Re: [PHP] mysql_connect noob question
On Sat, Apr 20, 2013 at 9:37 PM, Glob Design Info i...@globdesign.com wrote: Night now this is just a test server. On the real thing I'll do it right. On 4/20/13 10:58 AM, Tedd Sperling wrote: On Apr 20, 2013, at 11:44 AM, Stuart Dallas stu...@3ft9.com wrote: On 20 Apr 2013, at 16:25, Jim Giner jim.gi...@albanyhandball.com wrote: Why are you allowing anyone to connect to your database from a form? A little OT, but... What do you mean by this question? How do you check someone's credentials if not by connecting to a db to verify the login? Cause I'm doing the same kind of thing all over the place. With good practices on validation and such before doing my query of course. I'm pretty sure that's not what tedd meant. The code is logging in to the database server using the username and password from the form. There are very few legitimate reasons to be doing this, so the question is well worth asking. -Stuart Stuart is exactly right. If you are checking someone's credentials to access your site, such as a user, then giving them the keys to the kingdom is a bit of an overkill. My advice, set up user_id and password fields in a user table for users you want to access some portion of your site, here's the code to do that: http://sperling.com/php/authorization/log-on.php Where I have said // define your user id here is the place to actually open your database and access your user table to gather the correct user_id and password. I also suggest that when you open the database you only use literals from a config.php file ($dbhost,$dbuser,$dbpass) for accessing the actual database and then check the user_id and password before giving them authorization to private areas. Keep the private stuff private! Cheers, tedd _ tedd.sperl...@gmail.com http://sperling.com That is a great point -- I was thinking this was a private app, but you should never ever ever ever ever ever (x infinity) allow wild wild web access to your database like this. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Looking for complete entered URL
On Sat, Apr 20, 2013 at 1:51 PM, Angela Barone ang...@italian-getaways.com wrote: I've written a script that logs all visits to a web site, complete with referrer and IP address. It also logs all 4xx errors. What I'd like to add to this is, if someone adds extra code after the page_name.php, to be able to capture any extra code and log that. I've tried: $_SERVER['QUERY_STRING'] $_SERVER['REDIRECT_QUERY_STRING'] $_SERVER['REDIRECT_URL'] So, since I wasn't exactly sure what got put into $_SERVER, and since I'm lazy, I tapped out the following script: ?php header(Content-type: text/plain); echo '$_SERVER:'.PHP_EOL; var_dump($_SERVER); ? When I called it with the following URL: http://localhost/~tamara/teststuffout/logger.php/one/two?a=true#fragment It showed all the stuff in $_SERVER as a result of that, including: [REQUEST_URI]= string(47) /~tamara/teststuffout/logger.php/one/two?a=true [PATH_INFO]= string(8) /one/two [QUERY_STRING]= string(6) a=true Interestingly, it appears nothing reports #fragment... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Looking for complete entered URL
tamouse mailing lists tamouse.li...@gmail.com wrote: On Sat, Apr 20, 2013 at 1:51 PM, Angela Barone ang...@italian-getaways.com wrote: I've written a script that logs all visits to a web site, complete with referrer and IP address. It also logs all 4xx errors. What I'd like to add to this is, if someone adds extra code after the page_name.php, to be able to capture any extra code and log that. I've tried: $_SERVER['QUERY_STRING'] $_SERVER['REDIRECT_QUERY_STRING'] $_SERVER['REDIRECT_URL'] So, since I wasn't exactly sure what got put into $_SERVER, and since I'm lazy, I tapped out the following script: ?php header(Content-type: text/plain); echo '$_SERVER:'.PHP_EOL; var_dump($_SERVER); ? When I called it with the following URL: http://localhost/~tamara/teststuffout/logger.php/one/two?a=true#fragment It showed all the stuff in $_SERVER as a result of that, including: [REQUEST_URI]= string(47) /~tamara/teststuffout/logger.php/one/two?a=true [PATH_INFO]= string(8) /one/two [QUERY_STRING]= string(6) a=true Interestingly, it appears nothing reports #fragment... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php It wont, the fragment is always local. You'd need javascript to handle that Thanks, Ash http://www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: mysql_connect noob question
Thanks for that great response Geoff. That very well may be what is wrong, however, my problem is I don't have admin access to this server - it hosted in a BaaS site where they do all the admin. They do provide mysql command line access and it works, but it won't let me log in as root, not even on the command line. Where is the '@'ip70-162-142-180.ph.ph.cox.net' part coming from? I have to assume mysql_connect itself is appending that in the call since it's not part of the contents of the variable I pass from the form. And if I can't get server root access then that begs the question: how do I tell mysql_connect to turn that off and just send the user as-is? Thanks, On Apr 21, 2013, at 1:42 AM, Geoff Lane ge...@gjctech.co.uk wrote: Hi, On Sunday, April 21, 2013, 3:37:38 AM, you wrote: Night now this is just a test server. On the real thing I'll do it right. FWIW, the error you describe is one that I've seen often when setting up a new development/test server. In my case, the issue has arisen because the user doesn't have permission to connect to the database. This drove me nuts for a couple of days until I read the error message a little more carefully. In your case, you have: *Warning*: mysql_connect() [function.mysql-connect http://localhost/wservices/function.mysql-connect]: Access denied for user 'user'@'ip70-162-142-180.ph.ph.cox.net' (using password: YES) in */Library/WebServer/Documents/wservices/connect.php* on line *29* Notice that the username isn't just 'user', but 'user@host'. Hopefully, you have access to the MySQL command line on the MySQL server. If so, log on as root then do: mysqluse mysql; mysqlselect user,host from user; In the results table, check which hosts your user is permitted to connect from. Let's say for now that your results table looks like: +--+---+ | user | host | +--+---+ | root | myserver | | root | 127.0.0.1 | | debian-sys-maint | localhost | | root | localhost | +--+---+ To permit a user to connect from any host, change the host value to '%' e.g: mysqlupdate user set host='%' where user='root' and host='myserver'; permits user 'root' to connect from any host rather than just from 'myserver', the loopback IP address, and 'localhost'. If that doesn't work, you probably need to configure mysql to permit connections from any host. To do this, edit my.cnf (which should be /etc/mysql/my.cnf in Debian-based systems) and search for the line: bind-address = 127.0.0.1 Comment this out and replace with: bind-address = 0.0.0.0 Hopefully, that'll sort out the one test user you've tried so far. Note that you'll need to take responsibility for verifying your users at the application level or you'll need to create a new entry in the user table with CREATE USER; GRANT appropriate privileges; and then update the user's record to permit connection from the appropriate host(s). HTH, -- Geoff Lane Cornwall, UK -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: mysql_connect noob question
Thanks Geoff, I am aware of the security implications. I will deal with that later. Right now I am just trying to get the WS architecture working. I am logging in with the creds the hosting provider gave me (xeround.com) When I use those creds on the mysql command line, or hard-code them in the script, all works fine. It is only when I pass those values from my HTML form to the script that it fails - which was why I posted the question originally - the authentication works fine, but when entered from a form and passed to the script it fails, which is what is so baffling. I don't understand why mysql_connect should append something in the case of a passed variable but not in the case of a local variable. Unless there is something in the form parsing machinery I am unaware of. And I am trying both from the same host. Thanks, On Apr 21, 2013, at 2:31 AM, Geoff Lane ge...@gjctech.co.uk wrote: Hi Glob, On Sunday, April 21, 2013, 10:46:32 AM, you wrote: That very well may be what is wrong, however, my problem is I don't have admin access to this server - it hosted in a BaaS site where they do all the admin. They do provide mysql command line access and it works, but it won't let me log in as root, not even on the command line. Perhaps you can issue the commands of my previous email while logged in as the user who's credentials they've given to you. That said, I wouldn't be surprised if they denied you update privs on any of the tables in the mysql database! Where is the '@'ip70-162-142-180.ph.ph.cox.net' part coming from? I have to assume mysql_connect itself is appending that in the call since it's not part of the contents of the variable I pass from the form. I suspect that it's coming from DNS and that the MySQL instance is performing a reverse DNS lookup to resolve the IP address of the connecting host. And if I can't get server root access then that begs the question: how do I tell mysql_connect to turn that off and just send the user as-is? I don't think that you can. However, the hosting company should have given you credentials to use to log into the database. If your application can log in with those credentials, I suggest that you rewrite your code to take responsibility for user verification. For example, you could have your own user table that gives username and password together with other user data you need. (BTW, for security, don't store plain-text passwords in your database, rather store hashes (e.g. MD5) of the passwords and then use the appropriate function to hash the user input and compare with the stored hash). HTH, -- Geoff Lane Cornwall, UK -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: mysql_connect noob question
On 21 Apr 2013, at 11:20, Glob Design Info i...@globdesign.com wrote:
I don't understand why mysql_connect should append something in the case of a
passed variable but not in the case of a local variable. Unless there is
something in the form parsing machinery I am unaware of.
Nothing is being added by anything. When you log in to MySQL it takes both the
username and the IP address/hostname of the machine you're logging in from and
looks those up in the users table. This means that user abc logging in on
localhost becomes abc@localhost. User abc logging in from 192.168.0.187 becomes
abc@192.168.0.187, and is treated as a completely separate user from
abc@localhost.
The host comes from your end of the connection. So if you connect on localhost,
your end is also localhost. If you connect on the IP address or hostname, your
end is the rDNS lookup of your IP address - note that this may be the same
address as the one to which you are connecting, but will represent a different
user to @localhost as far as MySQL is concerned.
The only thing that may be being added to the variable when the form data is
parsed is slashes, and then only if you have magic_quotes_gpc switched on in
php.ini. I believe this has already been eliminated as the cause earlier in
this thread.
The problem you describe is not possible, so I'm betting your description is
missing something. Given a request with POST parameters of username=abc and
password=def, the following two lines are equivalent:
mysql_connect('localhost', 'abc', 'def');
mysql_connect('localhost', $_POST['username'], $_POST['password']);
If this is exactly what you're doing then something very strange is going on.
If this is not exactly what you're doing, please narrow your code down to the
minimum required to demonstrate the problem and post it somewhere like gist.com
then send us the link.
However, a more important question for me is why you are doing this. You say
you are aware of the security implications, and that you'll deal with that
later, but I question how you're going to deal with it. What exactly are you
developing that requires DB credentials to come from a form on a web page?
-Stuart
--
Stuart Dallas
3ft9 Ltd
http://3ft9.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Looking for complete entered URL
Correct. Just to expand on that, a browser will not send the hash fragment part of a URL with the request. If you ever receive that part at the web server, that's a pretty good sign the request came from a robot. Andrew On Apr 21, 2013 3:29 AM, Ashley Sheridan a...@ashleysheridan.co.uk wrote: tamouse mailing lists tamouse.li...@gmail.com wrote: On Sat, Apr 20, 2013 at 1:51 PM, Angela Barone ang...@italian-getaways.com wrote: I've written a script that logs all visits to a web site, complete with referrer and IP address. It also logs all 4xx errors. What I'd like to add to this is, if someone adds extra code after the page_name.php, to be able to capture any extra code and log that. I've tried: $_SERVER['QUERY_STRING'] $_SERVER['REDIRECT_QUERY_STRING'] $_SERVER['REDIRECT_URL'] So, since I wasn't exactly sure what got put into $_SERVER, and since I'm lazy, I tapped out the following script: ?php header(Content-type: text/plain); echo '$_SERVER:'.PHP_EOL; var_dump($_SERVER); ? When I called it with the following URL: http://localhost/~tamara/teststuffout/logger.php/one/two?a=true#fragment It showed all the stuff in $_SERVER as a result of that, including: [REQUEST_URI]= string(47) /~tamara/teststuffout/logger.php/one/two?a=true [PATH_INFO]= string(8) /one/two [QUERY_STRING]= string(6) a=true Interestingly, it appears nothing reports #fragment... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php It wont, the fragment is always local. You'd need javascript to handle that Thanks, Ash http://www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: mysql_connect noob question
On Sun, Apr 21, 2013 at 5:20 AM, Glob Design Info i...@globdesign.com wrote: I am aware of the security implications. I will deal with that later. Right now I am just trying to get the WS architecture working. I'm wondering, if you can get it to work with the creds in the script, why do you have to have them come from a web form at all? What value is that providing at all? While it is certainly an interesting question as to why it doesn't work, if you have other things in your app to work on, just leave it and come back to it when you've time, if it's still that interesting. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql_connect noob question
On Apr 21, 2013, at 9:32 AM, Stuart Dallas stu...@3ft9.com wrote: However, a more important question for me is why you are doing this. You say you are aware of the security implications, and that you'll deal with that later, but I question how you're going to deal with it. What exactly are you developing that requires DB credentials to come from a form on a web page? -Stuart You and I are asking the same question, but I am afraid the poster is not listening. Instead, he is pursuing a course of action that simply repeats his problem. His focus is on a specific tree instead of the forest. He doesn't want to widen his view. Until the poster answers our question, I'm afraid our recommendations will fall on deaf ears. Some days you can help and some days you can't. Cheers, tedd _ tedd.sperl...@gmail.com http://sperling.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql_connect noob question
On Sun, Apr 21, 2013 at 9:12 AM, Tedd Sperling tedd.sperl...@gmail.com wrote: On Apr 21, 2013, at 9:32 AM, Stuart Dallas stu...@3ft9.com wrote: However, a more important question for me is why you are doing this. You say you are aware of the security implications, and that you'll deal with that later, but I question how you're going to deal with it. What exactly are you developing that requires DB credentials to come from a form on a web page? -Stuart You and I are asking the same question, but I am afraid the poster is not listening. Instead, he is pursuing a course of action that simply repeats his problem. His focus is on a specific tree instead of the forest. He doesn't want to widen his view. Until the poster answers our question, I'm afraid our recommendations will fall on deaf ears. Some days you can help and some days you can't. Cheers, tedd There's the Zen saying When the student is ready, the teacher appears. -- which to me says more about those attempting to teach than those attempting to learn. :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql_connect noob question
On 21 Apr 2013, at 15:46, tamouse mailing lists tamouse.li...@gmail.com wrote: On Sun, Apr 21, 2013 at 9:12 AM, Tedd Sperling tedd.sperl...@gmail.com wrote: On Apr 21, 2013, at 9:32 AM, Stuart Dallas stu...@3ft9.com wrote: However, a more important question for me is why you are doing this. You say you are aware of the security implications, and that you'll deal with that later, but I question how you're going to deal with it. What exactly are you developing that requires DB credentials to come from a form on a web page? -Stuart You and I are asking the same question, but I am afraid the poster is not listening. Instead, he is pursuing a course of action that simply repeats his problem. His focus is on a specific tree instead of the forest. He doesn't want to widen his view. Until the poster answers our question, I'm afraid our recommendations will fall on deaf ears. Some days you can help and some days you can't. Cheers, tedd There's the Zen saying When the student is ready, the teacher appears. -- which to me says more about those attempting to teach than those attempting to learn. :) To me that means that you won't recognise the teacher until you're ready to learn. Teachers are always all around all of us, we just need to be willing to learn. -Stuart -- Stuart Dallas 3ft9 Ltd http://3ft9.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql_connect noob question
On Sun, Apr 21, 2013 at 9:49 AM, Stuart Dallas stu...@3ft9.com wrote: On 21 Apr 2013, at 15:46, tamouse mailing lists tamouse.li...@gmail.com wrote: On Sun, Apr 21, 2013 at 9:12 AM, Tedd Sperling tedd.sperl...@gmail.com wrote: On Apr 21, 2013, at 9:32 AM, Stuart Dallas stu...@3ft9.com wrote: However, a more important question for me is why you are doing this. You say you are aware of the security implications, and that you'll deal with that later, but I question how you're going to deal with it. What exactly are you developing that requires DB credentials to come from a form on a web page? -Stuart You and I are asking the same question, but I am afraid the poster is not listening. Instead, he is pursuing a course of action that simply repeats his problem. His focus is on a specific tree instead of the forest. He doesn't want to widen his view. Until the poster answers our question, I'm afraid our recommendations will fall on deaf ears. Some days you can help and some days you can't. Cheers, tedd There's the Zen saying When the student is ready, the teacher appears. -- which to me says more about those attempting to teach than those attempting to learn. :) To me that means that you won't recognise the teacher until you're ready to learn. Teachers are always all around all of us, we just need to be willing to learn. Yes, that is the intended meaning. My alternate means that teachers should not try to teach students who aren't ready. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql_connect noob question
On Fri, Apr 19, 2013 at 3:43 PM, Glob Design Info i...@globdesign.com wrote: I know this has probably been answered already. When I pass a user name and password from a form to my PHP script and then pass those to mysql_connect it doesn't connect. When I paste those exact same values into mysql_connect as string literals it works. Can anyone tell me why this happens? I know the strings are identical to the literals I try in a test but they don't work when submitted via form. $form_user = $_POST[ 'user' ]; $form_pass = $_POST[ 'password' ]; # Connect to remote DB $LINK = mysql_connect( $host, $form_user, $form_pass ); And yes, my $host param is correct. Thanks, So, um, look at this gist: https://gist.github.com/tamouse/5430012 I know this never helps, but 'Works for me!' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: mysql_connect noob question
If that is the case then why does logging in with exactly the same params from
a UNIX shell work fine? Command line login supposedly would be adding the
@localhost or @IP_address as well but isn't. Only when I pass the variables to
the script is that happening.
I am doing exactly as you stated:
mysql_connect('localhost', $_POST['username'], $_POST['password']);
Except that I am first storing $_POST['username'] in local $user and
$_POST['password'] in local $pass first and then passing those to
mysql_connect. And I am connecting to a remote server, not localhost.
I have already documented both the exact HTML and PHP code in this thread and
so see no need to post it elsewhere.
On Apr 21, 2013, at 6:32 AM, Stuart Dallas stu...@3ft9.com wrote:
On 21 Apr 2013, at 11:20, Glob Design Info i...@globdesign.com wrote:
I don't understand why mysql_connect should append something in the case of
a passed variable but not in the case of a local variable. Unless there is
something in the form parsing machinery I am unaware of.
Nothing is being added by anything. When you log in to MySQL it takes both
the username and the IP address/hostname of the machine you're logging in
from and looks those up in the users table. This means that user abc logging
in on localhost becomes abc@localhost. User abc logging in from 192.168.0.187
becomes abc@192.168.0.187, and is treated as a completely separate user from
abc@localhost.
The host comes from your end of the connection. So if you connect on
localhost, your end is also localhost. If you connect on the IP address or
hostname, your end is the rDNS lookup of your IP address - note that this may
be the same address as the one to which you are connecting, but will
represent a different user to @localhost as far as MySQL is concerned.
The only thing that may be being added to the variable when the form data is
parsed is slashes, and then only if you have magic_quotes_gpc switched on in
php.ini. I believe this has already been eliminated as the cause earlier in
this thread.
The problem you describe is not possible, so I'm betting your description is
missing something. Given a request with POST parameters of username=abc and
password=def, the following two lines are equivalent:
mysql_connect('localhost', 'abc', 'def');
mysql_connect('localhost', $_POST['username'], $_POST['password']);
If this is exactly what you're doing then something very strange is going on.
If this is not exactly what you're doing, please narrow your code down to the
minimum required to demonstrate the problem and post it somewhere like
gist.com then send us the link.
However, a more important question for me is why you are doing this. You say
you are aware of the security implications, and that you'll deal with that
later, but I question how you're going to deal with it. What exactly are you
developing that requires DB credentials to come from a form on a web page?
-Stuart
--
Stuart Dallas
3ft9 Ltd
http://3ft9.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: mysql_connect noob question
This for a commercial app - the client wants both an API connect via PHP and a web portal in which they can login from a web page and view the tables in the DB. Right now I am just trying to get the form/PHP interaction to work. On Apr 21, 2013, at 6:42 AM, tamouse mailing lists tamouse.li...@gmail.com wrote: On Sun, Apr 21, 2013 at 5:20 AM, Glob Design Info i...@globdesign.com wrote: I am aware of the security implications. I will deal with that later. Right now I am just trying to get the WS architecture working. I'm wondering, if you can get it to work with the creds in the script, why do you have to have them come from a web form at all? What value is that providing at all? While it is certainly an interesting question as to why it doesn't work, if you have other things in your app to work on, just leave it and come back to it when you've time, if it's still that interesting. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql_connect noob question
What question did I not answer? I am developing a web portal that has to display the tables in the DB via a form/script. The web page has a login with user and password. Right now I am just trying to connect. On Apr 21, 2013, at 7:12 AM, Tedd Sperling tedd.sperl...@gmail.com wrote: On Apr 21, 2013, at 9:32 AM, Stuart Dallas stu...@3ft9.com wrote: However, a more important question for me is why you are doing this. You say you are aware of the security implications, and that you'll deal with that later, but I question how you're going to deal with it. What exactly are you developing that requires DB credentials to come from a form on a web page? -Stuart You and I are asking the same question, but I am afraid the poster is not listening. Instead, he is pursuing a course of action that simply repeats his problem. His focus is on a specific tree instead of the forest. He doesn't want to widen his view. Until the poster answers our question, I'm afraid our recommendations will fall on deaf ears. Some days you can help and some days you can't. Cheers, tedd _ tedd.sperl...@gmail.com http://sperling.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql_connect noob question
Not meaning to beat the proverbial dead horse I am developing a web portal that has to display the tables in the DB via a form/script. The web page has a login with user and password. Right now I am just trying to connect. This for a commercial app - the client wants both an API connect via PHP and a web portal in which they can login from a web page and view the tables in the DB. Right now I am just trying to get the form/PHP interaction to work. This sounds like a very good use statement for http://www.phpmyadmin.net/http://www.phpmyadmin.net/home_page/ You can set it for http auth in the config ... they enter a mysql username and password and they only see the databases and tables you want them to see Might be easier than reinventing the wheel and stressing all of us :)
Re: [PHP] mysql_connect noob question
Except that a) I already have my form and script done, b) don't have time to learn phpMyAdmin, c) want to know why the script doesn't work as-is. On Apr 21, 2013, at 12:46 PM, David OBrien dgobr...@gmail.com wrote: Not meaning to beat the proverbial dead horse I am developing a web portal that has to display the tables in the DB via a form/script. The web page has a login with user and password. Right now I am just trying to connect. This for a commercial app - the client wants both an API connect via PHP and a web portal in which they can login from a web page and view the tables in the DB. Right now I am just trying to get the form/PHP interaction to work. This sounds like a very good use statement for http://www.phpmyadmin.net/ You can set it for http auth in the config ... they enter a mysql username and password and they only see the databases and tables you want them to see Might be easier than reinventing the wheel and stressing all of us :)
Re: [PHP] mysql_connect noob question
One other thing I noted in the FAQ was this: Dots in incoming variable names Typically, PHP does not alter the names of variables when they are passed into a script. However, it should be noted that the dot (period, full stop) is not a valid character in a PHP variable name. For the reason, look at it: ?php$varname.ext; /* invalid variable name */ ? Now, what the parser sees is a variable named $varname, followed by the string concatenation operator, followed by the barestring (i.e. unquoted string which doesn't match any known key or reserved words) 'ext'. Obviously, this doesn't have the intended result. For this reason, it is important to note that PHP will automatically replace any dots in incoming variable names with underscores. I should note my user name in this case *is* an email address, however the dots in that address are *not* being converted to underscores as mentioned (at least not visibly). On Apr 21, 2013, at 8:39 AM, tamouse mailing lists tamouse.li...@gmail.com wrote: On Fri, Apr 19, 2013 at 3:43 PM, Glob Design Info i...@globdesign.com wrote: I know this has probably been answered already. When I pass a user name and password from a form to my PHP script and then pass those to mysql_connect it doesn't connect. When I paste those exact same values into mysql_connect as string literals it works. Can anyone tell me why this happens? I know the strings are identical to the literals I try in a test but they don't work when submitted via form. $form_user = $_POST[ 'user' ]; $form_pass = $_POST[ 'password' ]; # Connect to remote DB $LINK = mysql_connect( $host, $form_user, $form_pass ); And yes, my $host param is correct. Thanks, So, um, look at this gist: https://gist.github.com/tamouse/5430012 I know this never helps, but 'Works for me!'
Re: [PHP] mysql_connect noob question
On Sun, Apr 21, 2013 at 6:01 PM, Glob Design Info i...@globdesign.comwrote: One other thing I noted in the FAQ was this: Dots in incoming variable names Typically, PHP does not alter the names of variables when they are passed into a script. However, it should be noted that the dot (period, full stop) is not a valid character in a PHP variable name. For the reason, look at it: ?php $varname.ext; /* invalid variable name */ ? Now, what the parser sees is a variable named $varname, followed by the string concatenation operator, followed by the barestring (i.e. unquoted string which doesn't match any known key or reserved words) 'ext'. Obviously, this doesn't have the intended result. For this reason, it is important to note that PHP will automatically replace any dots in incoming variable names with underscores. I should note my user name in this case *is* an email address, however the dots in that address are *not* being converted to underscores as mentioned (at least not visibly). it's says variable NAMES not variable contents
Re: [PHP] Re: mysql_connect noob question
On 21 Apr 2013, at 20:29, Glob Design Info i...@globdesign.com wrote:
If that is the case then why does logging in with exactly the same params
from a UNIX shell work fine? Command line login supposedly would be adding
the @localhost or @IP_address as well but isn't. Only when I pass the
variables to the script is that happening.
What makes you so sure it's not?
It is. I promise you it is. You're not seeing it because you're not getting an
error logging in. Do it on the command line again, but use a username that
doesn't exist and you will see the host it's adding in the error message.
I am doing exactly as you stated:
mysql_connect('localhost', $_POST['username'], $_POST['password']);
Except that I am first storing $_POST['username'] in local $user and
$_POST['password'] in local $pass first and then passing those to
mysql_connect. And I am connecting to a remote server, not localhost.
Side note: why are you putting them in other variables first when you're only
going to use them in that one place? It's a waste of memory. It's a minor
niggle but it's a pet hate of mine.
I have already documented both the exact HTML and PHP code in this thread and
so see no need to post it elsewhere.
And you're saying that when, instead of using $_POST variables you hard-code
the username and password in the script it work? I doubt it.
On the command line are you simply doing mysql -u username -p and then
entering the password? In that case it's using localhost. Is MySQL running on
the same server as PHP? If so, try changing the remove server name to
localhost in your script. I'm better a magnum of decent champagne that it
works.
It's very rare (and pretty stupid) for a web host to allow remote servers to
connect to their MySQL instances, unless they have a shared MySQL instance for
all of their customers. Given that you have command line access to the MySQL
server, and can log in without specifying the host, I'm thinking you're trying
to use it in a way they don't allow.
-Stuart
--
Stuart Dallas
3ft9 Ltd
http://3ft9.com/
On Apr 21, 2013, at 6:32 AM, Stuart Dallas stu...@3ft9.com wrote:
On 21 Apr 2013, at 11:20, Glob Design Info i...@globdesign.com wrote:
I don't understand why mysql_connect should append something in the case of
a passed variable but not in the case of a local variable. Unless there is
something in the form parsing machinery I am unaware of.
Nothing is being added by anything. When you log in to MySQL it takes both
the username and the IP address/hostname of the machine you're logging in
from and looks those up in the users table. This means that user abc logging
in on localhost becomes abc@localhost. User abc logging in from
192.168.0.187 becomes abc@192.168.0.187, and is treated as a completely
separate user from abc@localhost.
The host comes from your end of the connection. So if you connect on
localhost, your end is also localhost. If you connect on the IP address or
hostname, your end is the rDNS lookup of your IP address - note that this
may be the same address as the one to which you are connecting, but will
represent a different user to @localhost as far as MySQL is concerned.
The only thing that may be being added to the variable when the form data is
parsed is slashes, and then only if you have magic_quotes_gpc switched on in
php.ini. I believe this has already been eliminated as the cause earlier in
this thread.
The problem you describe is not possible, so I'm betting your description is
missing something. Given a request with POST parameters of username=abc and
password=def, the following two lines are equivalent:
mysql_connect('localhost', 'abc', 'def');
mysql_connect('localhost', $_POST['username'], $_POST['password']);
If this is exactly what you're doing then something very strange is going
on. If this is not exactly what you're doing, please narrow your code down
to the minimum required to demonstrate the problem and post it somewhere
like gist.com then send us the link.
However, a more important question for me is why you are doing this. You say
you are aware of the security implications, and that you'll deal with that
later, but I question how you're going to deal with it. What exactly are
you developing that requires DB credentials to come from a form on a web
page?
-Stuart
--
Stuart Dallas
3ft9 Ltd
http://3ft9.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql_connect noob question
On 21 Apr 2013, at 22:43, Glob Design Info i...@globdesign.com wrote: Except that a) I already have my form and script done, b) don't have time to learn phpMyAdmin, c) want to know why the script doesn't work as-is. You have multiple database users who will need to do this, or just one database user? If just one then it makes more sense to hard-code the username and password in the script and use something else like HTTP authentication to protect the script from unauthorised users. Giving internal database credentials to external users is generally a really really bad idea. Also, consider the time it will take to learn phpMyAdmin (it's simple - install, use) against the time it's taking to get your script working. The time you've spent developing the script is already sunk so there's no point sinking more in an effort to make that already-sunk time worthwhile. Also, how well tested is your script? I don't know but I can say with absolute confidence that phpMyAdmin has been tested far more. -Stuart -- Stuart Dallas 3ft9 Ltd http://3ft9.com/ On Apr 21, 2013, at 12:46 PM, David OBrien dgobr...@gmail.com wrote: Not meaning to beat the proverbial dead horse I am developing a web portal that has to display the tables in the DB via a form/script. The web page has a login with user and password. Right now I am just trying to connect. This for a commercial app - the client wants both an API connect via PHP and a web portal in which they can login from a web page and view the tables in the DB. Right now I am just trying to get the form/PHP interaction to work. This sounds like a very good use statement for http://www.phpmyadmin.net/ You can set it for http auth in the config ... they enter a mysql username and password and they only see the databases and tables you want them to see Might be easier than reinventing the wheel and stressing all of us :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql_connect noob question
On 21 Apr 2013, at 23:01, Glob Design Info i...@globdesign.com wrote: I should note my user name in this case *is* an email address, however the dots in that address are *not* being converted to underscores as mentioned (at least not visibly). This could be the culprit. Try using a username without an @ in it. -Stuart -- Stuart Dallas 3ft9 Ltd http://3ft9.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql_connect noob question
I should note my user name in this case *is* an email address, however
the dots in that address are *not* being converted to underscores as
mentioned (at least not visibly).
I just created a free account there and the email says my username is
dgobr...@gmail.com
but I connected to it from sqlyog and a php page by using JUST dgobrien
?php
$host = instance44364.db.xeround.com:3924;
if ( $_REQUEST['Submit'] ) {
$conn = mysql_connect( $host, $_REQUEST['username'], $_REQUEST['password']
) or die( mysql_error() );
if ($conn) {
mysql_select_db(uwharrie) or die( mysql_error() );
echo Connectedbr;
}
}
?form id='login' action='index.php' method='post' accept-charset='UTF-8'
legendLogin/legend
input type='hidden' name='submitted' id='submitted' value='1'/
label for='username' UserName*:/label
input type='text' name='username' id='username' value='dgobrien'
maxlength=50 /
label for='password' Password*:/label
input type='password' name='password' id='password' maxlength=50
value='mm' /
input type='submit' name='Submit' value='Submit' /
/form
Re: [PHP] mysql_connect noob question
In fact using the @gmail.com part added on gives me the same error as the OP
I think their welcome email needs tweaking.. try it without the domain
added on
On Sun, Apr 21, 2013 at 6:56 PM, David OBrien dgobr...@gmail.com wrote:
I should note my user name in this case *is* an email address, however
the dots in that address are *not* being converted to underscores as
mentioned (at least not visibly).
I just created a free account there and the email says my username is
dgobr...@gmail.com
but I connected to it from sqlyog and a php page by using JUST dgobrien
?php
$host = instance44364.db.xeround.com:3924;
if ( $_REQUEST['Submit'] ) {
$conn = mysql_connect( $host, $_REQUEST['username'], $_REQUEST['password']
) or die( mysql_error() );
if ($conn) {
mysql_select_db(uwharrie) or die( mysql_error() );
echo Connectedbr;
}
}
?form id='login' action='index.php' method='post' accept-charset='UTF-8'
legendLogin/legend
input type='hidden' name='submitted' id='submitted' value='1'/
label for='username' UserName*:/label
input type='text' name='username' id='username' value='dgobrien'
maxlength=50 /
label for='password' Password*:/label
input type='password' name='password' id='password' maxlength=50
value='mm' /
input type='submit' name='Submit' value='Submit' /
/form
Re: [PHP] Re: mysql_connect noob question
On 4/21/13 3:27 PM, Stuart Dallas wrote:
On 21 Apr 2013, at 20:29, Glob Design Info i...@globdesign.com wrote:
If that is the case then why does logging in with exactly the same params from
a UNIX shell work fine? Command line login supposedly would be adding the
@localhost or @IP_address as well but isn't. Only when I pass the variables to
the script is that happening.
What makes you so sure it's not?
It is. I promise you it is. You're not seeing it because you're not getting an
error logging in. Do it on the command line again, but use a username that
doesn't exist and you will see the host it's adding in the error message.
Indeed you are correct:
Last login: Sun Apr 21 15:41:10 on ttys000
iMac-333:~ glob$ sudo mysql --host=instance43490.db.xeround.com
--port=8904 --user=fakeuser --password=somepassword
Password:
Warning: Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user
'fakeuser'@'ip70-162-142-180.ph.ph.cox.net' (using password: YES)
iMac-333:~ glob$
I am doing exactly as you stated:
mysql_connect('localhost', $_POST['username'], $_POST['password']);
Except that I am first storing $_POST['username'] in local $user and
$_POST['password'] in local $pass first and then passing those to
mysql_connect. And I am connecting to a remote server, not localhost.
Side note: why are you putting them in other variables first when you're only
going to use them in that one place? It's a waste of memory. It's a minor
niggle but it's a pet hate of mine.
I am using them in other places - printing them on the response page to
see their values/show the user who logged in, etc.
I have already documented both the exact HTML and PHP code in this thread and
so see no need to post it elsewhere.
And you're saying that when, instead of using $_POST variables you hard-code
the username and password in the script it work? I doubt it.
I can assure you it does. However, I may have found the problem: the
port. As a security measure the BaaS provider appears to have changed
MySQL to a non-standard port. So
On the command line:
sudo mysql --host=instance43490.db.xeround.com --port=8904
--user=realuser --password=realpass
WORKS perfectly - entering the MySQL Monitor.
However, on the same host, same command line:
sudo mysql --host=instance43490.db.xeround.com:8904 --user=realuser
--password=realpass
Does NOT work - returning an error that the host is not found.
So it appears to be the port, which begs the obvious question: is there
a way to tell mysql_connect() to use a different port?
On the command line are you simply doing mysql -u username -p and then entering the
password? In that case it's using localhost. Is MySQL running on the same server as PHP? If so, try
changing the remove server name to localhost in your script. I'm better a magnum of decent
champagne that it works.
See above - I am specifying the host explicitly - as stated in a
previous email the MySQL DB is running on BaaS provider xeround, but the
PHP and forms are running on localhost.
It's very rare (and pretty stupid) for a web host to allow remote servers to
connect to their MySQL instances, unless they have a shared MySQL instance for
all of their customers. Given that you have command line access to the MySQL
server, and can log in without specifying the host, I'm thinking you're trying
to use it in a way they don't allow.
Again this is a test server, the deployment configuration will be different.
-Stuart
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql_connect noob question
Except that I want to use my script and form - precisely because I have already sunk time into it. I'm not going to sink *more* time into something that could potentially create *another* problem. I want the script to work - as it should if PHP is 1/2 what it's cracked up to be. If not, I'll have to look for another solution (like C which I have been using for 20 years). On 4/21/13 3:37 PM, Stuart Dallas wrote: On 21 Apr 2013, at 22:43, Glob Design Info i...@globdesign.com wrote: Except that a) I already have my form and script done, b) don't have time to learn phpMyAdmin, c) want to know why the script doesn't work as-is. You have multiple database users who will need to do this, or just one database user? If just one then it makes more sense to hard-code the username and password in the script and use something else like HTTP authentication to protect the script from unauthorised users. Giving internal database credentials to external users is generally a really really bad idea. Also, consider the time it will take to learn phpMyAdmin (it's simple - install, use) against the time it's taking to get your script working. The time you've spent developing the script is already sunk so there's no point sinking more in an effort to make that already-sunk time worthwhile. Also, how well tested is your script? I don't know but I can say with absolute confidence that phpMyAdmin has been tested far more. -Stuart -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql_connect noob question
Tried that. Still didn't work. I appears to be the port. On 4/21/13 3:40 PM, Stuart Dallas wrote: On 21 Apr 2013, at 23:01, Glob Design Info i...@globdesign.com wrote: I should note my user name in this case *is* an email address, however the dots in that address are *not* being converted to underscores as mentioned (at least not visibly). This could be the culprit. Try using a username without an @ in it. -Stuart -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: mysql_connect noob question
Glob Design Info wrote:
On 4/21/13 3:27 PM, Stuart Dallas wrote:
On 21 Apr 2013, at 20:29, Glob Design Info i...@globdesign.com wrote:
If that is the case then why does logging in with exactly the same
params from a UNIX shell work fine? Command line login supposedly would
be adding the @localhost or @IP_address as well but isn't. Only when I
pass the variables to the script is that happening.
What makes you so sure it's not?
It is. I promise you it is. You're not seeing it because you're not
getting an error logging in. Do it on the command line again, but use a
username that doesn't exist and you will see the host it's adding in the
error message.
Indeed you are correct:
Last login: Sun Apr 21 15:41:10 on ttys000
iMac-333:~ glob$ sudo mysql --host=instance43490.db.xeround.com
--port=8904 --user=fakeuser --password=somepassword
Password:
Warning: Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user
'fakeuser'@'ip70-162-142-180.ph.ph.cox.net' (using password: YES)
iMac-333:~ glob$
I am doing exactly as you stated:
mysql_connect('localhost', $_POST['username'], $_POST['password']);
Except that I am first storing $_POST['username'] in local $user and
$_POST['password'] in local $pass first and then passing those to
mysql_connect. And I am connecting to a remote server, not localhost.
Side note: why are you putting them in other variables first when you're
only going to use them in that one place? It's a waste of memory. It's a
minor niggle but it's a pet hate of mine.
I am using them in other places - printing them on the response page to
see their values/show the user who logged in, etc.
I have already documented both the exact HTML and PHP code in this
thread and so see no need to post it elsewhere.
And you're saying that when, instead of using $_POST variables you
hard-code the username and password in the script it work? I doubt it.
I can assure you it does. However, I may have found the problem: the
port. As a security measure the BaaS provider appears to have changed
MySQL to a non-standard port. So
On the command line:
sudo mysql --host=instance43490.db.xeround.com --port=8904
--user=realuser --password=realpass
WORKS perfectly - entering the MySQL Monitor.
However, on the same host, same command line:
sudo mysql --host=instance43490.db.xeround.com:8904 --user=realuser
--password=realpass
Does NOT work - returning an error that the host is not found.
So it appears to be the port, which begs the obvious question: is there
a way to tell mysql_connect() to use a different port?
Yes - please see the documentation page for mysql_connect, in particular the
Server parameters part.
SNIP
I assume you have taken notice of the warnings in the documentation about
deprecation of the mysql_ functions in favour of mysqli_ or PDO.
--
Cheers
David Robley
Multitasking: Reading in the bathroom
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: mysql_connect noob question
On 22 Apr 2013, at 00:14, Glob Design Info i...@globdesign.com wrote: However, I may have found the problem: the port. As a security measure the BaaS provider appears to have changed MySQL to a non-standard port. So On the command line: sudo mysql --host=instance43490.db.xeround.com --port=8904 --user=realuser --password=realpass WORKS perfectly - entering the MySQL Monitor. However, on the same host, same command line: sudo mysql --host=instance43490.db.xeround.com:8904 --user=realuser --password=realpass The MySQL command line doesn't support putting the port number there, but the first parameter of mysql_connect does. If this is the problem then it cannot be true that replacing the variables you were taking from $_POST with literal strings for the username and password worked, as I asked earlier to which you said it does. Replace the first parameter to your mysql_connect call with 'instance43490.db.xeround.com:8904' and it will probably work. -Stuart -- Stuart Dallas 3ft9 Ltd http://3ft9.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql_connect noob question
SUCCESS!
However.
if ( $_REQUEST['Submit'] ) {
makes it work (using my own form button ID).
Why it doesn't work without this on my machine is beyond me. But it doesn't.
Could it be somehow there is something about accessing the $_REQUEST that
changes something?
I am baffled as to the cause, but anyway it does work now.
Thanks for your help.
On 4/21/13 3:56 PM, David OBrien wrote:
I should note my user name in this case *is* an email address, however
the dots in that address are *not* being converted to underscores as
mentioned (at least not visibly).
I just created a free account there and the email says my username is
dgobr...@gmail.com
but I connected to it from sqlyog and a php page by using JUST dgobrien
?php
$host = instance44364.db.xeround.com:3924;
if ( $_REQUEST['Submit'] ) {
$conn = mysql_connect( $host, $_REQUEST['username'], $_REQUEST['password']
) or die( mysql_error() );
if ($conn) {
mysql_select_db(uwharrie) or die( mysql_error() );
echo Connectedbr;
}
}
?form id='login' action='index.php' method='post' accept-charset='UTF-8'
legendLogin/legend
input type='hidden' name='submitted' id='submitted' value='1'/
label for='username' UserName*:/label
input type='text' name='username' id='username' value='dgobrien'
maxlength=50 /
label for='password' Password*:/label
input type='password' name='password' id='password' maxlength=50
value='mm' /
input type='submit' name='Submit' value='Submit' /
/form
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql_connect noob question
Even more strange:
It doesn't work from the form with or without the domain (but on the
command line it does), but..
IF I add the $_REQUEST access *and* use the user that the *MySQL*
install has, and *not* the xeround user name (my email), then it *does*
work!
WEIRD.
On 4/21/13 3:59 PM, David OBrien wrote:
In fact using the @gmail.com part added on gives me the same error as the OP
I think their welcome email needs tweaking.. try it without the domain
added on
On Sun, Apr 21, 2013 at 6:56 PM, David OBrien dgobr...@gmail.com wrote:
I should note my user name in this case *is* an email address, however
the dots in that address are *not* being converted to underscores as
mentioned (at least not visibly).
I just created a free account there and the email says my username is
dgobr...@gmail.com
but I connected to it from sqlyog and a php page by using JUST dgobrien
?php
$host = instance44364.db.xeround.com:3924;
if ( $_REQUEST['Submit'] ) {
$conn = mysql_connect( $host, $_REQUEST['username'], $_REQUEST['password']
) or die( mysql_error() );
if ($conn) {
mysql_select_db(uwharrie) or die( mysql_error() );
echo Connectedbr;
}
}
?form id='login' action='index.php' method='post' accept-charset='UTF-8'
legendLogin/legend
input type='hidden' name='submitted' id='submitted' value='1'/
label for='username' UserName*:/label
input type='text' name='username' id='username' value='dgobrien'
maxlength=50 /
label for='password' Password*:/label
input type='password' name='password' id='password' maxlength=50
value='mm' /
input type='submit' name='Submit' value='Submit' /
/form
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql_connect noob question
On 22 Apr 2013, at 00:16, Glob Design Info i...@globdesign.com wrote: Except that I want to use my script and form - precisely because I have already sunk time into it. I'm not going to sink *more* time into something that could potentially create *another* problem. The idea of sunk time is that it's already been spent, so spending more in an attempt to justify the fact you spent it (i.e. to make it work because it's already cost you time/money) is daft when you discover a pre-built solution. To refuse to investigate it due to a refusal to throw the result of that time away is pure stubbornness, a normally expensive path to walk. I want the script to work - as it should if PHP is 1/2 what it's cracked up to be. If not, I'll have to look for another solution (like C which I have been using for 20 years). Am I supposed to care whether you use PHP or not? But sure, let me know how much time it takes you to write a web-based MySQL management tool in C. In the meantime I'll install phpMyAdmin in five minutes, show it to your client, and probably not even charge them for it. C? Really? Why not assembly language, since the relationship between PHP and C is the same as that between assembly and C? Hell, take it all the way to punch cards if you want -Stuart -- Stuart Dallas 3ft9 Ltd http://3ft9.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: mysql_connect noob question
As shown in the OP I am already doing that in the PHP scipt: $host = instance43490.db.xeround.com:8904; And then passing that as the 1st param to mysql_connect On 4/21/13 4:23 PM, Stuart Dallas wrote: On 22 Apr 2013, at 00:14, Glob Design Info i...@globdesign.com wrote: However, I may have found the problem: the port. As a security measure the BaaS provider appears to have changed MySQL to a non-standard port. So On the command line: sudo mysql --host=instance43490.db.xeround.com --port=8904 --user=realuser --password=realpass WORKS perfectly - entering the MySQL Monitor. However, on the same host, same command line: sudo mysql --host=instance43490.db.xeround.com:8904 --user=realuser --password=realpass The MySQL command line doesn't support putting the port number there, but the first parameter of mysql_connect does. If this is the problem then it cannot be true that replacing the variables you were taking from $_POST with literal strings for the username and password worked, as I asked earlier to which you said it does. Replace the first parameter to your mysql_connect call with 'instance43490.db.xeround.com:8904' and it will probably work. -Stuart -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql_connect noob question
A very complex solution that takes time to learn, configure, and install, vs. a single file I can toss on the server. Over-engineering is what is daft. On 4/21/13 4:33 PM, Stuart Dallas wrote: On 22 Apr 2013, at 00:16, Glob Design Info i...@globdesign.com wrote: Except that I want to use my script and form - precisely because I have already sunk time into it. I'm not going to sink *more* time into something that could potentially create *another* problem. The idea of sunk time is that it's already been spent, so spending more in an attempt to justify the fact you spent it (i.e. to make it work because it's already cost you time/money) is daft when you discover a pre-built solution. To refuse to investigate it due to a refusal to throw the result of that time away is pure stubbornness, a normally expensive path to walk. I want the script to work - as it should if PHP is 1/2 what it's cracked up to be. If not, I'll have to look for another solution (like C which I have been using for 20 years). Am I supposed to care whether you use PHP or not? But sure, let me know how much time it takes you to write a web-based MySQL management tool in C. In the meantime I'll install phpMyAdmin in five minutes, show it to your client, and probably not even charge them for it. C? Really? Why not assembly language, since the relationship between PHP and C is the same as that between assembly and C? Hell, take it all the way to punch cards if you want -Stuart -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql_connect noob question
Ever heard of the MySQL C Connector? http://www.karlkraft.com/index.php/2010/06/02/mysql-and-objective-c/ :-) On 4/21/13 4:33 PM, Stuart Dallas wrote: On 22 Apr 2013, at 00:16, Glob Design Info i...@globdesign.com wrote: Except that I want to use my script and form - precisely because I have already sunk time into it. I'm not going to sink *more* time into something that could potentially create *another* problem. The idea of sunk time is that it's already been spent, so spending more in an attempt to justify the fact you spent it (i.e. to make it work because it's already cost you time/money) is daft when you discover a pre-built solution. To refuse to investigate it due to a refusal to throw the result of that time away is pure stubbornness, a normally expensive path to walk. I want the script to work - as it should if PHP is 1/2 what it's cracked up to be. If not, I'll have to look for another solution (like C which I have been using for 20 years). Am I supposed to care whether you use PHP or not? But sure, let me know how much time it takes you to write a web-based MySQL management tool in C. In the meantime I'll install phpMyAdmin in five minutes, show it to your client, and probably not even charge them for it. C? Really? Why not assembly language, since the relationship between PHP and C is the same as that between assembly and C? Hell, take it all the way to punch cards if you want -Stuart -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql_connect noob question
On 22 Apr 2013, at 00:35, Glob Design Info i...@globdesign.com wrote: A very complex solution that takes time to learn, configure, and install, vs. a single file I can toss on the server. Over-engineering is what is daft. Building your house by making your own bricks is daft. Using bricks somebody else has built is not. Or, if it makes more sense substitute a car and inventing wheels. -Stuart -- Stuart Dallas 3ft9 Ltd http://3ft9.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql_connect noob question
On 22 Apr 2013, at 00:36, Glob Design Info i...@globdesign.com wrote: Ever heard of the MySQL C Connector? http://www.karlkraft.com/index.php/2010/06/02/mysql-and-objective-c/ That would be Objective-C, not C. I have used libmysqlclient extensively, but there's a lot more to a MySQL management tool than connecting to a MySQL server and running queries. -Stuart -- Stuart Dallas 3ft9 Ltd http://3ft9.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Newbie Question - Parse XML with PHP...
I have an app that gets passed in xml and use this code to read that data in
// We use php://input to get the raw $_POST results.
$xml_post = file_get_contents('php://input');
Maybe it will help
Bastien
On Sat, Apr 20, 2013 at 7:48 AM, shiplu shiplu@gmail.com wrote:
Question: how do you use $mylist when the xml is not as a file but is
returned on a web page?
I assume It returns as a string from page. Then use
simplexml_load_string(). See
http://php.net/manual/en/function.simplexml-load-string.php
--
Shiplu.Mokadd.im
ImgSign.com | A dynamic signature machine
Innovation distinguishes between follower and leader
--
Bastien
Cat, the other other white meat
Re: [PHP] Newbie Question - Parse XML with PHP...
On Apr 22, 2013 7:00 AM, Bastien Koert phps...@gmail.com wrote:
I have an app that gets passed in xml and use this code to read that data
in
// We use php://input to get the raw $_POST results.
$xml_post = file_get_contents('php://input');
$xml_post is string. I think now you know what to do.
Re: [PHP] mysql_connect noob question
After all this, the OP remains unenlightened. This is just a waste of time. You are doing this wrong. There are existing tools that do what your client wants. A command line tool is not the same as the php library. are all met with I don't want to learn, just tell me what isn't working. Too bad.
