php-general Digest 29 Nov 2011 14:28:52 -0000 Issue 7590
php-general Digest 29 Nov 2011 14:28:52 - Issue 7590 Topics (messages 315861 through 315871): Re: Finding and reading firefox bookmarks with PHP 315861 by: Paul M Foster Re: PHP run from console - automatic password input 315862 by: shiplu 315867 by: Peter 315868 by: shiplu Common way to store db-password of open session? 315863 by: Andreas 315870 by: Nilesh Govindarajan 315871 by: Al Re: PHPExcel 315864 by: Ege Sertçetin 315866 by: Adam Balogh Re: [PHP-WIN] 5.3.9RC2 and 5.4RC2 315865 by: Tommy Pham PayPal : Message Alert. 315869 by: paypal.paypal.com Administrivia: To subscribe to the digest, e-mail: php-general-digest-subscr...@lists.php.net To unsubscribe from the digest, e-mail: php-general-digest-unsubscr...@lists.php.net To post to the list, e-mail: php-gene...@lists.php.net -- ---BeginMessage--- On Mon, Nov 28, 2011 at 10:59:03AM -0500, David McGlone wrote: On Sun, 2011-11-27 at 22:20 -0500, Paul M Foster wrote: On Sun, Nov 27, 2011 at 06:47:36PM -0500, David McGlone wrote: Hi all, I am wondering if it's possible to find the bookmarks file in firefox and output the contents on a page with PHP.. I'm wanting to do this so I can use it as my home page. The answer to this is not in PHP; it can be done in Firefox by itself. It's been a long time since I set this up, but if I'm not mistaken, the procedure goes like this: 1. In Firefox, enter about:config in the URL bar. (Ignore warnings.) 2. You are now in the raw configs. Search for a key called browser.bookmarks.autoExportHTML. Set this to 2. This should cause Firefox to dump the contents of it places.sqlite file to a file called bookmarks.html when Firefox is closed. 3. Find another key called browser.startup.homepage. Set this to the absolute path of a file called bookmarks.html in your Firefox file tree. The path will be something like (in Linux): /home/username/.mozilla/firefox/random string.default/bookmarks.html. (Obviously, you'll have to locate this file ahead of time.) If this isn't the exact procedure, it's close. You can dig into the Firefox docs to get the exact values or keys if these aren't right. (For example, I don't know why the first key I mentioned is 2 instead of 1.) Anyway, I have my Firefox set up this way. Hi Paul. The drawback I have found so far with this setup is that the page will not update until firefox is restarted. do you have a workaround for this? Yeah, that's the rub. When I found the instructions for doing this, they were clear that Firefox wouldn't update the file until the browser was closed. Outside of that, you'd just have to read the actual SQLite file, I suppose. Paul -- Paul M. Foster http://noferblatz.com http://quillandmouse.com ---End Message--- ---BeginMessage--- On Tue, Nov 29, 2011 at 8:21 AM, asdf zxcv jazdatest...@gmail.com wrote: I'm trying to make my php script (run from console) to input nesesary data when console asks for it. For example, i want to automatically manage revoking self-signed certificates, but when i exec(command) then system asks me to give the pass phrase. I dont want to do that. Instead, I want my script to input the password automatically. Is there any way to achieve that? Regards Peter You could try, $pass = 1285@; exec(echo $pass | command); But if its a privilege issue on your linux system, its better to start the php script with proper privilege. -- Shiplu Mokadd.im Innovation distinguishes between follower and leader ---End Message--- ---BeginMessage--- Unfortunately, this method doesnt work. I algo tried working with pipes: #!/usr/bin/php -q ?php require_once(_cert-manage-functions.php); //$config = parse_ini_file(/var/www/config.ini, true); $userId = userCertId(fredfa); // create descriptors for R/W-pipes $descriptorspec = array( 0 = array(pipe, r), 1 = array(pipe, w), ); $proc = openssl ca -keyfile ca.key -cert ca.pem -revoke .$userId..pem; // open process with bidirectional interaction $process = proc_open($proc, $descriptorspec, $pipes); // if success, continue if (is_resource($process)) { // read until prompt while (trim(fgets($pipes[0])) != 'Using configuration from /usr/lib/ssl/openssl.cnf') { } fscanf($pipes[0], Enter pass phrase for ca.key:); // enter pass phrase fwrite($pipes[1], password\n); // read until EOF stream_get_contents($pipes[0]); // release resources fclose($pipes[0]); fclose($pipes[1]); proc_close($process); } ? ...but the above doesnt work either and i still get enter the passphrase prompt 2011/11/29 shiplu shiplu@gmail.com On Tue, Nov 29, 2011 at 8:21 AM, asdf zxcv jazdatest...@gmail.com wrote: I'm trying to make my php script (run from console) to input nesesary data when console
[PHP] Common way to store db-password of open session?
Hi, is threre a most advisble way to store db-passwords of an open user-session? As far as I get it, a common login strategy is to let the user login by namepassword, check it, store a login=TRUE as php-session variable and later use a common dbuser+pw to query data provided login is TRUE. This way one wouldn't have to store the users pw or actually the user wouldn't have a real db-account but rather an application account. Is this really better or equal than using real db-accounts? Should I rather store the db-credentials in a session or cookies? Session is vulnerable as any host-user could look into /tmp. This would generally be a trusted few though. On the other hand cookies could be manipulated by the user or at least be spied upon on the way between user and web-host everytime the credentials are needed for a query. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHPExcel
Wish I had heard PHPExcel before. I'm using a class to read excel files. Ege. Alinti Floyd Resler fres...@adex-intl.com Does anyone have much experience with PHPExcel? I'm having difficulties in getting multiple sheet workbooks to work properly. I haven't been able to find any practical examples. Thanks! Floyd -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: [PHP-WIN] 5.3.9RC2 and 5.4RC2
On Mon, Nov 28, 2011 at 1:34 AM, Pierre Joye pierre@gmail.com wrote: On Mon, Nov 28, 2011 at 5:51 AM, Tommy Pham tommy...@gmail.com wrote: Can someone please confirm if you're able to create/drop MySQL database on using phpMyAdmin with PHP 5.3.9RC2 or PHP5.4RC2? Please use the sqlsrv or mysql functions directly with CREATE/DROP queries in a little script, it will be easier to debug. Cheers, -- Pierre @pierrejoye | http://blog.thepimp.net | http://www.libgd.org I don't know what happened last night. After about 2 hours trying to make some progress but failed, I called it a night. I just tried again to see if I had the same problems as last night. Apparently, I don't, even after several attempts to duplicate last night problems. Anyway, I got a few things setup to facilitate troubleshooting the compatibilities, including bug report Doc #60404. Here comes a wall of text from about 5-6 hours of testing, mostly for sqlsrv ... LOL. 5.3.5 5.3.9RC2 5.4.0RC2 error_reporting E_ALL ~E_DEPRECATED ~E_STRICT 22527 22527 22527 file_uploads On On On log_errors On On On log_errors_max_len 0 0 0 max_execution_time 300 300 300 max_input_time 60 60 60 memory_limit 128M 128M 128M post_max_size 20M 20M 20M upload_max_filesize 20M 20M 20M Drupal 7.9 + MySQL 5.5-rc install OK OK OK Drupal 7.9 + MySQL 5.5-rc using1 OK OK OK Drupal 7.9 + SQL Server 10.50.2500 install OK Error[3] Error[4] Drupal 7.9 + SQL Server 10.50.2500 using1 OK partial[2] partial[2] SQL Server install - Working Set (memory) 186,636K SQL Server install - Private Working Set (memory) 145,760K SQL Server install - Commit Size (memory) 147,736K MySQL install - Working Set (memory) 123,552K MySQL install - Private Working Set (memory) 86,332K MySQL install - Commit Size (memory) 87,648K 1. Create and Edit the short article in the home page in each PHP version. 2. Sometimes generates HTTP Error 500.0 when reading/creating/editing a new article. 3. Always receive HTTP Error 500.0 after creating about 25 tables out of 73 max. 4. SQLSTATE[IMSSP]: An error occurred substituting the named parameters. For 5.3.5 and 5.3.9RC2, sqlsrv driver is the same (ExtensionVer) version 2.0.1802.200 and I have xdebug trace logs of every execution. I didn't bother with the memory comparison for 5.3.9RC2 and 5.4.0RC2 since Drupal 7.9 failed to install for sqlsvr. There error_log file doesn't have any errors prior to and when PHP crashed suddenly, generating the HTTP 500. 5.3.5 has 62 extensions: Core, PDO, PDO_ODBC, Phar, Reflection, SPL, SimpleXML, bcmath, bz2, calendar, cgi-fcgi, com_dotnet, ctype, curl, date, dom, enchant, ereg, exif, filter, ftp, gd, gettext, gmp, hash, iconv, imap, intl, json, ldap, libxml, mbstring, mcrypt, mhash, mysql, mysqli, mysqlnd, odbc, openssl, pcre, pdo_mysql, pdo_pgsql, pdo_sqlsrv, pgsql, session, shmop, soap, sockets, sqlsrv, standard, tidy, tokenizer, wddx, wincache, xdebug, xml, xmlreader, xmlrpc, xmlwriter, xsl, zip, zlib 5.3.9RC2 has 63 extensions: Core, PDO, PDO_ODBC, Phar, Reflection, SPL, SimpleXML, bcmath, bz2, calendar, cgi-fcgi, com_dotnet, ctype, curl, date, dom, enchant, ereg, exif, fileinfo, filter, ftp, gd, gettext, gmp, hash, iconv, imap, intl, json, ldap, libxml, mbstring, mcrypt, mhash, mysql, mysqli, mysqlnd, odbc, openssl, pcre, pdo_mysql, pdo_pgsql, pdo_sqlsrv, pgsql, session, shmop, soap, sockets, sqlsrv, standard, tidy, tokenizer, wddx, wincache, xdebug, xml, xmlreader, xmlrpc, xmlwriter, xsl, zip, zlib 5.4.0RC2 has 60 extensions: Core, PDO, PDO_ODBC, Phar, Reflection, SPL, SimpleXML, bcmath, bz2, calendar, cgi-fcgi, com_dotnet, ctype, curl, date, dom, ereg, exif, fileinfo, filter, ftp, gd, gettext, gmp, hash, iconv, imap, intl, json, ldap, libxml, mbstring, mcrypt, mhash, mysql, mysqli, mysqlnd, odbc, openssl, pcre, pdo_mysql, pdo_pgsql, pdo_sqlsrv, pgsql, session, shmop, soap, sockets, sqlsrv, standard, tidy, tokenizer, wddx, xml, xmlreader, xmlrpc, xmlwriter, xsl, zip, zlib If anyone is interested, here's my code for cleaning the db automatically and reporting PHP version, the database (server client) version - specifically for Drupal 7.9: function exceptionHandler($e) { echo $e-getMessage(); print_r($e-getTrace()); } set_exception_handler('exception_handler'); $settings = 'sites/default/settings.php'; /** broken - file locking by IIS ** if (isset($_GET['use'])) { //if (!unlink($settings)) //throw new Exception('Error removing old settings'); $source = sites/default/settings.{$_GET['use']}.php; switch ($_GET['use']) { case 'mysql': case 'mssql': if (file_exists($source)) copy($source, $settings); //if (!copy(__DIR__.'/sites/default/settings.mysql.php', __DIR__.'/'.$settings)) //throw new Exception('Error copying MySQL settings.'); break; } } */
Re: [PHP] PHPExcel
Hi, *Heres the documentation:* http://phpexcel.codeplex.com/releases/view/45412#DownloadId=212183 In user doc: *4.2 Reading Only Named WorkSheets from a File* * * and you can get all the sheet names: http://www.auditbureau.org.au/a/Documentation/API/PHPExcel/PHPExcel.html#methodgetSheetNames
Re: [PHP] PHP run from console - automatic password input
Unfortunately, this method doesnt work. I algo tried working with pipes: #!/usr/bin/php -q ?php require_once(_cert-manage-functions.php); //$config = parse_ini_file(/var/www/config.ini, true); $userId = userCertId(fredfa); // create descriptors for R/W-pipes $descriptorspec = array( 0 = array(pipe, r), 1 = array(pipe, w), ); $proc = openssl ca -keyfile ca.key -cert ca.pem -revoke .$userId..pem; // open process with bidirectional interaction $process = proc_open($proc, $descriptorspec, $pipes); // if success, continue if (is_resource($process)) { // read until prompt while (trim(fgets($pipes[0])) != 'Using configuration from /usr/lib/ssl/openssl.cnf') { } fscanf($pipes[0], Enter pass phrase for ca.key:); // enter pass phrase fwrite($pipes[1], password\n); // read until EOF stream_get_contents($pipes[0]); // release resources fclose($pipes[0]); fclose($pipes[1]); proc_close($process); } ? ...but the above doesnt work either and i still get enter the passphrase prompt 2011/11/29 shiplu shiplu@gmail.com On Tue, Nov 29, 2011 at 8:21 AM, asdf zxcv jazdatest...@gmail.com wrote: I'm trying to make my php script (run from console) to input nesesary data when console asks for it. For example, i want to automatically manage revoking self-signed certificates, but when i exec(command) then system asks me to give the pass phrase. I dont want to do that. Instead, I want my script to input the password automatically. Is there any way to achieve that? Regards Peter You could try, $pass = 1285@; exec(echo $pass | command); But if its a privilege issue on your linux system, its better to start the php script with proper privilege. -- Shiplu Mokadd.im Innovation distinguishes between follower and leader
Re: [PHP] PHP run from console - automatic password input
Did you try -passin, -passout options of openssl command? See the man page here http://linux.die.net/man/1/openssl Specially the Pass phrase arguments section. -- Shiplu.Mokadd.im ImgSign.com | A dynamic signature machine Innovation distinguishes between follower and leader
[PHP] PayPal : Message Alert.
Dear Customer PayPal , From: pay...@paypal.com Subject: PayPal Online : Message Alert ! Resolution Center: Your account is limited. Regarding this, please follow the link below to resolve this issue: http://dtecables.com/www.paypal.com/account.htm PayPal - NUMBER: ID831959-PayPal/2011 Please allow us 1 to 3 days to your resolve problem. Thank you, PayPal -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Common way to store db-password of open session?
On Tue 29 Nov 2011 01:34:08 PM IST, Andreas wrote: Hi, is threre a most advisble way to store db-passwords of an open user-session? As far as I get it, a common login strategy is to let the user login by namepassword, check it, store a login=TRUE as php-session variable and later use a common dbuser+pw to query data provided login is TRUE. This way one wouldn't have to store the users pw or actually the user wouldn't have a real db-account but rather an application account. Is this really better or equal than using real db-accounts? Should I rather store the db-credentials in a session or cookies? Session is vulnerable as any host-user could look into /tmp. This would generally be a trusted few though. On the other hand cookies could be manipulated by the user or at least be spied upon on the way between user and web-host everytime the credentials are needed for a query. What exactly do you mean by db-account? I didn't understand your question, but this is what I do in my applications- When the user submits the login form, validate POST data (for mischevious stuff) and check if username password query works out successfully. If it does, store a session variable login=true and let the user work on the private parts of the site. The cookie essentially, contains just the session id. I never use cookies to store data, only sessions. I also add ip and user-agent filtering to my auth systems. -- Nilesh Govindarajan http://nileshgr.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Common way to store db-password of open session?
On 11/29/2011 7:40 AM, Nilesh Govindarajan wrote: On Tue 29 Nov 2011 01:34:08 PM IST, Andreas wrote: Hi, is threre a most advisble way to store db-passwords of an open user-session? As far as I get it, a common login strategy is to let the user login by namepassword, check it, store a login=TRUE as php-session variable and later use a common dbuser+pw to query data provided login is TRUE. This way one wouldn't have to store the users pw or actually the user wouldn't have a real db-account but rather an application account. Is this really better or equal than using real db-accounts? Should I rather store the db-credentials in a session or cookies? Session is vulnerable as any host-user could look into /tmp. This would generally be a trusted few though. On the other hand cookies could be manipulated by the user or at least be spied upon on the way between user and web-host everytime the credentials are needed for a query. What exactly do you mean by db-account? I didn't understand your question, but this is what I do in my applications- When the user submits the login form, validate POST data (for mischevious stuff) and check if username password query works out successfully. If it does, store a session variable login=true and let the user work on the private parts of the site. The cookie essentially, contains just the session id. I never use cookies to store data, only sessions. I also add ip and user-agent filtering to my auth systems. Sounds like $_SESSION buffer is what you need. I use the buffer extensively in most of my designs. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Auto CRUD Generator
On Sat, Nov 26, 2011 at 15:15, Muhammad Hassan Samee hassansa...@gmail.com wrote: is there any class/script that can automatically create a CRUD [Create,Read,Update,Delete] grid table for any database table .? Search Google for Xataface. It's a full frontend which dynamically changes with database structure changes. -- /Daniel P. Brown Network Infrastructure Manager http://www.php.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Class instance pointers
Is there any benefit to setting a pointer to a class instance to null before returning from a function? As in: function myfunc () { $p = new myclass (); // do stuff $p = null; } Thanks. -- Cheers -- Tim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Class instance pointers
Am 29.11.2011 16:56, schrieb Tim Streater: Is there any benefit to setting a pointer to a class instance to null before returning from a function? As in: function myfunc () { $p = new myclass (); // do stuff $p = null; } Thanks. No! In this case the GC will do that for you :) regards, cimodev -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Class instance pointers
On 11/29/2011 7:56 AM, Tim Streater wrote: Is there any benefit to setting a pointer to a class instance to null before returning from a function? As in: function myfunc () { $p = new myclass (); // do stuff $p = null; } Thanks. -- Cheers -- Tim Nope, AFAIK everything inside the function will disappear when the function exits. Unless you run into one of the memory release issues talked about in the past, in that case you might be SOL. -- Jim Lucas http://www.cmsws.com/ http://www.cmsws.com/examples/ http://www.bendsource.com/ C - (541) 408-5189 O - (541) 323-9113 H - (541) 323-4219 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: Re: [PHP] Class instance pointers
On 29 Nov 2011 at 17:01, cimodev cimo...@googlemail.com wrote: Am 29.11.2011 16:56, schrieb Tim Streater: Is there any benefit to setting a pointer to a class instance to null before returning from a function? As in: function myfunc () { $p = new myclass (); // do stuff $p = null; } No! In this case the GC will do that for you :) Thanks, I expected that to be the case, but it's not been crucial up to now. Rather than having a script that runs for a while and quits, I'm hoping to run a small server written in PHP and wanted to be 100% sure that I didn't need to. -- Cheers -- Tim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Common way to store db-password of open session?
On 11/29/2011 6:28 AM, Al wrote: On 11/29/2011 7:40 AM, Nilesh Govindarajan wrote: On Tue 29 Nov 2011 01:34:08 PM IST, Andreas wrote: Hi, is there a most advisable way to store db-passwords of an open user-session? As far as I get it, a common login strategy is to let the user login by namepassword, check it, store a login=TRUE as php-session variable and later use a common dbuser+pw to query data provided login is TRUE. This way one wouldn't have to store the users pw or actually the user wouldn't have a real db-account but rather an application account. Is this really better or equal than using real db-accounts? Should I rather store the db-credentials in a session or cookies? Session is vulnerable as any host-user could look into /tmp. This would generally be a trusted few though. On the other hand cookies could be manipulated by the user or at least be spied upon on the way between user and web-host every time the credentials are needed for a query. What exactly do you mean by db-account? I didn't understand your question, but this is what I do in my applications- When the user submits the login form, validate POST data (for mischievous stuff) and check if username password query works out successfully. If it does, store a session variable login=true and let the user work on the private parts of the site. The cookie essentially, contains just the session id. I never use cookies to store data, only sessions. I also add ip and user-agent filtering to my auth systems. Sounds like $_SESSION buffer is what you need. I use the buffer extensively in most of my designs. It seems to me that the OP isn't asking where to store it, s/he is asking what to store. I would suggest storing only the SESSION ID in the cookies. In most setups, this is done automatically. Then in the sessions file place only the information that will allow you to identify the individual in question. In some cases, I have seen were the first step is followed above, but then rather the just the identifiable information in the session, one would grab all the account details and place this information in the session instead. The only benefit I see here is the within future page requests, you don't have to hit the DB for the account details, they are in a session file that you already had to load into memory. The drawback to this approach is that all the account details are in a file on the file system that could (in some situations) be read by other system user accounts. YMMV -- Jim Lucas http://www.cmsws.com/ http://www.cmsws.com/examples/ http://www.bendsource.com/ C - (541) 408-5189 O - (541) 323-9113 H - (541) 323-4219 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Retrieve subjectAltName from client certificate
I found a solution. It's a clumsy one, but it works. Well I considered that a certificate is encoded in base64. So I remove de the 1st and last lines, and decode it. Now we got a lot of binary information, but at least the info is there and readable, so we can search for it. I opened this data in a hexeditor, and look for my data. When I found it I realized that a couple of bytes before it there were a part of my custom OID number. I mean my OID number is 2.16.76.1.3.1, and I found the bytes 4C 01 03 01 (0x4C=76) just 8 bytes before the data. So I made PHP search the decoded document for this bytes and extract the information I need positionaly. I know it's clumsy, but it's the best I got until now. Here is the PHP code I used: $cert = $_SERVER['SSL_CLIENT_CERT']; // remove first and last lines (i.e. BEGIN/END CERTIFICATE) $cert = preg_replace(/\n.*$/, , preg_replace(/^.*\n/, , $cert)); $cert_dec = base64_decode($cert); //find OID position $pos = strpos($cert_dec, pack(H*, 4C010301)) + 8; /extract custom data $birthdate = substr($cert_dec, $pos, 8); $docnumber = substr($cert_dec, $pos + 8, 11); echo $birthdate; echo br; echo $docnumber; If anyone has any solution better than this one I would be glad to know. -Nelson 2011/11/24 Nelson Teixeira Hello, I'm trying to read subjectAltName field from a client certificate with $x509 = openssl_x509_parse($_SERVER['SSL_CLIENT_CERT']); $subjectAltName = $x509['extensions']['subjectAltName']; but the field contains othername:, othername:, othername:, where the real data should be. There's valid data there because I can see it in firefox's certificate view. I already have SSLOptions +StdEnvVars +ExportCertData configured in apache. I can read correctly serveral other fields. How can I receive correctly from apache and extract the real data ? -Nelson
Re: [PHP] Apache's .htaccess issue with absolute addressing
Grega Leskovšek legr...@gmail.com wrote: That is problem on my skavt.net server, but also an issue of knowledge. I need to access my css/js/pic files with absolute addressing(starting with /) I can do this on my home server if I start from /var/www and not from /var/www/peace-refuge/, but when I upload to skavt.net server in the www/ (my root dir) the thing doesn't work any more. What do I need to write in .htaccess file in base dir to mark for example /www/ is base dir and when accessing a file with /my.css will look in /www/my.css address and not in somewhere else I do not where and I do not know how to figure that out? I tried this RewriteBase /www/ writing in the file /www/.htaccess but it doesn’t work. Please help me! Thanks in advance, Grega from Slovenia If /var/www is your DocumentRoot in your httpd.conf file, the above won't work. If your application is rooted at /var/www, then you don't need any rewrite rules to get /my.css to work if it is already in the DocumentRoot for the site. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Auto CRUD Generator Xataface
-Original Message- Search Google for Xataface. It's a full frontend which dynamically changes with database structure changes. http://xataface.com/videos is broken and therefore we can't view the demo, and nothing pisses me off more than a site that doesn't have a simple contact email link! UGH! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Auto CRUD Generator Xataface
On Tue, Nov 29, 2011 at 9:44 PM, Daevid Vincent dae...@daevid.com wrote: -Original Message- Search Google for Xataface. It's a full frontend which dynamically changes with database structure changes. http://xataface.com/videos is broken and therefore we can't view the demo, and nothing pisses me off more than a site that doesn't have a simple contact email link! UGH! I think your PC is broken.. I can watch the videos just fine ;) Matijn -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Auto CRUD Generator Xataface
-Original Message- From: Matijn Woudt [mailto:tijn...@gmail.com] Sent: Tuesday, November 29, 2011 12:48 PM To: Daevid Vincent Cc: php-general-h...@lists.php.net; php-general@lists.php.net Subject: Re: [PHP] Auto CRUD Generator Xataface On Tue, Nov 29, 2011 at 9:44 PM, Daevid Vincent dae...@daevid.com wrote: -Original Message- Search Google for Xataface. It's a full frontend which dynamically changes with database structure changes. http://xataface.com/videos is broken and therefore we can't view the demo, and nothing pisses me off more than a site that doesn't have a simple contact email link! UGH! I think your PC is broken.. I can watch the videos just fine ;) I tried it in FF 3.6.24 as well as Chrome 15.0.874.121 m (is that really necessary Google?!) and lastly IE 8.0.7601.17514 (is that really necessary Micro$oft?!). All on Win7 64-bit burley-ass Dell PC. I code in PHP all day long and have no troubles with other websites. Not even other pages on THAT web site. That particular tab / page however only shows the logo top left, search top right, and then these in the tabs: Home Forum Documentation Videos a href=http:// And the rest of the page is white. Garbage. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Auto CRUD Generator Xataface
On Tue, Nov 29, 2011 at 9:54 PM, Daevid Vincent dae...@daevid.com wrote: I think your PC is broken.. I can watch the videos just fine ;) I tried it in FF 3.6.24 as well as Chrome 15.0.874.121 m (is that really necessary Google?!) and lastly IE 8.0.7601.17514 (is that really necessary Micro$oft?!). All on Win7 64-bit burley-ass Dell PC. I code in PHP all day long and have no troubles with other websites. Not even other pages on THAT web site. That particular tab / page however only shows the logo top left, search top right, and then these in the tabs: Home Forum Documentation Videos a href=http:// And the rest of the page is white. Garbage. Still, your PC is broken, not the site. It's working fine here with Chrome 15.0.874.121 m. Matijn -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Auto CRUD Generator Xataface
On 11/29/2011 12:54 PM, Daevid Vincent wrote: -Original Message- From: Matijn Woudt [mailto:tijn...@gmail.com] Sent: Tuesday, November 29, 2011 12:48 PM To: Daevid Vincent Cc: php-general-h...@lists.php.net; php-general@lists.php.net Subject: Re: [PHP] Auto CRUD Generator Xataface On Tue, Nov 29, 2011 at 9:44 PM, Daevid Vincent dae...@daevid.com wrote: -Original Message- Search Google for Xataface. It's a full frontend which dynamically changes with database structure changes. http://xataface.com/videos is broken and therefore we can't view the demo, and nothing pisses me off more than a site that doesn't have a simple contact email link! UGH! I think your PC is broken.. I can watch the videos just fine ;) I tried it in FF 3.6.24 as well as Chrome 15.0.874.121 m (is that really necessary Google?!) and lastly IE 8.0.7601.17514 (is that really necessary Micro$oft?!). All on Win7 64-bit burley-ass Dell PC. I code in PHP all day long and have no troubles with other websites. Not even other pages on THAT web site. That particular tab / page however only shows the logo top left, search top right, and then these in the tabs: Home Forum Documentation Videos a href=http:// And the rest of the page is white. Garbage. System: Windows XP 32-bit I run FF 5.0.1 w/NoScript and I had allow both xataface.com and weblite.ca then the video popped up. IE 6.0 on the same system works fine too. -- Jim Lucas http://www.cmsws.com/ http://www.cmsws.com/examples/ http://www.bendsource.com/ C - (541) 408-5189 O - (541) 323-9113 H - (541) 323-4219 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP run from console - automatic password input
passin and passout are not userd during -revoke They are used to give parameters to create the certificate and give it the above parameters. But, I think i managed to bypass the problem. I wrote a shell script using expect, after 30 minutes of fighting, script does what I want it to. It takes a users cert ID as a parameter and uses it to invoke 'openssl ca -revoke' command. Thanks to this, i can refer to it prom my php script. Maybe not the most elegant solution, but it works. And took me about 10 lines of code instead of 60 (non-working lines :) ) Thanks anyway all :) Cheers 2011/11/29 Peter jazdatest...@gmail.com passin and passout are not userd during -revoke They are used to give parameters to create the certificate and give it the above parameters. 2011/11/29 shiplu shiplu@gmail.com Did you try -passin, -passout options of openssl command? See the man page here http://linux.die.net/man/1/openssl Specially the Pass phrase arguments section. -- Shiplu.Mokadd.im ImgSign.com | A dynamic signature machine Innovation distinguishes between follower and leader
Re: [PHP] Auto CRUD Generator Xataface
On Tue, Nov 29, 2011 at 4:13 PM, Jim Lucas li...@cmsws.com wrote: On 11/29/2011 12:54 PM, Daevid Vincent wrote: -Original Message- From: Matijn Woudt [mailto:tijn...@gmail.com] Sent: Tuesday, November 29, 2011 12:48 PM To: Daevid Vincent Cc: php-general-h...@lists.php.net; php-general@lists.php.net Subject: Re: [PHP] Auto CRUD Generator Xataface On Tue, Nov 29, 2011 at 9:44 PM, Daevid Vincent dae...@daevid.com wrote: -Original Message- Search Google for Xataface. It's a full frontend which dynamically changes with database structure changes. http://xataface.com/videos is broken and therefore we can't view the demo, and nothing pisses me off more than a site that doesn't have a simple contact email link! UGH! I think your PC is broken.. I can watch the videos just fine ;) I tried it in FF 3.6.24 as well as Chrome 15.0.874.121 m (is that really necessary Google?!) and lastly IE 8.0.7601.17514 (is that really necessary Micro$oft?!). All on Win7 64-bit burley-ass Dell PC. I code in PHP all day long and have no troubles with other websites. Not even other pages on THAT web site. That particular tab / page however only shows the logo top left, search top right, and then these in the tabs: Home Forum Documentation Videos a href=http:// And the rest of the page is white. Garbage. System: Windows XP 32-bit I run FF 5.0.1 w/NoScript and I had allow both xataface.com and weblite.ca then the video popped up. IE 6.0 on the same system works fine too. -- Jim Lucas http://www.cmsws.com/ http://www.cmsws.com/examples/ http://www.bendsource.com/ C - (541) 408-5189 O - (541) 323-9113 H - (541) 323-4219 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Works for me as well in Chrome -- Bastien Cat, the other other white meat -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Common way to store db-password of open session?
Jim Lucas li...@cmsws.com wrote: On 11/29/2011 6:28 AM, Al wrote: On 11/29/2011 7:40 AM, Nilesh Govindarajan wrote: On Tue 29 Nov 2011 01:34:08 PM IST, Andreas wrote: Hi, is there a most advisable way to store db-passwords of an open user-session? As far as I get it, a common login strategy is to let the user login by namepassword, check it, store a login=TRUE as php-session variable and later use a common dbuser+pw to query data provided login is TRUE. This way one wouldn't have to store the users pw or actually the user wouldn't have a real db-account but rather an application account. Is this really better or equal than using real db-accounts? Should I rather store the db-credentials in a session or cookies? Session is vulnerable as any host-user could look into /tmp. This would generally be a trusted few though. On the other hand cookies could be manipulated by the user or at least be spied upon on the way between user and web-host every time the credentials are needed for a query. What exactly do you mean by db-account? I didn't understand your question, but this is what I do in my applications- When the user submits the login form, validate POST data (for mischievous stuff) and check if username password query works out successfully. If it does, store a session variable login=true and let the user work on the private parts of the site. The cookie essentially, contains just the session id. I never use cookies to store data, only sessions. I also add ip and user-agent filtering to my auth systems. Sounds like $_SESSION buffer is what you need. I use the buffer extensively in most of my designs. It seems to me that the OP isn't asking where to store it, s/he is asking what to store. I would suggest storing only the SESSION ID in the cookies. In most setups, this is done automatically. Then in the sessions file place only the information that will allow you to identify the individual in question. In some cases, I have seen were the first step is followed above, but then rather the just the identifiable information in the session, one would grab all the account details and place this information in the session instead. The only benefit I see here is the within future page requests, you don't have to hit the DB for the account details, they are in a session file that you already had to load into memory. The drawback to this approach is that all the account details are in a file on the file system that could (in some situations) be read by other system user accounts. As I read it, the OP may be confusing application user logins and the credentials used by the application to access the data base. Individual application users should *NOT* have access directly to the data base by having their individual credentials in the db access list. The application should have a unique set of credentials for accessing the database, and the only way users can gain access to the database should be through the application. Do NOT store data base credentials anywhere in the session or in cookies, either, as that can give people access to your database as well. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP run from console - automatic password input
On 11/30/2011 01:11 AM, Peter wrote: I wrote a shell script Please would you show it? AFAIK, if Bash can do it, PHP should also... Thanks. -- RMA. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php