Re: [PHP] "include" working....but confusion

2004-01-20 Thread CPT John W. Holmes 
From: "Ryan A" <[EMAIL PROTECTED]>

> Thanks for the very informative reply but I did try itproblem is, it
> seems to work with and without...thats why the confusion.
>
> I have one program like the one i outlined and the second one, like this:
>
> some html code goes here
> some output stuff goes here
> something 
> something something
> etc
>
> Which was working fine...
> thats why i got confused.

Okay... I guess I could see that. The include is going to start in HTML
mode. That's why the above works because you're starting with HTML. If the
include file is all PHP code, then the file is still going to start in HTML
mode, though. So you have to open PHP mode with http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] "include" working....but confusion

2004-01-20 Thread CPT John W. Holmes 
From: "Ryan A" <[EMAIL PROTECTED]>

> Do I have to start and end the included files with?

Yes. One day you'll learn to spend the two seconds trying this instead of
asking the list. I'll be so proud of you then! ;)

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Flash .swf outside webroot: width and height problems

2004-01-20 Thread CPT John W. Holmes 
From: "Toby Irmer" <[EMAIL PROTECTED]>

> I am trying to display an .swf-file that is stored outside the webroot.
>
> Just sending the header and doing a readfile on the swf results in the swf
> being displayed with the maximum available width and height.
>
> Does anyone know a way of displaying Flash with its correct dimensions if
it
> is stored outside the webroot?

Do you just have a "flash.php" file that sends the flash headers and data?
If so, then there's probably not a way just using that method.

You can embed it within a HTML page, though, maybe inside a div to control
the size?





Obviously not the correct syntax b/c I don't know it, but you get the idea,
I hope... This is the same method you'd control the height and width of a
PHP generated image



---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: FW: [PHP] Re: Generating an Excel file?

2004-01-20 Thread CPT John W. Holmes 
From: "Ben Ramsey" <[EMAIL PROTECTED]>

> [EMAIL PROTECTED] wrote:
>  > or download the file without the php-script and analyse the
>  > http-headers with a network-sniffer
>
> There is no way to download the "file" without the PHP script.  It is
> being generated by the PHP script from data in a database.  The "file"
> does not actually exist.

He basically meant to download any .xls file and just watch the headers so
you can duplicate them. The content of the file can be ignored.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] preg_replce ' for use with mysql

2004-01-20 Thread CPT John W. Holmes 
From: "Nirnimesh" <[EMAIL PROTECTED]>

> How do I replace all ' with \' in php so that I'm able to use the mysql
> queries. Note that simply using: preg_replace("/'/", "\'", -1) is not what
> I'm looking for, for this does not help me. Let's say I take the address
> from a form and want to enter it into the database as it is. Now, if the
> user enters "'" the above preg_replace will work but if the user himself
> enters "\'" , during replacing, the '\' introduced is nulled by the effect
> of the preceeding back-slash, and the mysql query becomes somthing like:
> mysq_insert ("insert into students (id, address) values (3, '\\'')");
>
> How do I get around this problem? Is there any function which helps
> to insert everything into the mysql database as it is (does
auto-escaping).

Have you looked at the functions in the MySQL chapter?

http://us2.php.net/manual/en/function.mysql-real-escape-string.php

or just addslashes().

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php running as user apache

2004-01-20 Thread CPT John W. Holmes 
From: "Nirnimesh" <[EMAIL PROTECTED]>

> My question relates to using php for handling file uploads. Since php runs
> as user apache, using it to manage file uploads means that I need to give
> write permissions to the user apache, which is a near-to-nobody user, i.e.
> 0+w permissions. Now does that not mean that anyone who can run a php
> script on the server can write to my account?

Yep.

> Is there any configuration setting that I need to fix, for this seems to
> me to be too trivial to be a bug, but still I know it can be used with
> fatal effects.

Turn safe_mode on or put open_basedir (?) restrictions in effect. The manual
will have more info.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Cookie Guestion

2004-01-20 Thread CPT John W. Holmes 
From: "Stuart" <[EMAIL PROTECTED]>

> And don't forget the effect media hype had on their reputation. Cookies
> were portrayed as bad guys. As John says, they're not if they're used
> correctly, but it only takes one high-profile example of improper use to
> tarnish a reputation forever.

And as that reputation is reduced, more people may turn them off. Another
key point to realize is that the acceptance and transmittal of cookies is a
client decision. You shouldn't rely on them or at least be aware of the
possible problems if you do.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Cookie Guestion

2004-01-20 Thread CPT John W. Holmes 
From: "Chris W" <[EMAIL PROTECTED]>

> I am still new to web programing but I have a lot of experience in
> developing non web based applications.   So I think I am a reasonably
> clever programmer and I have now done enough web programming that I
> understand the cookie mechanism.  What I can't figure out is why so many
> people are paranoid about cookies.  I don't really see much of anything
> that can be done with cookies to invade someones privacy.  Am I missing
> something here?

Exactly. The problem isn't the mechanism, it's the implementation by the
programmer. If you save my favorite color in a cookie, no big deal. If you
save my username and password in a cookie, that is a big deal. Cookies are
sent back and forth between the web server and client in plain text, so it
can be captured.

The other thing to realize is that cookies can be changed; they come from
the client. So if you set my "id" to 555 in a cookie and that determines who
I am for you site, I can change the "id" to 333 and become another person.
Again, it's a problem with the implementation by the program, not cookies
themselves.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP Includes and Echoes in Head Sections and Search Engines

2004-01-15 Thread CPT John W. Holmes 
From: "Freedomware" <[EMAIL PROTECTED]>

> I discovered that includes will apparently work just about anywhere, but
> echo functions apparently don't work with the  tag and meta tags;
> at least, I can't see the word "Alaska" in those locations when I click
> View Source in my browser.

Look back over your code and you'll realize you set $statename _AFTER_ you
include your file. So when the include file is "run", $statename doesn't
have a value. :)

> Also, do you know if text derived from includes causes any problems with
> search engines? My guess is no, because I can see the included words
> just fine when I click View Source.

No, they won't. Search engines, just like browsers, only see the RESULT of
your PHP code. So as long as the result is properly formatted HTML and META
tags, you're fine.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] MySQL Question

2004-01-15 Thread CPT John W. Holmes 
From: "John Taylor-Johnston" <[EMAIL PROTECTED]>

> Sorry, don't want to be off-topic, but have found something curious about
MySQL 4.0.16-standard.
>
> It does not seem to prioritise properly. Searching for 'English Canada'
> (as opposed to +English +Canada)
> gives me all instances of both words but does not prioritize the display
order for
> 'English Canada' first and then 'English' then 'Canada'.

And how would you know that?

> SELECT * FROM ccl_main WHERE MATCH
> (YR,AU,ST,SD,SC,BT,BD,BC,AT,AD,AC,KW,AUS,GEO,AN,RB,CO) AGAINST ('English
> Canada' IN BOOLEAN MODE)
> ORDER BY id asc;
>
> versus
>
> SELECT * FROM ccl_main WHERE MATCH
> (YR,AU,ST,SD,SC,BT,BD,BC,AT,AD,AC,KW,AUS,GEO,AN,RB,CO) AGAINST ('English
> Canada' IN BOOLEAN MODE);
>
> gives the same order.

Given these queries, you're not ordering by the relevance MySQL determines,
so you really don't know. You need to also use your MATCH ... AGAINST
condition in the SELECT columns and then order by that.

SELECT *, MATCH
(YR,AU,ST,SD,SC,BT,BD,BC,AT,AD,AC,KW,AUS,GEO,AN,RB,CO) AGAINST ('English
Canada' IN BOOLEAN MODE) AS relevancy FROM ccl_main WHERE MATCH
(YR,AU,ST,SD,SC,BT,BD,BC,AT,AD,AC,KW,AUS,GEO,AN,RB,CO) AGAINST ('English
Canada' IN BOOLEAN MODE) ORDER BY relevancy DESC;

Now I can't honestly say that MySQL determines "English Canada" is more
relevant than the two words found by themselves, but this will show you
whether it does or not.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Re[4]: [PHP] Re: jpeg Uploader issue

2004-01-15 Thread CPT John W. Holmes 
From: "Toby Irmer" <[EMAIL PROTECTED]>

> that was explaining the prinicple.
>
> of course you wouldn't do it like this, but pass an id to identify. you
> could also send an encryption key...

Ok. I'm sure the original poster is grateful. Hopefully, if anyone actually
searches those things called the archives, they'll now realize the intent of
your code snippet, also. :)

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Re[4]: [PHP] Re: jpeg Uploader issue

2004-01-15 Thread CPT John W. Holmes 
From: "Toby Irmer" <[EMAIL PROTECTED]>

> file: show.php
>
>  header("Content-type: image/jpeg");
> readfile("/path/to/file/".$_GET["filename"]);
> ?>
>
>
> in your files:
>
> 
>
> or something like that ;)

Are you trying to get him to compromise his server? I'm sure that's just a
simple suggestion, but it's horrible. This will allow a user to request the
contents of any file PHP has access to read...

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] regexp with mysql

2004-01-15 Thread CPT John W. Holmes 
How about:

SELECT * FROM table WHERE FIND_IN_SET(2,column);

where "column" is  your table column containing the comma separated list. 

---John Holmes...

- Original Message - 
From: "Toby Irmer" <[EMAIL PROTECTED]>
To: "Lowell Allen" <[EMAIL PROTECTED]>; "PHP" <[EMAIL PROTECTED]>
Sent: Thursday, January 15, 2004 10:48 AM
Subject: Re: [PHP] regexp with mysql


> i guess
> 
> SELECT * FROM `table` WHERE ids REGEXP ',2,|^2,|,2$'
> 
> should do it...
> 
> hth
> 
> toby
> 
> 
> - Original Message - 
> From: "Lowell Allen" <[EMAIL PROTECTED]>
> To: "PHP" <[EMAIL PROTECTED]>
> Sent: Thursday, January 15, 2004 4:39 PM
> Subject: Re: [PHP] regexp with mysql
> 
> 
> > > i hope someone can help it should be easy but i still don't get it.
> > > 
> > > i have a field which has numbers seperated via a comma
> > > for example 1,2,3,12,14,23,51
> > > 
> > > now if i was to do a search for a the rows that has '2' in it i do
> > > SELECT * FROM table WHERE ids REGEXP "2"
> > > 
> > > will it show fields that has 12 22 23 etc...?? or just 2
> > 
> > Yes. I think you need something like:
> > 
> > $sql = "SELECT * FROM table WHERE ".
> >"ids REGEXP '2' AND ids NOT REGEXP '([1-9]2)|(2[0-9])'";
> > 
> > But I don't profess to much knowledge of regular expressions. Check the
> > MySQL documentation. I saw something about REGEXP there recently. Also,
> > there's a MySQL discussion list at .
> > 
> > HTH
> > 
> > --
> > Lowell Allen
> > 
> > -- 
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> > 
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Multiple Queries

2004-01-15 Thread CPT John W. Holmes 
From: "Arthur Pelkey" <[EMAIL PROTECTED]>

> I have a page that has multiple queries on it, I want to do doing the
> following:
>
> Query a mysql db multiple times in the same page, but i must be missing
> something, I keep getting these AFTER the first queryis successful:
>
> Warning: mysql_fetch_array(): supplied argument is not a valid MySQL
> result resource in /path/php_file.php on line line_number
>
> Can someone point in the right direction on how to do multiple queries,
> some are not querying the same db btw.

There's no real trick to it. You can have as many mysql_query() calls as you
want. You probably just need to check that you're assigning the result of it
to a unique variable each time and not overwriting results or rows from
previous queries.

Post your code if you want, but your error means your query is failing or
you're using the wrong variable in one of the mysql_fetch_*() functions.
Using mysql_error() will help here.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Junk Mail from this List?

2004-01-15 Thread CPT John W. Holmes 
From: "Ben Ramsey" <[EMAIL PROTECTED]>


> I'm using Mozilla Thunderbird 0.7 to view and post to this news group,
> so I don't know if that has anything to do with this, but, after just
> posting a few messages to the list, I've received a bunch of what I
> consider spam to my e-mail address.

Common problem. The mailing list basically sends the message on your behalf,
so it's still coming from you. So any error messages, undeliverables,
"confirm" messages, etc, come to your address. It's the same as if you just
pasted everyones address in the To: line and sent the message. That's just
the way this mailing list is set up.

Either way, start training your Junk Mail filter to catch them and soon you
won't even see them. Been there, done that. :)

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Printing on remote windows printers

2004-01-15 Thread CPT John W. Holmes 
From: <[EMAIL PROTECTED]>



> Can i print on remote windows systems using php printing functions?
> How can i do ?

No. Use a client side solution.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Re[2]: [PHP] nested tags

2004-01-14 Thread CPT John W. Holmes 
From: "Richard Davey" <[EMAIL PROTECTED]>
> GJ> HTML tags.
> GJ> I can have something like
> GJ> 
> GJ>   first
> GJ>   
> GJ> second table
> GJ>   
> GJ>   table
> GJ> 
>
> GJ> and i need to convert each  tags into something more
user
> GJ> friendly.
>
> Come again? Might be helpful to give an example of what you want to
> turn a nested table tag into. I mean, it's perfectly valid being
> nested the way it is.

Maybe

str_replace('','[Hi HTML, this is the user. Could you please start a
table for me? Thanks.]',$html);

and

str_replace('','[Hey HTML, me again. You know that table you
started? Can you end it, please? Thanks.]',$html);

Now tell me that isn't user friendly!

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] convert date from UK to US for strtotime

2004-01-14 Thread CPT John W. Holmes 
From: "Jon Bennett" <[EMAIL PROTECTED]>

> I'm trying to re-work this code from the php site
>  so that my users can input dates in UK
> format (dd-mm-) and still use strtotime.
>
> // from http://uk.php.net/strtotime
>
> $date=explode("/",trim($records[2]));
> $posted=strtotime ($date[1]."/".$date[0]."/".$date[2]);

If you're going to split the date apart into it's components, why not just
use mktime()? There's no reason that you _need_ to use strtotime(), is
there?

$posted = mktime(0,0,0,$date[1],$date[0],$date[2]);

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Multiple RDBMS in one request

2004-01-14 Thread CPT John W. Holmes 
From: "Geoff Caplan" <[EMAIL PROTECTED]>

> Is it possible to interact with multiple RDBMS during a single
> request? I seem to remember that with older versions at least, there
> was some problems with this, but can't find anything definitive in the
> archive or docs.

Yes, you can open up multiple connections to different database systems in a
single script. Each one is separate, though; you're not going to be doing
any "joins" between them or sharing data in any way unless you bring it into
PHP first, though.

But yes, you can open a connection to MySQL, do some SELECTs, open a
connection to MSSQL, do an INSERT, open Oracle, etc, etc...

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Defining own globals

2004-01-14 Thread CPT John W. Holmes 
From: "Ville Mattila" <[EMAIL PROTECTED]>

> Would it be possible to make all hard-coded variables beginning with $_
> automatically global? I've found useful to set some variables per page
> to $_PAGE variable (for example $_PAGE['title'] etc) that would be nice
> to get available to all functions without extra procedures (like global
> command). The best way could be that $_ variables can't be defined by
> any user-input (forms, cookies etc)...
>
> Well, that's a explanation. I hope that someone would give any hint
> concerning this subject. :)

You already have $GLOBALS as a global (scope wise) variable, just add to
that if you want.

$GLOBALS['page_title'] = 'etc';

Or you can add directly to $_GET, $_POST, etc, so long as it doesn't
interfere with your forms. Maybe you need to use $_SESSION. Bottom line, the
variables are already there, just use them.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Function Problem (Long-ish)

2004-01-13 Thread CPT John W. Holmes 
From: "Dave Carrera" <[EMAIL PROTECTED]>

>  I get a Warning:
> mysql_fetch_array(): supplied argument is not a valid MySQL result
resource

Whenever you get this warning it's because your query failed for some reason
and you're trying to use a result  that's not valid. Use mysql_error() to
see what the error is.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Globals problem - $_REQUEST good solution?

2004-01-12 Thread CPT John W. Holmes 
From: "Ryan A" <[EMAIL PROTECTED]>

> After going through the manual trying to find an answer I came accross
> $_REQUEST, is this a good
> solution? because I have never used this before or is this as bad as
having
> globals on?

The only simularity it has to register_globals ON is that you don't know
what method provided the value. It could be POST, GET, or COOKIE.

But... if you're validating the data properly anyhow, it really shouldn't
matter where it's coming from. I use $_REQUEST for everything, that way I
can change the method of my forms if I need to without affecting my code (or
the user can).

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] MySQL query

2004-01-12 Thread CPT John W. Holmes 
From: "Ashley M. Kirchner" <[EMAIL PROTECTED]>

> >RD> SELECT whatever FROM table WHERE date_column_name BETWEEN '2004-01-09
> >RD> 00:00:00' AND '2004-01-04 23:59:59'
> >
> >Actually sorry, inverse the seconds (put the 00:00:00 onto the lower
> >date, the 4th) so it encompasses the whole period. You might actually
> >be able to not even include the seconds, try it and see what happens.
> >
> >
> Assume I don't know what those dates are.  I need to search based on
> whatever the current date is, and search between 2 and 7 days back.  The
> dates in my previous post were simply an example.

Should have said that in the first place. :)

SELECT * FROM table WHERE TO_DAYS(datetimefield) BETWEEN TO_DAYS(CURDATE() -
INTERVAL 2 DAY) AND TO_DAYS(CURDATE())

The "2" in the query can be a PHP variable ranging from 2 - 7, if you want.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Re[2]: [PHP] MySQL query

2004-01-12 Thread CPT John W. Holmes 
From: "Richard Davey" <[EMAIL PROTECTED]>

> RD> SELECT whatever FROM table WHERE date_column_name BETWEEN '2004-01-09
> RD> 00:00:00' AND '2004-01-04 23:59:59'
> 
> Actually sorry, inverse the seconds (put the 00:00:00 onto the lower
> date, the 4th) so it encompasses the whole period. You might actually
> be able to not even include the seconds, try it and see what happens.

What he said for my answer, too! ;)

I didn't even notice you had the later date first in your write-up. Ooops. 

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] MySQL query

2004-01-12 Thread CPT John W. Holmes 
From: "Ashley M. Kirchner" <[EMAIL PROTECTED]>

> I need to query for record within a certain date stamp.  The
> datetime field contains the createdon information that i need and is in
> the following format:  2004-01-11 21:40:50
>
> What I'd like to do is search for records that are between
> 2004-01-09 and 2004-01-04.  The time is to be ignored, just the date is
> what I need to search by.  Is there a way to do this within an sql
> query, or do I have to do some PHP processing of the datetime field to
> get what I need?

You'll want to do it in the query, although PHP could help a little.

Even though you want the time to be ignored, the easiest way to do this is
to actually search from 2004-01-09 00:00:00 through 2004-01-04 23:59:59.
Since the "00:00:00" and "23:59:59" are "constants" you can just have PHP
add them to the date string or hard code them into your query. Given that
format, the query would be as simple as:

SELECT * FROM table WHERE datetimefield BETWEEN $start AND $end

Where $start is "2004-01-09 00:00:00" and $end is "2004-01-04 23:59:59"

If you don't want to do that processing, then you'll need to use another
method.

SELECT * FROM table WHERE TO_DAYS(datetimefield) BETWEEN TO_DAYS($start) AND
TO_DAYS($end)

Where $start is "2004-01-09" and $end is "2004-01-04".

There are other methods, too, but the end results is you need to take your
"datetimefield" and get it into the same format as $start and $end.

If you're using MySQL 4.1, there is a DATE() function (I think) that'll
allow you to do this:

SELECT * FROM table WHERE DATE(datetimefield) BETWEEN $start AND $end

Where $start is "2004-01-09" and $end is "2004-01-04".

Hope that helps.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Very confusing problem!

2004-01-07 Thread CPT John W. Holmes 
From: "Aaron Wolski" <[EMAIL PROTECTED]>

> Fatal error: Call to a member function on a non-object in
> /services/webpages/a/t/somedomain.com/secure/Store/index.php on line 140
>
> The line of code is this:
>
> $paging->query("SELECT * FROM ProductTable");
>
> At the top of the page I have this:
>
> require("../paging_class.php");
>
> I can post the paging_class.php file if anyone needs but it hasn't
> changed from when I used it on another site. The only thing that has
> changed is server type (current: Linux previously: BSD). Both are
> running PHP 4.3.2.

Do you have

$paging = new paging_class();

anywhere to make $paging an actual object? According to the error, you
don't, or it's type has been changed. Maybe there was an error in the
required file that you're not seeing?

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] if("NANC" < 0) - always evaluates TRUE...

2004-01-06 Thread CPT John W. Holmes 
From: "Kelly Hallman" <[EMAIL PROTECTED]>

> On Tue, 6 Jan 2004, Ivo Pletikosic wrote:
> > $data = 'NANC';
> > if(is_numeric($data) && $data < 0) { die('Not OK'); }
>
> Interesting problem, one of the first legit oddities I've seen since
> joining the list.  Anyway, in addition to your workaround, casting the
> variable as an int also appears to result in the desired behavior:
>
> (int)"NANC" < 0 == false

This all kind of begs the question of why you'd check if a "string" was less
than zero, anyhow, doesn't it???

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_affected_rows() function

2004-01-06 Thread CPT John W. Holmes 
From: "Tyler Longren" <[EMAIL PROTECTED]>

> That's not the exact code.  The exact code is below.  Multiple workers
> are being selected from a MULTIPLE  form field.  I just use a
> while loop do go through the selected ones to delete them individually.
>
> PHP Version: 4.3.4
> MySQL Version: 4.0.17
>
> $i="0";

Don't put quotes around numbers. $i = 0; is all you need.

> while ($i <= "$selected") {

You also don't need quotes around just a variable. ($i <= $selected) is all
you need.

> $delete_assignment = mysql_query("DELETE FROM webprojectassign WHERE
> workerid='$assigned[$i]'");
> $i++;
> }
> if (mysql_affected_rows($delete_assignment) < "1") {
> $tpl->newBlock('message');
> $tpl->assign("message","ERROR: There was an error deleting those
> workers from the project.");
> }
> else {
> $tpl->newBlock('message');
> $tpl->assign("message","The workers have been deleted from the
> project.");
> }

The problem you're having is that your IF check of mysql_affected_rows() is
outside of your WHILE loop. So, you're executing a series of DELETE queries,
yet only checking mysql_affected_rows() for the very last one (which
evidently does not actually delete anything).

You could probably benifit from a "DELETE FROM webprojectassign WHERE
worderid IN (1,2,3,45)" syntax, too, so you only need to do a single query.
Since it's coming from a MULTIPLE , a simple

$list = implode(',',$_POST['select_name']);

will create the list. Although you'd be better off looping through each one
making sure it's a number, though, to prevent any SQL injection attacks.

Ask if you need anymore info. :)

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_affected_rows() function

2004-01-06 Thread CPT John W. Holmes 
From: "Tyler Longren" <[EMAIL PROTECTED]>

> I don't think mysql_affected_rows() is working like it should for me.
> In the manual for mysql_affected_rows() it has this (Example 1):
>
> /* this should return the correct numbers of deleted records */
>mysql_query("DELETE FROM mytable WHERE id < 10");
>printf("Records deleted: %d\n", mysql_affected_rows());
>
> However, when I do this:
> $delete_assignment = mysql_query("DELETE FROM consultingprojectassign
> WHERE workerid='$assigned[$i]'");
> printf("Records deleted: %d\n", mysql_affected_rows());
>
> It always says "Records deleted: 0".  Even though the record was,
> indeed, deleted.  I have an if statement also that says if
> mysql_affected_rows() < "1", then print an error message.  Well, since
> it always returns 0, no matter what, the error is always shown, even
> when the record is deleted.

I can't see a reason why that wouldn't work. Is that your exact code, i.e.
you're not doing anything else between the mysql_query() call and the
mysql_affected_rows() call? What versions of PHP/MySQL are you using?

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] eregi filter stopping valid email address, part two

2004-01-06 Thread CPT John W. Holmes 
From: "Dave G" <[EMAIL PROTECTED]>

> A while ago on this list I posted a few questions about an eregi
> filter for email addresses entered into a form. With the help of people
> on this list, I settled on the following code which has worked fine in
> the months since I started using it. The code is this:
>
> eregi('[EMAIL PROTECTED]', $email)
>
> But recently, a person was unable to get their email to pass
> this eregi test. The email is valid, as they are able to send email to
> me. It has the following format:
>
> [EMAIL PROTECTED]
>
> Shouldn't this email pass? I've allowed for hyphens after the @
> mark. Is it that there are two many periods?

You're only allowing hyphens in the first part of the address after the @
symbol, though, before the first period. Maybe your regex should be:

@([a-zA-Z0-9-]+\.)+[a-zA-Z.]

Just noticed that your period is not escaped, either, so you're actually
matching any character with the one that's outside of the [ and ] character
classes.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] No

2003-12-24 Thread CPT John W. Holmes 
From: "Robin Kopetzky" <[EMAIL PROTECTED]>


> Good Morning and Merry Christmas to all.
>
> I recently installed PHPTriad to a new server and the  not work on ANY html page. Does anyone know what I may have missed in
> configuration? Help...

Try using them on a .php page? PHP doesn't normally run on plain HTML files
(with an .html or .htm extension).

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Headers Problem

2003-12-24 Thread CPT John W. Holmes 
From: "Beauford" <[EMAIL PROTECTED]>
> Just a clarification, session_start() is on the first line of
restricted.inc
> and restricted.inc is included on the first line of
> update-corrections-input.php. All update-corrections-write.php does is
write
> info to a database and includes update-corrections-input.php on the last
> line. So I'm still not understanding where the output from
> update-corrections-write.php is coming from.

Sounds like you have a blank line as the first line in
update-corrections-write.php. If "http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Error with Absolute URLs

2003-12-24 Thread CPT John W. Holmes 
From: "Brad" <[EMAIL PROTECTED]>
> I keep getting errors on my websites, that contain absolute URLs, e.g.
> http://www.url.com/blah.html. With most, being in the folder of my
> website, it's fine, i can just add $_SERVER['DOCUMENT_ROOT'], but
> there's a script I use to display the network statistics of an IRC
> network, which is located on a different server, so i can't use the
> $_SERVER['DOCUMENT_ROOT'], I'm wondering if anyone has an answer to
> this. I'm almost to the stage of just asking the script owner if I can
> have it located locally, so i can use the $_SERVER['DOCUMENT_ROOT']
> variable.

Ummm... if the page you're linking to isn't on your server, then you need to
hard code the link to that page. If your "script" automatically uses
$_SERVER['DOCUMENT_ROOT'] for every URL that's created, then you need to
rewrite that "script". That's the "solution".

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Removing/unsetting session variables.

2003-12-24 Thread CPT John W. Holmes 
From: "Alain Williams" <[EMAIL PROTECTED]>

> I have several variables that I set in a session - to record that a user
is logged in.
> I want to be able to unset them - when they log out.
>
> $_SESSION['PERMS_USER'] = 'fred';
> Sets the variable quite nicely, I can also change it and the change is
recorded.
> I cannot unset it. I have tried (in various combinations):
>
> unset($_SESSION['PERMS_USER']);

unset is what you should use. How do you know it's "not working"??

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] String replacement problems...

2003-12-23 Thread CPT John W. Holmes 
From: "John Clegg" <[EMAIL PROTECTED]>
> I am trying to figure out how to get ereg_replace / preg_replace to
> replace a match only once.

The fourth parameter to preg_replace() is an integer limit to how many
matches you want to allow. So, if you only want 1 replacement to occur, pass
1. :)

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Simple fwrite question

2003-12-23 Thread CPT John W. Holmes 
From: "Hartley, Matt" <[EMAIL PROTECTED]>

> I am trying to have a counter in a file.  With what I have below I get in
> the $counterfile
>
> 0 + 01 = 01
> 01 + 01 = 012
> 012 + 01 = 01213
>
> [snip]
>
>   /* Add "1" to the counter */
> $counter = ($counter + '01');

You're "adding" a string. That doesn't make much sense. Just use $counter++;
or $counter = $counter + 1;

> /* Verify counter file is writable */
> if (is_writable($counterfile)); /* { */
> if (!$handle = fopen($counterfile, 'a')) {
>   print "Cannot open file ($counterfile)";
>   exit;
> }
> /* Write to our counter file. */
>   if (!fwrite($handle, $counter)) {
>   print "Cannot write to file ($counterfile)";
>   exit;
> }
> fclose($handle);
>
> [/snip]
> How do I overwrite the existing value with my new value instead of it
adding
> on after the past values?

Open the file in "w" (write) mode instead of "a" (append) mode. This will
clear the file and you can write your new value to it.

Note that if two peope hit your site at the same time, you'll have issues
here because they'll both try to open and read the file. You could end up
missing hits.

Why not approach it this way, which I've seen mentioned on here. Instead of
keeping an actual number in the file, just write a character to the file.
You can then use filesize() to determine how many "hits" are in the file.



> this counter decides what line to display in a sequence from a separate
file
> what command can I use to tell it when $counter is @ the last line in my
> "tips" file to reset to zero

I don't understand what you're asking here.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] warnings

2003-12-23 Thread CPT John W. Holmes 
From: "Chakravarthy Cuddapah" <[EMAIL PROTECTED]>

> Can anyone pls tell me how to prevent warnings to 
> be displayed on the screen ?
> For example, I get this message:
> Warning: ldap_get_entries(): supplied argument is 
> not a valid ldap result resource in test.php on line 235

http://us2.php.net/error_reporting

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Addslashes limit

2003-12-17 Thread CPT John W. Holmes 
From: "Cesar Cordovez" <[EMAIL PROTECTED]>

> Is it just me or addslahes truncates the result to 65535 chars?  Any 
> comments? Or can it be that a blob field in a MySQL database is just 
> 65535 chars, I don't think so...

Think again...

  BLOB, TEXT  L+2 bytes, where L < 2^16  
  MEDIUMBLOB, MEDIUMTEXT  L+3 bytes, where L < 2^24  
  LONGBLOB, LONGTEXT  L+4 bytes, where L < 2^32  


---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP header command crashes IE6x/PC

2003-12-12 Thread CPT John W. Holmes 
From: "Matt MacLeod" <[EMAIL PROTECTED]>

> if (!ISSET($_SESSION['loggedin'])) {
> header("Location: /admin/login/");

put exit(); after your header redirect and use a full URL for your location.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] $_POST[$variable]

2003-12-11 Thread CPT John W. Holmes 
From: "Christian Jancso" <[EMAIL PROTECTED]>

> I have the following problem:
> How can I use variables in the $_POST statement?
> Here is my code:
>
> $old_station[$o] = $_POST['$i'];
> $new_station[$o] = $_POST['$i'];

$old_station[$o] = $_POST[$i];
$new_station[$o] = $_POST[$i];

Variables are not evaluated within single quotes, so  you were making a
literal key of "$i".

$old_station[$o] = $_POST["$i"];
$new_station[$o] = $_POST["$i"];

Will work, also, as the variable $i will be evaulated within the double
quote string.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] date convertion

2003-12-09 Thread CPT John W. Holmes 
> I have a script where a user inputs a date in MMDD format, and I need
> to convert it to month day, year.  For example they will enter 20031209
> and I need the script to return the date as December 09, 2003.  They won't
> be entering today's date, so I can't use the timestamp with the date
> function.  So any ideas?

Use strtotime() to convert it to a Unix timestamp and then use date() to
format it.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] converting string into array with regex

2003-12-05 Thread CPT John W. Holmes 
From: "Adam i Agnieszka Gasiorowski FNORD" <[EMAIL PROTECTED]>

> No, no spaces between letters (otherways
>  it would be very easy, indeed). So there is
>  no way to match the "space between alphanumeric
>  chars" and split on it? I was trying to avoid
>  the loop solution.

Of course there is. In fact, this example, direct from the manual, does
exactly what you want...


Imagine that!---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] What do you say to someone who says...

2003-12-04 Thread CPT John W. Holmes 
From: "Cesar Cordovez" <[EMAIL PROTECTED]>
> > I work on a project 100% made in PHP and MySQL that
> > costs a lot of money (6 figures) a copy.
> 
> PD.  Did I mention that it is cheap and reliable.  

Please tell me in what world is 6 figures considered cheap??

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: IE download problem

2003-11-26 Thread CPT John W. Holmes 
From: "Luis Lebron" <[EMAIL PROTECTED]>

> "Internet Explorer cannot download...?sender=171&filename=.jpg from
> somedomain.com. Internet Explorer was not able to open this Internet site.
> The requested site is either unavailable or cannot be found. Please try
> again later."

Are you using sessions? Are you doing this over HTTPS?

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] IE download problem

2003-11-26 Thread CPT John W. Holmes 
From: "Luis Lebron" <[EMAIL PROTECTED]>

> I am working on a script to force downloading a file. The script works
fine
> with NS (4.8 and 7) but does not work correctly with IE 6.0
> I have looked at examples on php.net and have googled for a solution, but
> still can't find a solution. I think IE wants to download the script
instead
> of the file.

How does it "not work"??

[snip]
>   Header("Content-Disposition: filename=\"".$filename."\"\n");

Why are you adding a newline to this header?

>   Header("Content-Transfer-Encoding: binary");
>   $fp = fopen($filePath,"rb");
>   fpassthru($fp);

readfile() would be better to use here...

> The funny thing is that I have a similar script that I use to download an
> sql file and it works correctly.

It works on IE? If they are "similar", what's different??

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Stripping out all illegal characters for a folder name

2003-11-26 Thread CPT John W. Holmes 
Sorry for the reply to the reply, but OExpress won't let me reply to
newsgroup posts...

From: "Sophie Mattoug" <[EMAIL PROTECTED]>
> Joseph Szobody wrote:
> >I'm taking some user input, and creating a folder on the server. I'm
already
> >replacing " " with "_", and stripping out a few known illegal characters
(',
> >", /, \, etc). I need to be sure that I'm stripping out every character
that
> >cannot be used for a folder name. What's the best way to do this? Do I
have
> >to manually come up with a comprehensive list of illegal characters, and
> >then str_replace() them one by one?
>
> I think you should use the reverse solution : have a list of authorized
> characters and strip out all others ones.

That's exactly it. You need to change your way of thinking. When ever you
are dealing with user input, you want to define what is GOOD and only allow
that. If you try to define what is BAD, you'll leave something out.

As for an answer:

$safe_foldername = preg_replace('/[^a-zA-Z0-9]/','',$unsafe_foldername);

That'll remove anything that's not a letter or number. Adapt to your needs.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Regular expression help

2003-11-25 Thread CPT John W. Holmes 
From: "Bronislav Klučka" <[EMAIL PROTECTED]>
> > I need someone to tell me exactly what this regular-expression means:
> > if(ereg("[^ \t\n]",$val)) {
> > // do the job here
>
> This condition is true if there is no space, new line or tabulator in $val

Actually, the regular expression will match anything that is NOT a space,
tab, or newline. That's what the ^ character does (negates the matching).
So, if $val has anything that is NOT a space, newline, or tab in it, then
the ereg() function will return true.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Deleting a String from a file.

2003-11-21 Thread CPT John W. Holmes 
From: "Cameron Badgley" <[EMAIL PROTECTED]>

> Hey, I'm trying to write a script which deletes a String from a file. The
> String that the user wants deleted is provided from a form and the file is
> named to2do.txt. I have a hidden variable called "deleting" that lets me
> know when the string has been submitted.
>
> I have written the following code but receive the error:
> Warning: fclose(): supplied argument is not a valid File-Handle resource
in
> /u3/7/cirop27/public_html/todo/to2doDEL.php on line 63
[snip]
> $mfile = fopen("to2do.txt",'r+');

This opens the file and makes $mfile a file handle, but it does not read it.

>
> //delete the string
> $mfile = str_replace($msg, "", $mfile);

You're overwriting the file handle here by using the same variable.

> /*** error occurs here ***/
> fclose($mfile);

You also need to write the new data to the file...

fread(), fwrite(), etc...

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Integrating Perl into PHP

2003-11-21 Thread CPT John W. Holmes 
From: "Dan Anderson" <[EMAIL PROTECTED]>

> Is it possible to execute perl from a PHP script without resorting to a
> system call (which might possibly be disabled on a users system)?

http://us2.php.net/virtual

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Removing security-problematic chars from strings

2003-11-21 Thread CPT John W. Holmes 
From: "Chris Shiflett" <[EMAIL PROTECTED]>
> --- "CPT John W. Holmes" <[EMAIL PROTECTED]> wrote:
> >
> > I'm against letting users enter HTML in their data, also. I'd rather
> > emply a bbcode type solution, turning [b] into , etc.
>
> I disagree with John here, but that's OK. :-) We seem to have different
> perspectives about this bbcode stuff. Personally, I see no need to define
> a new markup language that you intend to convert to HTML anyway. It is an
> unnecessary complication that yields no benefits from what I can see. If
> you run everything through htmlentities() but want some things
> interpreted, you can always use str_replace() to allow the very specific
> tags that you want. There's no need for regular expressions or risking the
>  type of stuff.

Heh... my turn to disagree again. You can do a simple str_replace() to
convert "<b>" back into "", but you're going to have to do it for
each case. Also by doing that blindly, you can end up with orphaned tags
affecting the rest of your page (making it all bold, for example).

So, while I agree that adding another markup isn't always the best route, if
you're not doing so, you need to include some regular expressions to account
for all of the various implementations of the tags you want to allow.

Your turn. :)

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Removing security-problematic chars from strings

2003-11-21 Thread CPT John W. Holmes 
From: "Wouter van Vliet" <[EMAIL PROTECTED]>

> Let's make this personal: what would be your answer if I would advice the
> friendly person to do this:

Heh.. I hope you're just kidding about "making it personal"... I was just
presenting security problems with various solutions.

>  (..) $Content holds the string that you would want to be safe
>
> # Create an array with allowed tags
> $Allowed = Array('b', 'u', 'i', 'grin', 'foo');
>
> # Compose var to send to strip_tags
> $AllowedTags = '';
> foreach($Allowed as $Tag) $AllowedTags .= '<'.$Tag.'>';
>
> # Strip tags
> $Content = strip_tags($Content, $AllowedTags);
>
> # Make tags SAFE
> $Content = preg_replace('/<('.join($Allowed, '|').')([^>]+)>/', '<$1>',
> $Content);
> ?>

I didn't actually try that, but I'm sure it's fine. I seems to remove any
extra data in the tags you want to allow. It's good that you're still
stopping me from entering such devious and sinister code such as <(.) (.)>
and ...

My point here is that I absolutely loath the strip_tags() function and think
it should be banished to the 12th circle of hell, meaning mainly ASP or JSP.
I can think of no valid reason where anyone would require that function.

In any program, if I enter the string "", then I expect to either 1)
Receive an error or 2) See _exactly_ that string on any web page, email,
etc, showing my string. I do not want your program (speaking in general
terms here) to remove something from my string because it assumes it could
possibly be something bad.

I'm against letting users enter HTML in their data, also. I'd rather emply a
bbcode type solution, turning [b] into , etc. This way, YOU set the rules
and say the user can do these _5_ things in this exact syntax. Otherwise
you're held at the mercy of the HTML and browser specs and hoping that even
just allowing  in the future won't have any security issues. When _you_
set the rules, you win.

So, my suggestions:

1. Just run everything through htmlentities(). If the users require advanced
formatting, provide a bbcode solution.

2. If you just _have to_ let users use HTML like  and , then I'd use a
solution similar to what you have above, but drop the strip_tags.

$allowed_tags = array('b','i');

$safe_data = htmlentities($unsafe_data,ENT_QUOTES);

foreach($allowed_tags as $tag)
{ $formatted_data = preg_replace('/<' . $tag . '>(.*)<\/' . $tag .
'>/Ui',"<$tag>$1",$safe_data); }

Untested of course, but the only point that someone should take away is that
you should set the rules...

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Timer and submit button

2003-11-21 Thread CPT John W. Holmes 
From: "Frank Tudor" <[EMAIL PROTECTED]>

> I am trying to create a timer tha would prevent someone from
> clicking submit until the timer reaches zero.

JavaScript.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Mulitple selects from form drop down box

2003-11-20 Thread CPT John W. Holmes 
From: "Jeff McKeon" <[EMAIL PROTECTED]>

> Is it possible to have a form "Drop down box" that allows multiple
> selects?  I know the form field itself exists, but It only seems to
> return the last item selected and not all of them.
>
> Note in the code below the line: 

This is the expected behavior. You're passing a bunch of "D1" variables in
the form data, each one overwriting the other in the $_POST array.

What you need to do is name you select element as an array.



Now $_POST['D1'] will be an array of all the items that were chosen.

---John Holmes...

ps: wouldn't it be easier to select multiple items if you had a size larger
than "1"??

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Curious about something....

2003-11-20 Thread CPT John W. Holmes 
From: "Dan Joseph" <[EMAIL PROTECTED]>

> Is there any particular advantage to having the default PHP install
exclude
> a lot of useful modules such as mcrypt, cli, sockets, etc?

Yes. I've found that I do not need those libraries and have a secret
agreement preventing them from being included...

Honestly, this has kind of been discussed this week in the "encoder" thread.
Where do you draw the line on what's useful or not and who does the deciding
on that? What's useful to you may not be to me. The modules are easy enough
to install if you need them, so you're just going to have to do that.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] array_search

2003-11-20 Thread CPT John W. Holmes 
From: "Jake McHenry" <[EMAIL PROTECTED]>

> I've been using array_search in my scripts for a while now, but have
> come across a problem. My new page has a textarea field. If I enter
> any new lines in the textarea, array_search returns false.
[snip]
> Kinda stuck here.. Not sure what I should try next...

How about showing us how you're using array_search, since it has nothing to
do with textareas or line breaks except in the context you're using it in...

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Comparing 2 strings.

2003-11-19 Thread CPT John W. Holmes 
From: "Ed Curtis" <[EMAIL PROTECTED]>

>  I currently store text from a MySQL blob field in a string $orig_text. I
> need to compare that with something someone type in from a form stored in
> $new_text. How would I go about comparing them to see if they are
> different or exactly the same? strcmp doesn't look like it will handle
> this too well. 

Why would you say that when strcmp() is exactly what you need to use??

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] I cannot run a .php file on a IIS

2003-11-19 Thread CPT John W. Holmes 
From: "Papadogoulas Christos" <[EMAIL PROTECTED]>

>  I was going to ask you how can I run a .php file using IIS.
>  IIS and PHP, and a virtual directory are already installed.

I would suggest you actually make an attempt at installing PHP according to
the directions in the manual...

http://www.php.net/

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] how to trap eval error?

2003-11-18 Thread CPT John W. Holmes 
From: "david" <[EMAIL PROTECTED]>
> Cpt John W. Holmes wrote:
> > From: "david" <[EMAIL PROTECTED]>
> >
> >> i found a solution (hopefully) with:
> >>
> >> if(function_exists($function)){
> >> eval('$return = $function($input);');
> >> }else{
> >> // function does not exists
> >> }
> >>
> >> which works quit nicely for now. not sure if that's a good thing to do.
> >
> > Why not just do this:
> >
> > if(function_exists($function))
> > { $return = $function($input); }
> > else
> > { //function does not exist; }
> >
>
> because i didn't know PHP can do that. thanks for the tip! any differences
> between the 2 version in turns of performance and safety?

You're not invoking eval() for one thing and there's less of a security risk
compared to passing variables into an eval() function.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] =sessions / J. Meloni Textbook=

2003-11-18 Thread CPT John W. Holmes 
Anthony Ritter wrote:

> The following code is from "PHP, mySQL and Apache" (SAMS) by Julie Meloni.
[snip]
> if (isset($_POST[form_products])) {
> if (!empty($_SESSION[products])) {
> $products = array_unique(
> array_merge(unserialize($_SESSION[products]),
> $_POST[form_products]));
>}
> $_SESSION[products] = serialize($products);

I know you're working from a book, but for future reference, there's no
reason to serialize $products before storing it in the session. The whole
session array is going to be serialized at the end of the script, anyhow.
You can assign it directly to the session as an array and work with it as an
array on the following pages, too.

if (isset($_POST[form_products])) {
if (!empty($_SESSION[products])) {
$products = array_unique(
array_merge($_SESSION[products],
$_POST[form_products]));
   }
$_SESSION[products] = $products;

Then to recreate your $products array on other pages, you can either go the
easy route and just use the $_SESSION['products'] array... or use:

$products = $_SESSION['products'];

There's really no reason to have a $products variable to begin with,
actually. You can work directly with the $_SESSION['products'] variable,
adding and removing things from it and it'll always be available...

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] how to trap eval error?

2003-11-18 Thread CPT John W. Holmes 
From: "david" <[EMAIL PROTECTED]>


> i found a solution (hopefully) with:
> 
> if(function_exists($function)){
> eval('$return = $function($input);');
> }else{
> // function does not exists
> }
> 
> which works quit nicely for now. not sure if that's a good thing to do.

Why not just do this:

if(function_exists($function))
{ $return = $function($input); }
else
{ //function does not exist; }

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] passing PHP variables to Javascript ...

2003-11-17 Thread CPT John W. Holmes 
From: "Kenn Murrah" <[EMAIL PROTECTED]>
> I need to be able to pass a PHP variable to a Javascript and can't 
> figure out how to do it.  In short, the Javascript win() statement is 
> used open a page as defined in PHP -- i.e., $php_name = 
> "http://www.somewhere.com/something/3.jpg"; , a filename that was 
> generated dynamically in PHP ... how do I pass that variable to my 
> Javascript routine?


var mywin = '';

win(mywin);



or something like that. 

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] passing second function through a function

2003-11-17 Thread CPT John W. Holmes 
From: "David Otton" <[EMAIL PROTECTED]>
> >From: "Ian Truelsen" <[EMAIL PROTECTED]>
> >
> >> What I want to do is to call a function from within a function, but
pass
> >> the secondary function name through the first function. Like this:
> >>
> >> function1(function2)
> >>
> >> Then call function2 from within function1. Unfortunately, I have been
> >> unable to figure out the proper syntax for calling the second function.
> >
> >$function = 'print';
> >$function('you mean like this??');
>
> Does that snippet run for you, as-is?

Of course not... lol...sorry...

But this does:



$function must be a user defined function, I guess.

Same as with your example, you could just use $f(); instead of
call_user_func ($f);

Just depends which is clearer to you...

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] passing second function through a function

2003-11-17 Thread CPT John W. Holmes 
From: "Ian Truelsen" <[EMAIL PROTECTED]>

> What I want to do is to call a function from within a function, but pass
> the secondary function name through the first function. Like this:
> 
> function1(function2)
> 
> Then call function2 from within function1. Unfortunately, I have been
> unable to figure out the proper syntax for calling the second function.

$function = 'print';
$function('you mean like this??');

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] convert string to number

2003-11-17 Thread CPT John W. Holmes 
From: "Jay Blanchard" <[EMAIL PROTECTED]>
> From: "Diana Castillo" <[EMAIL PROTECTED]>
>
> > [snip]
> > what is the easiest way to convert a string like this "1,300.99" to a
> > number?
> > [/snip]
>
> http://www.php.net/settype

That'll just result in the number 1, though, since the conversion to "float"
will stop at the comma.

If you know that it's just going to be commas in there, a simple
str_replace(',','',$number) will get rid of the commas. Then PHP's type
juggling will take care of the rest for you and treat it like a FLOAT if it
needs to be. Or you can then use settype() to ensure it's a float.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] msession - giving me a hard time

2003-11-17 Thread CPT John W. Holmes 
From: "Guillaume Dupuis" <[EMAIL PROTECTED]>

> This works. My second page has the suffix '?PHPSESSID=e6t9tu43j9tj39j...',
> that matches the 'echo $sessid' I've added to your script above, so this
> part did work. But to test it, I do this in my second page:
>
>  session_start();
> $sessid = session_id();
> echo $sessid;
> ?>
>
> $sessid does echo a session_id... but not the one as the one I passed
> it!!?!?! And I do see the right SID in the Address bar!

No reason that shouldn't be working. Let's help out PHP a little more...



Try that. You're telling PHP to use the session id passed in the URL (which
it should do by default, anyhow) by calling the session_id() function before
session_start().

Are you clearing your cookies while doing all of this? session_start() on
the second page may be picking up an old cookie instead of picking up the
value in the URL...

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Having fits with input to array

2003-11-17 Thread CPT John W. Holmes 
- Original Message - 
From: "Susan Ator" <[EMAIL PROTECTED]>

> Hm... I should clarify this some more. This is the result of $Array2:
>
> Array (
> [0] => Array (
>   [0] => 15083
[snip]
> What I need is to be able to assign a variable to $Array2[0] - [0] so for
> the first one it would be:
>
>   $var0 = 15083
[snip]
> How do I get to this point?

The question is, why do you need to get to that point? I think you're doing
to much work. You already have the variable $Array2[0][0] that you can use
anywhere, why do you need to assign it to yet another variable.

Maybe you just need to look at foreach() for looping through the array?

What was your point of getting $var0, $var1, $var2, etc... there's probably
a better method for whatever you're doing.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] msession - giving me a hard time

2003-11-14 Thread CPT John W. Holmes 
From: "Guillaume Dupuis" <[EMAIL PROTECTED]>
> I've tried your suggestion and yes, I am transferring the SID variable to
> the next page... but I don't know if I am doing the this right.
>
> This is the code I use:
> ---
>  session_start();
> $SID = session_id();
> echo $SID;
> ?>
>
> LinuxBox2
> ---

If you used

session_start($_GET['SID']);

on your pages, this would work. The session ID that PHP is looking for is
named PHPSESSID by default. That's why you should use the SID _constant_

http://192.0.1.7/use.session.php?">LinuxBox2

If PHP doesn't pick up a session id, you'll just end up with a new one
created the next time you call session_start().

> So to recap:
> 1- Do I need session_start() at the beginning of each php pages?

Yes, you need it on any page you want to access the session in.

> 2- Do I need msession_connect/create?

Dunno about that...

> 3- Am I right to use $SID as a good tracking assumption (if I get the same
> SID thru several pages, this means msession works well???)?

If you get the same session id after calling session_start() on your pages,
then yes, it should be working. Using the above method with SID should get
you this.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Having fits with input to array

2003-11-14 Thread CPT John W. Holmes 
From: "Susan Ator" <[EMAIL PROTECTED]>

> Perfect! That did exactly what I needed.

Good...

> Now, *ahem*, I thought I knew how to assign variables to the elements in
> Array2 but *cough* I'm somewhat befuddled. I've not been able to find
> anything in the online php manual. Could you point me in the right
direction
> for that?

Not sure I'm following you, but

$Array2[] = $somvariable;

will add the value of $somevariable to the next element of $Array2.

Can you explain a little more what you want if that's not it.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] variables from perl cgi into a php

2003-11-14 Thread CPT John W. Holmes 
From: "mailing" <[EMAIL PROTECTED]>

> I have a multiuser web based image managment application (the Perl script)
and I want to add some accounting scripts (to be written in php).  The guy
that wrote the perl script is unavailable to work it in the perl script due
to time constraints - so I was wondering if I can pass the variables - such
as invoice amounts, the username (from the cookie) the image numbers that
the invoice numbers relate to from the cgi into the perl script then into a
mysql database.
>
> Any more help.Will virtual() do this sort of thing?

Sounds like you want your Perl application to call a bit of PHP and pass PHP
some variables. I was thinking of the other way around, PHP calling Perl.

This is possible, though, I just don't know the Perl syntax to call a PHP
file or make an HTTP request. Basically, you just want your Perl script to
call a URL such as:

accounting.php?amount=xx&number=xx&foo=bar

Then the PHP script can grab the URL variables and save them in the
database. The same cookies available to the Perl script will be available to
the PHP script (providing they're both on the same domain). Your PHP script
wouldn't need to output anything, just do it's saving and then exit.

Once you figure out the Perl -> PHP bit, this should be easy (although it's
a bad hack, overall!)

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] get some part of text

2003-11-14 Thread CPT John W. Holmes 
[snip]
job_resp errorCode="4194337" description="Originator you"

I need to take only errorCode value from this string. I am thinking and
thinking and can not find how to to. I can split with "=" but allways
erroCode place is changing in the string.
[/snip]

How about this, also...

$pos = strpos('errorCode="',$error_message);
$error_code = substr($error_message,$pos+11,7);

if the error code is always 7 digits.

or the good old standby of regular expressions...

preg_match('/errorCode="([0-9]+)"/',$error_message,$matches);

$matches[1] should contain your code...

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] variables from perl cgi into a php

2003-11-14 Thread CPT John W. Holmes 
From: "mailing" <[EMAIL PROTECTED]>
> I wonder if any one can help with this problem.
> I have a script working really well (not my scripting but my script)
written in perl /cgi.
> I would like to write some simple scripts using the variables and data
from the cgi script.
> Is there a way that I can extract the variables in the cgi script to run
in a php script.

Not sure if I follow what you're wanting to do, but you can use virtual()
inside of a PHP script to run a Perl script...

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Having fits with input to array

2003-11-14 Thread CPT John W. Holmes 
From: "Susan Ator" <[EMAIL PROTECTED]>

> For example, the command:
>
> ps -C bash --no-headers -o
fname,state,vsz,start_time,flag,user,cputime,args
> --cols 200
>
> gives me the output of:
> bash S 4396 Nov13 000 sator 00:00:00 -bash
> bash S 4392 Nov13 000 sator 00:00:00 -bash
> bash S 4396 Nov13 000 sator 00:00:00 -bash
>
> The array I end up with using this code (where $pgm is bash):
>
> $cmd = " -C $pgm --no-headers -o
> pid,fname,state,vsz,start_time,flag,user,cputime,args --cols 200";
> $ps = `ps $cmd`;
> $ps2 = ereg_replace("\n", ",", $ps);
> eval("\$psArray = array(\$ps2);");
> print_r($psArray);
>
> is:
>
> Array ( [0] => bash sleeping 4396 Nov13 000 sator 00:00:00 -bash,bash
> sleeping 4392 Nov13 000 sator 00:00:00 -bash,bash sleeping 4396 Nov13 000
> sator 00:00:00 -bash )
>
> where I need it to be:
>
> Array (
> [0] => bash S 4396 Nov13 000 sator 00:00:00 -bash
> [1] => bash S 4392 Nov13 000 sator 00:00:00 -bash
> [2] => bash S 4396 Nov13 000 sator 00:00:00 -bash
> )
>
> and the second array needs to be:
>
> Array (
> [0] => Array (
> [0] => bash
> [1] => S
> [2] => 4396
> [3] => Nov13
> [4] => 000
> [5] => sator
> [6] => 00:00:00
> [7] => -bash
> )
> etc...
> )
>
> THIS is what I am unable to do. Does anyone have any ideas?

$Array1 = array();
$Array2 = array();

$cmd = " -C $pgm --no-headers -o
pid,fname,state,vsz,start_time,flag,user,cputime,args --cols 200";
$ps = `ps $cmd`;
$Array1 = explode("\n",$ps);
foreach($Array1 as $line)
{ $Array2[] = explode(" ",$line); }

print_r($Array1);
print_r($Array2);

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Random Function

2003-11-14 Thread CPT John W. Holmes 
You're code doesn't make sense. You're looking for 3 random numbers, between
1 and 3 inclusive. Umm.. 1,2,3.

Do you want them in a random order, or something?

Maybe the upper limit of rand() and how many numbers you're looking for
($n), should be different??

---John Holmes...

- Original Message - 
From: "Teren" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, November 14, 2003 1:05 PM
Subject: [PHP] Random Function


Hi, I have the following function that generates a random number, but the
key is it only generates the number once within the range you specify. So,
if you want a range of 5 numbers, it will give you 5 different numbers. My
problem is the function was set to start at 0, but I need it to start at 1,
so i made a change to the function (line 9) and now the script only works
every now and then. Can somebody look at it and see if they see why it would
be doing that? Thanks

 0) {
foreach($s as $sh) {
  if($ran == $sh) {
$add = "no";
  }
}
  }
  if($add == "yes") {
$s[] = $ran;
  } else {
set_num();
  }
}

while(count($s) <= $n) {
  set_num();
}
?>

Teren

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] File permissions on Windows, IIS

2003-11-14 Thread CPT John W. Holmes 
From: "Chris Shiflett" <[EMAIL PROTECTED]>
--- Marius Røstad <[EMAIL PROTECTED]> wrote:
> > I have a Windows XP pro
> [snip]
> > How do I change file permissions to make it "identical" to the
> > chmod 777 on Unix systems.
>
> With Windows, you probably right-click the file and go to properties, then
> you want to grant read, write, and execute privileges to user, group, and
> other.

If you have anonymous browsing (default) enabled in IIS, then PHP (running
within IIS) will run as the IUSR_* user (where * is generally the computer
name).

Do as Chris said and give the IUSR_* user permission to write to the
directory where you're trying to use the file functions.

If you're not using anonymous browsing and using integrated Windows
Authentication, then you follow the same procedure except you need to give
yourself permission to write to the folder in question. Basically, IIS
almost "runs" as you and you must have permission to read the PHP file to
begin with, then permission to write to the directory.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Headers Sent Message

2003-11-14 Thread CPT John W. Holmes 
From: "Mark Roberts" <[EMAIL PROTECTED]>

> Could someone help me out with this. I had this problem about a year ago
> with another site and I can't for the life of me remember what I had to do
> to fix it. I am in a oscommerce application, however I think it is really
a
> php problem. I get this message when ever I try to update the admin
portion
> of the site:
>
> Warning: Cannot modify header information - headers already sent by
(output
> started at
>
/home/virtual/site1/fst/var/www/html/admin3/includes/application_top.php:267
> ) in
> /home/virtual/site1/fst/var/www/html/admin3/includes/functions/general.php
> on line 18

I always get yelled at for answering these questions and doing the whole
"take my hand and follow along as we read this together"... but oh well...

"output started at .../application_top.php:267" means that
application_top.php has output on line 267. You cannot send any header
information (header(), setcookie(), session_start(), etc) after there is
output. "general.php" is trying to send header information on line 18, after
application_top.php has been included and already caused output.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] msession - giving me a hard time

2003-11-13 Thread CPT John W. Holmes 
From: "Guillaume Dupuis" <[EMAIL PROTECTED]>
> Now, I am testing the interaction of 2+ servers working together. From
> SERVERA I create and echo the my SID using "echo session_start(); echo
> session_id();echo $SID;", and then I follow a link (within the same
browser
> session) to SERVERB and then do the exact same 3 calls.
>
> They give me different $SID ???

When you go from SERVERA to SERVERB, you do not carry over the same session
ID, though. SERVERB, not seeing a session id passed to it, starts it's own
session. You need to pass SID in the URL when linking to the different
servers. No way around this. The session id can be carried in the cookies
once you're operating on the same server, but when going from one server to
another, you must manually pass it.

http://SERVERB?">SERVERB

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session timeout

2003-11-13 Thread CPT John W. Holmes 
From: <[EMAIL PROTECTED]>
> > How do I set the session timeout - eg someone leaves a broweser for say
> > half an hour then have to log in again..
> > As I'm on an intranet I want to increase ro 3 hours
>
> Pete, Change the default configuration of the option
session.cookie_lifetime
> in the php.ini

This won't help when the garbage collection deletes the session file after
24 minutes (default), though. Yeah, you'll have a valid session ID in a
cookie for 3 hours, but no matching session file.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session timeout

2003-11-13 Thread CPT John W. Holmes 
From: "pete M" <[EMAIL PROTECTED]>

> How do I set the session timeout - eg someone leaves a broweser for say
> half an hour then have to log in again..
>
> As I'm on an intranet I want to increase ro 3 hours

Exact method: Save the current time on each request in the session. On each
request, check that time and if it's over 3 hours, then end the session /
force them to log in again.

Approx. Method: Look at the session.gc_maxlifetime setting in php.ini. This
setting controlls when session files are cleaned up. If the files have not
been accessed in "gc_maxlifetime" seconds when the garbage collection is
initiated, then the file is deleted. Upon the next request, the session will
be empty and the user should be forced to log in again. I say this is
approx. because garbage collection is triggered on a random process based
upon your requests. So files can run over the "gc_maxlifetime" setting
sometimes if the collection isn't triggered. I just rely on this, though...
it's close enough for government work. :)

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] validate names with regex

2003-11-12 Thread CPT John W. Holmes 
From: "Chris W. Parker" <[EMAIL PROTECTED]>

> Can someone post a function or regex that can validate names (first and
> last)? The most important bit is that names like O'Malley and Hope-Jones
> are not barred.

I use this:

//allow a possible ', -, or space in name. ' will
//be replaced with \' by magic_quotes upon
//form submission (so we search for \\\')
$match = "^[a-z]+([- ]{1}|(\\\'))?[a-z]+$";

along with eregi(), but it can (should) be easily adapted to a syntax
compatible with preg_match().

I remember a large discussion about this a while back. Archives may be
useful.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Need a nicer way to escape single/double quotes....

2003-11-12 Thread CPT John W. Holmes 
"Scott Fletcher" <[EMAIL PROTECTED]> wrote in message
news:<[EMAIL PROTECTED]>...



> I haven't found a more efficient way to better escape the quote

> characters for the javascript right from PHP because I only get "The kid"
in

> the javascript alert message, so I'm wondering if anyone of you know of

> something better than that...

>

> --snip--

> 

> $test1 = "The kid's name is \"Bob!\"";



$test1 = htmlentities($test1,ENT_QUOTES);



instead of addslashes.



>echo "";



---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Getting an uploaded picture

2003-11-12 Thread CPT John W. Holmes 
From: "Mike R" <[EMAIL PROTECTED]>
> I thought about that, but figured I'd ask first - particularly since I
> wasn't sure which code to send: the code for uploading the pictures or the
> code that displays the pictures/links to them?

Show the code that displays the links to them and some of the resulting
HTML.

Are you using a PHP page to "serve" the images, or linking directly to a
.gif/.jpg file?

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Why is this code not working?

2003-11-12 Thread CPT John W. Holmes 
From: "Dave G" <[EMAIL PROTECTED]>

> PHP Gurus,

If you say so...

> I'm trying to put the results of a query into an array.
> My code looks like this:
>  $query = "SELECT datecolumn FROM table WHERE MONTH(datecolumn) = " .
> $currentMonth;
> $result = mysql_query($query);
> $numRows = mysql_num_rows($result);
> for($i = 0; $i<$numRows; $i++)
> {
> $workshops[$i] = mysql_fetch_row($result);
> echo $workshops[$i] . "";
> }
> echo "The results of the array are - " . $workshops[0] . " and " .
> $workshops[1];
> ?>
> When I run this, the output to the screen says:
> ---
> Array
> Array
> The results of the array are - Array and Array
> ---

Exactly what it should be. mysql_fetch_row returns an array, which you're
assiging to $workshops[0] and $workshops[1].

Try:

echo "The results of the array are - " . $workshops[0][0] . " and " .
$workshops[1][0];

Or, even better...

$query = "SELECT datecolumn FROM table WHERE MONTH(datecolumn) = " .
$currentMonth;
$result = mysql_query($query);
while($r = mysql_fetch_row($result))
{ $workshop[] = $r[0]; }
echo "The results of the array are - " . $workshops[0] . " and " .
$workshops[1];

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] overriding string concatenation '.'

2003-11-12 Thread CPT John W. Holmes 
From: "Chris W. Parker" <[EMAIL PROTECTED]>
> > CPT John W. Holmes <mailto:[EMAIL PROTECTED]>
> > > The dots in ipaddr variable are considered to be
> > > string concatenations.
> >
> > No they are not. Show some examples.
>
> What am I missing here? How is the dot operator not considered
> concatenation?
> $concatenatedString = 'a'.'concatenated'.'string';

We know periods are for concatination, but periods _within_ strings are not.

$ipaddr = "122.122.122.122";
$str = 'a'.$ipaddr.'string';

>From the way I read that, the periods _within_ $ipaddr were being seen as
concatination characters (according to OP), which doesn't make sense. So I
wanted an example.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] overriding string concatenation '.'

2003-11-12 Thread CPT John W. Holmes 
From: "tirumal b" <[EMAIL PROTECTED]>

>  I have an ip addr in a variable. I use
> 'ssh'.$ipaddr.'command' in a php file
> 
> The dots in ipaddr variable are considered to be
> string concatenations. 

No they are not. Show some examples. 

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] keyword searching

2003-11-12 Thread CPT John W. Holmes 
From: "Adam Williams" <[EMAIL PROTECTED]>

> I'm using Informix SQL.

Could have saved some bandwidth by mentioning that in the first place and
only posting to either php-general or php-db (which is more appropriate),
not both. :)

Ignore what my other posts said, as I don't know how Informix works.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] testing a variable

2003-11-12 Thread CPT John W. Holmes 
From: "Adam Williams" <[EMAIL PROTECTED]>

> I need to test a variable to see if it contains a value or not, and if 
> not, do something.
[snip]
> if ( !isset($var )
> { echo "do something";}

That's the correct way.

> What I am doing is checking a field in an sql table, and if the field is 
> null, empty, etc... then do something.  so what is the best way to check 
> the field if its null, empty, etc...?

The variable might be set, yet empty, though. So you may want to add

if(!isset($var) || empty($var))
{ echo "do something"; }

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Changing case

2003-11-12 Thread CPT John W. Holmes 
From: "Robert Sossomon" <[EMAIL PROTECTED]>

> I have a form that allows for an item to be entered, the other pieces
> have been fixed so far that were bogging me down, but now I am looking
> for a way to convert any entry in the form to be UPPER case so that when
> the quote is listed, they are alphabetical.  

http://us2.php.net/strtoupper

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: High bandwidth application tips

2003-11-07 Thread CPT John W. Holmes 
From: "Richard Baskett" <[EMAIL PROTECTED]>
> > * use recent mysql 4.x The new versions have ability to cache results of
> > often used queries, and return the results very fast without even
touching
> > the disk. Note that this is much better for web apps than usual query
> > cacheing that many databases offer.
>
> How do you get mysql to do it's own caching like you mentioned?

This is a PHP list, so I'd suggest you start reading here:
http://www.mysql.com/doc/en/Query_Cache.html

;)

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] To format a number

2003-11-06 Thread CPT John W. Holmes 
From: <[EMAIL PROTECTED]>

> I have a number for example 5 and I would it transform in 5,00.
> I tried with round() but it doesn't add the numbers after comma with an
interger number.
> Does some funtion that make this exist?

You mean some function that'll format a number? Hmmm... number_format() 

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] restricting text fill on a text area

2003-11-06 Thread CPT John W. Holmes 
From: "Ian Truelsen" <[EMAIL PROTECTED]>

> I want to set up a sized div on my page and be able to fill it with text
> from a text file. Easy enough, but I want to be able to 'sense' when the
> text area fills, no matter what size text the browser has set.

Client side issue, not PHP. Ask on a Javascript list.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Send data Header Response

2003-11-06 Thread CPT John W. Holmes 
From: "Jonathan Villa" <[EMAIL PROTECTED]>

> I would like submit a form to a page, do some processing on that page,
> then if need be, return to the referrer but also send the submitted data
> along with it... and data is coming from a POST form, not a GET.  I
> tried
>
> header('location:'.$referrer.'?data'.$_POST);

Can you send the data back to the referrer as GET data (in the URL)?

If you must POST it back to the referrer, then you'll need cURL or search
the archives for a function called posttohost() (not a core php function,
btw).

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Issues with Mysql 4.0 and PHP in a production environment

2003-11-06 Thread CPT John W. Holmes 
From: "Luis Lebron" <[EMAIL PROTECTED]>

> Are there any issues with running PHP 4.3.X and Mysql 4.0 in a production
> environment?

Of course there is. If you write crappy code, your program will suffer. If
you don't write crappy code, well, then you're fine.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] preg_replace ^M

2003-11-06 Thread CPT John W. Holmes 
From: "Torsten Rosenberger" <[EMAIL PROTECTED]>

> > Those are \r characters from dos newline (\r\n). Generally they are not
> > harmful and many editors can work with them without problems (vim). You
> > can use some utility commands to convert to or from dos or unix
newlines.
>
> But i'm working under Linux.

Doesn't matter...

> I made a test with HTML Template IT and addBlockfile
> and thats the same.

So that program is writing \r\n as the newline instead of just \n. It's
still just your editor that's displaying the ^M. Maybe you should get a new
editor.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] preg_replace ^M

2003-11-06 Thread CPT John W. Holmes 
From: "Torsten Rosenberger" <[EMAIL PROTECTED]>

> i try to replace a string in a file
> but if i have linefeeds in the string
> the output file after the replacement has
> ^M carachters in in

Some text editors will display \r as ^M. So, if you're file uses \r\n as the
newline, you'll see these ^M at the end of each line. Using a different text
editor or adjusting the properties of the one you've got should fix this.

Either way, they shouldn't be visible on the actual PHP/HTML page when
viewed over the web. this is an editor issue, not a PHP one, really.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] MySQL Password Function

2003-11-06 Thread CPT John W. Holmes 
From: "Raditha Dissanayake" <[EMAIL PROTECTED]>
> >Oh, and this will do almost NOTHING to make your site more secure. Why do
> >you think it will?
>
> You are partly right about this we had a nice flame war about this very
> issue couple of weeks ago on the jabber lists. Anyone interested in the
> nitty gritty can google on the jabber archives. I still use the
> password() function whenever i can cause i only have to type in about 10
> keystrokes anyhow, the reason is that it will keep other users of the
> database from accidentaly seeing passwords that they shouldn't.  Since
> this is one way hashes it cannot be decoded. Almost any argument that
> applies for/against /etc/password would apply to mysql password() as well.

True, true. I actually use MD5() for the same reason, but, really, if
someone has access to the database to read the hashes, odds are they have
access to the rest of the database and your code. So what are you protecting
really?

In my eyes, it's just another tool to keep honest people honest...

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] High bandwidth application tips

2003-11-06 Thread CPT John W. Holmes 
From: "Luis Lebron" <[EMAIL PROTECTED]>

> Excellent tips. I think I'm really going to have to polish my sql skills
for
> this task. Any good tools for benchmarking sql queries?

If you've been following the "Load Stress Tool" thead, this program:
http://jakarta.apache.org/jmeter/index.html was mentioned. The web site
mentions that it can be used to also benchmark SQL queries through JDBC.
Seems very useful indeed... :)

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] MySQL Password Function

2003-11-06 Thread CPT John W. Holmes 
From: "Raditha Dissanayake" <[EMAIL PROTECTED]>
> From: "Shaun"
> >I am trying to make my site more secure, can anyone suggest a tutorial on
> >using the mySQL password function with PHP. I can't find anything through
> >google...
>
> it's very simple intead of using
> insert into users set userPassword='123'; you say
> insert into users set userPassword=password('123');

And the column type should be CHAR(16) or VARCHAR(16), as the result of
PASSWORD() is always 16 characters.

Oh, and this will do almost NOTHING to make your site more secure. Why do
you think it will?

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] File creation date.

2003-11-06 Thread CPT John W. Holmes 
From: "Carles Xavier Munyoz Baldó" <[EMAIL PROTECTED]>

> I want to write a PHP function for delete the files in a directory older
than
> 1800 seconds.
> Is there any function for it ?

Read this thread, too:
http://www.phparch.com/mailinglists/msg.php?a=701737&s=Mike+Migurski+find&sp=1

If you can get your hands on a September issue of php|architect, I had a
paragraph about this in my Tips 'n Tricks column.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] File creation date.

2003-11-06 Thread CPT John W. Holmes 
From: "Carles Xavier Munyoz Baldó" <[EMAIL PROTECTED]>

> I want to write a PHP function for delete the files in a directory older
than
> 1800 seconds.
> Is there any function for it ?

Start here: http://us2.php.net/manual/en/ref.filesystem.php

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Input Validation of $_SESSION values

2003-11-06 Thread CPT John W. Holmes 
From: "Boyan Nedkov" <[EMAIL PROTECTED]>

> [snip]
>  > ... Short of any severe bugs in PHP's core, there is no way for a
>  > user of your Web application to modify session data ...
> [/snip]
>
> It seems that statement is not completely correct considering the topic
> discussed in the paper 'Session Fixation Vulnerability in Web-based
> Applications' (http://secinf.net/uplarticle/11/session_fixation.pdf). I
> am also interested in the session security issue so any comments on that
> publication are welcome.

No, the statement is still correct. The paper discusses how malicious users
could possibly set the SESSION_ID to a predetermined value and then hijack
the session because they know it's value. They still cannot directly change
session variables that your script is creating.

In order to combat session fixation, use the session_regenerate_id()
function: http://us2.php.net/manual/en/function.session-regenerate-id.php

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

  1   2   3   4   5   >