESSION['voted'] = yes; Problem is, when I check to see if the session is there: if(isset($_SESSION['voted'])) I have it load up a page containing the poll results: ?php if(isset($_SESSION['voted'])) { include(poll_voted.php); } ? But it doesn't display it. It displays the default (which is the voting part). Any ideas why? Stephen i have this sort of thing in my site .. what I suggest (and this works for me no problems) is ?php if (isset($_SESSION['voted'])){ Header (Location:poll_voted.php); } ? I prefer to do it that way than to use includes, also you will have to make sure this is at the very top of the page before any html tags etc are set. Cheers Peter -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Screen resolution
javascript. and no, this isn't a php question :) justin on 25/10/02 2:04 AM, [EMAIL PROTECTED] ([EMAIL PROTECTED]) wrote: Is there any way to have the client browser report what resolution it currently uses? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Logged in users
There are classes on phpclasses.org that attempt to do this. It's been discussed MANY times before. There are a couple of methods: 1. sessions -- count your active sessions 2. counters -- each time a page is acessed, log it with a time stamp... after 30 seconds (or whatever you decide is enuff time), delete it... the total count of logged requests is a rough guide to how many people are online... 3. a combination of the two... you can use the session id to ensure that if one user visits 8 pages in 30 seconds, it doesn't appear that he/she is 8 users instead of one. Seriously, check the archives, dig around phpclasses... i know it's been done to death :) Justin on 25/10/02 5:01 AM, Plasje ([EMAIL PROTECTED]) wrote: Hi there, After a long search I still have the problem getting the amount of users that is logged in on a specific moment. Can anybody help me out on which function or variable to use? Thanks in advance Robert -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session Trouble
That'd work nice for me too but I'm including a small table into the main page toward the center. Forwarding them to the included page wouldn't work in this case... - Original Message - From: Peter Houchin [EMAIL PROTECTED] To: Stephen [EMAIL PROTECTED]; PHP List [EMAIL PROTECTED] Sent: Thursday, October 24, 2002 6:34 PM Subject: RE: [PHP] Session Trouble I'm trying to register a session for a poll by first opening the session (session_start()), then registering it like this: $_SESSION['voted'] = yes; Problem is, when I check to see if the session is there: if(isset($_SESSION['voted'])) I have it load up a page containing the poll results: ?php if(isset($_SESSION['voted'])) { include(poll_voted.php); } ? But it doesn't display it. It displays the default (which is the voting part). Any ideas why? Stephen i have this sort of thing in my site .. what I suggest (and this works for me no problems) is ?php if (isset($_SESSION['voted'])){ Header (Location:poll_voted.php); } ? I prefer to do it that way than to use includes, also you will have to make sure this is at the very top of the page before any html tags etc are set. Cheers Peter -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] HTTPS problem with forms
I recently switched my site from a server running PHP 4.0.1 to a site using 4.2.1. Other than this the servers are identical, running both the same versions of redhat linux and apache. Now however, I can no longer post to forms using HTTPS. It returns a Page cannot be displayed error. Occasionally it will work fine, but most of the time is errors. If I refresh it will eventually bring up the page. Has anybody else had this error? I'm not sure if it is PHP or mod_ssl or what. Thanks, Aaron Willis [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: PHP Session register variable not always restored with contents
I have same troubles!!! I use php internet trade traffic system, and 10-20% of visitors lose their sessions data. Cut from logs: Remote address: ## Referer: http://mydomain.com/ URI: /out.php?id=1PHPSESSID=235a91cef853e750a6b67a70375e7d88 User-agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0) Session ID: 616596c44d83c581a829658b63191d7c Session DATA: Remote address: ## Referer: http://mydomain.com/music.php?0 URI: /out.php?id=1link=freemusic User-agent: Mozilla/5.0 (Windows; U; Win98; de-DE; QXW0330l) Gecko/20011019 Netscape6/6.2 Session ID: b7a5708d134a08c370fb5778e099d0d0 Session DATA: Session DATA is EMPTY ! In 10-20% of visitors. I think this is a PHP bug, because most of visitors don't lose their session data. I used my script on 10 different servers (BSD,Linux) and PHP 4.0.6 - PHP 4.2.1. On Mon, 30 Sep 2002 17:34:27 +0300, Brad Hanson wrote: many times the value is presented. Sometimes it is a null string. Sometimes it takes a few refreshes before it will display anything other than blank. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Creating Directories
Hello, I have a newsletter script with a very (going to be I hope) cool skinning system. One part is creating a new skin and to do so, it needs to create a directory to hold the template files in. How exactly can this be done? Thanks, Stephen Craton http://www.melchior.us http://php.melchior.us
RE: [PHP] Re: PHP Session register variable not always restored with contents
What is supposed to be in the session? Maybe these users are just denying cookies? ---John Holmes... -Original Message- From: Victor Soroka [mailto:vs240;yahoo.com] Sent: Thursday, October 24, 2002 10:08 AM To: [EMAIL PROTECTED] Subject: [PHP] Re: PHP Session register variable not always restored with contents I have same troubles!!! I use php internet trade traffic system, and 10-20% of visitors lose their sessions data. Cut from logs: Remote address: ## Referer: http://mydomain.com/ URI: /out.php?id=1PHPSESSID=235a91cef853e750a6b67a70375e7d88 User-agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0) Session ID: 616596c44d83c581a829658b63191d7c Session DATA: Remote address: ## Referer: http://mydomain.com/music.php?0 URI: /out.php?id=1link=freemusic User-agent: Mozilla/5.0 (Windows; U; Win98; de-DE; QXW0330l) Gecko/20011019 Netscape6/6.2 Session ID: b7a5708d134a08c370fb5778e099d0d0 Session DATA: Session DATA is EMPTY ! In 10-20% of visitors. I think this is a PHP bug, because most of visitors don't lose their session data. I used my script on 10 different servers (BSD,Linux) and PHP 4.0.6 - PHP 4.2.1. On Mon, 30 Sep 2002 17:34:27 +0300, Brad Hanson wrote: many times the value is presented. Sometimes it is a null string. Sometimes it takes a few refreshes before it will display anything other than blank. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Creating Directories
mkdir() -Original Message- From: Stephen [mailto:webmaster;melchior.us] Sent: Thursday, October 24, 2002 8:41 PM To: PHP List Subject: [PHP] Creating Directories Hello, I have a newsletter script with a very (going to be I hope) cool skinning system. One part is creating a new skin and to do so, it needs to create a directory to hold the template files in. How exactly can this be done? Thanks, Stephen Craton http://www.melchior.us http://php.melchior.us -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] processing form checkboxes
Add [] to name of variable tdinput type=checkbox name=state[] value=1nbsp;nbsp;Alabama/td - Original Message - From: James Taylor [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, October 24, 2002 6:05 PM Subject: [PHP] processing form checkboxes Heya folks, not sure if this is more of a php question or an html question, though I'm right now leaning towards a 50% php, 50% html, so I think this is on topic still. I have a form filled with checkboxes, each representing one of the 50 states. A user can check as many states as they want, then post the data - The checkbox form would look *something* like: tdinput type=checkbox name=state value=1nbsp;nbsp;Alabama/td tdinput type=checkbox name=state value=2nbsp;nbsp;Alaska/td tdinput type=checkbox name=state value=3nbsp;nbsp;Arizona/td Instead of assigning a unique name to each checkbox, I know there's *some* way to make it so the same name has multiple values, as I've seen it done before (somehow). When posting the data though, the script is only recognizing the box checked with the highest value foreach ($_POST as $value) { echo $valuebr/\n; } ^^^ Only shows the highest value Any ideas on how to do this without having to check for isset($_POST['california']), isset($_POST['alabama']) etc. etc.? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] processing form checkboxes
Put square brackets behine the nameie input type=checkbox name=state[] value=1 James Taylor wrote: Heya folks, not sure if this is more of a php question or an html question, though I'm right now leaning towards a 50% php, 50% html, so I think this is on topic still. I have a form filled with checkboxes, each representing one of the 50 states. A user can check as many states as they want, then post the data - The checkbox form would look *something* like: tdinput type=checkbox name=state value=1nbsp;nbsp;Alabama/td tdinput type=checkbox name=state value=2nbsp;nbsp;Alaska/td tdinput type=checkbox name=state value=3nbsp;nbsp;Arizona/td Instead of assigning a unique name to each checkbox, I know there's *some* way to make it so the same name has multiple values, as I've seen it done before (somehow). When posting the data though, the script is only recognizing the box checked with the highest value foreach ($_POST as $value) { echo $valuebr/\n; } ^^^ Only shows the highest value Any ideas on how to do this without having to check for isset($_POST['california']), isset($_POST['alabama']) etc. etc.? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session Trouble
I don't know if it will solve your problem, but you may want to set the session variable to a boolean (true | false) $_SESSION['voted'] = true; Stephen wrote: I'm trying to register a session for a poll by first opening the session (session_start()), then registering it like this: $_SESSION['voted'] = yes; Problem is, when I check to see if the session is there: if(isset($_SESSION['voted'])) I have it load up a page containing the poll results: ?php if(isset($_SESSION['voted'])) { include(poll_voted.php); } ? But it doesn't display it. It displays the default (which is the voting part). Any ideas why? Thanks, Stephen Craton http://www.melchior.us http://php.melchior.us -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Adding Content Management to live site
Depending on the size and current format, you may want to import everything into the CMS. Might work well for searching etc. I recently converted our companies static website (11,000 pages - we're a magazine publisher) to a mysql database. Tough work, but not as gruelling as it sounds. I wrote a script to parse thru the static html files and grab the title article and date. Also made use of the naming conventions to construct the date. A couple days work to get something that worked accurately for the different article formats but well worth it. Putting together index page and archives pages is pretty much cake work. A simple query will grab todays news, the past week, a month from 2000 or whatever. You can email me if you'd like some code pieces. olinux --- Maxim Maletsky [EMAIL PROTECTED] wrote: You could leave the site links the way they are by working out a good logic within apache's mod_rewtire routine. So, basically you would install CMS for the site and forward there the whole site's used links accordingly. It's the most elegant solution, but not the easiest to accomplish. I have done that once for a site with over 600Mb of static pages. It was a site for the printed magazine. -- Maxim Maletsky [EMAIL PROTECTED] www.PHPBeginner.com // PHP for Beginners www.maxim.cx // my Home // my Wish List: ( Get me something! ) http://www.amazon.com/exec/obidos/registry/2IXE7SMI5EDI3 Tariq Murtaza [EMAIL PROTECTED] wrote... : Try postnuke.com Ashley M. Kirchner wrote: I need to add some type of Content Management System to an already existing site. All my client wants to be able to do is adding new articles every week, and have the system update the main (index) page with those articles (adding excerpts and keep a list of published articles.) The criteria is that the current index page has to stay the way it is now, just the management has to be somewhat automated. Right now everything is being done manually, every article manually linked in the index page and the little excerpts written out by hand. Can anyone suggest a CMS program that I can feed the current page to and have it work without having to rewrite the whole site into the CMS program? -- H | I haven't lost my mind; it's backed up on tape somewhere. + Ashley M. Kirchner mailto:ashley;pcraft.com . 303.442.6410 x130 IT Director / SysAdmin / WebSmith . 800.441.3873 x130 Photo Craft Laboratories, Inc.. 3550 Arapahoe Ave. #6 http://www.pcraft.com . . .. Boulder, CO 80303, U.S.A. -- Tariq Murtaza Assistant Web Master Business Technology Team Small Medium Enterprise Development Authority Government of Pakistan 1st Floor, Waheed Trade Complex 36-XX, Khayaban-e-Iqbal, D.H.A Lahore-54792, PAKISTAN Tel: (92 42) 111 111 456 Fax: (92 42) 5896619 Website: http://www.smeda.org.pk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php __ Do you Yahoo!? Y! Web Hosting - Let the expert host your web site http://webhosting.yahoo.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Replace illegal filename chars???
Doesn't work. It returned the same as what I put in: What's Up Doc? -Shawn Maxim Maletsky [EMAIL PROTECTED] wrote in message news:20021024122630.4E99.MAXIM;php.net... Use a regular expression like: $str = ereg_replce(/[^[:alnum:]]/i, '', $str); -- Maxim Maletsky [EMAIL PROTECTED] www.PHPBeginner.com // PHP for Beginners www.maxim.cx // my Home // my Wish List: ( Get me something! ) http://www.amazon.com/exec/obidos/registry/2IXE7SMI5EDI3 Marek Kilimajer [EMAIL PROTECTED] wrote... : I use strtr() for this Shawn McKenzie wrote: Anyone have a good way to remove from a string all characters and spaces that are illegal in a filename??? $string = What's up Doc?; I need: $filename = whatsupdoc; TIA -Shawn -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Replace illegal filename chars???
close but preg_replace(/[^[:print:]]/,'',$str); is what you want. The below would work but typo'ed ... ereg_replce should be ereg_replace Also..that is just A-Za-z0-9 ... many OS's allow punctation also...[:print:] will cover this. Now only if php supported [:control:] and [:graph:] :) -Peter -Original Message- From: Shawn McKenzie [mailto:nospam;mckenzies.net] Sent: Friday, October 25, 2002 04:48 To: [EMAIL PROTECTED] Subject: Re: [PHP] Replace illegal filename chars??? Doesn't work. It returned the same as what I put in: What's Up Doc? -Shawn Maxim Maletsky [EMAIL PROTECTED] wrote in message news:20021024122630.4E99.MAXIM;php.net... Use a regular expression like: $str = ereg_replce(/[^[:alnum:]]/i, '', $str); -- Maxim Maletsky [EMAIL PROTECTED] www.PHPBeginner.com // PHP for Beginners www.maxim.cx // my Home // my Wish List: ( Get me something! ) http://www.amazon.com/exec/obidos/registry/2IXE7SMI5EDI3 Marek Kilimajer [EMAIL PROTECTED] wrote... : I use strtr() for this Shawn McKenzie wrote: Anyone have a good way to remove from a string all characters and spaces that are illegal in a filename??? $string = What's up Doc?; I need: $filename = whatsupdoc; TIA -Shawn -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Replace illegal filename chars???
Thanks, the ereg_replace example didn't work for me (even after fixing the typo). A-Za-z0-9 is fine for my needs, replacing them with . What is your preg_replace allowing? Thanks! Shawn Peter Mr. Eps Thoenen [EMAIL PROTECTED] wrote in message news:A733FF9B1FB0F441B3A6209FF71030E50169B287;bondsteel2.areur.army.mil... close but preg_replace(/[^[:print:]]/,'',$str); is what you want. The below would work but typo'ed ... ereg_replce should be ereg_replace Also..that is just A-Za-z0-9 ... many OS's allow punctation also...[:print:] will cover this. Now only if php supported [:control:] and [:graph:] :) -Peter -Original Message- From: Shawn McKenzie [mailto:nospam;mckenzies.net] Sent: Friday, October 25, 2002 04:48 To: [EMAIL PROTECTED] Subject: Re: [PHP] Replace illegal filename chars??? Doesn't work. It returned the same as what I put in: What's Up Doc? -Shawn Maxim Maletsky [EMAIL PROTECTED] wrote in message news:20021024122630.4E99.MAXIM;php.net... Use a regular expression like: $str = ereg_replce(/[^[:alnum:]]/i, '', $str); -- Maxim Maletsky [EMAIL PROTECTED] www.PHPBeginner.com // PHP for Beginners www.maxim.cx // my Home // my Wish List: ( Get me something! ) http://www.amazon.com/exec/obidos/registry/2IXE7SMI5EDI3 Marek Kilimajer [EMAIL PROTECTED] wrote... : I use strtr() for this Shawn McKenzie wrote: Anyone have a good way to remove from a string all characters and spaces that are illegal in a filename??? $string = What's up Doc?; I need: $filename = whatsupdoc; TIA -Shawn -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] How many is too many?
This is a more general server question: I know that having a large number of files in one folder can slow down a web server, but, how many would it take for this to be a problem? Wondering if I should store all articles for a content site in one big 'articles' folder with each article having it's own folder within (/articles/article_id/), or if I should organize them by year then article name (/articles/2002/article_id). The site will only produce a few hundred articles a year. I'd like the keep the file structure shallow and simple if possible, but, if it could potentially slow the server down by putting so many folder in one I'll split them up more. Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Sessions help Please
Hi guys I'm a little confused on how sessions work. ok I use session_start(); to get started I know that but then the manual starts to confuse me with all of the garbled text about passing the SID. How do I tell if it was compiled with transparent SID passing? Also I'm not sure how to use cookies and this is just a small application for private use so I don't mind passing it using urls for this iteration of the project. Also I'm not quite sure how to auctually perserve the variables across pages. Thanks, Bryan
Re: [PHP] How many is too many?
I read in here once or twice that it's worth worrying about at the 1000's mark, not 100's. However, hashing them into years (/2002/), or categories (/sports/), or alphabetically (/a/, /b/, /c/), or by author might prove beneficial froma content management point of view. Then logical end choice you make will depend on your site, and how people use it. For the amount of articles you're talking about, you'd definitely only need one level of hashing. Justin on 25/10/02 2:40 PM, Monty ([EMAIL PROTECTED]) wrote: This is a more general server question: I know that having a large number of files in one folder can slow down a web server, but, how many would it take for this to be a problem? Wondering if I should store all articles for a content site in one big 'articles' folder with each article having it's own folder within (/articles/article_id/), or if I should organize them by year then article name (/articles/2002/article_id). The site will only produce a few hundred articles a year. I'd like the keep the file structure shallow and simple if possible, but, if it could potentially slow the server down by putting so many folder in one I'll split them up more. Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sessions help Please
have a look on phpbeginner there is a couple of articles/tutorials that explain this also look at previous posts :) -Original Message- From: Bryan McLemore [mailto:Kaelten;worldnet.att.net] Sent: Friday, 25 October 2002 6:39 AM To: PHP - General Subject: [PHP] Sessions help Please Hi guys I'm a little confused on how sessions work. ok I use session_start(); to get started I know that but then the manual starts to confuse me with all of the garbled text about passing the SID. How do I tell if it was compiled with transparent SID passing? Also I'm not sure how to use cookies and this is just a small application for private use so I don't mind passing it using urls for this iteration of the project. Also I'm not quite sure how to auctually perserve the variables across pages. Thanks, Bryan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How many is too many?
Why not store them in a database with one php script selecting them? Monty wrote: This is a more general server question: I know that having a large number of files in one folder can slow down a web server, but, how many would it take for this to be a problem? Wondering if I should store all articles for a content site in one big 'articles' folder with each article having it's own folder within (/articles/article_id/), or if I should organize them by year then article name (/articles/2002/article_id). The site will only produce a few hundred articles a year. I'd like the keep the file structure shallow and simple if possible, but, if it could potentially slow the server down by putting so many folder in one I'll split them up more. Thanks! -- The above message is encrypted with double rot13 encoding. Any unauthorized attempt to decrypt it will be prosecuted to the full extent of the law. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sessions help Please
on 25/10/02 6:38 AM, Bryan McLemore ([EMAIL PROTECTED]) wrote: Hi guys I'm a little confused on how sessions work. ok I use session_start(); to get started I know that but then the manual starts to confuse me with all of the garbled text about passing the SID. How do I tell if it was compiled with transparent SID passing? make a ? phpinfo() ? file -- it will explain what PHP was compiled with up the top-ish. Also I'm not sure how to use cookies and this is just a small application for private use so I don't mind passing it using urls for this iteration of the project. By default, sessions will work with cookies (at least every install i've seen)... you don't need to do anything special to get it working. *IF* you are worried about people without cookies not being able to maintain the session, *THEN* passing the SID around in URLs would be the next step. You can do this manually (a lot of work), or... *IF* enable_trans_sid() was compiled (or if you can comile with it), this is the best option, because everything happens transparently... IF the user allows cookies, PHP will use them... if not, PHP will re-write your URLs with the SID in them. Easy. Also I'm not quite sure how to auctually perserve the variables across pages. Assuming PHP = 4.1.1 with register globals OFF, and cookies ALLOWED by your browser OR trans_sid compiled: page 1: ? // maintain or start session session_start(); // assign a few variables to it $_SESSION['favcolor'] = #FFCC99; $_SESSION['name'] = Justin; ? HTML BODY A HREF=page2.phpclick here to see page 2/a /BODY /HTML page 2: ? // maintain or start session session_start(); ? HTML BODY bgcolor=?=$_SESSION['favcolor']? Hi ?=$_SESSION['name']?, hopefully this session carried forward.BR A HREF=page3.phpclick here to see it carried to page 3/a /BODY /HTML page 3: ? // maintain or start session session_start(); ? HTML BODY bgcolor=?=$_SESSION['favcolor']? Hi ?=$_SESSION['name']?, hopefully this session carried forward to the third page. /BODY /HTML Good luck, Justin French -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Adding Content Management to live site
Hi olinux I wonder how to do that :) i mean converting static pages to database driven web site. looking for your comments sugessions / code Tariq olinux wrote: Depending on the size and current format, you may want to import everything into the CMS. Might work well for searching etc. I recently converted our companies static website (11,000 pages - we're a magazine publisher) to a mysql database. Tough work, but not as gruelling as it sounds. I wrote a script to parse thru the static html files and grab the title article and date. Also made use of the naming conventions to construct the date. A couple days work to get something that worked accurately for the different article formats but well worth it. Putting together index page and archives pages is pretty much cake work. A simple query will grab todays news, the past week, a month from 2000 or whatever. You can email me if you'd like some code pieces. olinux --- Maxim Maletsky [EMAIL PROTECTED] wrote: You could leave the site links the way they are by working out a good logic within apache's mod_rewtire routine. So, basically you would install CMS for the site and forward there the whole site's used links accordingly. It's the most elegant solution, but not the easiest to accomplish. I have done that once for a site with over 600Mb of static pages. It was a site for the printed magazine. -- Maxim Maletsky [EMAIL PROTECTED] www.PHPBeginner.com // PHP for Beginners www.maxim.cx // my Home // my Wish List: ( Get me something! ) http://www.amazon.com/exec/obidos/registry/2IXE7SMI5EDI3 Tariq Murtaza [EMAIL PROTECTED] wrote... : Try postnuke.com Ashley M. Kirchner wrote: I need to add some type of Content Management System to an already existing site. All my client wants to be able to do is adding new articles every week, and have the system update the main (index) page with those articles (adding excerpts and keep a list of published articles.) The criteria is that the current index page has to stay the way it is now, just the management has to be somewhat automated. Right now everything is being done manually, every article manually linked in the index page and the little excerpts written out by hand. Can anyone suggest a CMS program that I can feed the current page to and have it work without having to rewrite the whole site into the CMS program? -- H | I haven't lost my mind; it's backed up on tape somewhere. + Ashley M. Kirchner mailto:ashley;pcraft.com . 303.442.6410 x130 IT Director / SysAdmin / WebSmith . 800.441.3873 x130 Photo Craft Laboratories, Inc.. 3550 Arapahoe Ave. #6 http://www.pcraft.com . . .. Boulder, CO 80303, U.S.A. -- Tariq Murtaza Assistant Web Master Business Technology Team Small Medium Enterprise Development Authority Government of Pakistan 1st Floor, Waheed Trade Complex 36-XX, Khayaban-e-Iqbal, D.H.A Lahore-54792, PAKISTAN Tel: (92 42) 111 111 456 Fax: (92 42) 5896619 Website: http://www.smeda.org.pk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php __ Do you Yahoo!? Y! Web Hosting - Let the expert host your web site http://webhosting.yahoo.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] using curl to get part of the html
Hello list, I am writing a php script to fetch a html page and verify its content which generated by a remote cgi program. The special cgi program generates endless content to the http client. Therefore, I need to figure out a solution for curl to fetch part of the html source code(In fact, I only need the first 100 lines of the html source). I tried CURLOPT_TIMEOUT, but when curl_exec() timeouts, it will not return part of the html source it already fetched--actually it returns nothing at all. Is there any way to work around this? #!/usr/bin/php4 -q ?php $url = http://www.example.com/cgi-bin/large_output.cgi;; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 3); $result = curl_exec($ch); curl_close($ch); echo $result; ? -- Patrick Hsieh[EMAIL PROTECTED] GnuPG Pubilc Key at http://www.ezplay.tv/~pahud/pahudatezplay.pubkey MD5 checksum: b948362c94655b74b33e859d58b8de91 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] extract($_POST)
I'm devastated to hear that extract($_POST) or extract($_GET) are security risks because that's the method I went with for a bunch of scripts I'm writing now. But I don't understand how this... $admin = $_POST['admin']; ... is more secure? Isn't the security risk that they can hijack your var data? If so, I don't see how the above would make it possible to know whether the data in $_POST isn't coming from your own scripts. Especially for forms where it's not really efficient to validate every possibility for a field, such as a Country field. But maybe I'm missing the point, and if so I'd like to understand so I can make my scripts more secure when passing data. It seems like I will need to basically re-define every form field and GET variable at the beginning of each script literally. Monty From: [EMAIL PROTECTED] (Mike Ford) Newsgroups: php.general Date: Thu, 24 Oct 2002 18:41:04 +0100 To: '1LT John W. Holmes' [EMAIL PROTECTED], Rick Emery [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: RE: [PHP] extract($_POST) -Original Message- From: 1LT John W. Holmes [mailto:holmes072000;charter.net] Sent: 23 October 2002 19:51 Say you have something like this: if($_POST['name'] == John) { $admin = TRUE; } if($admin) { show_sensitive_data(); } Now, if you're using extract(), I can send $admin through the post data and you'll extract it into your script. That's where the security flaw lies, but the flaw is in the programming, not PHP. You can have a secure example by doing this: $admin = FALSE; if($_POST['name'] == John) { $admin = TRUE; } Or just $admin = $_POST['name']==John; Actually, I'd also collapse this into the subsequent if, and write it like this: if ($admin = $_POST['name']==John): show_sensitive_data(); endif; I love languages where assignments are expressions! Cheers! Mike - Mike Ford, Electronic Information Services Adviser, Learning Support Services, Learning Information Services, JG125, James Graham Building, Leeds Metropolitan University, Beckett Park, LEEDS, LS6 3QS, United Kingdom Email: [EMAIL PROTECTED] Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How many is too many?
I'm storing the article text and details in a database, but, all the assets (these articles have lots of photos) need to be organized into folders. So logically I want to create a folder for each article using the article ID number. But I want to be sure if I have within the Article folder about 700 other folders that contain all the assets for every article that that won't slow down the server. This site will not be visited by millions necessarily, but, I still want to be sure I'm setting up the file system as efficiently as possible. Thanks! From: [EMAIL PROTECTED] (Leif K-Brooks) Newsgroups: php.general Date: Fri, 25 Oct 2002 00:55:48 -0400 To: Monty [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: [PHP] How many is too many? Why not store them in a database with one php script selecting them? Monty wrote: This is a more general server question: I know that having a large number of files in one folder can slow down a web server, but, how many would it take for this to be a problem? Wondering if I should store all articles for a content site in one big 'articles' folder with each article having it's own folder within (/articles/article_id/), or if I should organize them by year then article name (/articles/2002/article_id). The site will only produce a few hundred articles a year. I'd like the keep the file structure shallow and simple if possible, but, if it could potentially slow the server down by putting so many folder in one I'll split them up more. Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: [PHP-INST] too complicated for the time I have
I would strongly suggest using Apache 1.3.x and the associated existing php rpms that are out there. Apache2+PHP is not a stable combination at this point. -Rasmus On Thu, 24 Oct 2002, php user wrote: Hi, I am having a difficult time compiling php-4.2.3 DSO with Apache 2 on a RedHat 8.0. I need the following with's gettext, xml, mysql, ldap, mcrypt, imap,and ftp. Can anybody give me a reason why I couldn't use rpm's to accomplish this tasked? And if I can does anyone know what rpm's I would need? I thank you very much for your input. -Eric -- PHP Install Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] printing an array
Hey there all Im sure that someone out there can answer this question.. I have a problem, how can I print each element in an array so that is returned into a table? eg table width=100% th width=25% nowrap Test1 /th th width=25% nowrap Test2 /th th width=25% nowrap Test3 /th th width=25% Test4 /th ?php include(common.inc); $link_id = mysql_connect($dbhost, $username, $password) or die (Connection Failed); mysql_select_db($db); $query = select Routine_Tests_Count from CDT_Routine_Tests where Ref_num = '$ref_num' order by Routine_Tests_Link; $result = mysql_query($query, $link_id) or die (Query on $dbhost failed); while ($row = mysql_fetch_object($result)) { print td$row-CDT_Routine_Count/td;--- (This value holds the Results of test1 test 2 etc that I need to print into the table) } mysql_free_result($result); ? /table Any help with this or direction would be appreciated ! Regards Chris -- Chris Grigor -- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] printing an array
Hello, Chris Grigor [EMAIL PROTECTED] wrote: Hey there all Im sure that someone out there can answer this question.. I have a problem, how can I print each element in an array so that is returned into a table? First, make sure that you have your tr/tr's in the proper places. Then, make sure that you include in your query the column(s) that you want to print. It looks like you missed these two (at least) ;) - E ...[snip]... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] RE: [PHP-DB] Broken Links 2
Thanks to everyone for the help. For those interested, I have posted the final code below. It functions beautifully with one exception: the resized image quality is rather poor. I am now reading through the php manual and newsgroups for a solution, but if anyone knows how to handle this it would be great to hear from you. Thanks again for all your help! Randy - BEGIN CODE -- ? if( $image_id ) { $sql=SELECT image_bin_data from IMAGES where image_id='$image_id'; $result=db_query ( $sql ); $record=db_fetch_object ( $result ); $image=$record-image_bin_data; $new_w=75; $new_h=75; Header(Content-type: image/png); $src_img=ImageCreateFromString($image); $dst_img=ImageCreate($new_w, $new_h); ImageCopyResampled($dst_img,$src_img,0,0,0,0,$new_w,$new_h,ImageSX($src_img) ,ImageSY($src_img)); ImagePng($dst_img); ImageDestroy($dst_img); };? - END CODE --
Re: [PHP] RE: [PHP-DB] Broken Links 2
You might want to check out netpbm. I've seen that it makes better quality thumbnails. Plus, you can include it in your package (if appropriate) and people that don't have GD installed can use it. ---John Holmes... - Original Message - From: Rankin, Randy [EMAIL PROTECTED] To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Thursday, October 24, 2002 7:38 AM Subject: [PHP] RE: [PHP-DB] Broken Links 2 Thanks to everyone for the help. For those interested, I have posted the final code below. It functions beautifully with one exception: the resized image quality is rather poor. I am now reading through the php manual and newsgroups for a solution, but if anyone knows how to handle this it would be great to hear from you. Thanks again for all your help! Randy - BEGIN CODE -- ? if( $image_id ) { $sql=SELECT image_bin_data from IMAGES where image_id='$image_id'; $result=db_query ( $sql ); $record=db_fetch_object ( $result ); $image=$record-image_bin_data; $new_w=75; $new_h=75; Header(Content-type: image/png); $src_img=@ImageCreateFromString($image); $dst_img=@ImageCreate($new_w, $new_h); ImageCopyResampled($dst_img,$src_img,0,0,0,0,$new_w,$new_h,ImageSX($src_img) ,ImageSY($src_img)); ImagePng($dst_img); ImageDestroy($dst_img); };? - END CODE -- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php