Re: [PHP] PHP Memory limit exceeded
Richard Lynch wrote: At the other hand i did find some huge mistake at my side... only the download of the file require 28MB (god knows why! but i wont start to bother u folks about it now) the upload need 16MB so clearly u were correct but im sorry to admit that i didnt understand y its getting tripled... after all the result $res is a result of an INSERT not a SELECT therfore it doesnt return all the data but just an identification if the action went succesful or not... or maybe im wrong here also? PHP probably has to create an extra big chunk of text somewhere in the process of sending the data to PostgreSQL. or it was simpler to write :) About the mysql's function... well its mysql and im using postgresql... i tried to search for something that could help uploading files data to the server but didnt find anything useful. Sorry. I suspect they operate the same internally anyway, in terms of transferring data to/from the database, and buffering the query. no, load_file() is mysql internal function. the file is read by mysql server, so it completely bypass php and also client libraries. you need to have file priviledge. Hi and thanks again Richard and Marek, Finally I found the solution that I craved for which is large objects at postgresql, I can upload and d/l files with memory consuming of just alittle bit more of the file size itself. Actually I have to admit that I saw that option before but I thought that its quite useless for my needs because they wrote there that after version 7.1 of postgresql the large objects interface is partially obsolete and they also wrote that one of the remaining beneifits of using it is that it can hold up to 2GB!! instead of the new TOAST of 1GB!! so I thought that I dont need it at all if anyway I can get to 1GB but apprantly they didnt wrote anywhere about the memory consumption diffrence... or maybe I dont control the english language as I wish to :) The large objects manual - http://www.postgresql.org/docs/7.4/interactive/largeobjects.html (for ver 7.4) Thanks alot again, Ben-Nes Yonatan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] CfP: Workshop on Scripting for the Semantic Web
--- CALL FOR PAPERS --- Workshop on Scripting for the Semantic Web http://www.semanticscripting.org/SFSW2005/ co-located with 2nd European Semantic Web Conference May 30, 2005, Heraklion, Greece --- Large parts of the current Web rely on scripting languages such as Python, PHP, Perl, JavaScript, ASP, JSP, ActionScript and ColdFusion. These languages are the tools of a generation of web programmers who use them to quickly create server-side and client-side web applications. Support for scripting languages is widely deployed within the current web infrastructure: PHP for example is installed on 16 million domains. It is therefore likely that scripting languages will also play a crucial role in the Semantic Web gaining critical mass. Scripting languages are lightweight and easy to learn, but on the other hand mature enough to be used within complex applications, as the Mozilla, Zope and CWM projects show. Many deployed Semantic Web applications, for example in the FOAF and RSS communities, are already using these languages and it is likely that the process of RDF-izing existing database-backed websites, wikis, weblogs and CMS will largely rely on scripting languages. The workshop aims to bring together for the first time developers of the RDF base infrastructure for scripting languages with practitioners building applications using these languages. The goal of the workshop is to give an overview of the current support for Semantic Web technologies within scripting languages, to showcase innovative Semantic Web applications relying on these languages. TOPICS OF INTEREST Topics of interest include, but are not limited to: Infrastructure * Semantic Web frameworks and APIs for scripting languages * RDF parsers and serializers for scripting languages * RDF repositories and query languages implemented using scripting languages * Semantic Web Service frameworks for scripting languages * Reasoning engines implemented using scripting languages * Semantic Web publishing and data syndication frameworks Applications * Semantic Web applications using scripting languages * Approaches to RDF-izing existing applications * Wikis, weblogs, data syndication and content management applications using RDF * RDF/OWL editors and authoring environments * Semantic Web Mining and Social Network Analysis * Scripting applications using FOAF, RSS, ATOM, DOAP, LOM, Dublin Core * Tools and methodologies for the semantic annotation of web data Conceptual * Rapid development techniques for the Semantic Web * Employment of scripting language characteristics for Semantic Web development * Scalability and benchmarks of Semantic Web scripting applications TYPES OF PAPERS We seek two kinds of papers: Full papers that and short papers. Full papers should not exceed ten pages in length. Short papers are expected to be four to six pages. Papers from both categories will be peer-reviewed by three independent reviewers. Both full papers and short papers will be included in the workshop proceedings. SUBMISSION DETAILS Papers should be submitted electronically via the workshop website in PDF format. Papers must be formatted according to Springer LNCS. Please see www.springer.de/comp/lncs/authors.html for details. DEADLINES Papers must me submitted electronically by March 30, 2005. Notification of the reviewing results will be made on April 28, 2005. Final camera-ready versions of accepted papers must be provided electronically by May 5, 2005. PROGRAM SFSW will be a one day workshop consisting of an introduction about the use of scripting languages in the context of the semantic web, presentations of submitted papers, and (probably) a panel as well as time for discussion. WORKSHOP CO-CHAIRS * Chris Bizer, Freie Universität Berlin, Germany * Libby Miller, University of Bristol, United Kingdom * Sören Auer, Universität Leipzig, Germany PROGRAM COMMITTEE * Danny Ayers, Independent Author, Italy * Dave Beckett, University of Bristol, United Kingdom * Matt Biddulph, BBC, United Kingdom * Dan Brickley, W3C, United Kingdom * Stefan Decker, DERI, Ireland * Edd Dumbill, O'Reilly, United Kingdom * Leigh Dodds, Ingenta, United Kingdom * Klaus-Peter Fähnrich, Universität Leipzig, Germany * Axel Hecht, Mozilla Europe, Germany * Ben Forta, Macromedia, United States * Morten Frederiksen, MFD Consult, Denmark * Andi Gutmans, Zend, Israel * Chris Goad, Map Bureau, United States * Gunnar AA. Grimnes, University of Aberdeen, United Kingdom * Heinrich Herre, Universität Leipzig, Germany * Masahide Kanzaki, Keio University, Japan * Daniel Krech, University of Maryland, United States * Jim Ley, Independent Developer, United Kingdom * Benjamin Nowack, Independent Developer, Germany * Uche Ogbuji, Fourthought, United States * Sean Palmer, Independent Developer, United
[PHP] How to prevent user directly input SQL query
I'm curious about how to protect SQL query. For example, if I get some varaibles from user using GET or POST method. Then, I have to use it in a SQL query sentense. How can I make sure that users don't do trick by inserting some SQL command into the variable resulting in miss sql command? Is there any method to prevent that? Another question is that, are there any PHP build-in function to remove some unwanted charactor (like and ' and \ and / ...) or I have to do it manually? Best Regards, Thone -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to prevent user directly input SQL query
Hello Thone you can use mysql_real_escape_string() or mysql_real_escape_string() for versions prior to 4.3.0, to aissist with quoting mysql queries, if you use another DB, look at the manual for the relevant escape function. I use this function after just before i insert variables into a sql string. function clean($var){ if(!get_magic_quotes_gpc()){ if(!function_exists(mysql_real_escape_string)){ return mysql_escape_string($var); } return mysql_real_escape_string($var); } if(!function_exists(mysql_real_escape_string)){ return mysql_escape_string( stripslashes( $var)); } return mysql_real_escape_string( stripslashes( $var)); } Then when details are submitted, make sure you clean any unwanted content from those variables , also make sure input is what your expecting, i.e if(ctype_digit($_GET['someid'])){ $cleanid = clean($_GET['someid']); } $sql = SELECT `field` FROM `table` WHERE `someid`='$cleanid'; Also see http://phpsec.org/ its a new website that will help you on your way to assisting with securing your php applications. HTH Jarrattt On Mon, 07 Feb 2005 20:01:43 +0700, Thone [EMAIL PROTECTED] wrote: I'm curious about how to protect SQL query. For example, if I get some varaibles from user using GET or POST method. Then, I have to use it in a SQL query sentense. How can I make sure that users don't do trick by inserting some SQL command into the variable resulting in miss sql command? Is there any method to prevent that? Another question is that, are there any PHP build-in function to remove some unwanted charactor (like and ' and \ and / ...) or I have to do it manually? Best Regards, Thone -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Apache 2.0.52, PHP 5.03, FreeBSD 4.10 memory problems
I'm running Apache 2.0.52 and PHP 5.03 in a jailed (Virtual Private Server) FreeBSD 4.10 envirorement. PHP 5.03 is running as php_mod and was installed quite recently. Since then (better, since someone started using it) I've been getting these errors in the httpd-error log: Allowed memory size of 8388608 bytes exhausted (tried to allocate 79 bytes) And this one in the php-error log: [06-Feb-2005 17:25:50] PHP Fatal error: Allowed memory size of 8388608 bytes exhausted (tried to allocate 6587593 bytes) in xxx/xxx/xxx/xxx/xxx/xxx.php on line 53 I also see several thousands of notices in the PHP-error log within the time-frame of a single second, plus diveded by zero, etc. Of course, I asked the programmer to fix all of these issues.Among others, there was a script that outputted a html-form with 2 columns, 100 rows each containing select-boxes with 100 full names (and those 100 names were the same of every column/row in that form :-|). But the problem is not so much that someone is using broken and the most inefficient scripts, but more that they are crashing the entire box! When these scripts are run, the box becomes totally unresponsive, afterwards all cgi and php request to Apache fail with a 500 error and sometimes the whole box crashes completely, apparently from memory exhaustion. :-( It this a bug somewhere in PHP, Apache or FreeBSD? How can I protect myself against this? I can't manually check every script, and the memory and time limits in php.ini (20s for exe, 30s for input and 8MB for mem) don't seem effective here. What are my options to make Apache 2 and PHP 5 full proof against such scripts? Kind Regards, Sander Holthaus -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] mysqli connection problem
Hello, This question was asked many times, but I can't find a good answer. I am getting this error message while trying to connect to MySQL server (PHP + PEAR::DB_DataObject): Can't connect to local MySQL server through socket '' (111) (notice '' - is that right?) Does anyone have any ideas about how to get rid of this error? Configuration: * RedHat Enterprise Linux AS3 * Apache 2.0.46 * PHP 5.0.2 * MySQL 4.1.9, mysqli ext. Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP, exception and PostgreSQL
Hello, is here somebody who works with PostgreSQL in PHP? I have a PL/SQL function, which can raise an exception. I am not able to catch _only_ exception error message in PHP. I can parse Warning: pg_query(): Query failed: ERROR: Exception error string. in... but I think, it is not clear solution. Thank you for your reply. -- Jiri Nemec -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: [PHP-DB] mysqli connection problem
Denis Gerasimov wrote: Hello, This question was asked many times, but I can't find a good answer. I am getting this error message while trying to connect to MySQL server (PHP + PEAR::DB_DataObject): Can't connect to local MySQL server through socket '' (111) (notice '' - is that right?) Does anyone have any ideas about how to get rid of this error? Configuration: * RedHat Enterprise Linux AS3 * Apache 2.0.46 * PHP 5.0.2 * MySQL 4.1.9, mysqli ext. Thanks! [Note: reply-to set to php-db as it's multimailed and I don't see this as a mysql general issue, nor php general, but feh.] Looks to be set blank/null/etc. You may be slightly tricked by the existence of both of these - from your standard php.ini... - ; Default socket name for local MySQL connects. If empty, uses the built-in mysql.default_socket = ; Default socket name for local MySQL connects. If empty, uses the built-in ; MySQL defaults. mysqli.default_socket = - I can't see any reason why you wouldn't be able to use the same socket - you're connecting to the same exact server, it's just a path. You should be perfectly able to set your mysqli.default_socket to the same as the mysql.default_socket. I can't tell you what the default for your system is, but there are php functions to get configuration options, if you don't have it in any obvious places. Cheers, -- - Martin Norland, Database / Web Developer, International Outreach x3257 The opinion(s) contained within this email do not necessarily represent those of St. Jude Children's Research Hospital. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Remote Procedure Call Failed
On Sun, 6 Feb 2005 19:36:23 -0500, Andre Dubuc [EMAIL PROTECTED] wrote: On Sunday 06 February 2005 07:18 pm, Alex Gemmell wrote: Hello, I am building a login system for my website but I keep experiencing an error on a specific PHP page that I have never encountered before and it seems worryingly low-level! It says: The remote procedure call failed. And that's it! Nothing else is on the page. Sometimes I get a slightly different (but equally scary) error: PHP has encountered a Stack overflow I've googled these errors and some people have posted them but I found no solution. I've searched the PHP bug database but found nothing. Has anyone else encountered this and is there a solution? FYI: Other (more simple) PHP scripts work fine (so my PHP installation seems to be ok) and this error only started happening last week. I haven't changed this PHP/MySQL installation in months. I'm testing my script on a (Windows) server in my office on which this error occurs. When I upload it to a second remote (Linux) test server it works fine! Office Server: Windows 2000 Server + IIS 5.1, PHP Version 4.3.9 (Zend Engine v1.3.0), MySQL 3.23.49. *CGI Version - I am considering changing to ISAPI. Would this help do you think? Remote Server: Linux + Apache, PHP Version 4.1.2 (Zend Engine v1.1.1), MySQL 3.23.39. Any ideas gratefully received! Thanks, Alex First off: register_globals=on on Windows server, register_globals=off in Linux, by any chance? I ran into a similar problem (w/o the 'low-level' messages). Are you calling https for login procedures? Had a problem with that too. Hth, Andre Thank you Andre! That was spot on - my Windows PHP installation has register_globalsoff. When I turned it on the error messages disappeared. Success! FYI: I found this in the PHP manual: If your script uses session_register(), it will not work in environments where the PHP directive register_globals is disabled. I was using session_register() in one place so perhaps this was the problem? PHP manual also says this: Caution If you are using $_SESSION (or $HTTP_SESSION_VARS), do not use session_register(), session_is_registered(), and session_unregister(). Well, I have a few lines like these two: session_register('email_address'); $_SESSION['email_address'] = $email_address; If I simply delete the first line (session_register('email_address');) everything will still work... right? -- Alex Gemmell |:| [EMAIL PROTECTED] |:| -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Remote Procedure Call Failed
Alex Gemmell wrote: .. Well, I have a few lines like these two: session_register('email_address'); $_SESSION['email_address'] = $email_address; If I simply delete the first line (session_register('email_address');) everything will still work... right? yes - on one condition: somewhere in you app/script you must make a call to session_start() before attempting to use the $_SESSION superglobal var. -- Alex Gemmell |:| [EMAIL PROTECTED] |:| -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Remote Procedure Call Failed
On Mon, 07 Feb 2005 18:14:22 +0100, Jochem Maas [EMAIL PROTECTED] wrote: Alex Gemmell wrote: .. Well, I have a few lines like these two: session_register('email_address'); $_SESSION['email_address'] = $email_address; If I simply delete the first line (session_register('email_address');) everything will still work... right? yes - on one condition: somewhere in you app/script you must make a call to session_start() before attempting to use the $_SESSION superglobal var. Great! That's exactly what I wanted to hear. I know to use session_start() at the beginning of my scripts so it looks like I am good to go! Thank you to each of you who helped me with this! -- Alex Gemmell |:| [EMAIL PROTECTED] |:| -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] MySQL Error 1251 / phpMyAdmin
I just installed phpMyAdmin 2.6.1 on my Windows Laptop with PHP Version 4.3.10 [Build Date Dec 14 2004 17:46:48] and mySql 4.1.8 I am receiving the enclosed error when I attempt to go into phpMyAdmin and do not know how to solve the issue... Any assistance would be greatful. Thank you Gary //## ERROR RECIEVED // Welcome to phpMyAdmin 2.6.1 phpMyAdmin tried to connect to the MySQL server, and the server rejected the connection. You should check the host, username and password in config.inc.php and make sure that they correspond to the information given by the administrator of the MySQL server. Error MySQL said: #1251 - Client does not support authentication protocol requested by server -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: MySQL Error 1251 / phpMyAdmin
You have mysql 4.1.8, but your php was built with the library for an earlier version, which, as the error message says, doesn't support the new, more secure authentication protocol. Your choices are to tell mysql to use the older, less-secure protocol, or build a copy of php using your current mysql client library. See the manual for more http://dev.mysql.com/doc/mysql/en/old-client.html. Michael GH wrote: I just installed phpMyAdmin 2.6.1 on my Windows Laptop with PHP Version 4.3.10 [Build Date Dec 14 2004 17:46:48] and mySql 4.1.8 I am receiving the enclosed error when I attempt to go into phpMyAdmin and do not know how to solve the issue... Any assistance would be greatful. Thank you Gary //## ERROR RECIEVED // Welcome to phpMyAdmin 2.6.1 phpMyAdmin tried to connect to the MySQL server, and the server rejected the connection. You should check the host, username and password in config.inc.php and make sure that they correspond to the information given by the administrator of the MySQL server. Error MySQL said: #1251 - Client does not support authentication protocol requested by server -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Question about php.ini
Hi, I hope we are all doing well today I'm very new to php. Here are some basic info about my server that I am running: Mac OS X 10.3.7 PHP 4.3.10 MySQL 4.0.18 Apache 1.3.33 What I want to do is host a forum on my web page. I can't seem to get it set up, and I notice that I do not have a php.ini file in my /etc directory (This is the Configuration File Path). However, I do have a php.ini.default in the same directory. I seem to have two options: 1.) rename the php.ini.default to plain php.ini and see if that resolves it. However, I'm not sure what kind of tests can I perform to see that it is working properly? 2.) or I can follow this tutorial at: http://www.dmcinsights.com/phpmysql/phpini.php; which teaches me how to make my own php.ini file. Is there any other recommendations/comments that you all have? Thanks so much in advance everyone, I'm new to this mailing list. -- S. Wong -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Remote Procedure Call Failed
On Monday 07 February 2005 12:06 pm, Alex Gemmell wrote: On Sun, 6 Feb 2005 19:36:23 -0500, Andre Dubuc [EMAIL PROTECTED] wrote: On Sunday 06 February 2005 07:18 pm, Alex Gemmell wrote: Hello, I am building a login system for my website but I keep experiencing an error on a specific PHP page that I have never encountered before and it seems worryingly low-level! It says: The remote procedure call failed. And that's it! Nothing else is on the page. Sometimes I get a slightly different (but equally scary) error: PHP has encountered a Stack overflow I've googled these errors and some people have posted them but I found no solution. I've searched the PHP bug database but found nothing. Has anyone else encountered this and is there a solution? FYI: Other (more simple) PHP scripts work fine (so my PHP installation seems to be ok) and this error only started happening last week. I haven't changed this PHP/MySQL installation in months. I'm testing my script on a (Windows) server in my office on which this error occurs. When I upload it to a second remote (Linux) test server it works fine! Office Server: Windows 2000 Server + IIS 5.1, PHP Version 4.3.9 (Zend Engine v1.3.0), MySQL 3.23.49. *CGI Version - I am considering changing to ISAPI. Would this help do you think? Remote Server: Linux + Apache, PHP Version 4.1.2 (Zend Engine v1.1.1), MySQL 3.23.39. Any ideas gratefully received! Thanks, Alex First off: register_globals=on on Windows server, register_globals=off in Linux, by any chance? I ran into a similar problem (w/o the 'low-level' messages). Are you calling https for login procedures? Had a problem with that too. Hth, Andre Thank you Andre! That was spot on - my Windows PHP installation has register_globalsoff. When I turned it on the error messages disappeared. Success! FYI: I found this in the PHP manual: If your script uses session_register(), it will not work in environments where the PHP directive register_globals is disabled. I was using session_register() in one place so perhaps this was the problem? PHP manual also says this: Caution If you are using $_SESSION (or $HTTP_SESSION_VARS), do not use session_register(), session_is_registered(), and session_unregister(). Well, I have a few lines like these two: session_register('email_address'); $_SESSION['email_address'] = $email_address; If I simply delete the first line (session_register('email_address');) everything will still work... right? -- Alex Gemmell |:| [EMAIL PROTECTED] |:| Hi Alex, I'm glad it worked. Took me long enough to figure it out (and I wasn't connected to an IE server on the web, but with Linux as well.) What I suggest: dump any reference to session_register('email_address'); and use $_SESSION['email_address']; instead. My method is to convert all $_POST values from the sending script to $_SESSION AFTER validating user input: sending page: ?php session_start(); ? ?php print form action='receive.php' method='post'; print input type='text' name='email_address' value='Email Address Please'; /* etc, etc . . . */ ? receiving page: ?php session_start(); ? ?php print form action='receive.php' method='post'; /* Validate user input using standard methods */ $_SESSION['email_address'] = $_POST['email_address']; /* Then, for ease of wrting it out: */ $email = $_SESSION['email_address']; /* Lotsa stuff left out here */ ? Hth, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Question about php.ini
[snip] 1.) rename the php.ini.default to plain php.ini and see if that resolves it. However, I'm not sure what kind of tests can I perform to see that it is working properly? [/snip] How about just making a copy of the file and testing it? Have you run phpinfo() yet? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Question about php.ini
[snip] Yup, I have tried making a copy of it. I'm just not exactly sure how to test it? I ran phpinfo() , and it runs even without a php.ini. [/snip] Change something in the configuation file that you know you can run a test on, like safe mode status, then restart Apache and conduct the test. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Question about php.ini
Stephen Wong wrote: I'm very new to php. Here are some basic info about my server that I am running: Mac OS X 10.3.7 PHP 4.3.10 MySQL 4.0.18 Apache 1.3.33 What I want to do is host a forum on my web page. I can't seem to get it set up, and I notice that I do not have a php.ini file in my /etc directory (This is the Configuration File Path). However, I do have a php.ini.default in the same directory. You don't HAVE to have a php.ini for PHP to run. PHP will simply use its default values if you have no php.ini file for it to load. And your forum software should not require it, in my opinion, but I suppose it's theoretically possible that it does. More likely, it requires specific settings to work, which is also bad. I don't *WANT* to change my php.ini on my whole site for their software to work. Often you can get around this by using an .htaccess file (just create one) in the forum directory to set whatever they need. I seem to have two options: 1.) rename the php.ini.default to plain php.ini and see if that resolves it. However, I'm not sure what kind of tests can I perform to see that it is working properly? http://php.net/phpinfo will tell you which php.ini file is loaded (or if none is loaded) and will tell you everything that is being affected by that file. If you copy php.ini.default to php.ini, it should be EXACTLY the same as it is now -- the .default settings match what PHP does if no file is there. But, of course, after you copy the file there, you can change it, and then it will make a difference. 2.) or I can follow this tutorial at: http://www.dmcinsights.com/phpmysql/phpini.php; which teaches me how to make my own php.ini file. It's probably better to stick with the php.ini file that came with your VERSION of PHP. That might be the php.ini.default you see, or maybe that .default is some old left-over thing from a previous version... -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] installing php on 2 apache server
John Nichel wrote: Stephane Parenton wrote: snip John Nichel wrote: Just install the second version of Apache in a different location (--prefix=/path/to/other/location), and run it on a different port (the listen directive in the httpd.conf) Well, this is ok to have 2 seperate httpd, but what i need, and that was not clear in my first mail, is that i also want 2 php setup, one for the prod apache and the other one for the test... This is THIS point that seems a bit confused regarding the php config files to run with apache... stephane Configure and build the second version of php against the second version of Apache. Either before you build Apache... ./configure --with-apache=/path/to/second/apache/source Or as a DSO ./configure --with-apxs=/path/to/second/apache/apxs Yes, it was way much simpler than what i thought..; it works !! Thanx everyone ;-) Stephane -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP, exception and PostgreSQL
Konference wrote: is here somebody who works with PostgreSQL in PHP? Yes. :-) I have a PL/SQL function, which can raise an exception. I am not able to catch _only_ exception error message in PHP. I can parse Warning: pg_query(): Query failed: ERROR: Exception error string. in... but I think, it is not clear solution. Thank you for your reply. Open up an SSH shell and use the PostgreSQL monitor program: psql -U __YOUR_USERNAME__ __YOUR_DB_NAME__ You'll be prompted for the password. Then you can do: \df+ __FUNCTION_NAME__ to see the full definition of your function. Post that here, and maybe somebody can tell you what is wrong with it. Another possibility, while you're in psql, is to go ahead and try to call the function with some sample data. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: MySQL Error 1251 / phpMyAdmin
I am still new to the PHP scene could you tell me how I rebuild the PHP with the client library... On Mon, 07 Feb 2005 12:20:26 -0500, Michael Stassen [EMAIL PROTECTED] wrote: You have mysql 4.1.8, but your php was built with the library for an earlier version, which, as the error message says, doesn't support the new, more secure authentication protocol. Your choices are to tell mysql to use the older, less-secure protocol, or build a copy of php using your current mysql client library. See the manual for more http://dev.mysql.com/doc/mysql/en/old-client.html. Michael GH wrote: I just installed phpMyAdmin 2.6.1 on my Windows Laptop with PHP Version 4.3.10 [Build Date Dec 14 2004 17:46:48] and mySql 4.1.8 I am receiving the enclosed error when I attempt to go into phpMyAdmin and do not know how to solve the issue... Any assistance would be greatful. Thank you Gary //## ERROR RECIEVED // Welcome to phpMyAdmin 2.6.1 phpMyAdmin tried to connect to the MySQL server, and the server rejected the connection. You should check the host, username and password in config.inc.php and make sure that they correspond to the information given by the administrator of the MySQL server. Error MySQL said: #1251 - Client does not support authentication protocol requested by server -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Apache 2.0.52, PHP 5.03, FreeBSD 4.10 memory problems
Sander Holthaus - Orange XL wrote: I'm running Apache 2.0.52 and PHP 5.03 in a jailed (Virtual Private Server) FreeBSD 4.10 envirorement. PHP 5.03 is running as php_mod and was installed quite recently. Since then (better, since someone started using it) I've been getting these errors in the httpd-error log: Allowed memory size of 8388608 bytes exhausted (tried to allocate 79 bytes) And this one in the php-error log: [06-Feb-2005 17:25:50] PHP Fatal error: Allowed memory size of 8388608 bytes exhausted (tried to allocate 6587593 bytes) in xxx/xxx/xxx/xxx/xxx/xxx.php on line 53 Fix or disable that script. I also see several thousands of notices in the PHP-error log within the time-frame of a single second, plus diveded by zero, etc. Are they coming from the same script?... Again, fix or disable that script. Of course, I asked the programmer to fix all of these issues.Among others, there was a script that outputted a html-form with 2 columns, 100 rows each containing select-boxes with 100 full names (and those 100 names were the same of every column/row in that form :-|). You're simply going to have to work with that programmer to get them to write better code, or not work with them (terminate their account). But the problem is not so much that someone is using broken and the most inefficient scripts, but more that they are crashing the entire box! That's definitely not good. But there is only so much you, and PHP, can do to stop a bad programmer from chewing up resources. When these scripts are run, the box becomes totally unresponsive, afterwards all cgi and php request to Apache fail with a 500 error and sometimes the whole box crashes completely, apparently from memory exhaustion. :-( It this a bug somewhere in PHP, Apache or FreeBSD? No. It's a bug in the script/program that causes the crash. How can I protect myself against this? I can't manually check every script, You can identify the culprit script, and disable it, and notify the client that they are violating their terms of service to run it again on a production server until it is debugged. Get them to install PHP on their own machine and develop on that. and the memory and time limits in php.ini (20s for exe, 30s for input and 8MB for mem) don't seem effective here. What are my options to make Apache 2 and PHP 5 full proof against such scripts? NOTHING is foolproof. Ever. You can change those numbers and be more harsh, but that will affect ALL users, not just the one who's bringing your box down. You would be far better off, for all your clients, to deal directly with the client who's causing the problems. Perhaps get them in touch with a good progammer, or up-sell them your services in fixing their scripts or... -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Public/Private Key Encryption
Dan Trainor wrote: Daniel Bowett wrote: Is there any way I can use public/private key encryption in php in a similar way to mcrypt. I have got php encrypting the data using gnugp but need to automate the decrytping element which is proving difficult because of the way the password is passed. While Daniel has brang up the subject of encryption, and I know that the other day we were talking about storing CC numbers in a database - i don't think we touched on storing CCs encrypted with a gpg-stype encryption. Is this generally acceptable at all, or do you developers still not store CC numbers in any way, shape or form in a database? I wouldn't store them at all. If you encrypt them with a two-way algorithm, the private key is your weak link. SOMEBODY can always find a way to get to that private key. You have to invest a TON of money and resources to make it S difficult to get to the private key, that it's easier/cheaper for the Bad Guys to get people's credit card numbers some other way. If you are using one-way encryption, then you're only using it to verify that somebody has access to that CC number, and you might as well use a password the user can choose/change -- with suitable restrictions on the quality of that password -- rather than risk transmitting the CC # needlessly. You need a REALLY good reason, and a REALLY REALLY REALLY good security audit of your entire process, on a routine basis, with all software, hardware, physical access, network access, under close-up scrutiny if you store CC numbers in the database. That's a reason why almost nobody does it, and a reason why we all just let the banks/merchant-vendors worry about that stuff. Sometimes it really is best to let a specialist handle things. This is one of those times. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Global and Local include_path settings
Yeah, I was thinking about that route, but just as I was reading your response, I thought up a new 'problem' for myself. Even if I set it in the httpd.conf, a .htaccess, or in a file that I auto_prepend, if the end user on one of the vhosts uses the ini_set(), it will be overwritten. I could turn off the ability for users to set a local include path, but I'd like to give them as much *freedom* as possible. It's not an issue at the moment, since I'm the only one who does any php code on the box (I have a 'designer' who helps me out from time to time, but he doesn't mess with any PHP), but sooner or later, I'm probably going to pick up a customer who wants to handle his/her own code. I guess if I'm feeling really brave, I could brush up on my C code, and modify the source so that ini_set() will append, and not overwrite the include path. I wouldn't do that. If somebody is silly enough to not use ini_get() and append their own directories, it's on their heads. More importantly, they might NEED to set the path differently to get legacy code, versions, whatever, of the files you are providing. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: MySQL Error 1251 / phpMyAdmin
The short answer is, download the php source and add --with-mysql=/your/path/to/mysql to your build options. The long answer is in the directions in the php manual http://us4.php.net/manual/en/install.unix.php. Michael GH wrote: I am still new to the PHP scene could you tell me how I rebuild the PHP with the client library... On Mon, 07 Feb 2005 12:20:26 -0500, Michael Stassen [EMAIL PROTECTED] wrote: You have mysql 4.1.8, but your php was built with the library for an earlier version, which, as the error message says, doesn't support the new, more secure authentication protocol. Your choices are to tell mysql to use the older, less-secure protocol, or build a copy of php using your current mysql client library. See the manual for more http://dev.mysql.com/doc/mysql/en/old-client.html. Michael GH wrote: I just installed phpMyAdmin 2.6.1 on my Windows Laptop with PHP Version 4.3.10 [Build Date Dec 14 2004 17:46:48] and mySql 4.1.8 I am receiving the enclosed error when I attempt to go into phpMyAdmin and do not know how to solve the issue... Any assistance would be greatful. Thank you Gary //## ERROR RECIEVED // Welcome to phpMyAdmin 2.6.1 phpMyAdmin tried to connect to the MySQL server, and the server rejected the connection. You should check the host, username and password in config.inc.php and make sure that they correspond to the information given by the administrator of the MySQL server. Error MySQL said: #1251 - Client does not support authentication protocol requested by server -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Using Apache SSL from PHP: tutorial?
I am looking for a tutorial on using Apache SSL from PHP. Do you know of any good one out there? -- symbulos partners -.- symbulos - ethical services for your organisation http://www.symbulos.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Using Apache SSL from PHP: tutorial?
[snip] I am looking for a tutorial on using Apache SSL from PHP. Do you know of any good one out there? [/snip] http://www.google.com/search?hl=enq=using+Apache+SSL+from+PHPbtnG=Goog le+Search -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Question about php.ini
The phpinfo() will display either the directory in which it expects to find the php.ini file (if the php.ini does not exist) or it will display the full path, including the filename (if the php.ini DOES exist where expected). -Original Message- From: Jay Blanchard [mailto:[EMAIL PROTECTED] Sent: Monday, February 07, 2005 12:53 PM To: Stephen Wong Cc: php-general@lists.php.net Subject: RE: [PHP] Question about php.ini [snip] Yup, I have tried making a copy of it. I'm just not exactly sure how to test it? I ran phpinfo() , and it runs even without a php.ini. [/snip] Change something in the configuation file that you know you can run a test on, like safe mode status, then restart Apache and conduct the test. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Using Apache SSL from PHP: tutorial?
Jay Blanchard wrote: [snip] I am looking for a tutorial on using Apache SSL from PHP. Do you know of any good one out there? [/snip] http://www.google.com/search?hl=enq=using+Apache+SSL+from+PHPbtnG=Goog le+Search 1)Results 1 - 10 of about 411,000 for using Apache SSL from PHP. (0.45 seconds) 2)Does that also give an idea about how good the tutorial is? -- symbulos partners -.- symbulos - ethical services for your organisation http://www.symbulos.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Connecting To Multiple MySQL Databases
Tony Di Croce wrote: OK... Here's a slightly different, but related question... Can database connection resources be serialiazed and re-used in a different script invocation? For example, can I open a DB connection, assign it to a $_SESSION[] variable and then later use it on a different page? Somehow, I doubt it... The closest you can come to that is with mysql_pconnect (or xxx_pconnect). When you wade through the cruft, it basically boils down to each Apache child process holding onto a connection. You therefore MUST configure MySQL through /etc/my.cnf to have AT LEAST that many connections available (the number of Apache children) Actually, you want a few SPARE MySQL connections, so you can use the mysql command line monitor to do things -- Particularly in case of a run-away PHP/MySQL script which slams the server into over-drive... If you don't have a connection available cuz they're all used up by Apache/_pconnect, you can't log into mysql monitor and you can't use mysqladmin to bring it down nicely and... Don't do that. :-) http://php.net/mysql_pconnect You are correct that trying to preserve the connection through $_SESSION or other ways to cross from script to script will fail miserably. This is true even with _pconnect, which should probably not be called persistent but, rather, re-usable as it really ends up being persistent only in MySQL space, and Apache/PHP still need to rebuild the connection, but it's WAY faster cuz MySQL has it sitting there ready and waiting for you, instead of starting from scratch each time. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Using Apache SSL from PHP: tutorial?
symbulos partners wrote: Jay Blanchard wrote: [snip] I am looking for a tutorial on using Apache SSL from PHP. Do you know of any good one out there? [/snip] http://www.google.com/search?hl=enq=using+Apache+SSL+from+PHPbtnG=Goog le+Search 1)Results 1 - 10 of about 411,000 for using Apache SSL from PHP. (0.45 seconds) 2)Does that also give an idea about how good the tutorial is? of course not. but you are better off reading a few articles, maybe checking out reviews/comments etc then asking people on the list whether they think article X is actually any good. at the least tell people on the list what if anything you have already read, this helps your cause :-) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Using Apache SSL from PHP: tutorial?
symbulos partners wrote: Jay Blanchard wrote: [snip] I am looking for a tutorial on using Apache SSL from PHP. Do you know of any good one out there? [/snip] http://www.google.com/search?hl=enq=using+Apache+SSL+from+PHPbtnG=Goog le+Search 1)Results 1 - 10 of about 411,000 for using Apache SSL from PHP. (0.45 seconds) 2)Does that also give an idea about how good the tutorial is? 1) Be more specific in your search if you desire less results/results more closely releated to what you want to do. 2) Good is in the eye of the beholder. Check out the links for yourself. -- John C. Nichel ÜberGeek KegWorks.com 716.856.9675 [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Apache 2.0.52, PHP 5.03, FreeBSD 4.10 memory problems
Richard Lynch wrote: That's definitely not good. But there is only so much you, and PHP, can do to stop a bad programmer from chewing up resources. I'm pretty sure that you can prevent this somehow! There is no way any OS with respect for themself, will allow any user installed programs (like PHP) to crash the server! You should try check out the freebsd mailling lists. I'm pretty sure they can help you out! :) Please also make sure you run the latest versions of apache and php. Good luck finding the error! Simon Btw I run FreeBSD 5.3-STABLE, Apache 2.0.52_4 and PHP 5.0.3_2 when i try to run an endless loop, using a lot of memory, I get an Allowed memory size of 8388608 bytes exhausted (tried to allocate 256 bytes) And absolutely no effect on the system! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Using Apache SSL from PHP: tutorial?
symbulos partners wrote: Jay Blanchard wrote: [snip] I am looking for a tutorial on using Apache SSL from PHP. Do you know of any good one out there? [/snip] http://www.google.com/search?hl=enq=using+Apache+SSL+from+PHPbtnG=Goog le+Search 1)Results 1 - 10 of about 411,000 for using Apache SSL from PHP. (0.45 seconds) 2)Does that also give an idea about how good the tutorial is? Yes. The good tutorials get linked to; the bad ones don't. Google takes that into account. If you can't learn what you need to learn from those first 10 links, then you should seek a career change. :-) -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Connecting To Multiple MySQL Databases
Richard Lynch wrote: snip / Actually, you want a few SPARE MySQL connections, so you can use the mysql command line monitor to do things -- Particularly in case of a run-away PHP/MySQL script which slams the server into over-drive... If you don't have a connection available cuz they're all used up by Apache/_pconnect, you can't log into mysql monitor and you can't use mysqladmin to bring it down nicely and... Don't do that. :-) snip / Actually, MySQL already takes care of that as it allows 'max_connections + 1' clients to connect, leaving the '+1' connection for the user(s) with SUPER privilege (that can therefore issue a SHOW PROCESSLIST or nicely bring down the server). http://dev.mysql.com/doc/mysql/en/too-many-connections.html Back to lurking, cheers everybody. Silvio -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] help-regarding-file_get_contents
hi john i am a php user... one help from you.. i could download the contents of an url from http:// sitesbut when i tried downloading the contents from an ftp site... i get this error... Warning: file_get_contents(): php_hostconnect: connect failed in /var/www/html/get.php on line 3 Warning: file_get_contents(ftp://ftp.ncbi.nih.gov/genbank/gbrel.txt): failed to open stream: FTP server reports 229 Entering Extended Passive Mode (|||50334|) in /var/www/html/get.php on line 3 This is the content of the retreived file... could you suggest me how to go about this... thanks for spending your valuable time... --- John Holmes [EMAIL PROTECTED] wrote: From: vijayaraj nagarajan [EMAIL PROTECTED] i would like to fetch the content of a url. and then would like to put in my page... dynamically refreshing it once in a day... is it possible to do this in php. i have used perl get url option and then parse the file, with the date and time function...to do this. $file = file_get_contents('http://www.domain.com/page.php'); Save $file locally and you have your copy. use cron to run the command once per day. __ Do you Yahoo!? Read only the mail you want - Yahoo! Mail SpamGuard. http://promotions.yahoo.com/new_mail -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] help-regarding-file_get_contents
Does the server support passive FTP connections? Extracted from the PHP Manual: PHP 3, PHP 4, PHP 5. ftps:// since PHP 4.3.0 * ftp://example.com/pub/file.txt * ftp://user:[EMAIL PROTECTED]/pub/file.txt * ftps://example.com/pub/file.txt * ftps://user:[EMAIL PROTECTED]/pub/file.txt Allows read access to existing files and creation of new files via FTP. If the server does not support passive mode ftp, the connection will fail. See http://docs.php.net/en/wrappers.html. -Guillermo On Mon, 7 Feb 2005 12:46:25 -0800 (PST), vijayaraj nagarajan [EMAIL PROTECTED] wrote: hi john i am a php user... one help from you.. i could download the contents of an url from http:// sitesbut when i tried downloading the contents from an ftp site... i get this error... Warning: file_get_contents(): php_hostconnect: connect failed in /var/www/html/get.php on line 3 Warning: file_get_contents(ftp://ftp.ncbi.nih.gov/genbank/gbrel.txt): failed to open stream: FTP server reports 229 Entering Extended Passive Mode (|||50334|) in /var/www/html/get.php on line 3 This is the content of the retreived file... could you suggest me how to go about this... thanks for spending your valuable time... --- John Holmes [EMAIL PROTECTED] wrote: From: vijayaraj nagarajan [EMAIL PROTECTED] i would like to fetch the content of a url. and then would like to put in my page... dynamically refreshing it once in a day... is it possible to do this in php. i have used perl get url option and then parse the file, with the date and time function...to do this. $file = file_get_contents('http://www.domain.com/page.php'); Save $file locally and you have your copy. use cron to run the command once per day. __ Do you Yahoo!? Read only the mail you want - Yahoo! Mail SpamGuard. http://promotions.yahoo.com/new_mail -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP/5.0.3 MySQL 5.0.2 Stored procedure (OUT)
Hi, I am just wondering how to obtain the result from a mysql procedure OUT parameter within PHP e.g. MYSQL create procedure test_out(OUT testvar int) BEGIN select max_connections into testvar from mysql.user limit 1; END PHP $query = 'call test_out('.$test_val.')'; $query_handle = mysql_query($query); but there is nothing within the $test.val, after searching the web there appears to be something like this for oracle connection with the bind, but I cannot find the mysql version ? Any advice ? Cheers Ian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Storing CCN's Again...
First I should say that I have NO plans to store CCN's on my site, but I do have a related question: Right now I accept CC info from a posted form and then from a PHP script submit that to authorize.net... Is their any way to get PHP to clean up any remnants of any variables that might be in memory after a script is run? IE, is their a way to get PHP to overwrite the memory used by variables at the termination of a script? I wasn't worried about this before but I think the paranoia regarding CCN's on this site has gotten to me... Better safe than sorry! -- Send REAL USPS letters from the Web! http://www.quickymail.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] updating php
Hello, I have installed php5 fine on my Fedora 3 box. I know need to recompile to add in a feature and did the same steps as the install ./configure, make, make install which went fine but when restart apache and go to the php.ini, my new configuration is not shown and the code throws errors because it isn't there. Is the process to upgrade different? Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Storing CCN's Again...
Tony Di Croce wrote: First I should say that I have NO plans to store CCN's on my site, but I do have a related question: Right now I accept CC info from a posted form and then from a PHP script submit that to authorize.net... Is their any way to get PHP to clean up any remnants of any variables that might be in memory after a script is run? IE, is their a way to get PHP to overwrite the memory used by variables at the termination of a script? don't know about that but best not to accept the CCNs in the first place. let the user enter it at authorize.net. I wasn't worried about this before but I think the paranoia regarding CCN's on this site has gotten to me... Better safe than sorry! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: updating php
just tried it with make clean and still didn't seem to take. On Mon, 7 Feb 2005 16:22:37 -0500, blackwater dev [EMAIL PROTECTED] wrote: Hello, I have installed php5 fine on my Fedora 3 box. I know need to recompile to add in a feature and did the same steps as the install ./configure, make, make install which went fine but when restart apache and go to the php.ini, my new configuration is not shown and the code throws errors because it isn't there. Is the process to upgrade different? Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] updating php
blackwater dev wrote: Hello, I have installed php5 fine on my Fedora 3 box. I know need to recompile to add in a feature and did the same steps as the install ./configure, make, make install which went fine but when restart apache and go to the php.ini, my new configuration is not shown and the code throws errors because it isn't there. Is the process to upgrade different? Thanks! Are you using PHP as a module/dso? -- John C. Nichel ÜberGeek KegWorks.com 716.856.9675 [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Apache 2.0.52, PHP 5.03, FreeBSD 4.10 memory problems
Sander Holthaus - Orange XL wrote: I'm running Apache 2.0.52 and PHP 5.03 in a jailed (Virtual Private Server) FreeBSD 4.10 envirorement. PHP 5.03 is running as php_mod and was installed quite recently. Since then (better, since someone started using it) I've been getting these errors in the httpd-error log: Allowed memory size of 8388608 bytes exhausted (tried to allocate 79 bytes) And this one in the php-error log: [06-Feb-2005 17:25:50] PHP Fatal error: Allowed memory size of 8388608 bytes exhausted (tried to allocate 6587593 bytes) in xxx/xxx/xxx/xxx/xxx/xxx.php on line 53 Fix or disable that script. I wish I could, but I'm not a PHP-programmer (can read it and can do some basic programming, but I lack in-depth knowledge of PHP). I also see several thousands of notices in the PHP-error log within the time-frame of a single second, plus diveded by zero, etc. Are they coming from the same script?... Those notices, yes. Again, fix or disable that script. Of course, I asked the programmer to fix all of these issues.Among others, there was a script that outputted a html-form with 2 columns, 100 rows each containing select-boxes with 100 full names (and those 100 names were the same of every column/row in that form :-|). You're simply going to have to work with that programmer to get them to write better code, or not work with them (terminate their account). As it is a personal friend, it is an difficult situation. Getting him to write better code isn't easy, he's mainly interested in functionality and getting program done ASAP. But the problem is not so much that someone is using broken and the most inefficient scripts, but more that they are crashing the entire box! That's definitely not good. Nope, and I can't figure out why. I've set the memory limits in php.ini plus some additional things in httpd.conf (RLimitMEM, etc), but for some reason, memory keeps getting consumed. What I find really troublesome is that it effects both php (running as mod_php) and cgi. After some time, cgi-scripts start failing too with: Out of memory during large request for 134221824 bytes, total sbrk() is 134369280 bytes., referer: ... Which makes no sense to me at all. But there is only so much you, and PHP, can do to stop a bad programmer from chewing up resources. When these scripts are run, the box becomes totally unresponsive, afterwards all cgi and php request to Apache fail with a 500 error and sometimes the whole box crashes completely, apparently from memory exhaustion. :-( It this a bug somewhere in PHP, Apache or FreeBSD? No. It's a bug in the script/program that causes the crash. How can I protect myself against this? I can't manually check every script, You can identify the culprit script, and disable it, and notify the client that they are violating their terms of service to run it again on a production server until it is debugged. Get them to install PHP on their own machine and develop on that. They did actually, though it was a Windows box, with prety much the standard configuration. and the memory and time limits in php.ini (20s for exe, 30s for input and 8MB for mem) don't seem effective here. What are my options to make Apache 2 and PHP 5 full proof against such scripts? NOTHING is foolproof. Ever. You can change those numbers and be more harsh, but that will affect ALL users, not just the one who's bringing your box down. You would be far better off, for all your clients, to deal directly with the client who's causing the problems. Perhaps get them in touch with a good progammer, or up-sell them your services in fixing their scripts or... :-( The downside would be, IMHO, that I would need to pro-actively check everything that is going on concerning PHP, in order to prevent any major problems. (one and a halve month ago, some clients on an other installation who hadn't mainted phpBB also caused me the necessary problems). Also, when clients are non-commercial, a good programmer is out of the question (which applies to this case too). I wonder how mass hosting companies get arround these issue's? Thanks for the input! Kind Regards, Sander Holthaus -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: updating php
blackwater dev wrote: just tried it with make clean and still didn't seem to take. On Mon, 7 Feb 2005 16:22:37 -0500, blackwater dev [EMAIL PROTECTED] wrote: Hello, I have installed php5 fine on my Fedora 3 box. I know need to recompile to add in a feature and did the same steps as the install which feature(extension)? ./configure, make, make install which went fine but when restart apache and go to the php.ini, my new configuration is not shown and I wouldn't expect a new build to change/replace the ini file. you will need to add a line like: extension=XXX in order to have your extension loaded. alternatively you may be able to load it with the dl() function. the code throws errors because it isn't there. Is the process to by 'it' I assume you mean an extension? also, postings the actual error output is never a bad idea - it may help to understand your problem. upgrade different? Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Apache 2.0.52, PHP 5.03, FreeBSD 4.10 memory problems
Please turn off your request for read reciepts when posting to a mailing list. -- John C. Nichel ÜberGeek KegWorks.com 716.856.9675 [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Apache 2.0.52, PHP 5.03, FreeBSD 4.10 memory problems
John Nichel wrote: Please turn off your request for read reciepts when posting to a mailing list. ohhh :-( I was enjoying that ;-) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Server Uptime
What is the function, or how do you make a script that displays the server's uptime? Thanks, Brad Ciszewski www.BradTechnologies.com Web Services -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] array_map() problems
I have the following 2 functions which I intend to clean GPC off slashes if magic_quotes_gpc is turned on. function StripGpcSlashes() { if (get_magic_quotes_gpc()) { $_POST = array_map('StripSlashesDeep', $_POST); $_GET = array_map('StripSlashesDeep', $_GET); $_COOKIE = array_map('StripSlashesDeep', $_COOKIE); } } function StripSlashesDeep($value) { $value = is_array($value) ? array_map('StripSlashesDeep', $value) : stripslashes($value); return $value; } However when I call $this-StripGpcSlashes(); from within a class, I get the following error: */ array_map(): The first argument, 'StripSlashesDeep', should be either NULL or a valid callback /* Anyone have suggestions as to what I am doing wrong ? cheers, Jeffery -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Server Uptime
There is no function, but you could shell out and grab the output from the uptime command and use regex to parse the resultsor use one command line with uptime piped to awk to pull out what you need. HTH! --Sam -Original Message- From: Brad Ciszewski [mailto:[EMAIL PROTECTED] Sent: Monday, February 07, 2005 3:21 PM To: php-general@lists.php.net Subject: [PHP] Server Uptime What is the function, or how do you make a script that displays the server's uptime? Thanks, Brad Ciszewski www.BradTechnologies.com Web Services -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Server Uptime
quoth the Brad Ciszewski: What is the function, or how do you make a script that displays the server's uptime? Thanks, Brad Ciszewski www.BradTechnologies.com Web Services Unless I am mistaken, there is no built in function for uptime. What I have done is put a static binary of 'uptime' into safe_mode_exec_dir (specified in php.ini) and use an exec call to get the info... -d -- darren kirby :: Part of the problem since 1976 :: http://badcomputer.org ...the number of UNIX installations has grown to 10, with more expected... - Dennis Ritchie and Ken Thompson, June 1972 pgpClvRbZ8pI2.pgp Description: PGP signature
Re: [PHP] Apache 2.0.52, PHP 5.03, FreeBSD 4.10 memory problems
Sander Holthaus - Orange XL wrote: Sander Holthaus - Orange XL wrote: ... Fix or disable that script. I wish I could, but I'm not a PHP-programmer (can read it and can do some basic programming, but I lack in-depth knowledge of PHP). well disabling it is fairly easy ;-) rm -f ./xxx.php I also see several thousands of notices in the PHP-error log within the time-frame of a single second, plus diveded by zero, etc. Are they coming from the same script?... Those notices, yes. Again, fix or disable that script. Of course, I asked the programmer to fix all of these issues.Among others, there was a script that outputted a html-form with 2 columns, 100 rows each containing select-boxes with 100 full names (and those 100 names were the same of every column/row in that form :-|). You're simply going to have to work with that programmer to get them to write better code, or not work with them (terminate their account). As it is a personal friend, it is an difficult situation. Getting him to write better code isn't easy, he's mainly interested in functionality and getting program done ASAP. a script that functions is a one that doesn't crash the box. quick'n'dirty or inefficient scripts don't have to cause problems per se, his script is just plain borked. if you need to ensure the box is running then you _can't_ let him run it till its fixed, friend or not. besides if it is a friend then presumably you are offering space/resources for free - under such circumstances your interest in keeping the machine up precludes his interest in functionality and ASAP programming - and would be understanding of your interests (just as you seem to be of his ;-). no? But the problem is not so much that someone is using broken and the most inefficient scripts, but more that they are crashing the entire box! That's definitely not good. ... :-( The downside would be, IMHO, that I would need to pro-actively check everything that is going on concerning PHP, in order to prevent any major problems. (one and a halve month ago, some clients on an other installation who hadn't mainted phpBB also caused me the necessary problems). Also, when clients are non-commercial, a good programmer is out of the question (which applies to this case too). I wonder how mass hosting companies get arround these issue's? by not garanteeing full uptime ;-) and having lots of machine across which to spread the risk etc. Thanks for the input! Kind Regards, Sander Holthaus -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Retrieving an URL paramter via fsockopen
Hi, who can give me a solution or at least a hint for the following problem: I have to get an URL parameter with an fsockopen connection. I can connect with fsockopen an given link and get back this link with an URL parameter cnr=xx Who can I do this? And who can I read this URL parameter? Thx in advance from a newbie LL -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Retrieving an URL paramter via fsockopen
Hi, who can give me a solution or at least a hint for the following problem: I have to get an URL parameter via fsockopen connection. I shall connect with fsockopen to a given link and get back this link with an URL parameter cnr=xx Who can I do this? And who can I read this URL parameter? Thx in advance from a newbie LL -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Strange key behaviour
Hey there! i have a routine like this: $myarray['1'] = 'aösldfjkasöldkjf'; foreach($myarray as $key = $value) { echo $key{0}; // outputs nothing echo substr($key,0); // outputs 1 like intended } Any ideas why this is like that? I am using php 4.3.11-dev - Johannes -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] array_map() problems
On Tue, 08 Feb 2005 09:37:11 +1100, Jeffery Fernandez [EMAIL PROTECTED] wrote: I have the following 2 functions which I intend to clean GPC off slashes if magic_quotes_gpc is turned on. function StripGpcSlashes() { if (get_magic_quotes_gpc()) { $_POST = array_map('StripSlashesDeep', $_POST); $_GET = array_map('StripSlashesDeep', $_GET); $_COOKIE = array_map('StripSlashesDeep', $_COOKIE); } } function StripSlashesDeep($value) { $value = is_array($value) ? array_map('StripSlashesDeep', $value) : stripslashes($value); return $value; } However when I call $this-StripGpcSlashes(); from within a class, I get the following error: */ array_map(): The first argument, 'StripSlashesDeep', should be either NULL or a valid callback /* Anyone have suggestions as to what I am doing wrong ? Mine works fine, but I don't use it in any classes: set_magic_quotes_runtime(0); if(get_magic_quotes_gpc() == 0){ $_GET = isset($_GET) ? array_map(slashes, $_GET) : array(); $_POST = isset($_POST) ? array_map(slashes, $_POST) : array(); $_COOKIE = isset($_COOKIE) ? array_map(slashes, $_COOKIE) : array(); } function slashes($var){ if(is_array($var)) return array_map(slashes, $var); else return addslashes($var); } -- Greg Donald Zend Certified Engineer http://destiney.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Favorite Linux Distribution
Hello all - I've been a list member for a while, helped out some people, and asked some questions. But, today I have a completely off topic, but somewhat relevant question for y'all. What is your favorite Linux distribution? What would you recommend for my situation? I'm brand new to Linux. I'm just trying to learn how it works, but I think I'll catch on quick. I'm looking for the one with the most capability, and also one to run my development instance of Apache 2.0 on. I've been looking at either RedHat or Fedora. Is this a good choice? I'm truly drawing a blank, and I've searched Google, but never really found anything extremely useful. Please help me, an old Windows veteran, escape the Microsoft box! Thanks a ton!! -- The Disguised Jedi [EMAIL PROTECTED] PHP rocks! Knowledge is Power. Power Corrupts. Go to school, become evil Disclaimer: Any disclaimer attached to this message may be ignored. This message is Certified Virus Free -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Strange key behaviour
On Tue, 08 Feb 2005 00:19:20 +0100, Johannes Reichardt [EMAIL PROTECTED] wrote: Hey there! Hi Johannes i have a routine like this: $myarray['1'] = 'aösldfjkasöldkjf'; foreach($myarray as $key = $value) { echo $key{0}; // outputs nothing echo substr($key,0); // outputs 1 like intended } Any ideas why this is like that? I am using $key is just a string, not an array. You should call it as $key. foreach($myarray as $key = $value) { echo $key // outputs 1 } Good luck, -Guillermo php 4.3.11-dev - Johannes -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Retrieving an URL paramter via fsockopen
Hello, on 02/07/2005 08:47 PM Larry Laffer said the following: who can give me a solution or at least a hint for the following problem: I have to get an URL parameter with an fsockopen connection. I can connect with fsockopen an given link and get back this link with an URL parameter cnr=xx Who can I do this? And who can I read this URL parameter? You may want to try this HTTP client class that can be used submit HTTP requests either via POST of GET, passing whatever parameters you want: http://www.phpclasses.org/httpclient -- Regards, Manuel Lemos PHP Classes - Free ready to use OOP components written in PHP http://www.phpclasses.org/ PHP Reviews - Reviews of PHP books and other products http://www.phpclasses.org/reviews/ Metastorage - Data object relational mapping layer generator http://www.meta-language.net/metastorage.html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] array_map() problems
Hi Jeffery, To use a class method as a valid callback, you should pass an array like $_POST = array_map(array($this, 'StripSlashesDeep'), $_POST); Hope this helps, -Guillermo On Mon, 7 Feb 2005 17:10:32 -0600, Greg Donald [EMAIL PROTECTED] wrote: On Tue, 08 Feb 2005 09:37:11 +1100, Jeffery Fernandez [EMAIL PROTECTED] wrote: I have the following 2 functions which I intend to clean GPC off slashes if magic_quotes_gpc is turned on. function StripGpcSlashes() { if (get_magic_quotes_gpc()) { $_POST = array_map('StripSlashesDeep', $_POST); $_GET = array_map('StripSlashesDeep', $_GET); $_COOKIE = array_map('StripSlashesDeep', $_COOKIE); } } function StripSlashesDeep($value) { $value = is_array($value) ? array_map('StripSlashesDeep', $value) : stripslashes($value); return $value; } However when I call $this-StripGpcSlashes(); from within a class, I get the following error: */ array_map(): The first argument, 'StripSlashesDeep', should be either NULL or a valid callback /* Anyone have suggestions as to what I am doing wrong ? Mine works fine, but I don't use it in any classes: set_magic_quotes_runtime(0); if(get_magic_quotes_gpc() == 0){ $_GET = isset($_GET) ? array_map(slashes, $_GET) : array(); $_POST = isset($_POST) ? array_map(slashes, $_POST) : array(); $_COOKIE = isset($_COOKIE) ? array_map(slashes, $_COOKIE) : array(); } function slashes($var){ if(is_array($var)) return array_map(slashes, $var); else return addslashes($var); } -- Greg Donald Zend Certified Engineer http://destiney.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] array_map() problems
Guillermo Rauch wrote: Hi Jeffery, To use a class method as a valid callback, you should pass an array like $_POST = array_map(array($this, 'StripSlashesDeep'), $_POST); Hope this helps, -Guillermo Ah thanks Guillermo, I just about figured it out when you posted. It works now :-) cheers, Jeffery On Mon, 7 Feb 2005 17:10:32 -0600, Greg Donald [EMAIL PROTECTED] wrote: On Tue, 08 Feb 2005 09:37:11 +1100, Jeffery Fernandez [EMAIL PROTECTED] wrote: I have the following 2 functions which I intend to clean GPC off slashes if magic_quotes_gpc is turned on. function StripGpcSlashes() { if (get_magic_quotes_gpc()) { $_POST = array_map('StripSlashesDeep', $_POST); $_GET = array_map('StripSlashesDeep', $_GET); $_COOKIE = array_map('StripSlashesDeep', $_COOKIE); } } function StripSlashesDeep($value) { $value = is_array($value) ? array_map('StripSlashesDeep', $value) : stripslashes($value); return $value; } However when I call $this-StripGpcSlashes(); from within a class, I get the following error: */ array_map(): The first argument, 'StripSlashesDeep', should be either NULL or a valid callback /* Anyone have suggestions as to what I am doing wrong ? Mine works fine, but I don't use it in any classes: set_magic_quotes_runtime(0); if(get_magic_quotes_gpc() == 0){ $_GET = isset($_GET) ? array_map(slashes, $_GET) : array(); $_POST = isset($_POST) ? array_map(slashes, $_POST) : array(); $_COOKIE = isset($_COOKIE) ? array_map(slashes, $_COOKIE) : array(); } function slashes($var){ if(is_array($var)) return array_map(slashes, $var); else return addslashes($var); } -- Greg Donald Zend Certified Engineer http://destiney.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: [users@httpd] Favorite Linux Distribution
I also forgot to mention my hardware. P4 2.8 GHz - Notebook 60 GB HDD w/ 15 GB seperate partition for the linux CD-RW 24x WLAN for main connection Thanks for the responses i've already received! On Mon, 7 Feb 2005 16:31:46 -0700, Chad Leigh -- Shire. Net LLC [EMAIL PROTECTED] wrote: Hi I like gentoo for Linux. However, you may be best served by FreeBSD. www.freebsd.org Chad -- The Disguised Jedi [EMAIL PROTECTED] PHP rocks! Knowledge is Power. Power Corrupts. Go to school, become evil Disclaimer: Any disclaimer attached to this message may be ignored. This message is Certified Virus Free -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Your day
Congratulations!, your best friend. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Favorite Linux Distribution
On Mon, 7 Feb 2005 16:25:28 -0700, The Disguised Jedi [EMAIL PROTECTED] wrote: Hello all - I've been a list member for a while, helped out some people, and asked some questions. But, today I have a completely off topic, but somewhat relevant question for y'all. What is your favorite Linux distribution? What would you recommend for my situation? *BSD is not Linux but for a server it's grand. You might consider it an option as well. These are some distros I've used heavily over the years: Easy - hard to install: Mandrake Suse RedHat Debian FreeBSD Gentoo LinuxFromSratch Most stable - least stable: FreeBSD Debian Suse RedHat Gentoo LinuxFromSratch Mandrake Best performance: FreeBSD Gentoo LinuxFromScratch Best hardware support: Suse Redhat I read somewhere where there are like 1100 Linux distros out there now, so you might want to try a few. And there are several BSD distros as well depending if you want security, hardware support, or a little of both. Most anything released in the last year has included or will support Apache2 and PHP5. If not it probably will soon. I run Gentoo and FreeBSD at home and Suse at work. -- Greg Donald Zend Certified Engineer http://destiney.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Favorite Linux Distribution
I would basically agree with Greg's summary, Easy - Hard and More Stable - Less Stable. It is worth mentioning a relative new Linux distro called Ubuntu. I have used Red Hat / Fedora for a few years. I have slowly grown tired of dependency hell and broken packages. I have tried Debian based Linux(s) and found them far easier to maintain using apt-get than RPM based Linux distros. Ubuntu is a Debian based distro tweeked for the desktop. It also runs a little more bleeding edge than Debian, although I have found it very stable. I use Ubuntu (i386) Athlon desktop and Ubuntu (PPC) my Apple iBook. I have Apache, MySQL, PostgreSQL, PHP, Python, Perl, ... installed and all running well for my development. http://www.ubuntulinux.org/ You can even get a free CD from them... http://www.ubuntulinux.org/support/documentation/faq/shipit Tony On Mon, 7 Feb 2005 18:17:55 -0600, Greg Donald [EMAIL PROTECTED] wrote: On Mon, 7 Feb 2005 16:25:28 -0700, The Disguised Jedi [EMAIL PROTECTED] wrote: Hello all - I've been a list member for a while, helped out some people, and asked some questions. But, today I have a completely off topic, but somewhat relevant question for y'all. What is your favorite Linux distribution? What would you recommend for my situation? *BSD is not Linux but for a server it's grand. You might consider it an option as well. These are some distros I've used heavily over the years: Easy - hard to install: Mandrake Suse RedHat Debian FreeBSD Gentoo LinuxFromSratch Most stable - least stable: FreeBSD Debian Suse RedHat Gentoo LinuxFromSratch Mandrake Best performance: FreeBSD Gentoo LinuxFromScratch Best hardware support: Suse Redhat I read somewhere where there are like 1100 Linux distros out there now, so you might want to try a few. And there are several BSD distros as well depending if you want security, hardware support, or a little of both. Most anything released in the last year has included or will support Apache2 and PHP5. If not it probably will soon. I run Gentoo and FreeBSD at home and Suse at work. -- Greg Donald Zend Certified Engineer http://destiney.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- I gotta have more cowbell! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Secure system calls -- how
Hi list, I'm doing an intranet website for managing users. I need to be able to change passwords, move files and folders around and that kind of thing. What is the best way? Obviously I can't run the webserver as root. In an earlier version I wrote update information to a table and had a cronjob scan that. But that solution is no longer good enough -- I need to call system functions directly. I can't find any thorough articles on this subject, but surely someone here has some ideas or some pointers. Thanks, Niels -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] How do I collect the keywords a user entered when searching for my site
Hello, How do I collect the keywords a user entered when searching for my site? I want to write some code that will retrieve the keywords entered in a search engine that were used to find my site. Is it possible to also detect what my site's search engine ranking was for the entered keywords also? Tim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] ncurses woes...
Hi, Anybody out there doing any work with ncurses? I've been playing around with ncurses trying to figure it all out. I have had pretty good luck but I am finding a few issues and would like to know if other users are having the same problems. One of the problems I'm having is with function keys and arrow keys. I can trap on them OK but I haven't been able to keep the system from displaying their escape sequences on the screen. When this happens it corrupts the screen and skews the display. Also, I'm having some weirdness with mvwaddstr, I logged a bug on bugs.php.net #31876. I have test programs for anyone interested in taking a stab at some of the problems I've encountered. I've read all the documentation I could get my handsthat took about 10 minutes! Thanks, Dean -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Storing CCN's Again...
On 7 Feb 2005 Jochem Maas wrote: IE, is their a way to get PHP to overwrite the memory used by variables at the termination of a script? don't know about that but best not to accept the CCNs in the first place. let the user enter it at authorize.net. I think this is an extraordinary (and unjustified) level of paranoia. The memory issue is moot on a dedicated server, and probably on a shared server as well. On a dedicated server if you can't control the access well enough to prevent unauthorized people from running programs to go poking through memory, you've got bigger problems to solve. On either kind of server the chances of finding a card number are remote to start with, and even if found it is likely to come with no associated address or cardholder information. Also there are far easier ways to get CC numbers than to hope one will be left lying around in memory. For one thing, a crook can generate CC numbers very easily -- the check-digit algorithm is published, and the bank ID numbers at the start I think are readily available as well. Of course many of those generated will be wrong, but there have to be enough right ones that a generated number is far easier for them to get than a number left lying around in memory. As for not accepting them on your own web page at all, I don't think commercial enterprises are obligated to go to a level of security that is that far beyond the norm, and it manifestly does not work in many site designs where the provider's page simply is not adequate or appropriate. The basic approach of using SSL from client to server and again from server to CC processor, and then not storing the full number, should be plenty good enough, and is for tens of thousands of commercial web sites. I have never heard of any signifcant problem with card numbers being stolen from sites operating this way, nor of any liability assigned by the CC companies to people following these (clearly industry standard) practices. -- Tom -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP/5.0.3 MySQL 5.0.2 Stored procedure (OUT)
* Thus wrote Ian Porter: Hi, I am just wondering how to obtain the result from a mysql procedure OUT parameter within PHP e.g. MYSQL create procedure test_out(OUT testvar int) BEGIN select max_connections into testvar from mysql.user limit 1; END PHP $query = 'call test_out('.$test_val.')'; $query_handle = mysql_query($query); You should really be using the mysqli* interface to mysql. It provides better ways to execute things like that. http://php.net/mysqli Curt -- Quoth the Raven, Nevermore. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Storing CCN's Again...
On Mon, 07 Feb 2005 22:25:46 -0500, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: I think this is an extraordinary (and unjustified) level of paranoia. cat /dev/mem | strings | egrep ^[0-9]+$ -- Greg Donald Zend Certified Engineer http://destiney.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Server Uptime
On Mon, 7 Feb 2005 16:21:26 -0600, Brad Ciszewski [EMAIL PROTECTED] wrote: What is the function, or how do you make a script that displays the server's uptime? php -r 'system(uptime);' or ?php echo `uptime`; ? -- Greg Donald Zend Certified Engineer http://destiney.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] ncurses woes...
On Mon, 7 Feb 2005 21:07:00 -0600, Grimes, Dean [EMAIL PROTECTED] wrote: I've read all the documentation I could get my handsthat took about 10 minutes! http://php.net/ncurses seems like more than 10 minutes reading to me, but maybe I'm slow. I learned about ncurses using it with C, but then later I discovered the PHP ncurses functions are mostly the same. Here's the docs I read: http://www.tldp.org/HOWTO/NCURSES-Programming-HOWTO/ -- Greg Donald Zend Certified Engineer http://destiney.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How do I collect the keywords a user entered when searching for my site
On Monday 07 February 2005 10:02 pm, Tim Burgan wrote: Hello, How do I collect the keywords a user entered when searching for my site? I want to write some code that will retrieve the keywords entered in a search engine that were used to find my site. Is it possible to also detect what my site's search engine ranking was for the entered keywords also? Tim Hi Tim, http://awstats.sourceforge.net/ An excellent web-stats analyzer - also prints out keywords/keyphrases by analyzing web logs. Suppose you could do the same, using some code ideas from the prog. http://www.mikes-marketing-tools.com You can get search engine ranking using keywords/phrases from your site. Hth, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: [users@httpd] Favorite Linux Distribution
* The Disguised Jedi [EMAIL PROTECTED]: I also forgot to mention my hardware. P4 2.8 GHz - Notebook 60 GB HDD w/ 15 GB seperate partition for the linux CD-RW 24x WLAN for main connection Almost identical to what I'm writing this on... except my partitions are all linux... ;-) In getting ready for the linux install on this machine, I went over to http://www.linux-laptop.net -- this should be your first stop if you're using a laptop. See if you can find what others have written about getting it up and running; if you're lucky, you'll see several distros, and be able to compare, or somebody will have written a comparison of several. From what I've been able to see, Kanotix has been a favorite for a number of laptops with similar configurations. It's a livecd, so you'll be able to test it out without installing -- which will give you a good idea if your hardware will work with it. Then, install away! (Me? I run gentoo.) Thanks for the responses i've already received! On Mon, 7 Feb 2005 16:31:46 -0700, Chad Leigh -- Shire. Net LLC [EMAIL PROTECTED] wrote: Hi I like gentoo for Linux. However, you may be best served by FreeBSD. www.freebsd.org Chad -- Matthew Weier O'Phinney [EMAIL PROTECTED] http://weierophinney.net/matthew -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Storing CCN's Again...
No the most secure way, but I had a client who was determined not to use paypal and store cc'sand do them offline. I am using SSL + Mysql encode to do this. Ie encode(cc_number,md5('secret')) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: [users@httpd] Favorite Linux Distribution
Pretty difficult question as it's a question of taste :-) If your are new to linux and want to keep your windows (dual-boot), Mandrake would be my advice: in a class with users without experience of linux, they all have been able to install Mandrake (10.1) dual booting windows without a problem in -/+ 2 hours. I also have it on my laptop since 2/3 years now and it works pretty well Fedora Core is really nice, but if I'm not wrong, there is no possibility in the graphical installation to redimension your windows partition (by the way always do a backup and a defrag before) gaël The Disguised Jedi [EMAIL PROTECTED] wrote on 08/02/2005 00.25.28: Hello all - I've been a list member for a while, helped out some people, and asked some questions. But, today I have a completely off topic, but somewhat relevant question for y'all. What is your favorite Linux distribution? What would you recommend for my situation? I'm brand new to Linux. I'm just trying to learn how it works, but I think I'll catch on quick. I'm looking for the one with the most capability, and also one to run my development instance of Apache 2.0 on. I've been looking at either RedHat or Fedora. Is this a good choice? I'm truly drawing a blank, and I've searched Google, but never really found anything extremely useful. Please help me, an old Windows veteran, escape the Microsoft box! Thanks a ton!! -- The Disguised Jedi [EMAIL PROTECTED] PHP rocks! Knowledge is Power. Power Corrupts. Go to school, become evil Disclaimer: Any disclaimer attached to this message may be ignored. This message is Certified Virus Free - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php