[PHP] Sessions and subdomains issues
Goodmorning all, My application (a third party customized cms) shares sessions across the main site and the two subdomains - or at least it should I have 'php_value session.cookie_domain .mysite.com and'php_value session.cookie_path / all set in htaccess The sesions are stored in a db and are not functioning correctly across the subdomains - example: if i log in at the main www domain then go the subdom1.mysite.com i am not logged in there. The subdomains have their own db's but share tables for sessions and some other stuff with the main site. As it's a third party app i can be no more specific unless someone would be kind enough to tell me what to look for or what info to provide. So, here is my question: * Are there any common pitfalls you can think of that i should look at? * Have I set the domain and path correctly for this to work? any help in regard to what direction to take to track down the problem would be really appreciated, much thanks for you time... -- Nick W -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] how to parse
i have script that passes variables through it then it generates xml on a remote server . how would i parse that here they are http://bluemoonlabs.net/weather.php http://bluemoonlabs.net/parse.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: create htaccess.
* Adwinwijaya [EMAIL PROTECTED]:
Monday, December 6, 2004, 11:33:28 AM, you wrote:
MWOP In you .htaccess:
MWOP File index
MWOP ForceType application/x-httpd-php
MWOP /File
MWOP DirectoryIndex index
MWOP Then, in your script, you'll need to access the PATH_INFO environment
MWOP variable via the $_SERVER array to parse out the argument(s):
MWOP $pi = $_SERVER['PATH_INFO']; // Grab PATH_INFO
MWOP $pi = substr($pi, 1);// Remove the opening slash
MWOP $args = split('/', $pi); // Create array of arguments
MWOP $f= $args[0]; // Grab first argument
I just want to clarify,
if I type:
www.mysite.com/article/file/19911/year/2004
means: www.mysite.com/article.php?file=19911year=2004 right ?
:)
and i have to put this script on my article.php, is it right ?
A couple things:
'article.php' will have to become just 'article' for the above to work
(unless you can do rewriting, but you indicated that you don't have
access to your httpd.conf file). The directions for doing that are
above; just substitute 'article' for 'index' in the File index area.
Second, you have to map the placement of each argument in the PATH_INFO
to a variable. So, based on the url you just provided, you'd do
something like this:
$pi = $_SERVER['PATH_INFO']; // Grab PATH_INFO; this will look
// like /file/XXX/year/ based on
// your example above
$pi = substr($pi, 1);// Remove the opening slash
$args = split('/', $pi); // Create array of arguments
for ($i = 0; $i count($args); $i + 2) {
$key = $args[$i]; // Grab variable name from even-keyed
// arguments
$val = $args[$i + 1]; // Grab value from odd arguments
$$key = $val; // Use dynamic variable assignment
}
Basically, with PATH_INFO, YOU have to do the work of determining where
items in the url map to variables for your script.
--
Matthew Weier O'Phinney | mailto:[EMAIL PROTECTED]
Webmaster and IT Specialist | http://www.garden.org
National Gardening Association| http://www.kidsgardening.com
802-863-5251 x156 | http://nationalgardenmonth.org
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions in Frames...confused
Do not use frames :) It creates problems for the searchengines. /Peter Ryan A [EMAIL PROTECTED] skrev i meddelandet news:[EMAIL PROTECTED] Hi, Reading the different articles on phpbuilder/devshed/phpfreaks etc has left me a bit confused.. will start from the beginning so you guys(and girls) can give me some advise and show me the right path again ;-) I have a normal user/pass login screen, after which I start a session for the client and the client should be presented with the control panel for his software. The control panel is in frames and is split in 2 (sideFrame, mainFrame) sideFrame is for the navigation. Do I have to start a session in index.php which is calling the sideFrame and mainFrame or just in mainFrame or just in sideFrame or in all?? AGH! going nuts! The idea is if the session expires he should be present with the login page again...I am not doing anything special or complicated, just need to make sure he is who he says he is and give him access as long as his sesssion is good. Thanks, Ryan -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.289 / Virus Database: 265.4.5 - Release Date: 12/3/2004 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Session variables not unsetting
Security? Have you called session_start(); ??? /Peter Steve [EMAIL PROTECTED] skrev i meddelandet news:[EMAIL PROTECTED] Steve wrote: I'm having a problem with session variables. Never mind. Seems that the hosting company decided this week to switch from register_globals off to register_globals on. I'm not the first person to call them about this! -- @+ Steve -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: create htaccess.
On Monday 06 December 2004 20:11, Matthew Weier O'Phinney wrote: 'article.php' will have to become just 'article' for the above to work (unless you can do rewriting, but you indicated that you don't have access to your httpd.conf file). The directions for doing that are above; just substitute 'article' for 'index' in the File index area. What you can do is create a symlink for article.php - ln -s article.php article That way you'll edit and upload file as 'article.php' and apache will see it as 'article'. This also solves the problem whereby some editors does syntax highlighting based on the filename's extension. A filename of 'article' has no extension and hence no highlighting (unless you manually set it each time you load and edit the file). -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- /* * BenC wonders why he has upgraded to 3.3.5-1 before teh X maintainer */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions and subdomains issues
I had a similar problem before. I had my admin at admin.mydomain.com, and the cookies did not transfer. I changed it to www.mydomain.com/admin instead... In my host my subdomain admin.mydomain.com is located in www.mydomain.com/admin, I assume similar structure for you? /Peter Nick Wilson [EMAIL PROTECTED] skrev i meddelandet news:[EMAIL PROTECTED] Goodmorning all, My application (a third party customized cms) shares sessions across the main site and the two subdomains - or at least it should I have 'php_value session.cookie_domain .mysite.com and'php_value session.cookie_path / all set in htaccess The sesions are stored in a db and are not functioning correctly across the subdomains - example: if i log in at the main www domain then go the subdom1.mysite.com i am not logged in there. The subdomains have their own db's but share tables for sessions and some other stuff with the main site. As it's a third party app i can be no more specific unless someone would be kind enough to tell me what to look for or what info to provide. So, here is my question: * Are there any common pitfalls you can think of that i should look at? * Have I set the domain and path correctly for this to work? any help in regard to what direction to take to track down the problem would be really appreciated, much thanks for you time... -- Nick W -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Trouble with do..while
Hi all,
I have that script in php that should print on a page the result of lot of
pages defined in this way:
This is the address: www.mysite.com/mypage.php?idx=1lines=50
It work in this way: if idx=1 and lines=50 my page will look like:
element1
element2
..
element50
if idx=5 and lines=5 my page will look like:
element5
element6
element7
element8
element9
Changing everytime the idx i have new pages so, thats are my variables:
$idx = www.mysite.com/mypage.php?idx=;
idx_n=1;
$lines=lines=50;
I let the variable $lines still to 50 and i'll increase $idx_n of 50 for
show all elements i need.
do {
$link = $idx.$idx_n.$lines;
$idx_n=$idx_n + 50;
$f=fopen($link,r);
$data = ;
do {
$stream = fread($f, 8192);
if (strlen($stream) == 0) {
break;
}
$data .= $stream;
} while (true);
fclose($f);
$data=substr($data,strlen($DontNeed),strlen($data));
$pos=stripos($data, $TillHere);
$data=substr($data,0,$pos);
here I clean the $data variable of things I don't need.
echo $data;
} while ($idx_n 156700);
My trouble is that this do..while never keeps all elements.
Generally $idx_n break with value=1601 or 1301 but never show all elements
and its like the script crash cause everything I can write after isnt'
showed.
I simply tried to write after while an echo Its Done; but isn't showed.
And in the html file that is generated aren't printed neither the tags
/body/html for close the file.
Simply it crash.
Do someone have some ideas about it?
I would really apprecciate some words about it cause I'm not able to think
at any solutions..
Just..that maybe is something with server? Isn't able to provide so fastly
all requests?
Best Regards
Salvatore
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] installing php 5.02 and Apache 2
Hi all, I have installed Apache 2 under Fedora Core 2 and now I would like to install PHP 5.02 as a server module. I have downloaded and unpacked PHP 5.02, and I think that I need to run ./configure now but I don't know which parameters I need to add. I have added --prefix=dir --with-mysql=dir --with-curl But I want to add many other modules I might need. Do I need to specify the entire list of modules in the command line? Or how can I create and choose a config file? And please tell me what option do I need to install the Apache 2 module. I have seen some parameters in the ./configure --help instructions for installing the module for Apache 2, but I saw that that module is only experimental. Isn't there a working module for PHP 5.02 and Apache 2? And do you know where the Apache 2 module is put after installing php? (in order to specify it in httpd.conf). Thank you. Teddy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] [ANN]Webyog releases FREE edition of SQLyog
Take this and shove it up where the sun does not shine (or up your 'yog') you filthy spammer. The most popular GUI for MySQLever hear of PHPMyAdmin? Dumbass. On 12/6/2004 6:38:11 AM, Ritesh Nadhani ([EMAIL PROTECTED]) wrote: Hello, Webyog, the creator of SQLyog - the most popular GUI for MySQL has released SQLyog v4.0. Starting from v4.0, SQLyog is available in two editions: SQLyog and SQLyog Enterprise. SQLyog is FREE for personal and commercial use. SQLyog contains all features of SQLyog Enterprise - except the following Power Tools: * HTTP / SSH Tunneling - Manage MySQL even if your ISP disallows remote connections * Data Synchronization - Zero install MySQL Replication * Schema Synchronization - Keep test and production databases in sync * Notification Services - Send formatted resulsets over email at regular intervals * ODBC Import - Wizard driven painless migration to MySQL Please visit the following link for to view the feature comparison between SQLyog and SQLyog Enterprise. http://www.webyog.com/sqlyog/featurematrix.html Thanks for your attention! Regards, Ritesh http: -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.289 / Virus Database: 265.4.5 - Release Date: 12/3/2004 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Image wrapper not multithreaded
Hi,
I wrote a script for a webcam overview that downloads images form
different locations like this:
?php
$image = imagecreatefromjpeg($imgurl);
header(Content-Type: image/jpeg);
imagejpeg($image);
?
I call it a few times inside an html file like this:
img src=getcamimage.php?camId={id}
The Problem is that this does not seem to be multithreaded. The pictures
load one after the other, not all at once. This makes the page loading
process take forever (there are quite some pics on that page). Also some
seem to get a timeout so they dont load at all... but that a different
prob.
First I thought it might have to do with the number of allowed open
sockets but thats not it, imho.
I dont have a clue why this happens, or how to stop it.
Thanx for you help in advance.
Greets
Michael
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sessions in Frames...confused
Hey, Do I have to start a session in index.php which is calling the sideFrame and mainFrame or just in mainFrame or just in sideFrame or in all?? AGH! going nuts! /* As far as I know there is no harm in calling session_start() in all your Iframes and Frames. According to theory a new session will only be started if one has not been started already. However there have been several discussions on this list in the past where this behaviour was not observed, and you may want to look these up in the archives. */ Thanks,will do. Cheers, Ryan -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.289 / Virus Database: 265.4.5 - Release Date: 12/3/2004 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Quick questions ?=something?
Hey all, Am a bit confused, from the time I learnt PHP (big thanks to this list for helping me) I have used something like this ?php echo $something; ? but when reading someone elses code I sometimes stumble accross this: ?php=something? is this 100% valid php? I have not found it in the manual... (also am not sure if the above example needs a $ symbol...) Thanks, Ryan -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.289 / Virus Database: 265.4.5 - Release Date: 12/3/2004 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quick questions ?=something?
Ryan A wrote: Hey all, Am a bit confused, from the time I learnt PHP (big thanks to this list for helping me) I have used something like this ?php echo $something; ? but when reading someone elses code I sometimes stumble accross this: ?php=something? is this 100% valid php? I have not found it in the manual... (also am not sure if the above example needs a $ symbol...) ?= $string ? means the same as ?php echo $string ? if short_open_tag is on -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quick questions ?=something?
Yeah - it is valid. It is a short hand method for doing what you are doing. I don't know if it is in the manual, but it is in the certification guide. Respectfully, Ligaya Turmelle --- Life is a game... so have fun. --- www.PHPCommunity.org Open Source, Open Community Visit for more information or to join the movement Ryan A wrote: Hey all, Am a bit confused, from the time I learnt PHP (big thanks to this list for helping me) I have used something like this ?php echo $something; ? but when reading someone elses code I sometimes stumble accross this: ?php=something? is this 100% valid php? I have not found it in the manual... (also am not sure if the above example needs a $ symbol...) Thanks, Ryan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Image wrapper not multithreaded
Michael Minden wrote:
Hi,
I wrote a script for a webcam overview that downloads images form
different locations like this:
?php
$image = imagecreatefromjpeg($imgurl);
header(Content-Type: image/jpeg);
imagejpeg($image);
?
I call it a few times inside an html file like this:
img src=getcamimage.php?camId={id}
The Problem is that this does not seem to be multithreaded. The pictures
load one after the other, not all at once. This makes the page loading
process take forever (there are quite some pics on that page). Also some
seem to get a timeout so they dont load at all... but that a different
prob.
First I thought it might have to do with the number of allowed open
sockets but thats not it, imho.
I dont have a clue why this happens, or how to stop it.
Are you using sessions? If yes, then the session file is locked for
access and each instance of getcamimage.php has to wait for previous one
to finish and unlock the session file. You can however call
session_write_close() to end the session after you don't need it anymore.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Session variables not unsetting
Peter Lauri wrote: Security? Have you called session_start(); ??? Yeah - as I mentioned in the original post, all my pages start with that. I'm a little PO'd about the change to register_globals on. Alas, trying to switch it off in an .htaccess file causes a 500 error. That said, I never use variables passed by $_POST or $_GET without validating and all variables on the page are always initialised so I'm hoping the security exposure is minimal. -- @+ Steve -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to get 2 columns to display?
You need a way to make new table rows...
if you want to do it ever other image, then just add a counter variable,
incrememnt it each time and if it is even then make a new table row.
(Also if the images are two big, the browser may put them on a new line, so you
might have to look into shrinking the images..)
-B
- Original Message -
From: Aaron Wolski [EMAIL PROTECTED]
Date: Monday, December 6, 2004 9:20 am
Subject: [PHP] How to get 2 columns to display?
Hi guys,
I'm trying to get two columns of td/td to display side by side and
then go to a new row. I am using this code but nothing I seem to
do is
working this far.
?php
for ($r=0;$products = db_fetch($productsQuery);$r++)
{
?
td align=centerproducts/?php
echo $category; ?/?php echo $products['name_url']; ?
class=product_linkimg src=?php echo $base_url;
?product_images/thumbs/?php echo $products['thumb']; ? border=0
width=159br?php echo $products['name']; ?/td ?php if
((($r+1) % 2) == 0)
{
?
/tr
tr valign=top
?php
}
}
?
What is happening with this code is I am getting results like:
tr
tdIMAGE HERE/td
tdIMAGE HERE/td
tdIMAGE HERE/td
tdIMAGE HERE/td
tdIMAGE HERE/td
/tr
What I WANT is:
tr
tdIMAGE HERE/td
tdIMAGE HERE/td
/tr
tdIMAGE HERE/td
tdIMAGE HERE/td
/tr
tdIMAGE HERE/td
td/td
/tr
ANY clue where I am going wrong?
Thanks so much.
Aaron
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Making variables with an iteration?
SNIP
Parse error: parse error, expecting `';''
coded:
?php
for ($j=1, $j5, $j++)
{
$choices.$j= $_POST['choice'.$i];
echo $choices.$j;
}
?
--
Robert Sossomon, Business and Technology Application Technician
4-H Youth Development Department
200 Ricks Hall, Campus Box 7606
N.C. State University
Raleigh NC 27695-7606
Phone: 919/515-8474
Fax: 919/515-7812
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Session variables not unsetting
On Monday 06 December 2004 22:50, steve wrote:
Yeah - as I mentioned in the original post, all my pages start with that.
I'm a little PO'd about the change to register_globals on. Alas, trying to
switch it off in an .htaccess file causes a 500 error. That said, I never
use variables passed by $_POST or $_GET without validating and all
variables on the page are always initialised so I'm hoping the security
exposure is minimal.
With register_globals enabled, the problem is not with the $_POST, $_GET etc
variables (although yes you should always validate data when they come from
untrusted sources). The problem is that malicious users can pollute your
namespace and if you do not initialise variables properly before using them
your application can be compromised.
For example, you have a flag ($admin) which you set to 1 if the person logged
in has admin privileges. If you don't initialise $admin and only do something
like ...
if ($user == 'admin' AND $password == 'password') {
$admin = 1;
}
// later in your code
if ($admin == 1) {
echo Hello admin;
} else {
die (Go away);
}
... it is all too easy for a malicious person to access your protected page
like so:
http://www.example.com/admin-page.php?admin=1
and they would have admin privileges.
If you had initialised $admin to some known, safe value before using it then
you have no problems.
So either of these would be fine:
$admin = 0;
if ($user == 'admin' AND $password == 'password') {
$admin = 1;
}
// or
if ($user == 'admin' AND $password == 'password') {
$admin = 1;
} else {
$admin = 0;
}
--
Jason Wong - Gremlins Associates - www.gremlins.biz
Open Source Software Systems Integrators
* Web Design Hosting * Internet Intranet Applications Development *
--
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
--
/*
Youth is a blunder, manhood a struggle, old age a regret.
-- Benjamin Disraeli, Coningsby
le,
*/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] How to get 2 columns to display?
Hi guys,
I'm trying to get two columns of td/td to display side by side and
then go to a new row. I am using this code but nothing I seem to do is
working this far.
?php
for ($r=0;$products = db_fetch($productsQuery);$r++)
{
?
td align=centera href=?php echo $base_url; ?products/?php
echo $category; ?/?php echo $products['name_url']; ?
class=product_linkimg src=?php echo $base_url;
?product_images/thumbs/?php echo $products['thumb']; ? border=0
width=159br?php echo $products['name']; ?/a/td ?php if
((($r+1) % 2) == 0)
{
?
/tr
tr valign=top
?php
}
}
?
What is happening with this code is I am getting results like:
tr
tdIMAGE HERE/td
tdIMAGE HERE/td
tdIMAGE HERE/td
tdIMAGE HERE/td
tdIMAGE HERE/td
/tr
What I WANT is:
tr
tdIMAGE HERE/td
tdIMAGE HERE/td
/tr
tdIMAGE HERE/td
tdIMAGE HERE/td
/tr
tdIMAGE HERE/td
td/td
/tr
ANY clue where I am going wrong?
Thanks so much.
Aaron
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] installing php 5.02 and Apache 2
On Monday 06 December 2004 21:31, Octavian Rasnita wrote: I have installed Apache 2 under Fedora Core 2 and now I would like to install PHP 5.02 as a server module. I have downloaded and unpacked PHP 5.02, and I think that I need to run ./configure now but I don't know which parameters I need to add. I have added --prefix=dir --with-mysql=dir --with-curl I hope you're not literally using 'dir', 'dir' would be where your library files and headers are kept and in most cases it would be /usr, eg: --with-mysql=/usr But I want to add many other modules I might need. Do I need to specify the entire list of modules in the command line? Yes. But only put it the ones that you really use. You can always go back and recompile later if you find you need to add something. Or how can I create and choose a config file? Doing the ./configure business *is* creating a config file, which will be used by 'make' to actually compile the necessary bits. If you find that you need to recompile at any time, just use phpinfo() to see what the current ./configure settings are, then copy-and-paste it and add/edit as required. And please tell me what option do I need to install the Apache 2 module. If you followed the instructions in the manual it will install PHP as a module for Apache. I have seen some parameters in the ./configure --help instructions for installing the module for Apache 2, but I saw that that module is only experimental. Isn't there a working module for PHP 5.02 and Apache 2? Did you read the FAQ referred to in the manual? And do you know where the Apache 2 module is put after installing php? (in order to specify it in httpd.conf). Again, following the instructions, in particular using: --with-apxs2=/usr/local/apache2/bin/apxs will put everything in the right place. -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- /* People humiliating a salami! */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Making variables with an iteration?
Jason Wong wrote:
SNIP
for ($j=1, $j5, $j++)
{
$choices.$j= $_POST['choice'.$i];
}
So what do you get when you run that? Strawberry sundae with chocolate on top?
(I usually only get a chicken and ham sandwich).
homer
Mmmstrawberry sundae on a chicken and ham sandwich.
/homer
--
John C. Nichel
ÜberGeek
KegWorks.com
716.856.9675
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: create htaccess.
* Jason Wong [EMAIL PROTECTED]: On Monday 06 December 2004 20:11, Matthew Weier O'Phinney wrote: 'article.php' will have to become just 'article' for the above to work (unless you can do rewriting, but you indicated that you don't have access to your httpd.conf file). The directions for doing that are above; just substitute 'article' for 'index' in the File index area. What you can do is create a symlink for article.php - ln -s article.php article That way you'll edit and upload file as 'article.php' and apache will see it as 'article'. This also solves the problem whereby some editors does syntax highlighting based on the filename's extension. A filename of 'article' has no extension and hence no highlighting (unless you manually set it each time you load and edit the file). Clarification: Yes, you can do this -- assuming Apache has FollowSymLinks on (which you can also do in .htaccess, usually). However, this does not negate the need for the ForceType directive -- if not present, Apache will not know how to handle the script 'article'. -- Matthew Weier O'Phinney | mailto:[EMAIL PROTECTED] Webmaster and IT Specialist | http://www.garden.org National Gardening Association| http://www.kidsgardening.com 802-863-5251 x156 | http://nationalgardenmonth.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Making variables with an iteration?
I might be wrong but I don't think you can reference variable names in that
way. You probably need something like this:
for ($j=1, $j5, $j++)
{
$tempChoice = choice . $j;
$$tempChoice = $_POST['choice'.$j];
}
And that should create your $choice1.. $choice2 etc.
Andy.
-Original Message-
From: Robert Sossomon [mailto:[EMAIL PROTECTED]
Sent: Monday, 06 December 2004 14:29
To: PHP General List
Subject: [PHP] Making variables with an iteration?
I've got some inputs, which I need to tie down to only have 4 come in from.
The
javascript to verify it is working somewhat, however I want to create the
parsing script to loop through the inputs (choice) and then dump them into
$choice1, $choice2, $choice3, $choice4 respectively.
I have to use checkboxes with different names with the javascript checkers I
am
using, since they seem to be working, however I can't seem to get the PHP in
the
parser to write the variables. Any ideas?
SNIP
for ($j=1, $j5, $j++)
{
$choices.$j= $_POST['choice'.$i];
}
Thanks,
Robert
--
Robert Sossomon, Business and Technology Application Technician
4-H Youth Development Department
200 Ricks Hall, Campus Box 7606
N.C. State University
Raleigh NC 27695-7606
Phone: 919/515-8474
Fax: 919/515-7812
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quick questions ?=something?
?= $string ? means the same as ?php echo $string ? if short_open_tag is on ** It's perfectly valid PHP, I use it all the time on my own sites, but because it's one of those php.ini settings you have a 50/50 chance of finding on (or off!) you shouldn't rely on it unless you know the environment. Hey all, Thanks guys, I didnt know about any short_open_tag setting, I guess I'll just stick to my regular style coz i have no idea how the client/s php is setup plus if I move my own stuff to a different host it may not be so kind... Perfect answer to my Q, thanks! Cheers, Ryan -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.289 / Virus Database: 265.4.5 - Release Date: 12/3/2004 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quick questions ?=something?
* Marek Kilimajer [EMAIL PROTECTED]: Ryan A wrote: Hey all, Am a bit confused, from the time I learnt PHP (big thanks to this list for helping me) I have used something like this ?php echo $something; ? but when reading someone elses code I sometimes stumble accross this: ?php=something? is this 100% valid php? I have not found it in the manual... (also am not sure if the above example needs a $ symbol...) ?= $string ? means the same as ?php echo $string ? if short_open_tag is on And since you cannot always count on that being on, it's more platform independent to use the ?php echo ; ? construct. -- Matthew Weier O'Phinney | mailto:[EMAIL PROTECTED] Webmaster and IT Specialist | http://www.garden.org National Gardening Association| http://www.kidsgardening.com 802-863-5251 x156 | http://nationalgardenmonth.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Making variables with an iteration?
I've got some inputs, which I need to tie down to only have 4 come in from. The
javascript to verify it is working somewhat, however I want to create the
parsing script to loop through the inputs (choice) and then dump them into
$choice1, $choice2, $choice3, $choice4 respectively.
I have to use checkboxes with different names with the javascript checkers I am
using, since they seem to be working, however I can't seem to get the PHP in the
parser to write the variables. Any ideas?
SNIP
for ($j=1, $j5, $j++)
{
$choices.$j= $_POST['choice'.$i];
}
Thanks,
Robert
--
Robert Sossomon, Business and Technology Application Technician
4-H Youth Development Department
200 Ricks Hall, Campus Box 7606
N.C. State University
Raleigh NC 27695-7606
Phone: 919/515-8474
Fax: 919/515-7812
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Making variables with an iteration?
On Mon, 06 Dec 2004 10:13:05 -0500, Robert Sossomon [EMAIL PROTECTED] wrote:
[...]
?php
for ($j=1, $j5, $j++)
{
$choices.$j= $_POST['choice'.$i];
echo $choices.$j;
}
?
[...]
You have a typo in your code. You are typing $i instead of $j. You
should write instead:
$choices.$j= $_POST['choice'.$j];
Regards,
Samer
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Trouble with do..while
Salvatore a écrit :
If I understand correctly, have you tried this instead of the above code :
while( !feof($f) )
{
$stream = fread($f, 8192);
$data .= $stream;
}
fclose($f);
i found it.
max_execution_time = 30
is too few for more than 3000 files:)
Ooops... Sorry for leaving PHP thread, I didn't take care of answer at
field.
I'm beginner so thanks for posting the answer. Is the execution time
measured in ms ?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Trouble with do..while
On Mon, 6 Dec 2004 14:23:51 +0100, Salvatore [EMAIL PROTECTED] wrote: I have that script in php that should print on a page the result of lot of pages defined in this way: This is the address: www.mysite.com/mypage.php?idx=1lines=50 Sounds to me like you want basic pagination. I'd use PEAR. http://pear.php.net/package-search.php?pkg_name=page -- Greg Donald Zend Certified Engineer http://gdconsultants.com/ http://destiney.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Problem with code
On Sun, 5 Dec 2004 21:05:12 -0800, Richard Kurth [EMAIL PROTECTED] wrote: I am having a problem with the code below it provides the first page with out any problem but when I select the next page it shows all the results from the first page and the results from the second page. It does the same thing on the third page also. I have been looking at it for two days and can not fined the error in the code It's probably the LIMIT clause in your sql query. Try printing the sql query on the page and check the limit. Or use one of the existing pagination classes from PEAR: http://pear.php.net/package-search.php?pkg_name=page -- Greg Donald Zend Certified Engineer http://gdconsultants.com/ http://destiney.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Making variables with an iteration?
On Monday 06 December 2004 22:28, Robert Sossomon wrote:
I've got some inputs, which I need to tie down to only have 4 come in from.
The javascript to verify it is working somewhat, however I want to create
the parsing script to loop through the inputs (choice) and then dump them
into $choice1, $choice2, $choice3, $choice4 respectively.
I have to use checkboxes with different names with the javascript checkers
I am using, since they seem to be working, however I can't seem to get the
PHP in the parser to write the variables. Any ideas?
SNIP
for ($j=1, $j5, $j++)
{
$choices.$j= $_POST['choice'.$i];
}
So what do you get when you run that? Strawberry sundae with chocolate on top?
(I usually only get a chicken and ham sandwich).
--
Jason Wong - Gremlins Associates - www.gremlins.biz
Open Source Software Systems Integrators
* Web Design Hosting * Internet Intranet Applications Development *
--
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
--
/*
Where's the Coke machine? Tell me a joke!!
*/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sessions in Frames...confused
PHP, and it's sessions, knows absolutely nothing about frames. A frame is just another page, the browser just happens to display it inside of another page. From a session standpoint, you should treat each frame as an independent page. On Dec 5, 2004, at 9:12 PM, Ryan A wrote: Hi, Reading the different articles on phpbuilder/devshed/phpfreaks etc has left me a bit confused.. will start from the beginning so you guys(and girls) can give me some advise and show me the right path again ;-) I have a normal user/pass login screen, after which I start a session for the client and the client should be presented with the control panel for his software. The control panel is in frames and is split in 2 (sideFrame, mainFrame) sideFrame is for the navigation. Do I have to start a session in index.php which is calling the sideFrame and mainFrame or just in mainFrame or just in sideFrame or in all?? AGH! going nuts! The idea is if the session expires he should be present with the login page again...I am not doing anything special or complicated, just need to make sure he is who he says he is and give him access as long as his sesssion is good. Thanks, Ryan -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.289 / Virus Database: 265.4.5 - Release Date: 12/3/2004 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Brent Baisley Systems Architect Landover Associates, Inc. Search Advisory Services for Advanced Technology Environments p: 212.759.6400/800.759.0577 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Making variables with an iteration? STILL
Here's the full code and the driving page:
http://rsossam-lap.ces.ncsu.edu/leadership/test.html
snip
?php
for ($i=1; $i10; $i++)
{
if (isset ($_POST['choice'.$i]))
{
for ($j=1; $j5; $j++)
{
$tempChoice = choice . $j;
$$tempChoice = $_POST['choice'.$i];
}
}
}
echo $choice1;
echo $choice2;
echo $choice3;
echo $choice4;
?
/snip
The problem seems to be that it is only doing this on the last one, no matter
which one it is... I know it is in the iterations, but I can't place my finger
on where I need to change things up.
--
Robert Sossomon, Business and Technology Application Technician
4-H Youth Development Department
200 Ricks Hall, Campus Box 7606
N.C. State University
Raleigh NC 27695-7606
Phone: 919/515-8474
Fax: 919/515-7812
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Making variables with an iteration?
On Monday 06 December 2004 23:13, Robert Sossomon wrote:
SNIP
Parse error: parse error, expecting `';''
You should always give the full error message which would include the line
number. Furthermore you should always point out which line of your code is
the line number in question.
coded:
?php
for ($j=1, $j5, $j++)
; not ,
{
$choices.$j= $_POST['choice'.$i];
echo $choices.$j;
}
?
$varname = choices$j;
$$varname = $_POST['choice'.$j]; // or $_POST[choice$j]
echo ${choices$j}, NL;
Please note that using variable variables isn't recommended. Using arrays
makes the code much clearer. I believe that you 'chose' to use variable
variables because you had to do some processing in Javascript, read
manual PHP and HTML
to see how to handle PHP's array naming conventions under Javascript.
--
Jason Wong - Gremlins Associates - www.gremlins.biz
Open Source Software Systems Integrators
* Web Design Hosting * Internet Intranet Applications Development *
--
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
--
/*
Hydroxide knightbrd: from knightbrd.brain import * :)
knghtbrd Oh gods if it were that easy ..
knghtbrd from carmack.brain import OpenGL
*/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] How to get 2 columns to display?
can you maybe add some debug code to print out the value of $r just before
the if?
and just after the if
It looks at first glance to be correct, except you seem to be missing
opening TR (actually that may be your problem)
Jack
-Oorspronkelijk bericht-
Van: Aaron Wolski [mailto:[EMAIL PROTECTED]
Verzonden: maandag 6 december 2004 15:21
Aan: [EMAIL PROTECTED]
Onderwerp: [PHP] How to get 2 columns to display?
Hi guys,
I'm trying to get two columns of td/td to display side by side and
then go to a new row. I am using this code but nothing I seem to do is
working this far.
?php
for ($r=0;$products = db_fetch($productsQuery);$r++)
{
?
td align=centera href=?php echo $base_url; ?products/?php
echo $category; ?/?php echo $products['name_url']; ?
class=product_linkimg src=?php echo $base_url;
?product_images/thumbs/?php echo $products['thumb']; ? border=0
width=159br?php echo $products['name']; ?/a/td ?php if
((($r+1) % 2) == 0)
{
?
/tr
tr valign=top
?php
}
}
?
What is happening with this code is I am getting results like:
tr
tdIMAGE HERE/td
tdIMAGE HERE/td
tdIMAGE HERE/td
tdIMAGE HERE/td
tdIMAGE HERE/td
/tr
What I WANT is:
tr
tdIMAGE HERE/td
tdIMAGE HERE/td
/tr
tdIMAGE HERE/td
tdIMAGE HERE/td
/tr
tdIMAGE HERE/td
td/td
/tr
ANY clue where I am going wrong?
Thanks so much.
Aaron
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Making variables with an iteration? STILL
Hello Robert,
Monday, December 6, 2004, 3:55:21 PM, you wrote:
RS snip
RS ?php
RS for ($i=1; $i10; $i++)
RS {
RS if (isset ($_POST['choice'.$i]))
RS {
RSfor ($j=1; $j5; $j++)
RS{
RS $tempChoice = choice . $j;
RS $$tempChoice = $_POST['choice'.$i];
RS}
RS }
RS }
RSecho $choice1;
RSecho $choice2;
RSecho $choice3;
RSecho $choice4;
?
RS /snip
RS The problem seems to be that it is only doing this on the last one, no
matter
RS which one it is... I know it is in the iterations, but I can't place my
finger
RS on where I need to change things up.
Why not just use extract() on the $_POST values with a pre-defined
list of variables and use the EXTR_IF_EXISTS option to make it more
secure?
Best regards,
Richard Davey
--
http://www.launchcode.co.uk - PHP Development Services
I am not young enough to know everything. - Oscar Wilde
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Problem with code
I am having a problem with the code below it provides the first page
with out any problem but when I select the next page it shows all the
results from the first page and the results from the second page. It
does the same thing on the third page also. I have been looking at it
for two days and can not fined the error in the code
?php
include(include/common.php);
include($config[template_path]/user_top.html);
// If current page number, use it
// if not, set one!
if(!isset($page)){
$page = 1;
} else {
$page = $page;
}
// Define the number of results per page
$max_results = $config['listings_per_page'];
// Figure out the limit for the query based
// on the current page number.
$from = (($page * $max_results) - $max_results);
//Process all the search results to create the sql
if($searchRule == or){ $cond = OR; } else $cond = and;
//the main sql statment
$sql = 'SELECT * FROM listing ';
//the sql statment required to set the total number of pages
$sql1 = 'SELECT COUNT(*) as Num FROM listing ';
if($state != || $type != || $county != || $price != ){
$sql .= WHERE ;
$sql1 .= WHERE ;
if($state != ){
$sql .= state = '. $state .';
$sql1 .= state = '. $state .';
if($state != || $type != || $county != || $price != ){
$sql .= $cond ;
$sql1 .= $cond ;
} }
if($type != ){
$sql .= type = '. $type .';
$sql1 .= type = '. $type .';
if($state != || $type != || $county != || $price != ) {
$sql .= $cond ;
$sql1 .= $cond ;
} }
if($county != ){
$sql .= county = '. $county .';
$sql1 .= county = '. $county .';
if($state != || $type != || $county != || $price != ){
$sql .= $cond ;
$sql1 .= $cond ;
} }
if($Pricerange != ){
if($Pricerange==range1){
$Price1=0;
$Price2=10;
$simbale==;
$sql .= price = '. $Price2.';
$sql1 .= price = '. $Price2.';
}
if($Pricerange==range2){
$Price1=10;
$Price2=15;
$sql .= (price '. $Price1.' OR price = '. $Price2.');
$sql1 .= (price '. $Price1.' OR price = '. $Price2.');
}
if($Pricerange==range3){
$Price1=15;
$Price2=20;
$sql .= (price '. $Price1.' OR price = '. $Price2.');
$sql1 .= (price '. $Price1.' OR price = '. $Price2.');
}
if($Pricerange==range4)
{$Price1=20;
$Price2=25;
$sql .= (price '. $Price1.' OR price = '. $Price2.');
$sql1 .= (price '. $Price1.' OR price = '. $Price2.');
}
if($Pricerange==range5)
{$Price1=25;
$Price2=30;
$sql .= (price '. $Price1.' OR price = '. $Price2.');
$sql1 .= (price '. $Price1.' OR price = '. $Price2.');
}
if($Pricerange==range6)
{$Price1=30;
$Price2=;
$sql .= price = '. $Price1.';
$sql1 .= price = '. $Price1.';
}}
$sql .= LIMIT . $from . , . $max_results;
}
$result=safe_query($sql);
while ($row = mysql_fetch_array($result)){
extract($row);
?
div align=center
table border=0 width=631 height=1 cellpadding=0 cellspacing=0
tr
td width=81 height=1 bgcolor=#60A0F8font color=#FFspan
class=contentsmallListing/spanspan class=contentbold
#? echo$listingId?/span/fontimg hspace=0
src=images/user_photos/thumb_5000_1.jpg border=0 width=83 height=50br
/td
center
td width=401 height=1textarea cols=45 rows=6?
echo$descr1?/textarea br
a href=more_results.php?listingId=?
echo$listingId?searchlistingid=yes
more info.../a/td
td width=127 height=1span class=contentbold$?
echo$price?/spanbr
?if ($type==) {}?
?if ($type==BUS) {echo 'Business Opportunities';}?
?if ($type==COM) {echo 'Commercial';}?
?if ($type==CON) {echo 'Condo/Townhouse';}?
?if ($type==DUP) {echo 'Duplex';}?
?if ($type==FAR) {echo 'Farms amp; Ranches';}?
?if ($type==INC) {echo 'Income Properties';}?
?if ($type==LAK) {echo 'Lake Properties/Waterfront';}?
?if ($type==MOB) {echo 'Mobile Home';}?
?if ($type==RES) {echo 'Residential';}?
?if ($type==TIM) {echo 'Time Share';}?
?if ($type==VAC) {echo 'Vacant Land';}? br
? echo$bedrooms? BR / ? echo$bathrooms? BAbr
? echo$city?, ? echo$state?/td
/tr
/table
?}
$total_results = mysql_result(mysql_query($sql1),0);
// Figure out the total number of pages. Always round up using ceil()
$total_pages = ceil($total_results / $max_results);
// Build Page Number Hyperlinks
echo centerSelect a Pagebr /;
// Build Previous Link
if($page 1){
$prev = ($page - 1);
echo a href=\.$PHP_SELF.?page=$prev\Previous/anbsp;;
}
for($i = 1; $i = $total_pages; $i++){
if(($page) == $i){
echo $inbsp;;
} else {
echo a href=\.$PHP_SELF.?page=$i\$i/anbsp;;
}
}
// Build Next Link
if($page $total_pages){
$next = ($page + 1);
echo a href=\.$PHP_SELF.?page=$next\Next/a;
}
echo /center;
include($config[template_path]/user_bottom.html);
?
--
Best regards,
Richard mailto:[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Developer Research Survey
Starmark Research is conducting a survey of software developers for one of our clients. The survey is very brief and requires only a few minutes to complete. All participants are eligible to win a 20GB Apple iPod. The winner will be randomly selected and contacted on December 17, 2004. To complete the survey, please click on the Web address below: http://research.starmark.com/ Many thanks for your participation! We greatly appreciate your thoughts and suggestions. Luiz Duarte Director of Research Starmark International, Inc. www.starmark.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Making variables with an iteration? STILL
To view the terms under which this email is distributed, please go to
http://disclaimer.leedsmet.ac.uk/email.htm
On 06 December 2004 15:55, Robert Sossomon wrote:
Here's the full code and the driving page:
http://rsossam-lap.ces.ncsu.edu/leadership/test.html
snip
?php
for ($i=1; $i10; $i++)
{
if (isset ($_POST['choice'.$i]))
{
for ($j=1; $j5; $j++)
{
$tempChoice = choice . $j;
$$tempChoice = $_POST['choice'.$i];
}
}
}
echo $choice1;
echo $choice2;
echo $choice3;
echo $choice4;
/snip
You've got too many iterators in there.
With $i=1, if $_POST['choice1'] is set: you set $choice1 to the value of
$_POST['choice1'].
With $i=2, if $_POST['choice2'] is set: you set $choice1 to the value of
$_POST['choice2'], then you set $choice2 to the value of $_POST['choice2'].
With $i=3, if $_POST['choice3'] is set: you set $choice1 to the value of
$_POST['choice3'], then you set $choice2 to the value of $_POST['choice3'],
then you set $choice3 to the value of $_POST['choice3'].
Etc.
Within your PHP script, I'd strongly recommend using an array, even if you
don't name your HTML form variables as array elements (which is actually
very easy, despite what a lot of people seem to think). Then your code just
needs to look like this:
for ($i=1; $i10; $i++)
{
if (isset($_POST['choice'.$i]))
{
$choice[$i] = $_POST['choice'.$i];
}
}
foreach ($choice as $one_choice)
{
echo $one_choice;
}
Cheers!
Mike
-
Mike Ford, Electronic Information Services Adviser,
Learning Support Services, Learning Information Services,
JG125, James Graham Building, Leeds Metropolitan University,
Headingley Campus, LEEDS, LS6 3QS, United Kingdom
Email: [EMAIL PROTECTED]
Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Session variables not unsetting
Jason Wong wrote: With register_globals enabled, the problem is not with the $_POST, $_GET etc variables (although yes you should always validate data when they come from untrusted sources). The problem is that malicious users can pollute your namespace and if you do not initialise variables properly before using them your application can be compromised. As I mentioned, I always initialise variables. I'm no programmer, but it just makes sense to me that if a variable exists, it should have some sort of default value. -- @+ Steve -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] xml question
Question. I need to get one value out of an xml document. ... categories catDesserts/cat/categories ... what do I need to do? $xml_parser = xml_parser_create(); xml_parser_set_option($xml_parser, XML_OPTION_CASE_FOLDING, true); xml_set_element_handler($xml_parser, cat, /cat); something like this? or not quite? __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
[PHP] Strange behaviour with PHP on Apache
Hi there, For the first time since my server is running I got some strange behaviour today without changing something before. Users trying to access my php-scripted websites (different projects) got a 'download' message instead of the site (as if the site (.php) was a downloadable file (e.g. .tgz or something else))). After restarting apache2 the problem was gone for about 2 hours, but then it came back. As first reaction I visited my log files instantly, but nothing looked different there. After it came for the second time, I restarted the server by 'init 6' and it is gone since then. As this is a production server, I cannont leave this one to chance. Maybe one of you has an idea what could cause this problem. (Low diskspace? Bad configurations?) I'm not sure if this is the right list to ask this, please point me to a better place if I'm wrong! And here is my configuration: PHP 4.3.4 on Apache 2.0.49 Suse Linux 9.1 Confixx 3.0 Pro Confixx ./configure: './configure' '--prefix=/usr' '--datadir=/usr/share/php' '--mandir=/usr/share/man' '--bindir=/usr/bin' '--libdir=/usr/share' '--includedir=/usr/include' '--sysconfdir=/etc' '--with-_lib=lib' '--with-config-file-path=/etc' '--with-exec-dir=/usr/lib/php/bin' '--disable-debug' '--enable-inline-optimization' '--enable-memory-limit' '--enable-magic-quotes' '--enable-safe-mode' '--enable-sigchild' '--disable-ctype' '--disable-session' '--without-mysql' '--disable-cli' '--without-pear' '--with-openssl' '--with-apxs2=/usr/sbin/apxs2-prefork' 'i586-suse-linux' Thx a lot in advance. Stefan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Making variables with an iteration? STILL
I think you can use the export() function for that..
Here's the full code and the driving page:
http://rsossam-lap.ces.ncsu.edu/leadership/test.html
snip
?php
for ($i=1; $i10; $i++)
{
if (isset ($_POST['choice'.$i]))
{
for ($j=1; $j5; $j++)
{
$tempChoice = choice . $j;
$$tempChoice = $_POST['choice'.$i];
}
}
}
echo $choice1;
echo $choice2;
echo $choice3;
echo $choice4;
?
/snip
The problem seems to be that it is only doing this on the last one, no
matter which one it is... I know it is in the iterations, but I can't
place my finger on where I need to change things up.
--
Robert Sossomon, Business and Technology Application Technician
4-H Youth Development Department
200 Ricks Hall, Campus Box 7606
N.C. State University
Raleigh NC 27695-7606
Phone: 919/515-8474
Fax: 919/515-7812
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PARSE ERROR, unexpected T_$VARIABLE
Parse error: parse error, expecting `T_VARIABLE' or `'$'' in
c:\fourh\leadership\registration_post.php on line 29
The HTML page:
http://rsossam-lap.ces.ncsu.edu/leadership/registration2.php
The processing Script
SNIP
?php
$fname= $_POST[fname];
$lname= $_POST[lname];
$addie= $_POST[addie];
$city= $_POST[city];
$state= $_POST[state];
$zip= $_POST[zip];
$county= $_POST[county];
$dphone= $_POST[dphone];
$ephone= $_POST[ephone];
$email= $_POST[email];
$first_conf= $_POST[first_conf];
$payment= $_POST[payment];
$PreConference= $_POST['PreConference'];
$Conference= $_POST['Conference'];
$choices = $_POST['choice'];
array_splice($choices,4);
$j=1;
for ($i=0; $i count($choices); $i++)
{
$value = $choices[$i];
$tempChoice = choice . $j;
$$tempChoice = $value;
$j++;
}
$0405distoffice= $_POST['04_05_dist_office']; //line29
$0506distoffice= $_POST['05_06_dist_office'];
$former= $_POST[former];
$achieve= $_POST[achieve];
?
/SNIP
I pulled out the iterations above that line of code and tested it separately.
Everything worked OK, so I copied it into the rest of the PHP processing.
This thing is driving me bonkers. Any suggestions?
--
Robert Sossomon, Business and Technology Application Technician
4-H Youth Development Department
200 Ricks Hall, Campus Box 7606
N.C. State University
Raleigh NC 27695-7606
Phone: 919/515-8474
Fax: 919/515-7812
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PARSE ERROR, unexpected T_$VARIABLE
you forgot the ' in the
$fname= $_POST[fname];
$lname= $_POST[lname];
$addie= $_POST[addie];
$city= $_POST[city];
fields!!!
error, expecting `T_VARIABLE' or `'$'' in
c:\fourh\leadership\registration_post.php on line 29
The HTML page:
http://rsossam-lap.ces.ncsu.edu/leadership/registration2.php
The processing Script
SNIP
?php
$fname= $_POST[fname];
$lname= $_POST[lname];
$addie= $_POST[addie];
$city= $_POST[city];
$state= $_POST[state];
$zip= $_POST[zip];
$county= $_POST[county];
$dphone= $_POST[dphone];
$ephone= $_POST[ephone];
$email= $_POST[email];
$first_conf= $_POST[first_conf];
$payment= $_POST[payment];
$PreConference= $_POST['PreConference'];
$Conference= $_POST['Conference'];
$choices = $_POST['choice'];
array_splice($choices,4);
$j=1;
for ($i=0; $i count($choices); $i++)
{
$value = $choices[$i];
$tempChoice = choice . $j;
$$tempChoice = $value;
$j++;
}
$0405distoffice= $_POST['04_05_dist_office']; //line29
$0506distoffice= $_POST['05_06_dist_office'];
$former= $_POST[former];
$achieve= $_POST[achieve];
?
/SNIP
I pulled out the iterations above that line of code and tested it
separately. Everything worked OK, so I copied it into the rest of the PHP
processing.
This thing is driving me bonkers. Any suggestions?
--
Robert Sossomon, Business and Technology Application Technician
4-H Youth Development Department
200 Ricks Hall, Campus Box 7606
N.C. State University
Raleigh NC 27695-7606
Phone: 919/515-8474
Fax: 919/515-7812
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Strange File Download Problem
Ave, Alright... Firstly thanks to everyone who's been trying to help me out. I've been doing a lot of research and finding out a lot of things. The problem is definitely very clear... I need to convert the Dynamic URL to Static URL because, as discussed earlier, Microsoft manages to screw up the Dynamic part of URL's and thus problems occur. To remind of what's going on.. I run an Apache Web Server on my PowerMAC G5 Macintosh system, and run my websites on it. I have a Force-Download download script that allows registered users to Download Files assigned to them. What has been happening is, when the Save As dialog box opens, if you hit Save, everything goes well - the file is saved to your desires location, you can open and view it, HOWEVER, if you hit Open, it opens the associated application (eg:- Adobe Acrobat Reader) but fails to open the file, instead gives an error File Could Not Be Found. This is what I did: Added into my Apache's httpd.conf the following: Location /download ForceType application/x-httpd-php /Location So that anything begins with www.mydomain.com/download will call my 'download' script. I put my force download script in a file called download in the root directory. Now my URL, instead of looking like http://informed-sources.com/download.php?F=imsafm/rjohari/ccq.pdf looks like: http://informed-sources.com/download/imsafm/rjohari/ccq.pdf In my Download Script, I was using $F as the variable which contained the File Path File Name to be downloaded. I replaced that with $_SERVER[PATH_TRANSLATED¹] ... It works! Accept, it works the same way it was working before. You click the link, the SAVE AS Dialog box opens.. If you hit Save, the file is saved and can be opened... HOWEVER, if you hit OPEN, it opens the associated application and gives the same error. What am I doing wrong? Thanks, Rahul S. Johari
Re: [PHP] PARSE ERROR, unexpected T_$VARIABLE
Robert Sossomon wrote: Parse error: parse error, expecting `T_VARIABLE' or `'$'' in c:\fourh\leadership\registration_post.php on line 29 snip $0405distoffice= $_POST['04_05_dist_office']; //line29 $0506distoffice= $_POST['05_06_dist_office']; snip Look in the manual, that's your first stop... http://us4.php.net/manual/en/language.variables.php -- John C. Nichel ÜberGeek KegWorks.com 716.856.9675 [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PARSE ERROR, unexpected T_$VARIABLE
Robert Sossomon wrote: Parse error: parse error, expecting `T_VARIABLE' or `'$'' in c:\fourh\leadership\registration_post.php on line 29 [snip] $0405distoffice= $_POST['04_05_dist_office']; //line29 $0506distoffice= $_POST['05_06_dist_office']; Variable names cannot start with a number. -- ---John Holmes... Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/ php|architect: The Magazine for PHP Professionals www.phparch.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PARSE ERROR, unexpected T_$VARIABLE
Variable names cannot start with a digit.
$distoffice0405 is kosher.
$0405distoffice is not.
Robert Sossomon wrote:
Parse error: parse error, expecting `T_VARIABLE' or `'$'' in
c:\fourh\leadership\registration_post.php on line 29
The HTML page:
http://rsossam-lap.ces.ncsu.edu/leadership/registration2.php
The processing Script
SNIP
?php
$fname= $_POST[fname];
$lname= $_POST[lname];
$addie= $_POST[addie];
$city= $_POST[city];
$state= $_POST[state];
$zip= $_POST[zip];
$county= $_POST[county];
$dphone= $_POST[dphone];
$ephone= $_POST[ephone];
$email= $_POST[email];
$first_conf= $_POST[first_conf];
$payment= $_POST[payment];
$PreConference= $_POST['PreConference'];
$Conference= $_POST['Conference'];
$choices = $_POST['choice'];
array_splice($choices,4);
$j=1;
for ($i=0; $i count($choices); $i++)
{
$value = $choices[$i];
$tempChoice = choice . $j;
$$tempChoice = $value;
$j++;
}
$0405distoffice= $_POST['04_05_dist_office']; //line29
$0506distoffice= $_POST['05_06_dist_office'];
$former= $_POST[former];
$achieve= $_POST[achieve];
?
/SNIP
I pulled out the iterations above that line of code and tested it
separately.
Everything worked OK, so I copied it into the rest of the PHP processing.
This thing is driving me bonkers. Any suggestions?
--
Robert Sossomon, Business and Technology Application Technician
4-H Youth Development Department
200 Ricks Hall, Campus Box 7606
N.C. State University
Raleigh NC 27695-7606
Phone: 919/515-8474
Fax: 919/515-7812
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Making variables with an iteration? STILL
Thomas Munz wrote:
I think you can use the export() function for that..
He probably means http://php.net/extract but that defeats the purpose of
turning register_globals OFF and is BAD SECURITY.
Here's the full code and the driving page:
http://rsossam-lap.ces.ncsu.edu/leadership/test.html
snip
?php
for ($i=1; $i10; $i++)
{
if (isset ($_POST['choice'.$i]))
{
for ($j=1; $j5; $j++)
{
$tempChoice = choice . $j;
$$tempChoice = $_POST['choice'.$i];
}
}
}
Work out what this does by hand, step by step:
$i $j
1 1 $tempChoice = 'choice1'; $choice1 = $_POST['choice1'];
1 2 $tempChoice = 'choice2'; $choice2 = $_POST['choice1'];
1 3 $tempChoice = 'choice3'; $choice3 = $_POST['choice1'];
1 4 $tempChoice = 'choice4'; $choice4 = $_POST['choice1'];
1 5 $tempChoice = 'choice5'; $choice5 = $_POST['choice1'];
2 1 $tempChoice = 'choice1'; $choice1 = $_POST['choice2'];
2 2 $tempChoice = 'choice2'; $choice2 = $_POST['choice2'];
2 3 $tempChoice = 'choice3'; $choice3 = $_POST['choice2'];
2 4 $tempChoice = 'choice4'; $choice4 = $_POST['choice2'];
2 5 $tempChoice = 'choice5'; $choice5 = $_POST['choice2'];
.
.
.
Is that what you want?
echo $choice1;
echo $choice2;
echo $choice3;
echo $choice4;
?
/snip
The problem seems to be that it is only doing this on the last one, no
matter which one it is... I know it is in the iterations, but I can't
place my finger on where I need to change things up.
--
Robert Sossomon, Business and Technology Application Technician
4-H Youth Development Department
200 Ricks Hall, Campus Box 7606
N.C. State University
Raleigh NC 27695-7606
Phone: 919/515-8474
Fax: 919/515-7812
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PARSE ERROR, unexpected T_$VARIABLE
On Mon, 06 Dec 2004 11:54:50 -0500, Robert Sossomon
[EMAIL PROTECTED] wrote:
Parse error: parse error, expecting `T_VARIABLE' or `'$'' in
c:\fourh\leadership\registration_post.php on line 29
for ($i=0; $i count($choices); $i++)
This is bad. Every time the for() loop iterates, the count() function
gets called again unnecessarily. Better to do:
$count = count( $choices );
for ($i=0; $i $count; $i++)
{
$value = $choices[$i];
$tempChoice = choice . $j;
$$tempChoice = $value;
$j++;
}
$0405distoffice= $_POST['04_05_dist_office']; //line29
Variables can contain numbers, but the first character after the $
must not be one.
--
Greg Donald
Zend Certified Engineer
http://gdconsultants.com/
http://destiney.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Session variables not unsetting
steve wrote: Jason Wong wrote: With register_globals enabled, the problem is not with the $_POST, $_GET etc variables (although yes you should always validate data when they come from untrusted sources). The problem is that malicious users can pollute your namespace and if you do not initialise variables properly before using them your application can be compromised. On the contrary, with register_globals enabled, the problem *IS* with $_POST, $_GET etc variables being polluted! That is the very definition of the problem register_globals was designed to solve. Turning register_globals OFF simply corrals the pollution so that it's *ONLY* in $_POST/$_GET/$_REQUEST/etc instead of automatically being spewed throughout the global name space of all variables. If you blindly walk through POST/GET, or use extract on them, or do something that turns *EVERY* POST/GET entry into a variable, you might as well turn register_globals ON -- Otherwise, your OFF setting is only providing you with a false sense of security, which is worse than no security at all. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PARSE ERROR, unexpected T_$VARIABLE
To view the terms under which this email is distributed, please go to http://disclaimer.leedsmet.ac.uk/email.htm On 06 December 2004 17:23, Greg Donald wrote: On Mon, 06 Dec 2004 11:54:50 -0500, Robert Sossomon [EMAIL PROTECTED] wrote: Parse error: parse error, expecting `T_VARIABLE' or `'$'' in c:\fourh\leadership\registration_post.php on line 29 for ($i=0; $i count($choices); $i++) This is bad. Every time the for() loop iterates, the count() function gets called again unnecessarily. Better to do: $count = count( $choices ); for ($i=0; $i $count; $i++) You can even do (keeping all the loop-related stuff within the for( ) construct): for ($i=0, $count=count($choices); $i $count; $i++) Cheers! Mike - Mike Ford, Electronic Information Services Adviser, Learning Support Services, Learning Information Services, JG125, James Graham Building, Leeds Metropolitan University, Headingley Campus, LEEDS, LS6 3QS, United Kingdom Email: [EMAIL PROTECTED] Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sessions in Frames...confused
Ryan A wrote: Hey, Do I have to start a session in index.php which is calling the sideFrame and mainFrame or just in mainFrame or just in sideFrame or in all?? AGH! going nuts! /* As far as I know there is no harm in calling session_start() in all your Iframes and Frames. According to theory a new session will only be started if one has not been started already. However there have been several discussions on this list in the past where this behaviour was not observed, and you may want to look these up in the archives. */ In theory, if you call session_start in the main page, all the pages in the frameset will be okay. In practice, I'm not sure anybody will guarantee that all browsers will have the Cookie set up BEFORE it starts getting the individual pages within the frames of the frameset... You'd think they would... Frames mostly just confuse users. Get rid of them. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Magic-quotes
Does having magic-quotes=on prevent an attacker from using a urlized sql inject query? Jeff -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: create htaccess.
adwinwijaya wrote:
www.mysite.com/article/file/19911/year/2004
means: www.mysite.com/article.php?file=19911year=2004 right ?
:)
and i have to put this script on my article.php, is it right ?
$pi = $_SERVER['PATH_INFO']; // Grab PATH_INFO
$pi = substr($pi, 1);// Remove the opening slash
$args = split('/', $pi); // Create array of arguments
$f= $args[0]; // Grab first argument
Using split here is a bad habit. explode would work fine, and is faster.
Speed is probably irrelevant in this case, as you are only doing it once
per script. But bad habits are bad habits.
Also, you might want to use:
www.mysite.com/article/file=19911/year=2004/
Then you can do:
$args = explode('/', $pi);
$PATH = '';
while (list(, $arg) = each($args)){
$keyvalue = explode('=', $arg);
switch(count($keyvalue)){
case 0:
# do nothing for '//' in URL
break;
case 1:
$_PATH[$arg] = ''; //The arg is there, but has no specific value
$PATH .= $arg/;
break;
default:
$variable = $keyvalue[0];
unset($keyvalue[0]);
$_PATH[$variable] = implode('=', $keyvalue);
break;
}
}
Here's why I find this useful:
1. Instead of relying on position to know what variable is what, I can put
my URL parts in any order.
2. I collect all elements with no specific value in $PATH -- This allows
me to more naturally define a directory (EG to a JPEG) in my URL:
http://example.com/scale_image/width=50/height=50/path/to/my.jpeg
You have to watch out for bad data in $PATH, of course, but I always use
relative pathnames, and check for .. etc.
3. I allow for the case that an '=' is part of the value.
4. I store all my PATH_INFO inputs in a $_PATH array which is then treated
the same as $_POST or $_GET etc -- It's untrusted data, coming from the
outside world.
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Snyc Outlook Calendar with Website
Can a PHP script send POST data to another one simply? Yes. Google for function postothost and you'll find many many many examples. I have no idea about the Outlook part. You're on your own for that. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Coding Question
Al wrote:
I've searched the PHP manual and can't find an answer for this question
I'd like to use the OR DIE construct; but instead of DIE I'd like to
use
RETURN FOO. I haven't found a way to do it.
$string= file_get_contents($filename)
OR die(Could not read file);
$db_link= mysql_connect($host, $user, $pw)
OR die(Could not connect: . mysql_error());
Seems like it would be nice to not have to test first, e.g.,
if(is_readable($filename)){ }
You may want to use:
or http://php.net/exit
or http://php.net/return
I will not guarantee that either will work, much less do what you want,
which I don't really understand in the first place.
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Plz help me
suneel wrote: Hi Every one... Straight to the topic... I have a template file called welcome.tmp. I want to show the whole file in a Iframe with dimensions of 250 x 250.(i.e., less dimensions ). Is it possible using PHP. Or how should I approach to achieve this one. You may want to look at 'webthumb' from the same folks who brought you GD. It's a command line tool to snarf a web page and make it an image -- You need X and a browser on your server to use it though, as I recall. It's on my list of things to check out some day... -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Session variables not unsetting
On Tuesday 07 December 2004 01:32, Richard Lynch wrote: steve wrote: Jason Wong wrote: With register_globals enabled, the problem is not with the $_POST, $_GET etc variables (although yes you should always validate data when they come from untrusted sources). The problem is that malicious users can pollute your namespace and if you do not initialise variables properly before using them your application can be compromised. On the contrary, with register_globals enabled, the problem *IS* with $_POST, $_GET etc variables being polluted! I'm not sure I'm following you. Regardless of the register_globals setting, $_POST, $_GET and siblings has the potential to be polluted and data from them should be validated and sanitised. That is the very definition of the problem register_globals was designed to solve. ... flummoxed ... Anyway the way I see it is that the original intent of register_globals (and it being enabled by default in older versions) was a feature so that people can work 'directly' (as it were) with the request variables instead of having to use $HTTP_POST_VARS['myvariable'] etc. It was only when people realised that it could be a liability that is now disabled by default. Turning register_globals OFF simply corrals the pollution so that it's *ONLY* in $_POST/$_GET/$_REQUEST/etc instead of automatically being spewed throughout the global name space of all variables. If you blindly walk through POST/GET, or use extract on them, or do something that turns *EVERY* POST/GET entry into a variable, you might as well turn register_globals ON -- Otherwise, your OFF setting is only providing you with a false sense of security, which is worse than no security at all. This bit I follow and whole-heartedly agree with. -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- /* When you are about to die, a wombat is better than no company at all. -- Roger Zelazny, Doorways in the Sand */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to Pass Parameters to a CGI
Yao, Minghua wrote:
Hi, everyone,
I want to pass several parameters to a CGI program run on another server.
The following source of that program shows the parameters that need to be
set manually.
--
FORM name=organism
I forget if POST or GET is the default METHOD, but...
If it's GET, you can do:
$html =
file('http://theirserver.com/path/to/organism?something=+AGROnumcolumns=2')
or die(Couldn't get URL);
If it's POST, Google for function PostToHost and you'll find source code
to send POST data.
Select a dataset:
SELECT
OPTION value = AGROA. tumefaciens C58
OPTION value = VCHOV. cholerae N16961
/SELECT
/FORM
..
If displaying relative data values, use
input type=radio name=numcolumns value=1 checked style=background-color:
white onClick=this.form.column2.value='' a single data column
input type=radio name=numcolumns value=2 style=background-color: white
onClick=this.form.expressiontype.selectedIndex=1 the ratio of two data
columns
p
Data column (numerator in ratios):
textarea name=column1 cols=3 rows=10/textarea
p
File containing experimental data (NOT a URL):
input type = file
name = datafile
p
--
Could anyone please tell me how to set the parameters like that using
PHP/where to find
relavant information? Thanks in advance.
-Minghua Yao
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Strange Download-File Problem
Rahul S. Johari wrote: Richard, I had a question for you... When you said: The goal here is to change the URL that looks like this: imsafm2_download.php?F=imsafm/rahul/somefile.txt into a URL that looks like this: imsafm2_download/F=imsafm/rahul/somefile.txt Did you mean imsafm2_download/F=imsafm/rahul/somefile.txt or imsafm2_download?F=imsafm/rahul/somefile.txt The difference being the ³?² instead of the ³/² No, I meant to use / -- The whole point here is to have *NO* ? in the URL so Microsoft can't possibly screw up. And so search engines will index it, too. I did actually edited my Apache¹s httpd.conf and added the Files directive. And I modified my code... Right now it still gives the exact same error. I¹m using ³imsafm2_download² instead of ³imsafm2_download.php² now in my code. It¹s working on Mac but not on Windows.. Same error on windows. So I do believe I need to do more then just adding that Directive to fix this problem. What same error? -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Magic-quotes
On Mon, 2004-12-06 at 12:57, Jeff McKeon wrote: Does having magic-quotes=on prevent an attacker from using a urlized sql inject query? Somewhat, but I think magic_quotes=off is the preferred style since magic quotes are a big headache for portability. At any rate, understanding what you are doing and acting accordingly will provide you with better security. There is no magic pill for security. Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Magic-quotes
-Original Message- From: Robert Cummings [mailto:[EMAIL PROTECTED] Sent: Monday, December 06, 2004 1:45 PM To: Jeff McKeon Cc: PHP-General Subject: Re: [PHP] Magic-quotes On Mon, 2004-12-06 at 12:57, Jeff McKeon wrote: Does having magic-quotes=on prevent an attacker from using a urlized sql inject query? Somewhat, but I think magic_quotes=off is the preferred style since magic quotes are a big headache for portability. At any rate, understanding what you are doing and acting accordingly will provide you with better security. There is no magic pill for security. Cheers, Rob. Portability is not an objective here per say. I'm aware of many of the security issues surrounding PHP, just trying to understand the specifics of each one so that I can weigh the plus/minus of it to my needs. Assuming I have no portability needs and have magic_quotes=on, can you elaborate on somewhat? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Remember me function
Brad Brevet wrote: Is what I have set up and it is working is a cookie that saves someones username if they check the Remember Me box. If the cookie is set it then starts the necessary session and stays active for 30 days. Are there any pitfalls to this that you can see? Are there any additional security measures I should take? As far as passwords are concerned you must have access to the user's specific email address in order to obtain that information, but then again I think that is the only way to relay password information at all, it isn't visibly available in a non MD5 form anywhere on the site. The biggest pitfall is people using public computers and checking Remember Me... I know, that sounds really dumb to you, but they do it. If this is their bank account, I sure wouldn't do Remember Me (at all) If it's not all *that* crucial... The other consideration is if their computer is physically accessed/stolen. Put it this way: Assume the worst-case scenario, and that sooner or later, somebody is going to abuse Remember Me to get to somebody else's data. [Because it *WILL* happen.] Is this going to be a big problem? If so, don't provide Remember Me If you don't provide Remember Me you should allow users to pick their own usernames, as much as possible, and to set their own passwords. It's gotten to the point where sites that require me to login are seldom visited. I never remember what I used to login, and don't want to wait for that email to arrive. Bye. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Strange behaviour with PHP on Apache
On Tuesday 07 December 2004 00:33, Stefan wrote: Users trying to access my php-scripted websites (different projects) got a 'download' message instead of the site (as if the site (.php) was a downloadable file (e.g. .tgz or something else))). It sounds like what would happen when your PHP aren't being processed and Apache's just dumping the file contents (ie your source code) to the browser. After restarting apache2 the problem was gone for about 2 hours, but then it came back. As first reaction I visited my log files instantly, but nothing looked different there. After it came for the second time, I restarted the server by 'init 6' and it is gone since then. Is this the error log file you looked at? The access logs won't tell you much. -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- /* BOFH Excuse #71: The file system is full of it */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Strange File Download Problem
On Tuesday 07 December 2004 01:10, Rahul S. Johari wrote: [snip] You have started a new thread by taking an existing posting and replying to it while you changed the subject. That is bad, because it breaks threading. Whenever you reply to a message, your mail client generates a References: header that tells all recipients which posting(s) your posting refers to. A mail client uses this information to build a threaded view (tree view) of the postings. With your posting style you successfully torpedoed this useful feature; your posting shows up within an existing thread it has nothing to do with. Always do a fresh post when you want to start a new thread. To achieve this, click on New message instead of Reply within your mail client, and enter the list address as the recipient. You can save the list address in your address book for convenience. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Strange Download-File Problem
Ave, The error is The File Could Not Be Found. Don't know if you got my latest mail regarding this issue, but I did things a little differently but still the same result. This was my last post regarding this issue: Ave, Alright... Firstly thanks to everyone who's been trying to help me out. I've been doing a lot of research and finding out a lot of things. The problem is definitely very clear... I need to convert the Dynamic URL to Static URL because, as discussed earlier, Microsoft manages to screw up the Dynamic part of URL's and thus problems occur. To remind of what's going on.. I run an Apache Web Server on my PowerMAC G5 Macintosh system, and run my websites on it. I have a Force-Download download script that allows registered users to Download Files assigned to them. What has been happening is, when the Save As dialog box opens, if you hit Save, everything goes well - the file is saved to your desires location, you can open and view it, HOWEVER, if you hit Open, it opens the associated application (eg:- Adobe Acrobat Reader) but fails to open the file, instead gives an error File Could Not Be Found. This is what I did: Added into my Apache's httpd.conf the following: Location /download ForceType application/x-httpd-php /Location So that anything begins with www.mydomain.com/download will call my 'download' script. I put my force download script in a file called download in the root directory. Now my URL, instead of looking like http://informed-sources.com/download.php?F=imsafm/rjohari/ccq.pdf looks like: http://informed-sources.com/download/imsafm/rjohari/ccq.pdf In my Download Script, I was using $F as the variable which contained the File Path File Name to be downloaded. I replaced that with $_SERVER[PATH_TRANSLATED¹] ... It works! Accept, it works the same way it was working before. You click the link, the SAVE AS Dialog box opens.. If you hit Save, the file is saved and can be opened... HOWEVER, if you hit OPEN, it opens the associated application and gives the same error. What am I doing wrong? Thanks, Rahul S. Johari On 12/6/04 1:41 PM, Richard Lynch [EMAIL PROTECTED] wrote: Rahul S. Johari wrote: Richard, I had a question for you... When you said: The goal here is to change the URL that looks like this: imsafm2_download.php?F=imsafm/rahul/somefile.txt into a URL that looks like this: imsafm2_download/F=imsafm/rahul/somefile.txt Did you mean imsafm2_download/F=imsafm/rahul/somefile.txt or imsafm2_download?F=imsafm/rahul/somefile.txt The difference being the ³?² instead of the ³/² No, I meant to use / -- The whole point here is to have *NO* ? in the URL so Microsoft can't possibly screw up. And so search engines will index it, too. I did actually edited my Apache¹s httpd.conf and added the Files directive. And I modified my code... Right now it still gives the exact same error. I¹m using ³imsafm2_download² instead of ³imsafm2_download.php² now in my code. It¹s working on Mac but not on Windows.. Same error on windows. So I do believe I need to do more then just adding that Directive to fix this problem. What same error? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Remember me function
Brad Brevet wrote: Nevermind, I figured it all out, thanks for the info. Brad Brevet [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Is this the all I would need to do to set a cookie with a username stored for 30 days? Sorry I am new at this. setcookie (Cookie Name, $username, time()+60*60*24*30); Be sure you provide a path whenever you provide a time to setcookie. Various versions of IE are badly broken and ignore the time part unless there is also a path part. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Page that checks if a user exists on a remote system
I am looking to do like Hotmail, or Yahoo!, or Mail.com, or any of the other places do. I can go sign up on their site and immediately have an e-mail account that I can start using. No admin has to take the time to create my account for me. You do understand that these hosts have MAJOR PROBLEMS and invest inordinate amounts of resources to users who abuse their services. You're going to be spending a HUGE amount of money/time if you have something as wide-open as those. Their whole schtick is Free Email so it's worth it to them to invest in an army of people to handle the problems. Is it worth it to you? HIGHLY unlikely. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Magic-quotes
Jeff McKeon wrote: Does having magic-quotes=on prevent an attacker from using a urlized sql inject query? Not likely. Magic Quotes is a convenience feature, not a security feature. Magic Quotes is oft-understood, even by journeymen PHP programmers. Magic Quotes takes all incoming POST/GET data and calls http://php.net/addslashes on it before you see it. The assumption is that MOST of the POST/GET data you are getting, you want to put into your database. The downside is that if you are doing something with that data other than putting it in a database (EG: re-displaying it to the user, or logging it in a file, or...) you'll need to call http://php.net/stripslashes on it, to undo the Magic Quotes. If *MOST* of your incoming POST/GET data isn't actually going into a database, turn Magic Quotes off. If you want portable code, write a function to check Magic Quotes on/off, and call addslashes only if it's off. The thing that always kills me is when programmers call stripslashes on data that comes *OUT* of MySQL. No, no, no, no. Whatever it is you did, or think you are doing, or think you are fixing, that's WRONG. Maybe you called addslashes twice, once with Magic Quotes, and once by hand and that's how the data in the database got screwed up. Or maybe you just don't understand WHY addslashes does what it does. But calling stripslashes on data coming OUT of MySQL is WRONG. MySQL eats the 'extra' apostrophes when the data comes 'in' through your SQL statement. There are no apostrophes to strip after the data was been sucked into MySQL. If there *are* apostrophes you don't want in that data, you screwed up already getting the data in there. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Page that checks if a user exists on a remote system
Richard, Very good point, and you are correct, I am not looking to hire an army and spend tons of time and money on it. I have since rethought this, thanks in part to this thread. I have decided to go with something more secure. Since I have a database of users already for the site on ServerA, I will just set up a cron job on ServerB that runs a script that queries that database and then adds, edits, removes users accordingly. That way the access of the shell is being done always by a trusted system only user. I will put an extra table in my database called something like user_email_account_management_requests and the remote script with check that for any tasks it needs to do. Thanks again to all those who helped me with this. I have learned quite a bit and enjoyed it. Best regards, -- Jonathan Duncan http://www.nacnud.com On Mon, 6 Dec 2004, Richard Lynch wrote: I am looking to do like Hotmail, or Yahoo!, or Mail.com, or any of the other places do. I can go sign up on their site and immediately have an e-mail account that I can start using. No admin has to take the time to create my account for me. You do understand that these hosts have MAJOR PROBLEMS and invest inordinate amounts of resources to users who abuse their services. You're going to be spending a HUGE amount of money/time if you have something as wide-open as those. Their whole schtick is Free Email so it's worth it to them to invest in an army of people to handle the problems. Is it worth it to you? HIGHLY unlikely. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Strange behaviour with PHP on Apache
That sounds like a nice hint. Unfortunately there seems to be no error in the apache2 error logfile - This must have been near the time, when the strange behaviour began: [Mon Dec 06 14:58:07 2004] [warn] NameVirtualHost 82.165.42.181:80 has no VirtualHosts [Mon Dec 06 14:58:09 2004] [notice] Apache/2.0.49 (Linux/SuSE) configured -- resuming normal operations [Mon Dec 06 14:58:09 2004] [warn] long lost child came home! (pid 1482) ...But as I saw in the Apache2 documentation, the warning 'long lost child came home' isn't that bad and can occur time by time. Any ideas? -Ursprüngliche Nachricht- Von: Jason Wong [mailto:[EMAIL PROTECTED] Gesendet: Montag, 6. Dezember 2004 19:54 An: [EMAIL PROTECTED] Betreff: Re: [PHP] Strange behaviour with PHP on Apache On Tuesday 07 December 2004 00:33, Stefan wrote: Users trying to access my php-scripted websites (different projects) got a 'download' message instead of the site (as if the site (.php) was a downloadable file (e.g. .tgz or something else))). It sounds like what would happen when your PHP aren't being processed and Apache's just dumping the file contents (ie your source code) to the browser. After restarting apache2 the problem was gone for about 2 hours, but then it came back. As first reaction I visited my log files instantly, but nothing looked different there. After it came for the second time, I restarted the server by 'init 6' and it is gone since then. Is this the error log file you looked at? The access logs won't tell you much. -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- /* BOFH Excuse #71: The file system is full of it */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Coding Question
Jason Wong wrote:
On Monday 06 December 2004 14:19, Rory Browne wrote:
If I'm not mistaken Al wanted to return something if the thing failed,
without having to put it inside an if_block.
I'm watching this with curiosity, because return is a language
construct, and not a function, or anything that has a value.
You can have:
... OR $error = Oh dear;
But the say I see it, eventually, somewhere in your code you need to test for
it. Essentially you're just moving the test somewhere else.
Essentially, I'm creating warning reports for my users, not code errors. The
users can then email the warnings to our webmaster.
Here's what I ended up with:
@$host_link= mysql_connect($host, $user, $pw)
OR $values['msg']= $values['msg'] . Could not connect to mySQL host ;
if($host_link){
$db_link= mysql_select_db($db, $host_link)
OR $values['msg']= $values['msg'] . Could not connect to mySQL DB: $db;
}
if($host_link AND $db_link){
$result = mysql_db_query($db,select count(*) from $table)
OR $values['msg']= $values['msg'] . Could not connect to mySQL Table: $table;
}
if($host_link AND $db_link AND $result){
$values['num_records'] = ($result0) ? mysql_result($result,0,0) : 0;
}//end if
return $values; //tech notes and db table stuff
The calling page echoes $values['msg'] in nice red text.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Magic-quotes
On Mon, 2004-12-06 at 13:47, Jeff McKeon wrote: Assuming I have no portability needs and have magic_quotes=on, can you elaborate on somewhat? Somewhat... till someone comes along and changes your php.ini, or you transfer your code to another server and forget to enable magic quotes. At which time everything is open to the sky. More secure to have it disabled and then accidentally have it enabled and have double quoting taking place :) IMHO magic quotes are right up there with register globals in the nice idea but not in practice features. It's a prime example of where protecting newbies from themselves makes everything more painful in the long run. Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Magic quotes
Hi, If I have an sql interogation, for example: $sql = SELECT id, name FROM shop WHERE cat_id = $cat_id ; For my server doesn't work...only if i put ... cat_id = '$cat_id' I think i haven't set up apache.. What is the problem? Thanks
Re: [PHP] Magic-quotes
* Richard Lynch [EMAIL PROTECTED]: Jeff McKeon wrote: Does having magic-quotes=on prevent an attacker from using a urlized sql inject query? Not likely. Magic Quotes is a convenience feature, not a security feature. Magic Quotes is oft-understood, even by journeymen PHP programmers. oft-MISunderstood... ;-) Magic Quotes takes all incoming POST/GET data and calls http://php.net/addslashes on it before you see it. snip The thing that always kills me is when programmers call stripslashes on data that comes *OUT* of MySQL. No, no, no, no. Whatever it is you did, or think you are doing, or think you are fixing, that's WRONG. Maybe you called addslashes twice, once with Magic Quotes, and once by hand and that's how the data in the database got screwed up. Or maybe you just don't understand WHY addslashes does what it does. But calling stripslashes on data coming OUT of MySQL is WRONG. Umm... I hate to disagree with you, but this depends entirely on your server settings. It is only wrong if you have magic_quotes_runtime set to off. If magic_quotes_runtime is ON, then, as the manual says, most functions that return data from any sort of external source including databases and text files will have quotes escaped with a backslash. In other words, if magic_quotes_runtime is ON, you *will* need to run stripslashes on data returned from your database if you don't want quotes escaped with a backslash. -- Matthew Weier O'Phinney | mailto:[EMAIL PROTECTED] Webmaster and IT Specialist | http://www.garden.org National Gardening Association| http://www.kidsgardening.com 802-863-5251 x156 | http://nationalgardenmonth.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Magic-quotes
The thing that always kills me is when programmers call stripslashes on data that comes *OUT* of MySQL. No, no, no, no. Whatever it is you did, or think you are doing, or think you are fixing, that's WRONG. Maybe you called addslashes twice, once with Magic Quotes, and once by hand and that's how the data in the database got screwed up. Or maybe you just don't understand WHY addslashes does what it does. But calling stripslashes on data coming OUT of MySQL is WRONG. Umm... I hate to disagree with you, but this depends entirely on your server settings. It is only wrong if you have magic_quotes_runtime set to off. If magic_quotes_runtime is ON, then, as the manual says, most functions that return data from any sort of external source including databases and text files will have quotes escaped with a backslash. In other words, if magic_quotes_runtime is ON, you *will* need to run stripslashes on data returned from your database if you don't want quotes escaped with a backslash. You're right, of course. I should have explicitly stated that this only applied to the zillions who have Magic Quotes on, call addslashes before putting data into the database, then have extra slashes in the database, then call stripslashes when they get data out of the database. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Coding Question
Al wrote: Essentially, I'm creating warning reports for my users, not code errors. The users can then email the warnings to our webmaster. Jason Wong wrote: On Monday 06 December 2004 14:19, Rory Browne wrote: $result = mysql_db_query($db,select count(*) from $table) OR $values['msg']= $values['msg'] . Could not connect to mySQL Table: $table; //tech notes and db table stuff The calling page echoes $values['msg'] in nice red text. Here's what's wrong with this plan: #1. You are exposing the fact that you use MySQL to users. So malicous users don't need to figure out that you are using MySQL: They can just start trying all the MySQL things to break into your server. As a general rule, you do not want users to know what software/version you are running. While this does fall into the security by obscurity category, which is generally not good there are compelling arguments for making it harder for the bad guys to figure out what software you are using. #2. They won't. Oh, sorry. The USERS will *NOT* email your message to the webmaster. Oh, some will. Most, however, will email your webmaster with oh-so-usefull messages like. I was on your website, and I got an error message, and it's broken. HELP! Put the details you need to debug your software in a place where you webmaster can read them, no matter what the user does to mangle, shorten, or otherwise ruin the message. http://php.net/error_log is good for this. #3. It's just Bad Form to tell users a bunch of crap they don't understand, don't care about, and can only be puzzled by. The message the users see should be more like: Website down for maintenance. Please try again later. The error messages you need to FIX the site are in the Apache log (or your own logfile) where they belong. There might be some exceptions to all this -- If you have only one or two admin people, whom you trust to actually copy paste the error messages and send them to you, displaying them on those admin screens is not so bad. That user is probably your client who already knows what software is in use (or can find out easily) and isn't likely to sabotage their own site, and can maybe be trained to do the right thing... OTOH, logging to a file and giving them a message they understand (Something broke. Call Rich and tell him what you were doing.) is probably better anyway. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re:[PHP] Magic-quotes
So now the big question which will undoubtly spark a lot of opinions (I hope). We use apache/php/mysql based sites for internal management of our systems and would now like to give our customers direct access to manage their accounts via the web. Naturally this raises security concerns. From the PHP perspective, is Apache/PHP(as Module)/MySQL a secure enough platform to use for a public website that will access a production database? Opinions? Thoughts? Thanks, Jeff -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Coding Question
Richard Lynch wrote: Al wrote: Essentially, I'm creating warning reports for my users, not code errors. The users can then email the warnings to our webmaster. Jason Wong wrote: On Monday 06 December 2004 14:19, Rory Browne wrote: $result = mysql_db_query($db,select count(*) from $table) OR $values['msg']= $values['msg'] . Could not connect to mySQL Table: $table; //tech notes and db table stuff The calling page echoes $values['msg'] in nice red text. Here's what's wrong with this plan: #1. You are exposing the fact that you use MySQL to users. So malicous users don't need to figure out that you are using MySQL: They can just start trying all the MySQL things to break into your server. As a general rule, you do not want users to know what software/version you are running. While this does fall into the security by obscurity category, which is generally not good there are compelling arguments for making it harder for the bad guys to figure out what software you are using. #2. They won't. Oh, sorry. The USERS will *NOT* email your message to the webmaster. Oh, some will. Most, however, will email your webmaster with oh-so-usefull messages like. I was on your website, and I got an error message, and it's broken. HELP! Put the details you need to debug your software in a place where you webmaster can read them, no matter what the user does to mangle, shorten, or otherwise ruin the message. http://php.net/error_log is good for this. #3. It's just Bad Form to tell users a bunch of crap they don't understand, don't care about, and can only be puzzled by. The message the users see should be more like: Website down for maintenance. Please try again later. The error messages you need to FIX the site are in the Apache log (or your own logfile) where they belong. There might be some exceptions to all this -- If you have only one or two admin people, whom you trust to actually copy paste the error messages and send them to you, displaying them on those admin screens is not so bad. That user is probably your client who already knows what software is in use (or can find out easily) and isn't likely to sabotage their own site, and can maybe be trained to do the right thing... OTOH, logging to a file and giving them a message they understand (Something broke. Call Rich and tell him what you were doing.) is probably better anyway. I greatly appreciate your taking an interest in my question. I didn't explain all the details since I was trying to keep my message short. My users are not public. They are a few selected individuals who only have access via an Apache authentication dialog. Thanks -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] using sprinf()
Hi, in session.c , i try to use char *val; sprintf(val, %s, PS(id)); PS(mod)-s_write(PS(mod_data), PS(id), val, strlen(val), TSRMLS_CC); but i cant move between scripts that has session_start() on them. any ideas? cheers -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re:[PHP] Magic-quotes
On Mon, 2004-12-06 at 16:22, Jeff McKeon wrote: So now the big question which will undoubtly spark a lot of opinions (I hope). We use apache/php/mysql based sites for internal management of our systems and would now like to give our customers direct access to manage their accounts via the web. Naturally this raises security concerns. From the PHP perspective, is Apache/PHP(as Module)/MySQL a secure enough platform to use for a public website that will access a production database? Opinions? Thoughts? This is pretty much a separate topic and so really belongs in a separate thread, but since I'm making this point I may as well answer anyways :) Absolutely. Security while somewhat linked to the language, is more a question of the developer's experience and ability. The Apache/PHP (as Module or CGI)/MySQL solution is used in millions of websites, of which I'm sure a large portion are public access. Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Parsing multiple XML documents as strings. Inbox
Hi,
We worked with Sablotron before but switched over to the libxslt
library on PHP5 to perform XSL transformations. We used the wrapper
code found on http://be.php.net/xsl so that our old xslt_ functions
continued to work.
Now, with Sablotron we used to parse multiple XML documents as strings
and one XSL file from disk. With libxslt it doesn't seem possible
parsing XML documents as strings.
This is the old method which worked fine, using Sablotron:
$args[/list_docu] = contentsome xml/content;
$result = xslt_process($xh, 'arg:/_xml', 'arg:/_xsl', NULL, $args, $params);
This node could then be access with XSL:
xsl:for-each select=document('arg:/list_docu')/content
When I run this code using libxslt/PHP5 and the wrapper I get the error:
Warning: I/O warning : failed to load external entity arg:/list_docu
This is because the XML documents must be saved on disk I guess.
Isn't there any way to load the XML documents as strings???
Grtz,
Bart
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Random data loss.
With out posting any code I was wondering if anyone here has been experiencing this kind of problem. I have a standard web from that PHP code then reads and saves the data into a MySQL DB. The problem is some of my users have had data lost somewhere in this process. The web site is www.thewishzone.com. It is a wish list site and the data that seems to be getting lost is the price of an item a user adds to their wish list. I can't seem to duplicate it here. However one user did have it happen twice in a short time period. They enter a valid price and after the record posts the price goes to zero. Any ideas? Chris W Gift Giving Made Easy Get the gifts you want give the gifts they want this holiday season http://thewishzone.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Random data loss.
Could be a problem of multiple update modules for the same table. When I've encountered this problem in the past it's been one of two causes. 1. In the process of maintaining the table one routine that has no price information, retrieves the row and notices that the something needs to be changed, and instead of only updating columns that have changed it seeks to update all of them (perhaps satisfying one programmers sense of order), and since it has no price info, it replaces the price with zero (good rule IMHO; only update columns that you know need to be changed). 2. Update queries that did not specify all the appropriate where clauses, thereby updating multiple rows, and perhaps in this case updating with zero prices (perhaps contributed to by coding all elements as above). (a rule that I apply to myself, not necessarily quite as good as the previous rule, use artificial keys [auto increment fields] and update with unique [or a list of] artificial key in the where clause). One nice thing about auto increment primary keys is they are self locking in that no two insert rows can get the same artificial key, even if the insert occurs at the same time (at least in MySQL). Take a look at the text in your actual queries and read them over and over, the answer is there. Don't consider this an exhaustive list, there are lots of people out there more clever than I coming up with new ways to loose data every day. But this is where I would start. Hope this helps, Warren Vail -Original Message- From: 2wsxdr5 [mailto:[EMAIL PROTECTED] Sent: Monday, December 06, 2004 4:27 PM To: [EMAIL PROTECTED] Subject: [PHP] Random data loss. With out posting any code I was wondering if anyone here has been experiencing this kind of problem. I have a standard web from that PHP code then reads and saves the data into a MySQL DB. The problem is some of my users have had data lost somewhere in this process. The web site is www.thewishzone.com. It is a wish list site and the data that seems to be getting lost is the price of an item a user adds to their wish list. I can't seem to duplicate it here. However one user did have it happen twice in a short time period. They enter a valid price and after the record posts the price goes to zero. Any ideas? Chris W Gift Giving Made Easy Get the gifts you want give the gifts they want this holiday season http://thewishzone.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Random data loss.
2wsxdr5 wrote: With out posting any code I was wondering if anyone here has been experiencing this kind of problem. I have a standard web from that PHP code then reads and saves the data into a MySQL DB. The problem is some of my users have had data lost somewhere in this process. The web site is www.thewishzone.com. It is a wish list site and the data that seems to be getting lost is the price of an item a user adds to their wish list. I can't seem to duplicate it here. However one user did have it happen twice in a short time period. They enter a valid price and after the record posts the price goes to zero. Any ideas? pretty hard to tell with this information. What you might want to do, is to call the error_log() function with the insert query that is being executed. That way you will have a record of each query that has been executed. (if you have a software that can analyse your mysql binary log, it could serve the same purpose). You could then look at these queries to see if there is anything suspicious. You could also have a bit of code that tests the value of the price variable in each page and mail you all the env settings if price happens to be zero that way you would have a chance of reproducing the problem. Chris W Gift Giving Made Easy Get the gifts you want give the gifts they want this holiday season http://thewishzone.com -- Raditha Dissanayake. -- http://www.radinks.com/print/card-designer/ | Card Designer Applet http://www.radinks.com/upload/ | Drag and Drop Upload -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] inserting html within a mail body
Hi, I am using the mail() function in php andI am looking for a quick and easy way to make the mail_body of an auto response email with HTML tags in it so I can add some style to it. Are the use of CSS tags possible too? Any suggestions will be much appreciated Ross -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] inserting html within a mail body
On Tue, 7 Dec 2004 02:31:10 -, Ross Hulford [EMAIL PROTECTED] wrote: Hi, I am using the mail() function in php andI am looking for a quick and easy way to make the mail_body of an auto response email with HTML tags in it so I can add some style to it. Hi! The PHPs manual page on the mail function shows an example of sending HTML mail. http://www.php.net/manual/en/function.mail.php I've also attached it below: snip ?php /* recipients */ $to = [EMAIL PROTECTED] . , ; // note the comma $to .= [EMAIL PROTECTED]; /* subject */ $subject = Birthday Reminders for August; /* message */ $message = ' html head titleBirthday Reminders for August/title /head body pHere are the birthdays upcoming in August!/p table tr thPerson/ththDay/ththMonth/ththYear/th /tr tr tdJoe/tdtd3rd/tdtdAugust/tdtd1970/td /tr tr tdSally/tdtd17th/tdtdAugust/tdtd1973/td /tr /table /body /html '; /* To send HTML mail, you can set the Content-type header. */ $headers = MIME-Version: 1.0\r\n; $headers .= Content-type: text/html; charset=iso-8859-1\r\n; /* additional headers */ $headers .= To: Mary [EMAIL PROTECTED], Kelly [EMAIL PROTECTED]\r\n; $headers .= From: Birthday Reminder [EMAIL PROTECTED]\r\n; $headers .= Cc: [EMAIL PROTECTED]; $headers .= Bcc: [EMAIL PROTECTED]; /* and now mail it */ mail($to, $subject, $message, $headers); ? /snip HTH -- ramil http://ramil.sagum.net -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Parsing multiple XML documents as strings. Inbox
On Mon, 6 Dec 2004 23:10:15 +0100, Goformusic Support
[EMAIL PROTECTED] wrote:
Hi,
We worked with Sablotron before but switched over to the libxslt
library on PHP5 to perform XSL transformations. We used the wrapper
code found on http://be.php.net/xsl so that our old xslt_ functions
continued to work.
Now, with Sablotron we used to parse multiple XML documents as strings
and one XSL file from disk. With libxslt it doesn't seem possible
parsing XML documents as strings.
This is the old method which worked fine, using Sablotron:
$args[/list_docu] = contentsome xml/content;
$result = xslt_process($xh, 'arg:/_xml', 'arg:/_xsl', NULL, $args, $params);
This node could then be access with XSL:
xsl:for-each select=document('arg:/list_docu')/content
When I run this code using libxslt/PHP5 and the wrapper I get the error:
Warning: I/O warning : failed to load external entity arg:/list_docu
This is because the XML documents must be saved on disk I guess.
Isn't there any way to load the XML documents as strings???
I don't know your wrapper class, but it's perfectly possible to load
XML documents from strings:
see
http://ch.php.net/manual/en/ref.xsl.php
and
http://ch.php.net/manual/en/function.dom-domdocument-loadxml.php
for further details.
chregu
Grtz,
Bart
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
christian stocker | Bitflux GmbH | schoeneggstrasse 5 | ch-8004 zurich
phone +41 1 240 56 70 | mobile +41 76 561 88 60 | fax +41 1 240 56 71
http://www.bitflux.ch | [EMAIL PROTECTED] | gnupg-keyid 0x5CE1DECB
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] searching with mutable criteria
I am having a problem with this script what it does is write the sql
needed to search for data based on mutable criteria. It works fine if
you search with all the different fields but if you only search with
one or two of the fields it creates a sql that looks like this
SELECT * FROM listing WHERE state = 'WA' AND LIMIT 0,5
It adds the AND before the limit if you use all three fields it does
not add the AND. How can I change this so it will not add the AND if
there is only a search on one or two of the fields
$cond = AND;
$sql = 'SELECT * FROM listing ';
if($_POST[state] != || $_POST[types] != || $_POST[county] !=
){$sql .= WHERE ;
if($_POST[state] != ){
$sql .= state = '. $_POST[state] .';
if($_POST[state] != || $_POST[types] != || $_POST[county] !=
){$sql .= $cond ;}
}
if($_POST[type] != ){
$sql .= types = '. $_POST[types] .';
if($_POST[state] != || $_POST[types] != || $_POST[county] != )
{$sql .= $cond ;}
}
if($_POST[county] != ){
$sql .= county = '. $_POST[county] .';
if($_POST[state] != || $_POST[types] != || $_POST[county] !=
){$sql.= $cond ; }
}
)
$sql .= LIMIT . $from . , . $max_results;
echo $sql
--
Best regards,
Richard mailto:[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
