Re: [PHP] -less layouts; Ideas welcome
Yeah, it doesn't work here, either. On Thu, May 21, 2009 at 11:44 AM, Shawn McKenzie wrote: > Ashley Sheridan wrote: > > Tedd, I've got a fairly simple calendar script in PHP here > > > http://www.ashleysheridan.co.uk/coding.php?group=php&article=coding_php_calendar.phpwhich > could be adapted fairly easily with the right tweaks. > > > > > > Ash > > www.ashleysheridan.co.uk > > > > I cant get the calendar on your site to do anything. No links and > clicks do nothing. FF 3.0.10 / Ubuntu. > > -- > Thanks! > -Shawn > http://www.spidean.com > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] -less layouts; Ideas welcome
I'd be more fond of unrolling some of those loops and feeding the data into a proper template than tweaking what looks like really half-arsed code. On Thu, May 21, 2009 at 11:57 AM, Ashley Sheridan wrote: > On Thu, 2009-05-21 at 10:44 -0500, Shawn McKenzie wrote: > > Ashley Sheridan wrote: > > > Tedd, I've got a fairly simple calendar script in PHP here > > > > http://www.ashleysheridan.co.uk/coding.php?group=php&article=coding_php_calendar.phpwhich > could be adapted fairly easily with the right tweaks. > > > > > > > > > Ash > > > www.ashleysheridan.co.uk > > > > > > > I cant get the calendar on your site to do anything. No links and > > clicks do nothing. FF 3.0.10 / Ubuntu. > > > > -- > > Thanks! > > -Shawn > > http://www.spidean.com > > > Well, yeah, there isn't any events or anything attached to any day! Like > I said, easy enough to tweak and output a link on a particular date that > matches something in the database. > > > Ash > www.ashleysheridan.co.uk > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] SECURITY PRECAUTION BEFORE SUBMITTING DATA IN DATABASE
Suhosin is completely not-related to SQL, though, I don't know why you'd bring it up... > > > > On Thu, May 21, 2009 at 3:42 PM, Shawn McKenzie wrote: > >> Michael A. Peters wrote: >> > Sumit Sharma wrote: >> >> Hi, >> >> >> >> I am designing a php website for my client which interact with >> database. >> >> This is my first project for any client (I hope he is not reading this >> >> mail >> >> ;-) ). I am a bit more concerned with database security. Can somebody >> >> shed >> >> some light on the security measurements, precautions, and functions >> >> related >> >> to database security in general to make sure that the data is safely >> >> stored >> >> updated and retried from database. I have already used htmlentities(), >> >> strip_tags(), addhashes(), and some regular expressions to check >> >> security. >> >> Looking for help beyond this. >> >> >> >> >> >> Thanks in advance... >> >> Sumit >> >> >> > >> > Use prepared statements. >> > If you are just starting out, I would recommend using a database >> > abstraction layer, such as MDB2 from pear. >> > >> > Doing it now is a LOT easier than porting an existing web application to >> > use a database abstraction layer. >> > >> > With prepared statement, sql injection is not an issue. >> > >> > Example of prepared statement with MDB2: >> > >> > $types = Array('integer','text','integer'); >> > $q = 'SELECT somefield,someotherfield FROM sometable WHERE afield > ? >> > AND bfield=? AND cfield < ? ORDER BY somefield'; >> > $sql = $mdb2->prepare($q,$types,MDB2_PREPARE_RESULT); >> > >> > $args = Array($var1,$var2,$var3); >> > $rs = $sql->execute($args); >> > >> > Prepared statements pretty much neuter any and all sql injection >> > attempts, assuming the database supports prepared statements (otherwise >> > the abstraction layer may emulate them which could possibly be prone to >> > vulnerabilities). >> > >> > While you do not need to use an abstraction layer to use prepared >> > statements, the advantage of an abstraction layer is that your code will >> > be much easier to port to a different database - advantageous to your >> > client if they ever want to change databases, advantageous to you if you >> > ever want to resuse you code for another client (assuming your contract >> > does not give exclusive ownership of your code to your existing client). >> > >> > The user the web server connects with should be as restricted as >> > possible. It should only have permission to connect to the database from >> > the host where the web server is running (localhost if running on same >> > machine as the sql server) and should not be granted any permissions it >> > does not absolutely need. >> > >> > The file containing the database authentication credentials should end >> > in .php and not .inc, and if at all possible, should be outside the web >> > root (you can modify the include path to add a directory outside the web >> > root that has includes - or include the file full path). >> > >> > Make sure error reporting is turned off on the production web server >> > (you can still read errors in the web server log). >> > >> > If at all possible, run php compiled with the suhosin core patch and >> > also run the suhosin loadable module. >> > >> > -=- >> > You shouldn't need addslashes with prepared statements. >> > You should run user input through an existed tested input filter, such >> > as http://htmlpurifier.org/ rather than trying to re-invent the wheel >> > and create your own. Script kiddies have scripts that test webapps for >> > input vulnerabilities (both xss and sql injection), and some of them are >> > rather tricky and browser specific. >> > >> > A community driven project like HTMLPurifier is more likely to catch >> > malicious input than something you cobble together. >> >> PDO is another good option. You shouldn't have to worry about escaping >> or SQL injections, though suhosin is a great idea. >> >> http://php.net/manual/book.pdo.php >> >> -- >> Thanks! >> -Shawn >> http://www.spidean.com >> >> -- >> PHP General Mailing List (http://www.php.net/) >> To unsubscribe, visit: http://www.php.net/unsub.php >> >> >
Re: [PHP] urgent CSS question
Moral of the story: if you use css classes ending in numbers, you're probably a rapist and/or murderer. On Fri, May 22, 2009 at 11:46 AM, Shawn McKenzie wrote: > Daniel Brown wrote: > > On Fri, May 22, 2009 at 08:02, Michael A. Peters > wrote: > >> If I recall - it is illegal to end a css class name is a number. > >> I'm not positive though. > > > > You are correct. They just executed a man in Texas for this. > > > > Yes we did, however that infraction is what led to the discovery of his > multiple rapes and brutal murders. > > Damn yanks. > > -- > Thanks! > -Shawn > http://www.spidean.com > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] IE can't download, FF can: SSL ? Need special headers?
or even just str_replace(' ' , '_', $name) consistent and works, no? On Fri, May 22, 2009 at 2:21 PM, Bastien Koert wrote: > On Fri, May 22, 2009 at 1:36 PM, Dee Ayy wrote: > > > Acceptable results, but could be better. > > > > basename works correctly for only Safari (filenames with spaces are > > correct). > > FF truncates the name starting with the first space. > > IE puts an underscore in place of a space. > > > > urlencode puts a plus sign in place of a space for all 3 browsers. > > > > But I've always had a note telling the user to rename the file to > > something useful, so I'll keep basename and not check the agent. > > > > Thoughts? > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > what about just CamelCasing the name? no spaces. > > -- > > Bastien > > Cat, the other other white meat >
Re: [PHP] Unsubscribe from php-general@lists.php.net
:( On Fri, May 22, 2009 at 2:55 PM, Tom Merriam wrote: > -- > Tom Merriam > Cell: 512.639.5589 Home: 512.869.6401 > twmerr...@gmail.com >
Re: [PHP] fgets function for very large files
On Sat, May 23, 2009 at 2:58 AM, Ashley Sheridan wrote: > > If it's a CSV, I'd recommend using phpMyAdmin directly to import it into > the database, assuming you are using a MySQL database that is. It's > using tried and tested code for large files like that. > > Tried and true to be what, exactly? Full of security holes and exploits and promoting bad habits? Really, if all you need to do for the database is import hte .csv, import it directly into mysql, from mysql: http://www.tech-recipes.com/rx/2345/import_csv_file_directly_into_mysql/ And on a related note, you should never, ever use PMA on a production machine as it's so easy to exploit and hack. Furthermore, if you use it on your dev server, you'll get used to managing your database with it and have trouble using it on the production server. Take the time to use a real DB administration app (like SQLyog of the one that comes with KDE) or an IDE with integrated SQL management (like PDT or Zend Studio or Aptana I think too). Bottom line is if you said you used PMA in an interview I had any say in, I'd never hire you and I'd never work with a developer who was that uncomfortable with SQL.
Re: [PHP] templating engine options
I've had a lot of success with Savant3: www.phpsavant.com becuase it's pretty featureful yet fast(er than the alternatives I tested). On Sat, May 23, 2009 at 7:01 PM, Nathan Rixham wrote: > LinuxManMikeC wrote: > >> On Sat, May 23, 2009 at 4:21 PM, Nathan Rixham wrote: >> >>> Hi All, >>> >>> Just a quick one, can anybody recommend any decent templating engines >>> other >>> than smarty. >>> >>> I've got no problem with smarty and it does the job - but if there is >>> something newer and lighter out there that I'm missing then I'd be a fool >>> not to at least consider it! >>> >>> can't be part of a framework, (or if it is easily extracted with no >>> framework dependencies), and not xslt (love xslt, but not many designers >>> do!). >>> >>> many regards, >>> >>> Nathan >>> >>> -- >>> PHP General Mailing List (http://www.php.net/) >>> To unsubscribe, visit: http://www.php.net/unsub.php >>> >>> >>> >> I was recently researching template engines for a small in-house >> project, with a bias toward simple and lightweight. I found this >> interesting article in my search. I think its worth considering if >> you don't need all the bells and whistles of the big template engines. >> Simple and elegant. >> http://www.massassi.com/php/articles/template_engines/ >> > > cheers, it certainly is simple and elegant - however a bit too simple > (specifically as it's in template php); gives me immediate visions of a > wordpress template - and that's more than enough to scare me off! > > regards, > > nathan > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] Container or Calling Class
You can call methods from a classes's parents like so class foo { protected method bar() { echo "in foo!"; } } class foobar extends foo { public function bar() { parent::bar(); } } $fb = new foobar(); $fb->bar(); will output "in foo!"; On Sun, May 24, 2009 at 3:58 PM, Nathan Rixham wrote: > Stuart wrote: > >> 2009/5/24 phphelp -- kbk : >> >>> If so, can the bar_handler->bar_toast() function call a function in the >>> container class (foo_handler)? "Parent" is used in some OOP languages for >>> this type of hierarchy, but not PHP. I have fooled around with the scope >>> resolution operator, but either that doesn't do it or I can't nail the >>> syntax. >>> >>> Anyone care to illuminate this for me? >>> >> >> I've never heard of this being possible in any language, never mind >> PHP. The parent keyword you mention refers to the parent class not the >> container, and works just as well in PHP as in other languages. Any >> OOP implementation that allows a class to call functions in a >> container class would be breaking one of the cardinal rules of OOP. >> >> -Stuart >> >> > no offence but it smacks a bit of bad design tbh - however one possibility > is to inject a reference to the container class instance in to the child > > $this->bar_handler = new bar_handler( $this ); > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] Re: General Web Development Editor/IDE
I use Zend Studip (I coughed up the fee, and it's worth it) for PHP, JS, HTML and CSS> THere's a WYSIWYG HTML editor built in, and that's the only drawback I hear from a lot of people about PHP IDE's. And, it's built on Eclipse, so while I work on WIndows at work, I can keep the exact same setup I huse at home which is linux. If you're willing to pay for Dreamweaver, at least download the trial from Zend and give it a shot. It's better than the other Eclipse IDEs (I've tried all the ones I've heard of) and any other IDE I've played with (which includes phpEdit). On Sun, May 24, 2009 at 4:04 PM, Al wrote: > > > Casey wrote: > >> Hi list, >> >> I'm looking for a nice, user (i.e. me) friendly general-purpose IDE, >> where most of my work will be done in PHP. >> >> I'm considering using Dreamweaver CS4 as my IDE, where I will disable >> most of the WYSIWYG elements and use all of the other features that I >> need/want (contextual syntax coloring and project management). >> >> But before I try that, are there any suggestions from all you experts out >> there? >> >> Thanks, >> - Casey >> > > phpEdit > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] Container or Calling Class
That's containment, not inheritence, must have misread the email. Oops :) The "easiest" way to do this would be something like: class contrived { private $parent; private $otherparent; public function __call($func, $params) { if(is_callable(array($this->parent, $func)) call_user_func_array(array($this->parent, $func), $params) elseif(is_callable(array($this->otherParent, $func)) call_user_func_array(array($this->otherparent, $func), $params) } } This is the most "elegant" way to accomplish the same thing, but it makes some assumptions, like you're willing to chain if-elseif's together (or store all contained instances in an array) and that you don't ever have overlapping method names (ie contrived.foo and parent.foo both exist). Also, it's really, really obnoxiously slow. __call() is hardly fast and call_user_func_array is no different. On Sun, May 24, 2009 at 7:52 PM, Nathan Rixham wrote: > Eddie Drapkin wrote: > >> You can call methods from a classes's parents like so >> class foo { >> >> protected method bar() { >> echo "in foo!"; >> } >> >> } >> >> class foobar extends foo { >> >> public function bar() { >> parent::bar(); >> } >> } >> >> $fb = new foobar(); >> $fb->bar(); will output "in foo!"; >> >> > wrong way round.. he's asking for: > > // note no extends > class foobar { > > public function bar() { >$this->foo = new Foo(); >$this->foo->bar(); > } > > public function poo() { > echo "call me if you can"; > } > > } > > // and the impossible > class foo { > > public method bar() { >foobar->poo(); // call the containing class > } > > } > > in a dom or as3 or suchlike this would be > > this.parent.poo(); > > but we have not this->parent > > note: note parent::poo() which is effectively super.poo() > > so he can only inject the container/parent > > > class foobar { > > private $foo; > > public function bar() { >$this->foo = new Foo( $this ); >$this->foo->bar(); > } > > public function poo() { > echo "call me if you can"; > } > > } > > // and the Possible > class foo { > > private $parent; > > public function __construct( $parent ) { >$this->parent = $parent; > } > > public method bar() { >$this->parent->poo(); // call the containing class method poo > } > > } >
Re: [PHP] Comparing strings (revisited)
With the initial explode, I may be wrong but I don't think it's possible to force every entry to be string-typed. However, this little snippet could help: $foo = explode(';', $db); foreach($foo as &$bar) { $bar = settype($bar, 'string); } which will set each element's type to string, but is hardly a fast or elegant solution, but a solution it is nonetheless. Alternatively, every time you reference a field that ought to be an element but isn't, you can use strval($element), but that's even uglier! On an aside, coming from strict typing to loose typing is certainly an enormous transition, you grow to learn these little things and work around them. The benefits and ease of the loose typing, at least to me, seem to outweigh the overhead handling "fringe" type cases like these. For a performance nut like myself, though, it certainly drives me insane! On Sun, May 24, 2009 at 10:46 PM, Clancy wrote: > For some time I have been working on a text based database, in which each > entry contains > one or more lines of data, with the various fields delimited by semicolons, > e.g. > > A;b;20GM;Restaurant;090508 > n;;;Arintji;; > a;Federation Square;;; > p;9663 9900;;;9663 9901;;i...@arintji.com.au<9901%3b%3bi...@arintji.com.au> > ; > > All was going well but recently I decided to allocate every entry a unique > identifier, > and, in what with hindsight was clearly misguided enthusiasm, decided that > each identifier > should be a four digit base 36 number (the 20GM in the first line). This > did not cause any > problems until yesterday, when I tried to load a name beginning with 'R', > and got the > first name on the list. When I investigated I found that I was searching > the array > containing the data using: > >if ($ident == $data[$i]['group']['ident']) { .. > > I then found that I was searching for 20E2, but was getting a match on > 2000. I tried > >'if ((string) $ident == (string) $data[$i]['group']['ident'])', > > but this still matched. However > >'if($ident === ' > > worked, as did > >'if (!strcmp($ident, $data[$i])) {...'. > > After puzzling about this for a long time, I realised that the comparison > process must > have been treating the second value as a floating point number, and > converting it to > integer, or vice versa. (In floating point notation 20E2 = 20*10^^2 = > 2000). I had > thought that the (string) override meant to treat the actual value as a > string, but in > this case it must be converting the (assumed) actual value to a string, and > then comparing > the results. > > This surprised me considerably as it is clear from the results I achieve in > other > circumstances that the data is actually stored as a raw string. > > $data is a variable format array, and when the original data is read each > line is exploded > into a term of the data array: $data[][] = explode(';',$line[$i]);. If I > print the value > of the ident (or any other field) it is always shown as the original > string, and when I > save an updated version of the data, each term of the data array is > imploded into a line > of the data file in its original format. However if this value were > actually converted to > a floating point number when it was entered I would have to specify a > format before I > could write it out again, and as 20E2 is a rather non-standard format it > is most unlikely > that it would come out as this unaided. > > Is there any way to specify that each field is always to be treated as a > string when I > originally explode the input file into the data array? For someone brought > up on rigidly > defined data types dynamic typing can be very confusing! > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] Container or Calling Class
No problem mate :) As a general rule, it seems that PHP just copied Java's OOP model - and outside of the quirks in the way it works internally - it's a pretty damn good implementation of object orientation. THe only issue I have with it is that it's not possible to lose the procedural bootstrapper :( On Sun, May 24, 2009 at 11:24 PM, phphelp -- kbk wrote: > Thanks, guys, for the discussion. This is nothing compelling for me, just > fooling around with the model. My first OOP language many-a-year ago had > this ability. "Parent" designated containment, not (as I believe, too, is > more "correct") inheritance hierarchy, like PHP. I and have never had the > need to call a "containing" function in PHP, but I was exploring the best > way to accomplish a new task the other day, and that kind of architecture > seemed like a possibility. > > In fact, probably just a bad idea. > > (I see so much of that in this list: "I need to..." followed by a > description of some bizarre construct. I want to scream "No! You have > painted yourself into a corner! Test your assumptions, or go back 5 steps > and start over.") > > Thanks again > > Ken > > > On May 24, 2009, at 9:38 PM, Eddie Drapkin wrote: > > That's containment, not inheritence, must have misread the email. Oops :) >> >> The "easiest" way to do this would be something like: >> >> class contrived { >> private $parent; >> private $otherparent; >> >> public function __call($func, $params) { >> if(is_callable(array($this->parent, $func)) >> call_user_func_array(array($this->parent, $func), $params) >> elseif(is_callable(array($this->otherParent, $func)) >> call_user_func_array(array($this->otherparent, $func), $params) >> } >> >> } >> >> This is the most "elegant" way to accomplish the same thing, but it makes >> some assumptions, like you're willing to chain if-elseif's together (or >> store all contained instances in an array) and that you don't ever have >> overlapping method names (ie contrived.foo and parent.foo both exist). >> Also, it's really, really obnoxiously slow. __call() is hardly fast and >> call_user_func_array is no different. >> >> On Sun, May 24, 2009 at 7:52 PM, Nathan Rixham wrote: >> Eddie Drapkin wrote: >> You can call methods from a classes's parents like so >> class foo { >> >> protected method bar() { >> echo "in foo!"; >> } >> >> } >> >> class foobar extends foo { >> >> public function bar() { >> parent::bar(); >> } >> } >> >> $fb = new foobar(); >> $fb->bar(); will output "in foo!"; >> >> >> wrong way round.. he's asking for: >> >> // note no extends >> class foobar { >> >> public function bar() { >> $this->foo = new Foo(); >> $this->foo->bar(); >> } >> >> public function poo() { >>echo "call me if you can"; >> } >> >> } >> >> // and the impossible >> class foo { >> >> public method bar() { >> foobar->poo(); // call the containing class >> } >> >> } >> >> in a dom or as3 or suchlike this would be >> >> this.parent.poo(); >> >> but we have not this->parent >> >> note: note parent::poo() which is effectively super.poo() >> >> so he can only inject the container/parent >> >> > >> class foobar { >> >> private $foo; >> >> public function bar() { >> $this->foo = new Foo( $this ); >> $this->foo->bar(); >> } >> >> public function poo() { >>echo "call me if you can"; >> } >> >> } >> >> // and the Possible >> class foo { >> >> private $parent; >> >> public function __construct( $parent ) { >> $this->parent = $parent; >> } >> >> public method bar() { >> $this->parent->poo(); // call the containing class method poo >> } >> >> } >> >> >
Re: [PHP] change server time
If you want to change the server time ocmpletely and independent of PHP, you're going to have to do it from the shell. On Sun, May 24, 2009 at 11:36 PM, Sumit Sharma wrote: > Yes, I works on windows as well well. Was looking for india time zone found > it as putenv("TZ=Asia/Calcutta");. Thanks a lot, but this function does not > change the server time permanently. Any Idea about any function which does > so. > > > Thanks, > Sumit > > > > On Sun, May 24, 2009 at 12:33 PM, Michael A. Peters > wrote: > > > Sumit Sharma wrote: > > > >> Hi, > >> > >> Whenever I am using date('r') function It shows time in GMT instead of > >> local time set on my machine. Do I need to configure the time > separately. > >> I > >> am using WAMP server locally. > >> > >> Thanks, > >> Sumit > >> > >> > > Not sure about windows - but > > > > putenv("TZ=America/Los_Angeles"); > > > > in your script should work (change the timezone to whatever you want > > locally). > > > > You should be able to set the TZ variable globally in your php.ini file. > > >
Re: [PHP] php dev environment
-- Forwarded message -- From: Eddie Drapkin Date: Mon, May 25, 2009 at 3:24 AM Subject: Re: [PHP] php dev environment To: Lester Caine Vim? Vi? PFT If you're gonna CLI, CLI *like a man* and use emacs! On Mon, May 25, 2009 at 3:21 AM, Lester Caine wrote: > Lester Caine wrote: > >> Paul M Foster wrote: >> >>> On Sun, May 24, 2009 at 10:32:23AM +0100, Nathan Rixham wrote: >>> >>> Hi All, >>>> >>>> A recent post just reminded me of something I did a while ago that may >>>> be of use to many of you (and its sitting doing nothing), it's a kind of >>>> how to for getting a full development environment up and running simply. >>>> >>>> >>>> Eclipse PDT 2 + extras >>>> http://wiki.voom.me/wiki/Eclipse-PDT2-Perfect-Setup >>>> >>>> Subversion auto props >>>> http://wiki.voom.me/wiki/SubversionAutoProps >>>> >>>> PHP Tools - XDebug, PHPDocumentor, PHP Code Sniffer, PHPUnit >>>> >>>> http://wiki.voom.me/wiki/VoomWorkingEnvironment#SettingUpTheLocalPHPPEAREnvironment >>>> >>>> (Ubuntu Specific - Continuous Integration) >>>> XDebug, PHPDocumentor, PHP Code Sniffer, PHPUnit, Cruise Control, >>>> phpUnderControl >>>> http://nathan.voom.me/wiki/PHP-ContinuousIntegration >>>> >>>> All that should save a few days of work setting up configuring and >>>> exploring. >>>> >>>> Servers & Bandwidth courtesy of Dan Brown @ Parasane - thanks mate. >>>> http://parasane.net/ >>>> >>>> Hope it helps somebody! >>>> >>> >>> That's no development environment! There's no Vim! ;-} >>> >> >> http://www.viplugin.com/viplugin/ >> > or http://www.vimplugin.org/ > > > But the above list does need PHPElipse rather than PDT ;) >> > > -- > Lester Caine - G8HFL > - > Contact - http://lsces.co.uk/wiki/?page=contact > L.S.Caine Electronic Services - http://lsces.co.uk > EnquirySolve - http://enquirysolve.com/ > Model Engineers Digital Workshop - http://medw.co.uk// > Firebird - http://www.firebirdsql.org/index.php > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
[PHP] Re: [PHP-DEV] PHP scalability problem
Processes are only spawned in shitty webserver processing models that high performing webservers don't even have. If you'll read my first link, php is rarely the client-side bottleneck (which is all that matters). And do some research, on a page that hits the database for me, the query is usually 50-80% of prosecution speed, so design a faster db schema or use a faster RDBMS (or high performing MySQL builds). Offloading processing is rarely possible and is not the solution to scaling your web application, somewhere along the line your server will fail (if you have enough success) and you'll have to get a new one. Scaling gracefully is more about horizontal expansion and getting the most for your buck, delaying the inevitable. Some things you probably ought to keep in mind 1) Client side performance is the only thing that matters. If your server load is at 110 but pages are still generating in less time than it takes to make the HTTP handshake (which I estimate <0.1 seconds is a fair target), then you have no worries. Install ySlow and study its documentation thoroughly and accept no less than high 90s for your work. 2) Scaling requires a fundamental paradigm of speed built in to the core logic of your application. It's easier to start with a persistent caching setup and go from there than apply one later. Look into memcache, memcachedb, and apc for some absolutely required tools. 3) The solution to save your server from doing the majority of the work isn't to load it onto the clients, that'll result in your ownership of a laggy, unresponsive site no one wants to use. I guess that would solve your problem, though, by taking away all your users. 4) Start establishing good performance habits, use a profiler like xdebug and identify your bottlenecks and optimize them. Saving 10ms on a logic setup is meaningless if every pageload has 200ms of queries it has to run. SQL *will* be your benchmark long before PHP or apache will be. Look into setting your SQL server up as fast as you can. Hint: default installs and configurations are never as fast as they could be. 5) Use ajax when you can instead of full page reloads. It saves a lot of overhead i/o if done properly. 6) Install an opcode cache, I recommend EAccelerator. Script CPU time will be decreased by (a) order of magnitude(s). 7) Scalability is a lot of SEO, there's no one magic thing you can do, it's a combination of dozens of tiny little things and it's probably the most difficult thing about writing PHP. Don't expect someone to email this list and say "Do X, Y and Z and you'll never have to worry about scaling!" because they'll be lying to you if that does happen. On a side note, I noticed this is the wrong list and CC'd the correct one. On Tue, May 26, 2009 at 11:04 PM, tRace DOliveira wrote: > > What I am trying to achieve is to have the server do less processing. Like > I said PHP is a server side scripting language and each time a request is > made a process is spawned and processes are heavy weight as compared to a > thread which is a light weight process. So I want to take away much > processing away from the server and have the client do it instead. Because > if many requests are made the server will eventually go down because it will > over the server. > ** > > > From: Eddie Drapkin > Subject: Re: [PHP-DEV] PHP scalability problem > To: "tRace DOliveira" > Cc: intern...@lists.php.net > Date: Wednesday, May 27, 2009, 2:55 AM > > > 1) PHP is Rarely The Bottleneck: > http://talks.php.net/show/drupal08/<http://talks.php.net/show/drupal08/7> > 2) Invest in an opcode cache > 3) DB I/O is always the most restrictive part of your application, read the > mysql performance blog (a lot applies for postgres too) > 4) If you're serious about scalability, ditch apache and use a better > webserver > 5) You're describing what ajax does in a lot of cases > 6) Have you deployed flatfile cache / apc / memcached? If so, how? > 7) Do you regularly run siege tests on new server stacks and profile each > piece's impact on performance? > 8) Do you profile your code every time you change some piece of logic? > > Scalability is an enormous mountain to climb and there's only so much you > can offload on to the client. Chances are there's more room for improvement > at any stage in your development than there is potentiality for client-side > processing. > > On Tue, May 26, 2009 at 10:46 PM, tRace DOliveira > http://us.mc1104.mail.yahoo.com/mc/compose?to=married...@yahoo.com> > > wrote: > >> PHP is a server side scripting language, so that means that the server >> will have to do the bulk of the processing if not most. >> I was thinking about shifting the processing to the client. Kinda like how >> java does it. I don't know really know how java does it but it would be >> interesting if it could be done for PHP also. >> Thank you, >> Leonard D'Oliveira >> >> >> > > > >
[PHP] Re: [PHP-DEV] PHP scalability problem
I seriously doubt it. PHP is a better language in almost all regards and is much much more popular. A lot of people make that decision every day and I'd say most of them choose PHP. Why ask that, though? On Tue, May 26, 2009 at 11:36 PM, tRace DOliveira wrote: > > Do you agree with me that when building a large web application that people > would rather choose ASP.Net over PHP if people had to choose between those > two ? > --- On *Wed, 5/27/09, Eddie Drapkin * wrote: > > > From: Eddie Drapkin > Subject: Re: [PHP-DEV] PHP scalability problem > To: "Michael Shadle" > Cc: "tRace DOliveira" , "intern...@lists.php.net" < > intern...@lists.php.net> > Date: Wednesday, May 27, 2009, 3:29 AM > > > nginx and php-fpm is the fastest setup I could find, after spending almost > 2 weeks trying different combinations. > > Apache pre-fork model: 1900 reqs/second (this is with running queries per > pageload) > nginx w/ fpm: 3400 reqs/second > > And nginx's doc setup is awesome. > > Like Michael said, scaling PHP itself is no big deal, just add more worker > nodes to your process pool, the issue is scaling out your sql server > (memcache scaling is piss easy too) > > On Tue, May 26, 2009 at 11:24 PM, Michael Shadle > http://us.mc1104.mail.yahoo.com/mc/compose?to=mike...@gmail.com> > > wrote: > >> Succinct and great reply. >> >> Better webserver: nginx :) >> >> #3 is probably the most important piece. >> >> I'd like to also note scaling php is pretty simple. Scaling out typically >> provides better results as opposed to scaling up. Scaling your datastore >> will always be your pain point. Adding new data nodes is complex. Adding >> more php processing nodes is simple. Php nodes are just worker bees. They're >> great for shared-nothing processing engines. >> >> I can't think of a good metaphor right now other than that. >> >> On May 26, 2009, at 7:55 PM, Eddie Drapkin >> http://us.mc1104.mail.yahoo.com/mc/compose?to=oorza...@gmail.com>> >> wrote: >> >> 1) PHP is Rarely The Bottleneck: >>> http://talks.php.net/show/drupal08/<http://talks.php.net/show/drupal08/7> >>> >>> >>> 2) Invest in an opcode cache >>> 3) DB I/O is always the most restrictive part of your application, read >>> the >>> mysql performance blog (a lot applies for postgres too) >>> 4) If you're serious about scalability, ditch apache and use a better >>> webserver >>> 5) You're describing what ajax does in a lot of cases >>> 6) Have you deployed flatfile cache / apc / memcached? If so, how? >>> 7) Do you regularly run siege tests on new server stacks and profile each >>> piece's impact on performance? >>> 8) Do you profile your code every time you change some piece of logic? >>> >>> Scalability is an enormous mountain to climb and there's only so much you >>> can offload on to the client. Chances are there's more room for >>> improvement >>> at any stage in your development than there is potentiality for >>> client-side >>> processing. >>> >>> On Tue, May 26, 2009 at 10:46 PM, tRace DOliveira >>> http://us.mc1104.mail.yahoo.com/mc/compose?to=married...@yahoo.com> >>> >wrote: >>> >>> PHP is a server side scripting language, so that means that the server >>>> will >>>> have to do the bulk of the processing if not most. >>>> I was thinking about shifting the processing to the client. Kinda like >>>> how >>>> java does it. I don't know really know how java does it but it would be >>>> interesting if it could be done for PHP also. >>>> Thank you, >>>> Leonard D'Oliveira >>>> >>>> >>>> >>>> > >
[PHP] [PHP-DEV] PHP scalability problem
... no Apache uses processes, but can also use threads. nginx and lighttpd both use a threaded model. But you seem to have this idea in your head that it's PHP's fault and switching to a threaded webserver / CGI model will solve any noticeable scalability problems, so feel free to ditch PHP for ASP because you think it'll be anywhat faster. I'll save you some time: it won't. On Tue, May 26, 2009 at 11:44 PM, tRace DOliveira wrote: > > What I am trying to get at is that PHP uses processes(Heavy weight) and > ASP.NET uses threads which are light weight. So it inflicts less strain > upon the web server. So I am trying to solve the problem of the strain that > PHP causes on ther server. > --- On *Wed, 5/27/09, Eddie Drapkin * wrote: > > > From: Eddie Drapkin > Subject: Re: [PHP-DEV] PHP scalability problem > To: "tRace DOliveira" > Cc: "PHP General Mailing List" > Date: Wednesday, May 27, 2009, 3:39 AM > > > > I seriously doubt it. PHP is a better language in almost all regards and > is much much more popular. A lot of people make that decision every day and > I'd say most of them choose PHP. Why ask that, though? > > On Tue, May 26, 2009 at 11:36 PM, tRace DOliveira > http://us.mc1104.mail.yahoo.com/mc/compose?to=married...@yahoo.com> > > wrote: > >> >> Do you agree with me that when building a large web application that >> people would rather choose ASP.Net over PHP if people had to choose between >> those two ? >> --- On *Wed, 5/27/09, Eddie Drapkin >> http://us.mc1104.mail.yahoo.com/mc/compose?to=oorza...@gmail.com> >> >* wrote: >> >> >> From: Eddie Drapkin >> http://us.mc1104.mail.yahoo.com/mc/compose?to=oorza...@gmail.com> >> > >> Subject: Re: [PHP-DEV] PHP scalability problem >> To: "Michael Shadle" >> http://us.mc1104.mail.yahoo.com/mc/compose?to=mike...@gmail.com> >> > >> Cc: "tRace DOliveira" >> http://us.mc1104.mail.yahoo.com/mc/compose?to=married...@yahoo.com>>, >> "intern...@lists.php.net<http://us.mc1104.mail.yahoo.com/mc/compose?to=intern...@lists.php.net>" >> http://us.mc1104.mail.yahoo.com/mc/compose?to=intern...@lists.php.net> >> > >> Date: Wednesday, May 27, 2009, 3:29 AM >> >> >> nginx and php-fpm is the fastest setup I could find, after spending almost >> 2 weeks trying different combinations. >> >> Apache pre-fork model: 1900 reqs/second (this is with running queries per >> pageload) >> nginx w/ fpm: 3400 reqs/second >> >> And nginx's doc setup is awesome. >> >> Like Michael said, scaling PHP itself is no big deal, just add more worker >> nodes to your process pool, the issue is scaling out your sql server >> (memcache scaling is piss easy too) >> >> On Tue, May 26, 2009 at 11:24 PM, Michael Shadle >> http://us.mc1104.mail.yahoo.com/mc/compose?to=mike...@gmail.com> >> > wrote: >> >>> Succinct and great reply. >>> >>> Better webserver: nginx :) >>> >>> #3 is probably the most important piece. >>> >>> I'd like to also note scaling php is pretty simple. Scaling out typically >>> provides better results as opposed to scaling up. Scaling your datastore >>> will always be your pain point. Adding new data nodes is complex. Adding >>> more php processing nodes is simple. Php nodes are just worker bees. They're >>> great for shared-nothing processing engines. >>> >>> I can't think of a good metaphor right now other than that. >>> >>> On May 26, 2009, at 7:55 PM, Eddie Drapkin >>> http://us.mc1104.mail.yahoo.com/mc/compose?to=oorza...@gmail.com>> >>> wrote: >>> >>> 1) PHP is Rarely The Bottleneck: >>>> http://talks.php.net/show/drupal08/< >>>> http://talks.php.net/show/drupal08/7> >>>> >>>> 2) Invest in an opcode cache >>>> 3) DB I/O is always the most restrictive part of your application, read >>>> the >>>> mysql performance blog (a lot applies for postgres too) >>>> 4) If you're serious about scalability, ditch apache and use a better >>>> webserver >>>> 5) You're describing what ajax does in a lot of cases >>>> 6) Have you deployed flatfile cache / apc / memcached? If so, how? >>>> 7) Do you regularly run siege tests on new server stacks and profile >>>> each >>>> piece's impact on performance? >>>> 8) Do you profile your code every
[PHP] [PHP-DEV] PHP scalability problem
If you think that's a problem, then yes. Look into nginx. But honestly, you're not going to notice a speed improvement at all (maybe if you were serving 2000 loads/sec you would, but only then if it's on a small box). On Tue, May 26, 2009 at 11:52 PM, tRace DOliveira wrote: > I also thought that it's PHP that causes the processes. Thanks that helps > me alot. So the problem is not with the language itself but the web > server(Apache)? > > --- On *Wed, 5/27/09, Eddie Drapkin * wrote: > > > From: Eddie Drapkin > Subject: Re: [PHP-DEV] PHP scalability problem > To: "tRace DOliveira" > Date: Wednesday, May 27, 2009, 3:47 AM > > > ... no > > Apache uses processes, but can also use threads. nginx and lighttpd both > use a threaded model. But you seem to have this idea in your head that it's > PHP's fault and switching to a threaded webserver / CGI model will solve any > noticeable scalability problems, so feel free to ditch PHP for ASP because > you think it'll be anywhat faster. I'll save you some time: it won't. > > On Tue, May 26, 2009 at 11:44 PM, tRace DOliveira > http://us.mc1104.mail.yahoo.com/mc/compose?to=married...@yahoo.com> > > wrote: > >> >> What I am trying to get at is that PHP uses processes(Heavy weight) and >> ASP.NET <http://asp.net/> uses threads which are light weight. So it >> inflicts less strain upon the web server. So I am trying to solve the >> problem of the strain that PHP causes on ther server. >> --- On *Wed, 5/27/09, Eddie Drapkin >> http://us.mc1104.mail.yahoo.com/mc/compose?to=oorza...@gmail.com> >> >* wrote: >> >> >> From: Eddie Drapkin >> http://us.mc1104.mail.yahoo.com/mc/compose?to=oorza...@gmail.com> >> > >> Subject: Re: [PHP-DEV] PHP scalability problem >> To: "tRace DOliveira" >> http://us.mc1104.mail.yahoo.com/mc/compose?to=married...@yahoo.com> >> > >> Cc: "PHP General Mailing List" >> http://us.mc1104.mail.yahoo.com/mc/compose?to=php-gene...@lists.php.net> >> > >> Date: Wednesday, May 27, 2009, 3:39 AM >> >> >> >> I seriously doubt it. PHP is a better language in almost all regards and >> is much much more popular. A lot of people make that decision every day and >> I'd say most of them choose PHP. Why ask that, though? >> >> On Tue, May 26, 2009 at 11:36 PM, tRace DOliveira >> http://us.mc1104.mail.yahoo.com/mc/compose?to=married...@yahoo.com> >> > wrote: >> >>> >>> Do you agree with me that when building a large web application that >>> people would rather choose ASP.Net over PHP if people had to choose between >>> those two ? >>> --- On *Wed, 5/27/09, Eddie Drapkin >>> http://us.mc1104.mail.yahoo.com/mc/compose?to=oorza...@gmail.com> >>> >* wrote: >>> >>> >>> From: Eddie Drapkin >>> http://us.mc1104.mail.yahoo.com/mc/compose?to=oorza...@gmail.com> >>> > >>> Subject: Re: [PHP-DEV] PHP scalability problem >>> To: "Michael Shadle" >>> http://us.mc1104.mail.yahoo.com/mc/compose?to=mike...@gmail.com> >>> > >>> Cc: "tRace DOliveira" >>> http://us.mc1104.mail.yahoo.com/mc/compose?to=married...@yahoo.com>>, >>> "intern...@lists.php.net<http://us.mc1104.mail.yahoo.com/mc/compose?to=intern...@lists.php.net>" >>> http://us.mc1104.mail.yahoo.com/mc/compose?to=intern...@lists.php.net> >>> > >>> Date: Wednesday, May 27, 2009, 3:29 AM >>> >>> >>> nginx and php-fpm is the fastest setup I could find, after spending >>> almost 2 weeks trying different combinations. >>> >>> Apache pre-fork model: 1900 reqs/second (this is with running queries per >>> pageload) >>> nginx w/ fpm: 3400 reqs/second >>> >>> And nginx's doc setup is awesome. >>> >>> Like Michael said, scaling PHP itself is no big deal, just add more >>> worker nodes to your process pool, the issue is scaling out your sql server >>> (memcache scaling is piss easy too) >>> >>> On Tue, May 26, 2009 at 11:24 PM, Michael Shadle >>> http://us.mc1104.mail.yahoo.com/mc/compose?to=mike...@gmail.com> >>> > wrote: >>> >>>> Succinct and great reply. >>>> >>>> Better webserver: nginx :) >>>> >>>> #3 is probably the most important piece. >>>> >>>> I'd like to also note scaling php is pretty simple. Scaling
Re: Re: [PHP] Re: PHP, OOP and AJAX
Your code might not, but you sure do! Spending all that time writing require statements = :( On Thu, May 28, 2009 at 9:49 AM, Tony Marston wrote: > > wrote in message > news:000e0cd6ad1a9f7d3d046af89...@google.com... > > Two things: > > > > 1. Try using the fully qualified path (ie /var/www/foo/bar.php instead of > > foo/bar.php) > > 2. Look at setting up autoloading so you don't need to manually include > > anyway. If you're going OOP, autoloading is a must! > > I totally disagree. I have been doing OOP with PHP for years, and I have > never used autoloading. It is just a feature that can be used, misused or > abused just like any other. I choose not to use it, and my code does not > suffer in the least! > > -- > Tony Marston > http://www.tonymarston.net > http://www.radicore.org > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: Re: [PHP] Re: PHP, OOP and AJAX
There's a huge difference between laziness and opting in to use an incredibly useful (and easy to properly deploy) feature to save myself time so that I can spend more time writing that structured and efficient code of which you speak. And the problem with what you're saying is that you still have to include 'singleton.php' somewhere in order to call its static methods, and I'd rather just spend 30 minutes writing an autoloader object and letting it deal with finding any of the classes I use then trying to keep track of legacy code I didn't write and require'ing them all over the place. The way I look at it, if you spend all your time handling things that you could automate - and if written properly, will always work as expected (it's called unit testing and debugging) - then you have no time to write that structured and efficient code in order to meet your deadlines! :) On Thu, May 28, 2009 at 10:53 AM, Tony Marston < t...@marston-home.demon.co.uk> wrote: > "Eddie Drapkin" wrote in message > news:68de37340905280737t3e1ad844y188ab8fa08f17...@mail.gmail.com... > > Your code might not, but you sure do! Spending all that time writing > > require statements = :( > > If you are too lazy to write "require" statements then you are probably too > lazy to write readable, well structured and efficient code. Besides, I > don't > use "require" statements, I use >$dbobject =& singleton::getInstance('classname'); > > I don't use autoload because *I* want to be in control. I prefer not to > rely > on automatuic features which may not work as expected. > > -- > Tony Marston > http://www.tonymarston.net > http://www.radicore.org > > > On Thu, May 28, 2009 at 9:49 AM, Tony Marston > > >> wrote: > > > >> > >> wrote in message > >> news:000e0cd6ad1a9f7d3d046af89...@google.com... > >> > Two things: > >> > > >> > 1. Try using the fully qualified path (ie /var/www/foo/bar.php instead > >> > of > >> > foo/bar.php) > >> > 2. Look at setting up autoloading so you don't need to manually > include > >> > anyway. If you're going OOP, autoloading is a must! > >> > >> I totally disagree. I have been doing OOP with PHP for years, and I have > >> never used autoloading. It is just a feature that can be used, misused > or > >> abused just like any other. I choose not to use it, and my code does not > >> suffer in the least! > >> > >> -- > >> Tony Marston > >> http://www.tonymarston.net > >> http://www.radicore.org > >> > >> > >> > >> > >> -- > >> PHP General Mailing List (http://www.php.net/) > >> To unsubscribe, visit: http://www.php.net/unsub.php > >> > >> > > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: Re: [PHP] Re: PHP, OOP and AJAX
autoloading doesn't do anything but follow a set of logic rules to decide what file to require, so it doesn't mess with opcode caches at all. On Thu, May 28, 2009 at 4:02 PM, Nathan Nobbe wrote: > On Thu, May 28, 2009 at 9:25 AM, Tony Marston < > t...@marston-home.demon.co.uk > > wrote: > > > > > "Eddie Drapkin" wrote in message > > news:68de37340905280801m6964d355l2d6d8ef773f3b...@mail.gmail.com... > > > There's a huge difference between laziness and opting in to use an > > > incredibly useful (and easy to properly deploy) feature to save myself > > > time > > > so that I can spend more time writing that structured and efficient > code > > > of > > > which you speak. And the problem with what you're saying is that you > > > still > > > have to include 'singleton.php' somewhere in order to call its static > > > methods, > > > > I have a single general purpose include file which autmatically includes > > all > > other standard files, so I never have to explicity load my singleton > class. > > > > > and I'd rather just spend 30 minutes writing an autoloader object > > > and letting it deal with finding any of the classes I use then trying > to > > > keep track of legacy code I didn't write and require'ing them all over > > the > > > place. > > > > I'd rather not waste 30 minutes of my time writing a feature that I don't > > need. > > > > The difference between using and not using the autoload feature does not > > have any measurable impact on either my development times, nor the > > execution > > of my code, so I choose to not use it. That's my choice, and I'm sticking > > to > > it. > > > > > The way I look at it, if you spend all your time handling things that > you > > > could automate - and if written properly, will always work as expected > > > (it's > > > called unit testing and debugging) - then you have no time to write > that > > > structured and efficient code in order to meet your deadlines! :) > > > > Not using autoload does not have any noticeable effect on my deadlines, > so > > I > > have no incentive to use it. Just because you say that I *should* use it > > carries no weight at all. > > > this simple fact is that autoloading is something anyone can implement > themselves. take a look at code igniters $this->load() arrangement. > basically they do dynamic loading rather than requires, and thats part of > the reason for the massive performance advantage it has over other > frameworks. > > autoloading is nice because it affords a somewhat standard approach to a > common issue. sure, you could do something like ci, but i say why bother, > why not just use __autoload() and freinds now that php offers it as a > feature. then again, if you already have some dynamic loading system, of > course theres no real call to move to __autoload(). (and of course ci is > written w/ php4 support in mind, which obviously eliminates __autoload in > their scenario) > > im also skeptical of the advantages dynamic loading offers in systems > running an opcode cache. essentially after initially caching a scripts > opcodes, successive include/require calls are a hit to the cache to see its > already there. im sure dynamic loading is offers dramatic performance > gains > systems not running opcode caches though. > > -nathan >
[PHP] Autoloading with namespaces in 5.3.0
Hey, I'm looking to start playing with 5.3.0, and thus by extension, namespaces. One of the things that I definitely need support for is autoloading, and the docs aren't exactly explicit in some (obvious to me) cases. I have an autoloading class that internally handles file-not-found errors and the like and a set of methods that get registered via spl_autoload_register. I'm wondering if there's any way that the autoloader - which won't exist inside a namespace - can handle classes with the same name in several different namespaces. Say, for example, I have three directories foo/, bar/, and baz/ and each of those corresponds to a same-named namespace, and each also has a class named ExampleClass. If I try to instantate a foo\ExampleClass, does the classname get set in the autoloader method as "ExampleClass" or "foo\ExampleClass"? If the former, is there any way to determine the namespace name so I don't accidentally autoload bar\ExampleClass or baz\ExampleClass?
Re: [PHP] Autoloading with namespaces in 5.3.0
I did some further research and think I can manage to load \foo\bar\class.php fine, but if I use foo\bar\ as bar and load bar\class.php, does the autoloader have access to the scope of use or does it get translated to the FQ path? On Mon, Jun 1, 2009 at 10:44 AM, Nathan Nobbe wrote: > On Sat, May 30, 2009 at 1:51 PM, Eddie Drapkin wrote: > >> Hey, I'm looking to start playing with 5.3.0, and thus by extension, >> namespaces. One of the things that I definitely need support for is >> autoloading, and the docs aren't exactly explicit in some (obvious to me) >> cases. >> >> I have an autoloading class that internally handles file-not-found errors >> and the like and a set of methods that get registered via >> spl_autoload_register. I'm wondering if there's any way that the >> autoloader >> - which won't exist inside a namespace - can handle classes with the same >> name in several different namespaces. Say, for example, I have three >> directories foo/, bar/, and baz/ and each of those corresponds to a >> same-named namespace, and each also has a class named ExampleClass. If I >> try to instantate a foo\ExampleClass, does the classname get set in the >> autoloader method as "ExampleClass" or "foo\ExampleClass"? If the former, >> is there any way to determine the namespace name so I don't accidentally >> autoload bar\ExampleClass or baz\ExampleClass? >> > > i seem to remember a while back, someone saying the entire namespace will > now be passed into the __autoload() function, whereas before it was just the > classname. your autoload logic should be equipped to handle different > classes w/ the same name, in different namespaces. > > -nathan >
Re: [PHP] Re: PHP vs ASP.NET
> > > daniel.br...@parasane.net || danbr...@php.net > http://www.parasane.net/ || http://www.pilotpig.net/ > 50% Off All Shared Hosting Plans at PilotPig: Use Coupon DOW1 > > Completely off topic, but www.pilotpig.net is down or buggered or something! Looks like a squatter to me >.>
Re: [PHP] Re: PHP scalability problem -- APC vs EAccelerator
EAcellerator is "just" an opcode cache. It transparently caches PHP opcodes; all you have to do to use it is download, compile and enable and never worry about it again. APC, on the other hand, does a bit more. While APC also caches opcodes, it performs worse than EAC or xcache does (there's a bit of debate as to which is better, for my particular needs, EAC was marginally faster, but both outperformed APC) for opcode caching. APC, on the other hand, also has some useful features that aren't related to opcode caching, but rather apc_store, apc_fetch and apc_define_constants. If you install apc and don't set apc_enable=1 in php.ini and leave the opcode caching to EAC / XCache, you still have the ability to use those three functions, which allow you to have persistent values in RAM between requests, which is really useful if you have a lot of generic data that never changes but is needed often. I personally use apc to set and fetch global variables and constants and allow EAC to cache the opcodes. It gets really hairy if you decide to use memcached in conjunction with an external opcode cacher and APC, because there's specific cases where APC is useful to store/fetch persistent data and other cases where memcached makes more sense to use. I recommend reading www.scribd.com/doc/4069180/Caching-Performance-*Lessons-from-Facebook * for a good analysis of when and where and how to implement the two in tandem. Speaking more generically, building with memcached in mind is a huge paradigm shift from your typical php/mysql architecture, as you have to compensate for the fact that the database is dynamically changing, and either abstract away, or manually manage the data structures in memcached. There's two strategies - hard mode and extreme mode, if you will - to doing this: delete every key when the data within them changes, or dynamically update them as the database changes (theoretically offering you the potential to have 95%+ cache hit rate, with database reads being a rare case). It's a lot more difficult to drop in later than it is to design with it in mind, and in many cases implementing it means re-writing a lot of legacy code, but the fact of the matter is that a solid memcached implementation can all but bypass the SQL database altogether (and by doing so bypass the bottleneck for the vast majority of requests) and there's nothing else that offers the performance increase of memcace (orders of magnitude). If you'd like a more complete example - with (pseudo)code example, let me know and I'll write out something more descriptive. If you're worried about scalability, there's a few links I'd recommend: http://highscalability.com/ - blog dedicated to scalability, has talks with a lot of huge, high visibility sites (not all built on php) including, but not limited to, digg, facebook and wolfram|alpha www.*mysqlperformanceblog*.com/ - another blog dedicated to performance, but less generically and more how to squeeze the most out of mysql. It's run by Percona, which is a very respectable company despite their flaws, and they also distribute XtraDB, the easiest way to increase MySQL performance. Pardon me for assuming you use MySQL if you don't. http://blog.facebook.com/ - facebook's official blog, often has useful talks and links about the ways they've solved their scalability problems. http://blog.digg.com/ - same as previous, save for digg You'll have to dig (pun not intended) through a lot of cruft for "the good stuff" with those last two links, but you can easily spend several hours on the first two links and all four offer pretty impressive advice. Let me know if there's anything else I can do for you :) --Eddie On Mon, Jun 1, 2009 at 9:44 PM, Daevid Vincent wrote: > Eddie can you explain the differences between APC (which is now built into > PHP) and EAccelerator. You seem to give mixed signals here as you endorse > both it seems, but I would think they would collide and as the Highlander > says, "There can be only one!" > > http://us.php.net/apc > http://eaccelerator.net/ > > Why would we choose one over the other, or do they really work in tandem > together? > > We looked into memcached or memcache or some $hit (it's too confusing and I > don't remember the exact one) but after installing, we realized it would > not > work so well for us as it makes your SQL queries potentially stale. In our > case, they all have to be live and accurate. And there is a 1MB data limit > per cache object. :( > > http://us.php.net/manual/en/book.memcache.php > http://us.php.net/manual/en/book.memcached.php > http://www.danga.com/memcached/ > > However we did install the APC and that seems to work very well for caching > the page's opcodes, and are quite pleased with it so far. Plus it's nice
Re: [PHP] Web application design considerations - a good reference ?
My suggestion to you is probably mosty a rehashing of what a lot of other people have said. I definitely think you should take a good, hard look at some existing solutions (frameworks, cms's, etc.) and decide whether you want to use one or not. In my experience, which is admittedly limited, pre-fabricated frameworks like those mentioned in this thread often have way more functionality than you'll actually need, like putting up a painting with a jackhammer. If you decide not to use one, you'll at the very least get a lot of invaluable experience working with PHP and seeing how things are setup. Maybe you'll directly emulate a code layout and flow structure, maybe you'll take a bit from drupal, and a bit from cake, and a bit from wordpress, or maybe by seeing them, you'll reject their ideas for your own. No matter what you do, it's exposure to someone else's ideas and through that, you can help build your own instead of walking down that same road and falling in the same pitfalls that other people have. I'd also like to second someone's previous suggestion that you not work alone. In my experience, there's pros and cons to every idea and every idea has a sibling - at least one other way of accomplishing the same task. If you surround yourself with good people that know what they're doing and have a good discourse about how to do A, B and C and bounce ideas off of one another, there's a good chance that the ultimate product will be much better than if you had elected to work alone. That's all I've got --Eddie On Tue, Jun 2, 2009 at 9:48 AM, Lists wrote: > Angus Mann wrote: > >> Hi all. >> >> I'm working on a PHP project for my own personal business use. It will >> handle billing and invoices as well as payments and time management, >> bookings, appointments and a few more. I may add things like personal >> messaging between the various users and a customer login to check on the >> progress of their accounts. >> >> It is a big project and will probably take a year or so to complete in my >> spare time. >> >> I have made a couple of starts but I have no experience in creating such >> large applications and I find I often end up with spaghetti code. I've tried >> using session variables to keep track of where and what the program is doing >> but there are so many permuations and combinations I found myself writing >> endless streams of if's, and's and or's just to figure out what page to >> display. >> >> The code is not the probblem for me...it's the flow and organization of >> the code. >> >> Can anybody point me to a good book or tutorial that lays down the >> principles and gives some suggestions for integrating the many subroutines >> of a large application? I want to make the code readable and logical in its >> flow, and avoid repetition of code segments. >> >> Much appreciated. >> Angus >> > > I wrote one from Scratch over many years and I don't know how I would > operate my business without it at this point. Some little things I would > suggest... if you have multiple relationships over several .dbs.. customers > db relating to a invoices db, proposals db, quotes db etc.. > make sure to use a global unique ID across all databases.. meaning, > every time a new record is created in any of these databases, I > grab an I.D. from a function that exists only to create a unique ID. > This way you don't run the risk of creating false relationships. > > Some ideas?.. I probably went over board, but all my invoices, quotes etc. > also have a corresponding hard copy (file that is written), other > than the database record, which acts as redundancy. > > The problem with any framework such as Drupal is, though you can avoid > reinventing the wheel in some cases, you also build stuff that looks like > existing stuff and you have the same known security management as existing > stuff, and you are sometimes limited on function... So, I just wanted to add > this alternate perspective that it is perfectly doable starting from the > ground up. > > Donovan > > > > > > -- > =o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o > D. BROOKE EUCA Design Center > WebDNA Software Corp. > WEB:> http://www.euca.us | http://www.webdna.us > =o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o > WebDNA: [** Square Bracket Utopia **] > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] PHP Help
There's a few things about your post I'd like to comment on. One, if you're not using APC, I definitely agree with the fact that you're just wasting resources. However, you mention micro-optimizations and say that they're hardly useful, but in some cases it's a huge difference. ' vs. " is like a 0.1% speed difference or something equally negligible, but using isset($foo['bar']) instead of in_array($foo, 'bar') is almost an exponential speedup (it approaches that level of difference as the array size gets larger and larger), so there are some definite good practices with common fundamental structures that are worth paying attention to. And finally, you mention optimizing the LAMP stack, when the fact of the matter is the best way to optimize that stack is to get rid of it. Apache is huge and slow and there are very fast and viable replacements for it (I use nginx, but a lot of people are satisfied with lighttpd) and using either spawn-fcgi or fpm, php concurrency can increase by as much as 50%. And regarding MySQL, installing XtraDB, Percona's enhanced InnoDB build with a whole boatload of patches, is the easiest way to squeeze more performance out of MySQL. To the OP, though, the point is that there is a definite scalability path with regards to PHP and it's not something to really fret over, as there are tons of documentation, talks, presentations, blog posts, strategies, etc to achieve the most with PHP. Although, in the end, PHP itself is rarely your bottleneck, but instead the way you have your webserver setup bottlenecks your clientele and the way you have your queries written bottlenecks your server. I don't want to say that PHP speed is negligible, but if you write the world's worst PHP, but have an opcode cache and a fast DB implementation (and a 100 ySlow score) no one is ever going to notice how bad your code is, whereas someone else could write great code on a poorly performing site and wind up in a much worse situation. On Tue, Jun 2, 2009 at 10:20 AM, Topbit wrote: > On Tue, Jun 2, 2009 at 5:33 AM, tRace DOliveira > wrote: > > I think that PHP is the best scripting language ever created...I'm > currently doing a study of PHP and I want to know how APC can be used to > improve PHP performance and how it can be implemented and also if there is > some other alternative other than APC of improving PHP performance ? The > problem that I face is that as many requests are made the server is placed > under alot of pressure and cannot deal with it > > A large part of the reason PHP is so good at what it does is that > scaling it up on a single, and then to multi-machine sites and from > there to even millions of users is a well understood path. > > For APC, if you are running your own server and running a PHP site on > there, if you're not already running APC or a similar caching system > on there, you are just wasting CPU effort. > > There are a number of websites already out there that demonstrate the > sort of caching and optimisations that can be performed on a LAMP > stack, both within PHP code (but the various micro-optimisations of > changing quotes and using one kind of array handling over another is > only useful at the most extreme end of optimisations - and if you > wonder if you need them - then you don't). I'll be writing on the > topic of scaling on my blog soon as well, so it might be useful to > keep an eye on the in the next few weeks as well. > > For now, http://google.com/search?q=scaling+PHP will give you a lot of > food for thought. > > Topbit > http://topbit.co.uk/ > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
[PHP] Re: [PHP-DEV] PHP scalability problem
Use a FastCGI process manager, then, and you'll have a tighter level of control. There's several CPU limiting tools that'll allow you to choke those processes, or you can simply set their nice value real high so they're super low priority. That's more the realm of server configuration than anything else, though. On Wed, May 27, 2009 at 12:01 AM, tRace DOliveira wrote: > > I think you read me wrong there. I am not looking for speed but trying to > put less pressure on the server with the work load that it has to do. > Like makingit do less processing. Kinda like where you have the website > "bluehost" restricting the amount of processes a person can use. They > restrict you because of PHP and the processes a person uses, more pressure > the web server will have. > > --- On *Wed, 5/27/09, Eddie Drapkin * wrote: > > > From: Eddie Drapkin > Subject: Re: [PHP-DEV] PHP scalability problem > To: "tRace DOliveira" > Date: Wednesday, May 27, 2009, 3:54 AM > > > If you think that's a problem, then yes. Look into nginx. But honestly, > you're not going to notice a speed improvement at all (maybe if you were > serving 2000 loads/sec you would, but only then if it's on a small box). > > > On Tue, May 26, 2009 at 11:52 PM, tRace DOliveira > http://us.mc1104.mail.yahoo.com/mc/compose?to=married...@yahoo.com> > > wrote: > >> I also thought that it's PHP that causes the processes. Thanks that >> helps me alot. So the problem is not with the language itself but the web >> server(Apache)? >> >> --- On *Wed, 5/27/09, Eddie Drapkin >> http://us.mc1104.mail.yahoo.com/mc/compose?to=oorza...@gmail.com> >> >* wrote: >> >> >> From: Eddie Drapkin >> http://us.mc1104.mail.yahoo.com/mc/compose?to=oorza...@gmail.com> >> > >> Subject: Re: [PHP-DEV] PHP scalability problem >> To: "tRace DOliveira" >> http://us.mc1104.mail.yahoo.com/mc/compose?to=married...@yahoo.com> >> > >> Date: Wednesday, May 27, 2009, 3:47 AM >> >> >> ... no >> >> Apache uses processes, but can also use threads. nginx and lighttpd both >> use a threaded model. But you seem to have this idea in your head that it's >> PHP's fault and switching to a threaded webserver / CGI model will solve any >> noticeable scalability problems, so feel free to ditch PHP for ASP because >> you think it'll be anywhat faster. I'll save you some time: it won't. >> >> On Tue, May 26, 2009 at 11:44 PM, tRace DOliveira >> http://us.mc1104.mail.yahoo.com/mc/compose?to=married...@yahoo.com> >> > wrote: >> >>> >>> What I am trying to get at is that PHP uses processes(Heavy weight) and >>> ASP.NET <http://asp.net/> uses threads which are light weight. So it >>> inflicts less strain upon the web server. So I am trying to solve the >>> problem of the strain that PHP causes on ther server. >>> --- On *Wed, 5/27/09, Eddie Drapkin >>> http://us.mc1104.mail.yahoo.com/mc/compose?to=oorza...@gmail.com> >>> >* wrote: >>> >>> >>> From: Eddie Drapkin >>> http://us.mc1104.mail.yahoo.com/mc/compose?to=oorza...@gmail.com> >>> > >>> Subject: Re: [PHP-DEV] PHP scalability problem >>> To: "tRace DOliveira" >>> http://us.mc1104.mail.yahoo.com/mc/compose?to=married...@yahoo.com> >>> > >>> Cc: "PHP General Mailing List" >>> http://us.mc1104.mail.yahoo.com/mc/compose?to=php-gene...@lists.php.net> >>> > >>> Date: Wednesday, May 27, 2009, 3:39 AM >>> >>> >>> >>> I seriously doubt it. PHP is a better language in almost all regards and >>> is much much more popular. A lot of people make that decision every day and >>> I'd say most of them choose PHP. Why ask that, though? >>> >>> On Tue, May 26, 2009 at 11:36 PM, tRace DOliveira >>> http://us.mc1104.mail.yahoo.com/mc/compose?to=married...@yahoo.com> >>> > wrote: >>> >>>> >>>> Do you agree with me that when building a large web application that >>>> people would rather choose ASP.Net over PHP if people had to choose between >>>> those two ? >>>> --- On *Wed, 5/27/09, Eddie Drapkin >>>> http://us.mc1104.mail.yahoo.com/mc/compose?to=oorza...@gmail.com> >>>> >* wrote: >>>> >>>> >>>> From: Eddie Drapkin >>>> http://us.mc1104.mail.yahoo.com/mc/compose?to=oorza...@gmail.com> &
Re: [PHP] MySQL after oracle, still Wise?, was Web application design .......
High-performance builds of mysql are still faster. And with 5.4 integrating a lot of performance boosts, I'd expect MySQL to retain that lead for a lot longer. There's also a lot more guides / support for MySQL around, as well as having a more robust choosing of UDF's, if you were to need them. PostgreSQL is a great RDBMS, on the other hand, if you're a purist. It's more close to the SQL standards and has a different featureset. While MySQL-unique features are designed to help "normal people" with complex things - GROUP_CONCAT, for example - PostgreSQL-unique features are designed for complicated tasks handled by well-qualified people (custom data types, arrays, etc). Common knowledge is that MySQL lacks a lot of integrity features, but this isn't (as) true any more, with the introduction of foreign keys and constraints in InnoDB. Regarding storage engines, just use InnoDB by default and forget about it; in the rare cases where a different engine is better suited, you can change it later. The way I'd suggest is that if you're either willing to learn a lot of SQL or have already learned it in a class or something, go with postgres. If you just want to get it done (or care a lot about performance), go with MySQL. On Tue, Jun 2, 2009 at 9:25 PM, Paul M Foster wrote: > On Tue, Jun 02, 2009 at 04:36:28PM -0400, optoma...@rogers.com wrote: > > > Everybody has given Angus really great advice in this previous thread > > and I have learned a lot too. I hope no one mines the fork but I am in > > the exact same situation as Angus. If anyone could spare a bit of time > > regarding application infrastructure I would really appreciate it. > > > > I know there are lots of databases out there and PostgreSQL is held in > > high regard but the overwhelming majority of examples seem to use MySQL. > > Considering that Oracle has bought Sun, do you think it is still wise to > > use it for new applications? Oracle does not have much "street cred" in > > open source circles, maybe they'll cause trouble later and MySQL was > > already forking was it not? I'd like to use the same DB for a few years. > > > > I am attracted to building an application from scratch but I will never > > get an object relational mapper to work without a framework. If I go the > > scratch route, I'd better get my database done right(as was advised in > > the previous thread!)and getting that right probably starts with > > choosing the right DB. > > First, you don't need an ORM. I'll leave it at that. > > Second, if you're doing something which will be supported on internal > servers, choose PostgreSQL. MySQL has deficiencies caused by its > development by programmers. PostgreSQL was developed by DBAs. And > frankly, the choice of storage engines in MySQL is crazy. Some are > incapable of handling transactions, for example. You have to do research > and figure out which one has the features you need. Another random > example of MySQL deficiency is that it does not natively support boolean > fields. And at least some of the engines don't support foreign keys, > IIRC. > > MySQL has the popularity it does because 1) it has a *company* behind > it, which PostgreSQL does not; 2) it is relatively easy to administer; > 3) at one time it was faster than PostreSQL; 4) inertia/momentum. > > As for Oracle/Sun/MySQL, because MySQL is open source, there are already > forks of it. If Sun decides to get pissy, a new version of MySQL can be > cobbled together by the open source community in short order. No one > knows what Oracle will do with MySQL, ultimately, but I wouldn't let it > worry you too much. > > Your choice of DB won't really matter that much. Any database should do > pretty much whatever you ask of it. You can't actually go wrong with any > database. Your choice of database will mostly affect two things: 1) how > much work you have to do that the database won't do for you, and 2) > expense. > > Paul > > -- > Paul M. Foster > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] MySQL after oracle, still Wise?, was Web application design .......
Sadly, Mr. Saran wasted a lot of time writing a pluggable backend db layer, as one is built into PHP now, PDO: http://us2.php.net/pdo Sybase / MsSQL: http://www.php.net/manual/en/ref.pdo-dblib.php Postgres: http://us2.php.net/manual/en/ref.pdo-pgsql.php Oracle: http://us2.php.net/manual/en/ref.pdo-oci.php The only difference in using them is the dsn you pass to the constructor, which can even be dynamically generated if you see fit. The actual usage from driver-to-driver is the same; I've used it on postgres, mysql and sqlite. Based from the meeting notes of several 6.0 developer notes, it might or might not be the only database extension not in PECL soon. On Wed, Jun 3, 2009 at 8:51 AM, Bob McConnell wrote: > From: Sancar Saran > > > And if you so much thinking about future DB change. Just wrote > compatible sql > > and use multi drive layer (phpADO db). > > > > And you are problem free > > I have some questions about this suggestion. We currently have > production systems using Postgres, Sybase ASA, Oracle and MS SQL Server. > Only one product currently supports more than one, it can be installed > with ASA or connect to an existing Oracle server. This unfortunate mix > was brought about by several acquisitions over the past ten years. We > also have a group talking about using MySQL for a portal project. One > product did use MySQL prior to their switch to per server license fees, > which made them far too expensive for the distributed system they were > used in. So that project switched to Postgres. > > But what is the ADO layer going to look like in order to support any or > all combinations of these back ends? How much of a kludge will it have > to become? > > Is there any code out there that will support most of these, or do we > have to write it all ourselves? > > Most of my SQL experience has been with Sybase ASA. I am playing with > Postgres a little bit now, and the differences can be both subtle and > glaring. But I don't know either one well enough to understand how to > design an ADO interface, let alone how to bring in the other options. > > Thank you, > > Bob McConnell > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] Web friendly file names
Why not just urlencode() the filename? (and suggest people use a URL shortening service and/or provide one) On Wed, Jun 3, 2009 at 12:31 PM, Richard Heyes wrote: > Hi, > > > I have a file uploader module that allows users to upload documents and > of > > course people are using all kinds of file names that are not web > friendly. > > > > I guess the best solution is to replace any non alphanumeric with maybe > '_' > > the underscore? How does that sound? > > > > Unfortunately, after 20+ years of coding I cannot get my brain around > > regular expressions to any decent level of proficiency, I know sad. > > > > I'd like to hear other solutions for this problem, I am thinking of a > regexp > > that replaces special chars with the underscore; sounds pretty robust and > > globally acceptable? > > I replace any non alpha chat with a hyphen, then replace two or more > hyphens with one. Simple, but I would also include the date so that > naming clashes are less likely (if it's applicable). So you might end > up with something similar to this: > > /product/2009/06/03/24ct-gold-earrings > > Or if using the date is not applicable, you could get something like this: > > /product/24ct-gold-earrings > > -- > Richard Heyes > HTML5 graphing: RGraph (www.rgraph.net - updated 23rd May) > PHP mail: RMail (www.phpguru.org/rmail) > PHP datagrid: RGrid (www.phpguru.org/rgrid) > PHP Template: RTemplate (www.phpguru.org/rtemplate) > PHP SMTP: http://www.phpguru.org/smtp > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] Web friendly file names
Well, erm, no. I'd store the filename, etc. as-is in the database, and then link it with urlencode() and you should be able to serve a file called "A non friendly name!" site.com/A%20non%20friendly and a modern webserver should be fine with that, and even most browsers will allow you to type site.com/A non friendly... without the url escaped characters and it will url escape them in the request. The only issue is that the urlencoded special characters are a lot uglier, which may or may not be a consideration for you. On Wed, Jun 3, 2009 at 12:39 PM, Skip Evans wrote: > You mean like this? This would work as a good file name to be on the server > and link to? > > $filename = urlencode($_FILES['myfile']['name']); > move_uploaded_file($_FILES['myfile']['tmp_name'], $filename); > > Think that would do the trick? > > Skip > > Eddie Drapkin wrote: > >> Why not just urlencode() the filename? (and suggest people use a URL >> shortening service and/or provide one) >> >> On Wed, Jun 3, 2009 at 12:31 PM, Richard Heyes > rich...@php.net>> wrote: >> >>Hi, >> >> > I have a file uploader module that allows users to upload >>documents and of >> > course people are using all kinds of file names that are not web >>friendly. >> > >> > I guess the best solution is to replace any non alphanumeric with >>maybe '_' >> > the underscore? How does that sound? >> > >> > Unfortunately, after 20+ years of coding I cannot get my brain >> around >> > regular expressions to any decent level of proficiency, I know sad. >> > >> > I'd like to hear other solutions for this problem, I am thinking >>of a regexp >> > that replaces special chars with the underscore; sounds pretty >>robust and >> > globally acceptable? >> >>I replace any non alpha chat with a hyphen, then replace two or more >>hyphens with one. Simple, but I would also include the date so that >>naming clashes are less likely (if it's applicable). So you might end >>up with something similar to this: >> >>/product/2009/06/03/24ct-gold-earrings >> >>Or if using the date is not applicable, you could get something like >>this: >> >>/product/24ct-gold-earrings >> >>-- >>Richard Heyes >>HTML5 graphing: RGraph (www.rgraph.net <http://www.rgraph.net> - >>updated 23rd May) >>PHP mail: RMail (www.phpguru.org/rmail <http://www.phpguru.org/rmail>) >>PHP datagrid: RGrid (www.phpguru.org/rgrid >><http://www.phpguru.org/rgrid>) >>PHP Template: RTemplate (www.phpguru.org/rtemplate >><http://www.phpguru.org/rtemplate>) >>PHP SMTP: http://www.phpguru.org/smtp >> >>-- >>PHP General Mailing List (http://www.php.net/) >>To unsubscribe, visit: http://www.php.net/unsub.php >> >> >> > -- > > Skip Evans > Big Sky Penguin, LLC > 503 S Baldwin St, #1 > Madison WI 53703 > 608.250.2720 > http://bigskypenguin.com > > Those of you who believe in > telekinesis, raise my hand. > -- Kurt Vonnegut > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] Web friendly file names
As far as I know it will only bug out when the host filesystem would bug out, ie UTF-16 characters tend to explode on my linux setup that I develop on, and PHP's file handlign doesn't like them, but then again neither does the filesystem. Stuff like "Some silly name! YAY#" work fine, on the other hand. On Wed, Jun 3, 2009 at 1:00 PM, Skip Evans wrote: > Oh, of course that makes sense, and I suppose the PHP move_uploaded_file() > function has no problem with weird and crappy file names? > > Skip > > Eddie Drapkin wrote: > >> Well, erm, no. >> >> I'd store the filename, etc. as-is in the database, and then link it with >> urlencode() and you should be able to serve a file called "A non friendly >> name!" site.com/A%20non%20friendly.. <http://site.com/A%20non%20friendly..>.. >> and a modern webserver should be fine with that, and even most browsers will >> allow you to type site.com/A <http://site.com/A> non friendly... without >> the url escaped characters and it will url escape them in the request. The >> only issue is that the urlencoded special characters are a lot uglier, which >> may or may not be a consideration for you. >> >> On Wed, Jun 3, 2009 at 12:39 PM, Skip Evans > s...@bigskypenguin.com>> wrote: >> >> > -- > > Skip Evans > Big Sky Penguin, LLC > 503 S Baldwin St, #1 > Madison WI 53703 > 608.250.2720 > http://bigskypenguin.com > > Those of you who believe in > telekinesis, raise my hand. > -- Kurt Vonnegut > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] Using File_exists?
just initially, and this might be a typo but $FilePath = "http://localhost:/HarrisAutomate/output/WebImagesHiRes/$ImageName";; //$BackupPath = "http://localhost:/HarrisAutomate/WebImagesHiRes/output/backup/";; $FilePath has an /output/ that $BackupPath doesn't. Also, make sure you don't have safe_mode or open_basedir restricting the files php can see, although I'm reasonably sure the fact that it's an URL should nullify that. Also, make sure you have allow_url_fopen turned on. On Wed, Jun 3, 2009 at 2:31 PM, Miller, Terion wrote: > I wrote this little script (part of a much much larger one I am working at) > anyways, I am trying to get it to compare a file name from a db to an > actual > file in a folder and then tell me if it does or doesn't exist, the problem > I > have is that the files do exist, I echo them out, but it says file does not > exist right after that it echos the file for me What do I have wrong? > > $FileName = $row['Image']; > > > $ImageName = $row['Image']; > > > $ImageName = str_replace("/", "", $ImageName); > > > $FilePath = > "http://localhost:/HarrisAutomate/output/WebImagesHiRes/$ImageName";; > > //$BackupPath = > "http://localhost:/HarrisAutomate/WebImagesHiRes/output/backup/";; > > > > > if (file_exists($FilePath)) { > > echo "The file $ImageName exists"; > } > else { >echo "The file $ImageName does not exist" . ''; > } > > > > > > $FileName = str_replace("/", "", $FileName); > > $FileName = str_replace(".jpg", "", $FileName); > > > > > > > echo ($FileName) . ''; > > echo '' . ''; > > > Thanks guys! > Terion > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] Best Encryption Algorithm
Another camper on the AES / Rijndael bandwagon. I don't think there's even been a theoretical attack point for anything >128 bit, but I could be wrong. And re: sha1, sha1 isn't an encryption algorithm... On Wed, Jun 3, 2009 at 9:28 AM, Bruno Fajardo wrote: > Hi there! > > Try out AES. > http://en.wikipedia.org/wiki/Advanced_Encryption_Standard > > Bruno. > > 2009/6/3 Hemant Patel > > > > Hello Everyone, > > Hope you all are doing great. > > Now we are creating a application which has high > level > > of security so its obvious that we will require a algorithm for > > encryption/decrytpion.So Can anybody suggest me the best algorithm for > > encryption(irrespective of any languageJust a Algorithm). > > > > > > With Regards, > > Hemant Patel > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] Query Regarding a Player
But it's client side software and you can't rely on it existing for general use. On Wed, Jun 3, 2009 at 2:52 PM, Ashley Sheridan wrote: > On Wed, 2009-06-03 at 09:18 -0500, haliphax wrote: > > On Wed, Jun 3, 2009 at 8:14 AM, Hemant Patel > wrote: > > > Hi All, > > >I hope you all are doing great.We are developing a > application > > > on our end and we got a problem with a Audio/Vedio player.As flash > player is > > > working well with client side but it has limitation of file formats > like it > > > can run .flv file format only.If we go for media player then it won't > run > > > on Linux Server. > > > > > >Now i want to develop a player which can run any file format > at > > > client side.Can anybody suggest any algorithm or protocol to build a > Player? > > > > As many have already done, you might consider just transcoding the > > "bad" formats into FLV and stick with your current Flash player setup. > > There are many ffmpeg tutorials out there that should help you out > > [1]. > > > > 1. > http://vexxhost.com/blog/2007/05/20/how-to-convertencode-files-to-flv-using-ffmpeg-php/ > > > > -- > > // Todd > > > Or use HTML code for the VLC player, which will play pretty much > anything and is cross-platform and cross-os. It's not as fully > customisable as Flash, but it has some nice options that you can play > about with with Javascript. > > > Ash > www.ashleysheridan.co.uk > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] PHP Graphing Libraries...?
I've had a lot of success with flot, but that's a jQuery plugin, so it may not be exactly what you need. If you're just making graphs for client side viewing, it ought to be sufficient, though. On Fri, Jun 5, 2009 at 8:33 AM, li...@mgreg.com wrote: > > On Jun 5, 2009, at 5:26 AM, Richard Heyes wrote: > > ... >>> >> >> I would have to suggest RGraph... ( http://www.rgraph.net ) :-) It's >> uses canvas though, so browser support is limited at the moment though >> to Firefox 3.5, Safari 4 and Chrome 2. >> > > > I've looked at the docs and I don't see how exactly it handles "x,y" > plotting. I need the ability to plot multiple lines (which it obviously > does) with wildly varying "x,y" values. It seems that all of these > libraries "cheat" and force common "x" values via the labels. I need > something like the following (all in the same chart): > >$line_one_data = [x,y,x,y,x,y,x,y,x,y,x,y,x,y,x,y,x,y,x,y,x,y,x,y] >$line_two_data = [x,y,x,y,x,y,x,y] >$line_three_data = [x,y,x,y,x,y,x,y,x,y,x,y,x,y] > >$graph->plot($line_one_data,$line_two_data,$line_three_data) > > As I said, each "line" has its own set of "x,y", and although they're all > obviously numbers, they don't all have "y" results at the same "x intervals" > so I need to be able to control them independently. Surely there's > something that can accommodate this...? > > > Best, > Michael
Re: [PHP] php applications
Depends on how you look at it, I'd take the perspective that that's a non-normal approach to the language and demonstrates a fuller understanding of the language. Same as if you put (and I do) "wrote an asynchronous socket server in PHP." Despite the position PHP developers are usually applying for being limited to web development, I take the approach that non-standard usage of the language not only demonstrates a more mature understanding of the language, but also the ability to handle more complex (because who are we kidding, GUI programming is much more complex than web development) programming concepts and the ability to solve non-standard problems which aren't easily able to be googled. On Tue, Jun 9, 2009 at 7:59 PM, Kyle Terry wrote: > On Mon, Jun 8, 2009 at 9:33 AM, Robert Cummings >wrote: > > > Kyle Terry wrote: > > > >> On Mon, Jun 8, 2009 at 8:48 AM, tedd wrote: > >> > >> Hi gang: > >>> > >>> I've heard that php can be used for more than web programming, but I am > >>> not > >>> aware of specifically how that can be done. So, let me ask directly -- > >>> can > >>> php be used to create a Mac Application? > >>> > >>> If so, how? > >>> > >>> Cheers, > >>> > >>> tedd > >>> > >>> > >>> -- > >>> --- > >>> http://sperling.com http://ancientstones.com http://earthstones.com > >>> > >>> -- > >>> PHP General Mailing List (http://www.php.net/) > >>> To unsubscribe, visit: http://www.php.net/unsub.php > >>> > >>> > >>> I don't mean to be the thread spirit killer, but I think another > >> language > >> would be better for this. Such as Python. > >> > >> PHP desktop apps might be fun to hack around with, but I wouldn't use it > >> for > >> a production application. > >> > > > > Why not? The technology won't mature if nobody uses it. And since there's > a > > want, there's no reason why it can't. > > > > Not too sure how good "Programmed desktop applications in PHP" would look > on > a resume. ;) > > > > > > Cheers, > > Rob. > > >
Re: [PHP] php applications
While the technology is pretty immature at the moment, due to its under-use no doubt, saying that PHP is never the tool for a desktop application is pretty inane. While the primary developmental lifecycle is geared towards web development (who's arguing that?), there's nothing really pervasive preventing people from using it for desktop apps. Given the recent focus towards closing memory leaks internally and the control of the (new, iirc) garbage collector, I wouldn't say it's a bad idea, resource speaking, to write in PHP (certainly no worse than Java). There's sound support, GTK support, CUPS support, Windows COM / printing support, so the support for the APIs is certainly there (and where it's not, there's ways around it, like with the java extension). Just because you have a hammer that's only been used for nailing particle board doesn't mean it's not suited for hammering into plywood! The only issue I see with PHP is the relative difficulty of making "stand-alone" applications that are bundled with a statically compiled PHP executable, but that shouldn't be too hard to overcome, with a little bit of time and creativity. On Tue, Jun 9, 2009 at 9:28 PM, Michael wrote: > Robert Cummings wrote: > >> >> >> Michael wrote: >> >>> Paul M Foster wrote: >>> On Mon, Jun 08, 2009 at 09:30:18AM -0700, Kyle Terry wrote: I don't mean to be the thread spirit killer, but I think another > language > would be better for this. Such as Python. > > PHP desktop apps might be fun to hack around with, but I wouldn't use > it for > a production application. > I've coded a bit in Python, and parts of it really annoy me. I much prefer PHP, as it's more C-ish. Why wouldn't you use PHP for production applications? Paul >>> >>> Why wouldnt you? Besides the design of PHP generally being completely >>> against it? PHP is not designed to be run continuously in infinite-loop >>> (while true) scenarios... >>> >> >> Citation? >> > see the history of php development and use > > >> it's threading support is poor and it's memory >>> >> >> What does threading support have to do with running something in an >> infinite loop? What if I don't need threads? >> >> handing and library are geared almost exclusively towards >>> web-programming. >>> >> >> I dunno, I've written amultitude of shell/cron scripts in PHP that >> leverage the codebase already written for the web application. >> > i wasnt arguing against cron-scripts, these are 'run-once' sort of things > which php handles well. they dont run for minutes let alone hours. > > >> If you want to compile it, or use it in a .NET/Java context... fine (see >>> phc, etc.). The language itself can handle it, but the standard >>> implementation *shouldnt*. >>> >> >> Why? >> > for the reasons detailed in this post. using web-oriented php as a desktop > programming language is a magnitude of dumb perhaps only eclipsed by the > smarty programming language > >> >> In anycase other languages have much better support of desktop and >>> network programming, entire libraries and communities have been developed >>> around it. Preferably use Python/Java/etc. though C has its place. >>> >> >> As I've said before, ones place in the sun can't be identified if one >> never tries sitting in the sun. It's hard to grasp the proverbial brass ring >> if you never extend your reach. >> > There are good reasons why php isnt "in the sun" (ie. used for desktop > programming), as i've listed. If you'd care to learn a few other languages > the reasons would be immediately obvious, python can be learnt in a few days > - try it. > >> >> Cheers, >> Rob. >> > > The standard PHP execution model is geared almost exclusively towards > web-used (though crons etc. are reasonable)... that is, to sit in/with a > server and handle requests... to operate over, at maximum, "insane" > lifespans of 30 seconds. > > There are languages designed to be used for desktop programming, and for > various tasks in general. The smart thing would be to use them. PHP may be a > hammer, but every problem is not a nail. > > Use the tools designed for the job. > > Michael > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] PHP as Server Side for a Web Database Application.
Dan, I do appreciate when you share your pillow talk with the list at large. Cheers, Eddie On Wed, Jun 10, 2009 at 9:06 AM, Robert Cummings wrote: > Daniel Brown wrote: > >> On Wed, Jun 10, 2009 at 01:41, R. S. Patil wrote: >> >>> Hi, >>> >>> We are in phase of evaluating PHP as Serverside technology for our first >>> web >>> application. >>> We have finalized Flex for user interface and Birt as reporting engine. >>> Now >>> the data services >>> are to be evaluated. Flex forums recommended us using PHP for this. >>> We would like to implement SOA for database >>> access/Inserts/Updates/Queries >>> for report engine BIRT. >>> For SOA implementation we are considering XML-RPC and WSO2-WSF since we >>> dont >>> have any past >>> experience on web development we are not position to make any decisions >>> about PHP serverside >>> technologies can somebody guide use which one we should select (May be >>> different than these two). >>> We will be using flex forms to insert and update data through web >>> services >>> (mainly CRUD operations) >>> and PHP "Query" data services will be acting as Data Source to Birt for >>> reporting. Please suggest us >>> technolgy which is secure and prooven. The problem of integrating Birt in >>> to >>> PHP has been solved >>> and successfully tested also. >>> >>> Thanks and Best Regards >>> >> >>Wow, thanks for letting us know all of the backstory there! >> Robert Cummings and I just had a long, deep talk the other night, and >> the question arose: when will Raja start asking us about PHP instead >> of checking Google for his answers? Well, you've put that question to >> bed, sir, and thank you. >> > > Dan, I'd appreciate it if you wouldn't share our pillow talk with the list > at large. > > Cheers, > Rob. > -- > http://www.interjinn.com > Application and Templating Framework for PHP > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] PHP as Server Side for a Web Database Application.
The question then becomes whether he was one of the boring catchers and just sort of "sat there" or was "actively discussing" with you. On Wed, Jun 10, 2009 at 9:11 AM, Robert Cummings wrote: > Eddie Drapkin wrote: > >> Dan, I do appreciate when you share your pillow talk with the list at >> large. >> > > Just so everyone knows... Dan was catcher when we were having that long > "deep" talk. > > > Cheers, > Rob. > -- > http://www.interjinn.com > Application and Templating Framework for PHP >
Re: [PHP] Preventing XSS Attacks
The problem with using a database escaping string for output escaping is that something like (despite being the world's lamest XSS) location.href('google.com') Would output mostly the same and with some cleverness, it wouldn't be too hard to get that to function properly with a full fledged XSS attack. I'd personally use one of the FILTER_* constants in conjunction with the filter functions themselves, say filter_var and FILTER_SANITIZE_SPECIAL_CHARS. On Wed, Jun 10, 2009 at 12:44 PM, Ashley Sheridan wrote: > On Wed, 2009-06-10 at 18:28 +0200, Nitsan Bin-Nun wrote: > > mysql_real_escape_string() only sanitise the input. I would personally > > only allow [a-zA-Z0-9-_] in search string but that's just me ;) > > Validate the input in some way, or make extra sanitisation of it > > before running the search query. > > > > Regarding the HTML output, just entities() it and you'll be good :) > > > > On Wed, Jun 10, 2009 at 6:32 PM, Ashley Sheridan > > wrote: > > > > On Wed, 2009-06-10 at 18:18 +0200, Nitsan Bin-Nun wrote: > > > As far for the output, just html entities () it and you will > > be good. > > > > > > You better check the search query for sql injection, which > > is more > > > dangerous. > > > > > > HTH > > > Nitsan > > > > > > On Wed, Jun 10, 2009 at 6:19 PM, Ashley Sheridan > > > wrote: > > > Hi all, > > > > > > I'm looking at adding a new search feature to my > > site, and one > > > of the > > > elements of this is to echo back in the search > > results page, > > > the > > > original string the user searched for. Up until now, > > XSS > > > hasn't (afaik) > > > been an issue for my site, but I can see from a mile > > off this > > > will be. > > > What would you guys recommend to avoid this? > > > > > > I'd thought initially of using a mixture of > > > html_special_chars() and a > > > regex (as yet not sure what I'll be stripping out > > with this) > > > to sanitise > > > the output for display on the results page, but is > > this > > > enough? > > > > > > Thanks > > > Ash > > > www.ashleysheridan.co.uk > > > > > > > > > > I always use mysql_real_escape_string() for that sort of > > thing, not had > > a problem with it, but is there anything you think I should be > > wary of? > > > > > > Thanks > > Ash > > www.ashleysheridan.co.uk > > > > > > > > > [just bringing it back on list] > > Well, I don't understand, what is the problem with > mysql_real_escape_string() for sanitising input to use for a search? It > should escape anything out so that the query can't be used in ways that > I don't want no? > > I'd thought about using a whitelist-only regex, but that seems a little > limiting tbh, and as my site contains code, it's not unreasonable to > expect some people might want to search for particular code excerpts. > > > Thanks > Ash > www.ashleysheridan.co.uk > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
[PHP] Form handling
I've been charged with writing a class that handles forms, once they've been POSTed to. The idea of the class is to handle the most common use-cases of POST forms, and any special functionality can be handled with a child class at a later date, but for our uses, we're going to have mostly pretty typical POST forms. Follows is the list of cases I've determined that are the most common, can anyone think of any that are omitted or that are never going to be used? class form_handler { public /* bool */ function setRequiredFields(array $fields); //takes a simple array that corresponds to a $_POST key, verifying that there is data on required fields but not for optional fields, returns true or false on error public /* bool */ function setRequiredFieldTypes(array $fieldTypes); //array of field names => type a la ('username' => array(regex, '/a-zA-Z0-9\-_/')) //or 'phone_number' => (array('int', 'min_len' => 7, 'max_len' => 10)) etc, the exact spec is obviously nowhere near done but will probably just wrap a lot of filter_ functions, returns true or false on error public /* string */ function validateAndCaptureError(); //returns error or empty string public /* void */ function validateAndForwardTo($page); //forwards to page on error, or not } each of the globule setters will have a corresponding appendRequired... method, so as not to require handling enormous data structures for conditional form building. ♦ As you can see, the class looks pretty barren, but I can't think of any more functionality than would be required, although I am kickign the idea around of having very specific validation type methods ie. form_handler::requireInt($field, array $options) or form_handler::requireRegex($field, $regex), etc. Thoughts? Thanks in advance, --Eddie
Re: [PHP] Preventing XSS Attacks
On Wed, Jun 10, 2009 at 2:08 PM, Ashley Sheridan wrote: > On Wed, 2009-06-10 at 19:03 +0100, Ashley Sheridan wrote: > > On Wed, 2009-06-10 at 23:17 +0530, Sudheer Satyanarayana wrote: > > > Ashley Sheridan wrote: > > > > On Wed, 2009-06-10 at 23:05 +0530, Sudheer Satyanarayana wrote: > > > > > > > >>> I've been doing a bit of reading, and I can't really understand why > XSS > > > >>> is such an issue. Sure, if a user can insert a
Re: [PHP] detect cli sapi
if(PHP_SAPI == 'cli') { } or if(php_sapi_name() == 'cli') { } On Wed, Jun 10, 2009 at 3:42 PM, Tom Worster wrote: > what's a reliable way to detect that the sapi is cli, including in a > included scripts? > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] Why [?php while (true) { sleep(5); } ?] dies on CLI?
try set_time_limit(0) ? On Thu, Jun 11, 2009 at 8:05 AM, Ford, Mike wrote: > On 11 June 2009 12:00, Ashley Sheridan advised: > > > On Thu, 2009-06-11 at 10:47 +, Jean-Pierre Arneodo wrote: > >> Hi! > >> I'm stuck. > >> I don't understand why the php CLI dies after 3 hours in my script. > Any > >> idea to solve? Thanks > >> > >> > >> PHP 5.2.9-0.dotdeb.2 with Suhosin-Patch 0.9.7 (cli) (built: Apr 7 > 2009 > >> 20:06:36) Linux ubuntu 2.6.24-19-server #1 SMP Wed Jun 18 14:44:47 > UTC > >> 2008 x86_64 GNU/Linux > >> > >> Conf [php.ini] > >> max_execution_time=0 > >> > >> >> while (true) { > >> sleep(5); > >> } > >>> > >> > >> > >> > > The while loop will continue executing until its condition is false. > As > > you've got a boolean true as the condition, it will never end. > > I think he realises that. His question is why "never" equates to 3 hours > in his environment. > > Cheers! > > Mike > > -- > Mike Ford, Electronic Information Developer, > C507, Leeds Metropolitan University, Civic Quarter Campus, > Woodhouse Lane, LEEDS, LS1 3HE, United Kingdom > Email: m.f...@leedsmet.ac.uk > Tel: +44 113 812 4730 > > > To view the terms under which this email is distributed, please go to > http://disclaimer.leedsmet.ac.uk/email.htm > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] order by what?
On Thu, Jun 11, 2009 at 11:35 AM, PJ wrote: > Robin Vickery wrote: > > > > > > 2009/6/11 PJ mailto:af.gour...@videotron.ca>> > > > > How can order by be forced to order alphabetically and ignore accents > > without stripping the accents for printout? This is a problem for > both > > caps & normal letters. > > > > > > Depends on the database. > > > > If you're using mysql, the order is governed by the collation used. To > > get the order you want, you need a case-insensitive and > > accent-insensitive collation. Exactly which one you use will depend on > > the character set that you're using, but if you're character set is > > utf8, then the utf8_general_ci collation should work: > > > > SELECT fieldname FROM tablename ORDER BY fieldname COLLATE > > utf8_general_ci; > > > > -robin > Obviously there is another solution, albeit rather silly: re-enter all > the fields in alphabetical order with corresponding id fields in > numerical order... great, if you're not going to change the list and if > it's quite short... not too clever, though is it? > > -- > Hervé Kempf: "Pour sauver la plančte, sortez du capitalisme." > - > Phil Jourdan --- p...@ptahhotep.com > http://www.ptahhotep.com > http://www.chiccantine.com/andypantry.php > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > PFT just run a cron job to re--order the table every two minutes. Easily the best solution.
Re: [PHP] truncate a mb-string to a given octet length?
Correct me if I'm wrong, but should varchar 255 with a utf8 character set mean 255 unicode characters, not octets? On Fri, Jun 12, 2009 at 11:50 AM, Tom Worster wrote: > say a table in the db has a varchar(255) column, 255 being the max number > of > octets of strings that can go in the column. now say the php script very > occasionally has to deal with utf8 input strings with octet length > 255 -- > it needs to select rows matching the input string or insert the input > string. > > so what i think i need is a function to truncate a utf8 string to the > longest valid utf8 string that has octet length <= 255. > > is this what mb_strcut() is for? i'm having a hard time understanding the > man page for that function. > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] phpMyAdmin, localhost, mysql overhead
The better question is why are you using MyISAM tables? Unless there's a legitimate reason to prefer MyISAM over InnoDB, you should be using InnoDB. On Fri, Jun 12, 2009 at 2:01 PM, Nitsan Bin-Nun wrote: > There is no way to avoid it since whenever you delete a row in a myisam > table you create a space in the order of the rows, this space is expressed > by a little bit of extra file size of the database. > This extra file size is called in phpmyadmin as "overhead", you can kill > this over head either by running some INSERT queries which will fill the > space with the inserted rows or running an OPTIMISE query. > > In general, I don't think that there is anything that you should do or take > care of, it is not rocket science and your tables will be good with or > without the overhead ;) > > Nitsan > > On Fri, Jun 12, 2009 at 7:41 PM, Jônatas Zechim >wrote: > > > I have other tables running but only this give me ‘overhead’. > > > > > > > > I’d know why this table does this and if is bad for my MySQL Server? > > > > Is there anyway to avoid it? > > > > > > > > Zechim > > > > > > > > De: nit...@binnun.co.il [mailto:nit...@binnun.co.il] Em nome de Nitsan > > Bin-Nun > > Enviada em: sexta-feira, 12 de junho de 2009 14:33 > > Para: Jônatas Zechim > > Cc: php-general@lists.php.net > > Assunto: Re: [PHP] phpMyAdmin, localhost, mysql overhead > > > > > > > > I haven't read all your mail, I'm sorry for it in advance, but I think > that > > you should know that "overheard" is just a blasting phrase for something > > which was made up by phpmyadmin. > > > > Basically, when you run a lot of DELETE or UPDATE queries on a table an > > "overhead" is created, generally speaking this "overhead" is a space > > between > > rows in the database file, which will cause mysql engine to insert rows > > into > > this space on future INSERT queries. > > > > You can imagine your table as a hard drive, every couple of months (some > > may > > say weeks) you have to run a de-fragment on it, you can do the same with > > your database table, look up the query OPTIMIZE TABLE which will do the > > de-frag for you :) > > > > If you have any further questions feel free to bring them up. > > > > Regards, > > Nitsan > > > > On Fri, Jun 12, 2009 at 7:02 PM, Jônatas Zechim > > wrote: > > > > Hi there, i have this table running on my localhost: > > > > CREATE TABLE `caffecheckout_compra_itens` ( > > `compra_key` varchar(23) NOT NULL, > > `item_id` int(5) NOT NULL, > > `item_valor` decimal(10,2) NOT NULL, > > `item_peso` decimal(5,3) NOT NULL, > > `item_qtd` int(3) NOT NULL, > > `item_data` int(10) NOT NULL, > > `item_obs` varchar(100) NOT NULL, > > PRIMARY KEY (`item_id`), > > KEY `compra_key` (`compra_key`) > > ) ENGINE=MyISAM DEFAULT CHARSET=latin1; > > > > > > It's on my Server, but when I add a row and after remove that I'd > overhead > > this table (58bytes/row), anyone know why is this happening? > > > > I run this SQL: > > > > INSERT INTO > > caffecheckout_compra_itens > > (compra_key,item_id,item_valor,item_peso,item_qtd,item_data) > > VALUES > > ('12448259804a32897ce1116','2','19.90','0.250',1,'1244825980') > > ON DUPLICATE KEY UPDATE > > item_qtd=item_qtd+1 > > > > And after: > > > > DELETE FROM > > caffecheckout_compra_itens > > WHERE > > compra_key='12448259804a32897ce1116' > > > > > > Zechim > > > > > > -Mensagem original- > > De: Andrew Ballard [mailto:aball...@gmail.com] > > Enviada em: sexta-feira, 12 de junho de 2009 09:38 > > Para: revDAVE > > Cc: php-general@lists.php.net > > Assunto: Re: [PHP] Field type for american money > > > > On Thu, Jun 11, 2009 at 4:08 PM, revDAVE wrote: > > > Php - MySQL - newbie question > > > > > > - Field type for american money - int(11) seems to work fine > > > > > > - but also I tried decimal(10,2) > > > > > > Is one a better choice than another for american money usage? > > > > > > > > > -- > > > Thanks - RevDave > > > Cool @ hosting4days . com > > > [db-lists 09] > > > > It depends on what you need to store, honestly. If all your dollar > > amounts are integers, int would work fine. If you need decimals, > > decimal(10, 2) would be fine for a lot of applications. However, a lot > > of financial applications need a little more precision. SQL Server has > > a money datatype that looks like it's about equivalent to decimal(19, > > 4) and a smallmoney type that looks like it's equivalent to > > decimal(10, 4). That handles things like gas prices that always have > > that extra 9/10 of a penny tacked onto them, or items that are 3 for a > > dollar. If you enter a price of 0.33 in a decimal(10, 2) field, > > multiplying that by 3 will result in 0.99, whereas three items priced > > at 0. will come to 0., which when formatted to two digits will > > round to 1.00. > > > > Andrew > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > -- > > PHP General Mailing Li
Re: [PHP] phpMyAdmin, localhost, mysql overhead
Some important differences: InnoDB: -row level locking -transactional support -foreign key support MyISAM: -table-level locking -no transactions -no foreign keys If that doesn't sell you, definitely head to google :) On Fri, Jun 12, 2009 at 2:12 PM, Jônatas Zechim wrote: > I really don’t know the differences betwen MyISAM and InnoDB yet but I’ll > google for it right now. > > > > Thank u. > > > > *Zechim* > > > > *De:* Eddie Drapkin [mailto:oorza...@gmail.com] > *Enviada em:* sexta-feira, 12 de junho de 2009 15:05 > *Para:* Nitsan Bin-Nun > *Cc:* Jônatas Zechim; php-general@lists.php.net > > *Assunto:* Re: [PHP] phpMyAdmin, localhost, mysql overhead > > > > The better question is why are you using MyISAM tables? Unless there's a > legitimate reason to prefer MyISAM over InnoDB, you should be using InnoDB. > > On Fri, Jun 12, 2009 at 2:01 PM, Nitsan Bin-Nun > wrote: > > There is no way to avoid it since whenever you delete a row in a myisam > table you create a space in the order of the rows, this space is expressed > by a little bit of extra file size of the database. > This extra file size is called in phpmyadmin as "overhead", you can kill > this over head either by running some INSERT queries which will fill the > space with the inserted rows or running an OPTIMISE query. > > In general, I don't think that there is anything that you should do or take > care of, it is not rocket science and your tables will be good with or > without the overhead ;) > > Nitsan > > On Fri, Jun 12, 2009 at 7:41 PM, Jônatas Zechim >wrote: > > > > I have other tables running but only this give me ‘overhead’. > > > > > > > > I’d know why this table does this and if is bad for my MySQL Server? > > > > Is there anyway to avoid it? > > > > > > > > Zechim > > > > > > > > De: nit...@binnun.co.il [mailto:nit...@binnun.co.il] Em nome de Nitsan > > Bin-Nun > > Enviada em: sexta-feira, 12 de junho de 2009 14:33 > > Para: Jônatas Zechim > > Cc: php-general@lists.php.net > > Assunto: Re: [PHP] phpMyAdmin, localhost, mysql overhead > > > > > > > > I haven't read all your mail, I'm sorry for it in advance, but I think > that > > you should know that "overheard" is just a blasting phrase for something > > which was made up by phpmyadmin. > > > > Basically, when you run a lot of DELETE or UPDATE queries on a table an > > "overhead" is created, generally speaking this "overhead" is a space > > between > > rows in the database file, which will cause mysql engine to insert rows > > into > > this space on future INSERT queries. > > > > You can imagine your table as a hard drive, every couple of months (some > > may > > say weeks) you have to run a de-fragment on it, you can do the same with > > your database table, look up the query OPTIMIZE TABLE which will do the > > de-frag for you :) > > > > If you have any further questions feel free to bring them up. > > > > Regards, > > Nitsan > > > > On Fri, Jun 12, 2009 at 7:02 PM, Jônatas Zechim > > wrote: > > > > Hi there, i have this table running on my localhost: > > > > CREATE TABLE `caffecheckout_compra_itens` ( > > `compra_key` varchar(23) NOT NULL, > > `item_id` int(5) NOT NULL, > > `item_valor` decimal(10,2) NOT NULL, > > `item_peso` decimal(5,3) NOT NULL, > > `item_qtd` int(3) NOT NULL, > > `item_data` int(10) NOT NULL, > > `item_obs` varchar(100) NOT NULL, > > PRIMARY KEY (`item_id`), > > KEY `compra_key` (`compra_key`) > > ) ENGINE=MyISAM DEFAULT CHARSET=latin1; > > > > > > It's on my Server, but when I add a row and after remove that I'd > overhead > > this table (58bytes/row), anyone know why is this happening? > > > > I run this SQL: > > > > INSERT INTO > > caffecheckout_compra_itens > > (compra_key,item_id,item_valor,item_peso,item_qtd,item_data) > > VALUES > > ('12448259804a32897ce1116','2','19.90','0.250',1,'1244825980') > > ON DUPLICATE KEY UPDATE > > item_qtd=item_qtd+1 > > > > And after: > > > > DELETE FROM > > caffecheckout_compra_itens > > WHERE > > compra_key='12448259804a32897ce1116' > > > > > > Zechim > > > > > > -Mensagem original- > > De: Andrew Ballard [mailto:aball...@gmail.com] > > Enviada em: sexta-feira,
[PHP] Uniquely identifying an array... as a key to another array
Alright, here's the situation. I'm wrapping memcached, which takes a list of several servers, into a quasi-singleton. In other words, I want only one instance per set of servers, not per server. Assuming I had three memcached servers at localhost, 192.168.1.1 and 192.168.1.2, I wouldn't want one instance per server, but given that there are seven possible permutations of combinations / only one server configuration, MemcacheConnector::$instances could be an array with seven objects. I'm expecting MemcacheConnector::getInstance($array) to take an array formatted like 'server' => 'port'. Thusly, the question then becomes, what's the lightest possible way to store a unique-ish array as the key for MemcacheConnector::$instances? Having MemcacheConnector::getInstance() check for self::$instances[serialize($serverArray)] seems a huge waste of both ram and CPU time. Is there a better way? Thanks, Eddie
Re: [PHP] how to extract fields from associative array into different variables
You could use list() a la list($foo, $bar) = mysql_fetch_row(); On Mon, Jun 15, 2009 at 4:19 PM, PJ wrote: > Jay Blanchard wrote: > > [snip] > > Is there an easier or simpler way to do this? > > [/snip] > > > > http://us2.php.net/manual/en/function.mysql-fetch-row.php > > > In what way would this simplify or ease my pain? > The difficulty, it seems to me, is not in retrieving the rows, but > rather how to pass the row data to the variables. And since the number > of rows is variable, I believe that the only way to assign the variables > is by use of a loop? I think I'm beating my head against the wall for > nothing... :-( > I know I'm a newbie (a very lazy and ignorant one, apparently) but I > don't quite understand. Or is there a gain in execution time or resource > usage? > > > -- > Hervé Kempf: "Pour sauver la planète, sortez du capitalisme." > - > Phil Jourdan --- p...@ptahhotep.com > http://www.ptahhotep.com >http://www.chiccantine.com/andypantry.php > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] how to extract fields from associative array into different variables
I'm going to assume that your table is setup to have the rows BookID and AuthorName, adjust accordinging: function makeInsertQuery(array $authors, $bookId) { $sql = "INSERT INTO book_authors (BookID, AuthorName) VALUES ('$bookId', '"; foreach($authors as &$author) { $author = mysql_real_escape_string($author); } if(!ctype_digit($bookId)) { return false; } $sql .= implode("', '$bookid'), ('", $authors); // Eric Foo', '123'), ('John Bar', '123'), ('Ricky Bam', '123'), ('; $sql = substr($sql, 0, -4); return $sql; } On Tue, Jun 16, 2009 at 8:50 AM, PJ wrote: > Ashley Sheridan wrote: > > On Mon, 2009-06-15 at 17:38 -0400, PJ wrote: > > > >> Jay Blanchard wrote: > >> > >>> [snip] > >>> In what way would this simplify or ease my pain? > >>> The difficulty, it seems to me, is not in retrieving the rows, but > >>> rather how to pass the row data to the variables. And since the number > >>> of rows is variable, I believe that the only way to assign the > variables > >>> is by use of a loop? I think I'm beating my head against the wall for > >>> nothing... :-( > >>> [/snip] > >>> > >>> You asked for easier. In this way the data is assigned to a usable > >>> variable right out of the gate and that is an array variable. You can > >>> actually use it with either mysql_fetch_array or mysql_fetch_row. > >>> > >>> Here is your query; > >>> > >>> $sql = "SELECT first_name, last_name, book_author.ordinal > >>> FROM author, book_author > >>> WHERE book_author.bookID = $idIN && book_author.authID = > author.id > >>> ORDER BY ordinal"; > >>> > >>> You need not declare another array, but do it this way instead; > >>> > >>>if ($results = mysql_query($sql, $db)) { > >>> while ( $row = mysql_fetch_array($results, MYSQL_ASSOC) ) { > >>> echo $row['first_name']; > >>> echo $row['last_name']; > >>> > >>> > >> Then I have to add some loopy thing to assign the values to the > >> $variables... a real pita since my variable do not lend themselves too > >> well to linear alterations ($varIn, $var2IN, $var3IN... etc... so $i=0 > >> and $i++ arren't going to be too cooperative here... I guess I'd have to > >> change that to $var1IN... and then figure out how to do $var.$i.IN ... I > >> already tried, but don't seem to have it right > >> > >>> etcetera. > >>> } > >>> } > >>> > >>> The lazy part I will agree with :) > >>> > >>> > >> Well, I shouldn't say it, but laziness is a characteristic of > >> "intelligence": why do more than you have to when you can be doing > >> something else. Actually, I am anything but lazy, I spend innumerable > >> hours trying to understand what all this coding is about... searching > >> the web and rummaging (and I do mean "rummaging") in all the lists and > >> posts ... but just going through 20 or 30 listings out of more than > >> 20,000 is already taxing... much easier to ask on the list... if someone > >> can understand my fuzzy questions, they may find the grace and > >> generosity to take pity on the ignoramus... ;-) > >> And I enjoy the ribbing and the humour ... it's a really very nice list! > >> > >> > >> -- > >> Hervé Kempf: "Pour sauver la planète, sortez du capitalisme." > >> - > >> Phil Jourdan --- p...@ptahhotep.com > >>http://www.ptahhotep.com > >>http://www.chiccantine.com/andypantry.php > >> > >> > >> > > Why do you need them in separate variables? Can't you use them using > > array syntax elsewhere in your code? > Basically, I don't know how else to handle inserting and updating random > number of authors. Each book in the db may have up to 5 authors. I > imagine there is a simpler way to do it; I just don't have the knowledge > or experience or the time to learn another way. I'd be happy to have you > look at the code and hear some feedback. It's probably a miracle that > the site is working... ;-) > Oh, it's www.ptahhotep.com - my daughter's egyptology site; I just > migrated from pure (almost) html to php/mysql/css and am just doing the > finishing touches now - the edit page. > > -- > Hervé Kempf: "Pour sauver la planète, sortez du capitalisme." > - > Phil Jourdan --- p...@ptahhotep.com > http://www.ptahhotep.com > http://www.chiccantine.com/andypantry.php > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] how to extract fields from associative array into different variables
And, assuming the same table (just got the new email, sorry) for the update: function makeUpdateQuery(array $authors, $bookId) { foreach($authors as &$author) { $author = mysql_real_escape_string($author); } if(!ctype_digit($bookId)) { return false; } $existing = array(); $getAuthors = 'SELECT AuthorName FROM book_authors'; mysql_query($getAuthors); while($row = mysql_fetch_assoc()) { $existing[] = $row['AuthorName']; } $authorString = implode("', '", $existing); $sql = "DELETE FROM book_authors WHERE AuthorName NOT IN ('"; $sql .= $authorString; $sql = substr($sql, 0, -3) . ')'; mysql_query($sql); $existing = array(); mysql_query($getAuthors); while($row = mysql_fetch_assoc()) { $existing = $row['AuthorName']; } if(arsort($existing) != arsort($authors)) { foreach($existing as $exist) { $key = array_search($exist, $authors); unset($authors[$key]); } } makeInsertQuery($authors, $bookId); } Probably needs some tweaking, both of them, as I'm writing compleletly off the cuff, but the logic should be about right :) On Tue, Jun 16, 2009 at 8:59 AM, Eddie Drapkin wrote: > I'm going to assume that your table is setup to have the rows BookID and > AuthorName, adjust accordinging: > > function makeInsertQuery(array $authors, $bookId) { > > $sql = "INSERT INTO book_authors (BookID, AuthorName) VALUES ('$bookId', > '"; > > foreach($authors as &$author) { > $author = mysql_real_escape_string($author); > } > > if(!ctype_digit($bookId)) { >return false; > } > > $sql .= implode("', '$bookid'), ('", $authors); // Eric Foo', '123'), > ('John Bar', '123'), ('Ricky Bam', '123'), ('; > > $sql = substr($sql, 0, -4); > > return $sql; > > } > > On Tue, Jun 16, 2009 at 8:50 AM, PJ wrote: > >> Ashley Sheridan wrote: >> > On Mon, 2009-06-15 at 17:38 -0400, PJ wrote: >> > >> >> Jay Blanchard wrote: >> >> >> >>> [snip] >> >>> In what way would this simplify or ease my pain? >> >>> The difficulty, it seems to me, is not in retrieving the rows, but >> >>> rather how to pass the row data to the variables. And since the number >> >>> of rows is variable, I believe that the only way to assign the >> variables >> >>> is by use of a loop? I think I'm beating my head against the wall for >> >>> nothing... :-( >> >>> [/snip] >> >>> >> >>> You asked for easier. In this way the data is assigned to a usable >> >>> variable right out of the gate and that is an array variable. You can >> >>> actually use it with either mysql_fetch_array or mysql_fetch_row. >> >>> >> >>> Here is your query; >> >>> >> >>> $sql = "SELECT first_name, last_name, book_author.ordinal >> >>> FROM author, book_author >> >>> WHERE book_author.bookID = $idIN && book_author.authID = >> author.id >> >>> ORDER BY ordinal"; >> >>> >> >>> You need not declare another array, but do it this way instead; >> >>> >> >>>if ($results = mysql_query($sql, $db)) { >> >>> while ( $row = mysql_fetch_array($results, MYSQL_ASSOC) ) { >> >>> echo $row['first_name']; >> >>> echo $row['last_name']; >> >>> >> >>> >> >> Then I have to add some loopy thing to assign the values to the >> >> $variables... a real pita since my variable do not lend themselves too >> >> well to linear alterations ($varIn, $var2IN, $var3IN... etc... so $i=0 >> >> and $i++ arren't going to be too cooperative here... I guess I'd have >> to >> >> change that to $var1IN... and then figure out how to do $var.$i.IN ... >> I >> >> already tried, but don't seem to have it right >> >> >> >>> etcetera. >> >>> } >> >>> } >> >>> >> >>> The lazy part I will agree with :) >> >>> >> >>> >> >> Well, I shouldn't say it, but laziness is a characteristic of >> >> "intelligence": why do more than you have to when you can be doing >> >> something else. Actually, I am anything but lazy, I spend innumerable >> >> hours trying to understand what all this c
Re: [PHP] Re: Help: PHP version not up to date after "apt-get install php5-dev"
Why not just compile it yourself? On Wed, Jun 17, 2009 at 3:34 PM, Shawn McKenzie wrote: > Philipp Schaffner wrote: >> Dear PHP [hard]core expert >> >> After "apt-get install php5-dev" on Linux (Debian, Ubuntu, Hardy Heron) >> with an already existing and functioning PHP5 interpreter "phpinfo()" >> still shows "PHP Version 5.2.4-2ubuntu5.6". BUT at the same time >> phpinfo() shows "Build Date: April 17 2009"! >> >> This seems incongruent to me! PHP 5.2.4 is from the year 2007!!! Which >> version of PHP does my server run now? How can I find out in this >> "mess"? Do I really need to deinstall and reinstall PHP in order to get >> the right version displayed? >> >> Thank you very much for your brief info about this confusion! >> Philipp Schaffner, Switzerland >> >> > > What you installed are development (source) files needed to build PHP > modules. > > $ apt-cache show php5-dev > > Version: 5.2.4-2ubuntu5.6 > Description: Files for PHP5 module development > This package provides the files from the PHP5 source needed for compiling > additional modules. > > AFAIK you're out of luck on Ubuntu for releases newer than 5.2.4 at the > moment. Unless you want to add a Debian repository or another third > party one. > > > -- > Thanks! > -Shawn > http://www.spidean.com > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] how to extract fields from associative array into different variables
Total nitpick, but foreach is a control structure, not a function :P On Thu, Jun 18, 2009 at 8:40 AM, Yuri Yarlei wrote: > > You can try use the foreach function. > > ex: > if ($res = mysql_query ($sql, $db)) { > /* I personally prefer "res" for "resource", not "results" */ > while ($r = mysql_fetch_assoc ($res)) { > $rows[] = $r; > } > } > > > foreach ($rows as $row){ > echo $row['first_name']; > echo ""; > } > > the foreach function transform the array $rows[] (the fisrt level of > associative array) in a variable $row. > > Yuri Yarlei. > Programmer PHP, CSS, Java, PostregreSQL; > Today PHP, tomorrow Java, after the world. > Kyou wa PHP, ashita wa Java, sono ato sekai desu. > > > >> To: php-general@lists.php.net >> From: news.nospam.0ixbt...@luden.se >> Date: Thu, 18 Jun 2009 14:17:59 +0200 >> Subject: Re: [PHP] how to extract fields from associative array into >> different variables >> >> On Tue, 16 Jun 2009 08:50:45 -0400, PJ wrote: >> >> > Ashley Sheridan wrote: >> >> On Mon, 2009-06-15 at 17:38 -0400, PJ wrote: >> >> >> >>> Then I have to add some loopy thing to assign the values to the >> >>> $variables... a real pita since my variable do not lend themselves too >> >>> well to linear alterations ($varIn, $var2IN, $var3IN... etc... so $i=0 >> >>> and $i++ arren't going to be too cooperative here... I guess I'd have to >> >>> change that to $var1IN... and then figure out how to do $var.$i.IN ... I >> >>> already tried, but don't seem to have it right >> >>> >> >> Why do you need them in separate variables? Can't you use them using >> >> array syntax elsewhere in your code? >> >> > Basically, I don't know how else to handle inserting and updating random >> > ... >> >> What he's talking about is doing this: >> >> if ($res = mysql_query ($sql, $db)) { >> /* I personally prefer "res" for "resource", not "results" */ >> while ($r = mysql_fetch_assoc ($res)) { >> $rows[] = $r; >> } >> } >> >> And then you access the individual rows/columns as >> $rows[0]['first_name'] >> $rows[0]['last_name'] >> $rows[1]['first_name'] >> $rows[1]['last_name'] >> and so on, in some kind of loop probably. >> >> (I thought this had been spelled out already, but I >> was unable to find it so perhaps not.) >> >> >> /Nisse >> >> -- >> PHP General Mailing List (http://www.php.net/) >> To unsubscribe, visit: http://www.php.net/unsub.php >> > > _ > Deixe suas conversas mais divertidas. Baixe agora mesmo novos emoticons. É > grátis! > http://specials.br.msn.com/ilovemessenger/pacotes.aspx -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] aesthetic beauty in conception, execution
It's the greatest movie I've ever seen. Canadians, Jesus, vampires and lesbians, what hte hell else could you ask for in a film? On Thu, Jun 18, 2009 at 3:50 PM, Paul M Foster wrote: > On Thu, Jun 18, 2009 at 01:58:26PM -0500, Skip Evans wrote: > >> Okay, had to chime in here... >> >> Jesus Christ, Vampire Hunter >> >> See the trailer here >> >> http://www.youtube.com/watch?v=4LRIypcaIX4 >> > > Ohmygosh! That's a *real* movie! Doubtless in the fine tradition of "The > Toxic Avenger", but with an even lower budget. Priceless! ;-} > > Paul > > -- > Paul M. Foster > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Mastercard Securecode
I've not heard of anything like that, but turning the C API into an extension would be a huge plus for PHP and I heartily recommend it (as long as it's not me writing it ^.^)! On Fri, Jun 19, 2009 at 4:14 AM, Ian wrote: > Hi, > > A search of google has been unsuccessfull so I am posting here in the hope > someone > can help. > > We have recently been told that we must implement the Mastercard Securecode > 'feature' > for all our Maesto transactions or face fines of up $25000 per month. Our > merchant has > provided a SDK which has APIs in C, COM or Java (specifically the "Arcot > Transfort > Merchant Software"). > > We previously moved away from a Java API into our merchant in favour of a > pure PHP > implementation using XML and would rather not take a step back again. > > > Is anyone aware of a pure PHP implementation of the Mastercard Securecode > 'feature'? > > > I am aware I can link into COM & Java from PHP, and even take the C API and > make my > own extension but I would rather not pursue these options unless I really > have to! > > Regards > > Ian > -- > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] This Friday's OT Thread
Wait, that's not how everyone else gets ready for a coding marathon? You guys are doing it wrong! On Fri, Jun 19, 2009 at 7:03 PM, Dotan Cohen wrote: >>> I'm self-employed. I don't plan on ever laying myself off. >> >> Mind out of the gutter, Rob. Words like "self," "laying," and >> "off" will get you flagged. >> > > How naive I was to think that I might be the only one to make the connection! > > > -- > Dotan Cohen > > http://what-is-what.com > http://gibberish.co.il > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] share code between sites
The same document root and different Vhosts? On Sun, Jun 21, 2009 at 4:01 PM, Lars Nielsen wrote: > Hey List > > Is there any good approach to share code between multiple sites? The > code might be on the same server but on different domains. > > best regards > > Lars > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] I've some doubts if I should go with 5.2 or go already with 5.3 (for a course)
Why not give a presentation, like in the first few, about compiling PHP for yourself, as that's a pretty useful skill that's oft neglected? On Tue, Jun 23, 2009 at 4:12 AM, Per Jessen wrote: > Manuel Aude wrote: > >> I'm giving a PHP course next semester (3 hours all saturdays for 22 >> weeks) and I just realized that PHP 5.3 is coming very soon (2 days >> now!). So, my plans of teaching PHP 5.2 are starting to change, and I >> think it's a good idea to teach them 5.3 already. > > Does it _really_ matter which one? I can't imagine there are that many > revolutionary changes in a dot-release. > > > /Per > > -- > Per Jessen, Zürich (12.2°C) > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: XSS Preventing.
Cons: 1. Can't easily edit information in the database 2. Can't display raw for the user (e.g. edit a forum post) 3. Uses more space in the DB 4. Isn't as easily indexed 5. Breaks il8n support of internal search engines (sphinx, lucene, etc.) You're NEVER supposed to santize before inserting in the DB. Ever. Regarding the "performance" boost, if your application is written so well that calling htmlentities() is hurting the performance, I bow to you as writing the highest performing PHP I've ever seen. I would bet money that validation and sanitization, even if overdone, wouldn't take more than 2 or 3 percent of execution time. Do NOT do this, OP, it's terrible practice. On Tue, Jun 23, 2009 at 10:29 AM, Martin Zvarík wrote: >> >> Don't htmlentiies() before DB save. In general: >> >> - mysql_real_escape_string() before DB insertion >> >> - htmlentities() before dispaly >> > > > I, on the other hand, would do htmlentities() BEFORE insertion. > > > Pros: > --- > The text is processed once and doesn't have to be htmlentitied() everytime > you read the database - what a stupid waste of performance anyway. > > > Cons: > --- > Instead "&" you'll see "&" ... is that a problem? Not for me and I > believe 80% of others who use DB to store & view on web. > > > > Martin > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Perl GD
I think you've got the wrong mailing list, man. On Tue, Jun 23, 2009 at 11:11 AM, Chris Denman wrote: > Hi! > > Just installed the latest release of GD on my Centos 5 server with no > installation issues and all libraries OK. > However, getting lots of: > > [13973]ERR: 24: Error in Perl code: Bad file descriptor at /var/www/vhosts/ > w12.org/httpdocs/glassify/indexdie.htm line 11. > > And BLACK boxes behind where it should be transparent (occassionally works > fine) > > http://www.twitterhit.net/glassify (without "dies" - sometimes works) > http://www.twitterhit.net/glassify/indexdie.htm (with "dies" - shows error) > > Here's the code: > > [- > > use GD; > > my $myImage1 = GD::Image->new('/var/www/vhosts/ > w12.org/httpdocs/glassify/me.jpg') || die("$!"); > my $myImage2 = GD::Image->new('/var/www/vhosts/ > w12.org/httpdocs/glassify/glass.png') || die("$!"); > > $myImage1->trueColor(1) || die("$!"); > $myImage2->trueColor(1) || die("$!"); > > $myImage1->alphaBlending(1) || die("$!"); > $myImage2->alphaBlending(1) || die("$!"); > > $myImage1->copy($myImage2, 0, 0, 0, 0, 48, 48); > > $out_data = $myImage1->png; > open (DISPLAY,">/var/www/vhosts/w12.org/httpdocs/glassify/result.png") || > die("wassup $!"); > binmode DISPLAY; > print DISPLAY $out_data; > close DISPLAY; > > -] > > > > > Hope you can help, > > Chris Denman > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] modifying within foreach
It's just foreach($foo as $key => &$item) { } You can't assign the key by reference >.> On Tue, Jun 23, 2009 at 3:04 PM, Ashley Sheridan wrote: > On Tue, 2009-06-23 at 12:56 -0600, kirk.john...@zootweb.com wrote: >> Andres Gonzalez wrote on 06/23/2009 12:26:38 PM: >> >> > I want to modify $results within the foreach. In other words, >> > during a given pass of this iteration, I want to delete some >> > of the items based on particular conditions. Then on the next >> > pass thru the foreach, I want $results to be the newer, modified >> > array. >> > >> > This does not seem to work. It appears that the foreach statement >> > is implemented such that $results is read into memory at the start >> > so that any modifications I make to it during a given pass, are ignored >> > on the next pass. Is this true? >> >> foreach works on a copy of an array, so the behavior you saw is expected. >> See the online manual. >> >> You could use a while loop, or, instead of unset-ing elements of $results, >> store the elements you want to keep into a new array. >> >> Kirk > > What about passing it by reference? > > foreach($results as &$key => &$item) > { > // modify items here > } > > Thanks > Ash > www.ashleysheridan.co.uk > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] CSV file
or $arr = file('foo.csv'); $count = count($arr); On Wed, Jun 24, 2009 at 5:19 PM, Richard Heyes wrote: > Hi, > >> To do the line count first, you have to read the whole file, how would >> you do it? > > Something like this: > > $fp = fopen('/tmp/foo', 'r'); > $count = 0; > > while (!feof($fp)) { > fgets($fp); > ++$count; > } > > -- > Richard Heyes > HTML5 graphing: RGraph (www.rgraph.net - updated 20th June) > PHP mail: RMail (www.phpguru.org/rmail) > PHP datagrid: RGrid (www.phpguru.org/rgrid) > PHP Template: RTemplate (www.phpguru.org/rtemplate) > PHP SMTP: http://www.phpguru.org/smtp > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Progressbar
On Thu, Jun 25, 2009 at 9:58 AM, Stuart wrote: > 2009/6/25 tedd : >> At 8:30 AM +0100 6/25/09, Colin Guthrie wrote: >>> >>> 'Twas brillig, and tedd at 24/06/09 15:24 did gyre and gimble: The biggest problem in uploading a file is figuring out how large it is. You can't find that out in php >>> >>> Well you can find it out with the uploadprogress or APC PECL extensions. >>> >>> If you use Zend Framework then it has a progress bar for file upload built >>> in. >>> >>> >>> http://www.framework.zend.com/manual/en/zend.file.html#zend.file.transfer.introduction.uploadprogress >>> >>> HTHs >>> >>> Col >> >> I purchased Zend Studio around five years ago, but never got it to work for >> me. Maybe I should try it again. > > Zend Studio and Zend Framework have no connection to each other beyond > both coming from Zend. Studio took a major leap downhill when they > switched to the Eclipse platform which is why I no longer use it. Take > a look by all means, but don't get your hopes up. > > -Stuart > > -- > http://stut.net/ > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > Really? I think that was one of the better decisions that they made about it. I don't know of a better (free) IDE platform. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Progressbar
On Thu, Jun 25, 2009 at 10:29 AM, Stuart wrote: > 2009/6/25 Eddie Drapkin : >> On Thu, Jun 25, 2009 at 9:58 AM, Stuart wrote: >>> 2009/6/25 tedd : >>>> At 8:30 AM +0100 6/25/09, Colin Guthrie wrote: >>>>> >>>>> 'Twas brillig, and tedd at 24/06/09 15:24 did gyre and gimble: >>>>>> >>>>>> The biggest problem in uploading a file is figuring out how large it is. >>>>>> You can't find that out in php >>>>> >>>>> Well you can find it out with the uploadprogress or APC PECL extensions. >>>>> >>>>> If you use Zend Framework then it has a progress bar for file upload built >>>>> in. >>>>> >>>>> >>>>> http://www.framework.zend.com/manual/en/zend.file.html#zend.file.transfer.introduction.uploadprogress >>>>> >>>>> HTHs >>>>> >>>>> Col >>>> >>>> I purchased Zend Studio around five years ago, but never got it to work for >>>> me. Maybe I should try it again. >>> >>> Zend Studio and Zend Framework have no connection to each other beyond >>> both coming from Zend. Studio took a major leap downhill when they >>> switched to the Eclipse platform which is why I no longer use it. Take >>> a look by all means, but don't get your hopes up. >>> >>> -Stuart >>> >>> -- >>> http://stut.net/ >>> >>> -- >>> PHP General Mailing List (http://www.php.net/) >>> To unsubscribe, visit: http://www.php.net/unsub.php >>> >>> >> >> Really? I think that was one of the better decisions that they made >> about it. I don't know of a better (free) IDE platform. > > I wasn't criticising Eclipse - I think the platform rocks, but somehow > they've managed to screw it up!! I now use Aptana which is also built > on Eclipse but has a far more polished feel to it. > > -Stuart > > -- > http://stut.net/ > When's the last you used Zend Studio? The latest (6.1.2) stable Zend Studio v. the latest stable Aptana, I'd take Zend Studio hands down. Granted, the 5 series of Studio were _atrocious_ but that's long past! I also don't really appreciate the in-IDE advertising that Aptana sports. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Progressbar
On Thu, Jun 25, 2009 at 12:52 PM, Bastien Koert wrote: > On Thu, Jun 25, 2009 at 11:51 AM, Michael A. Peters wrote: >> Martin Scotta wrote: >>> >>> I found extremely un-productive editors or IDEs like Eclipse or Zend >>> Studio. >>> >>> I use SciTE. >>> >>> It don't has any feature you are talking about... >>> >>> but it.. >>> # do not eat all you ram >>> # starts in a microsecond >>> # opens any type of file >>> # paints the code in pretty colors. >>> # has a little intellisense using pre-written words or api files >>> >>> >> >> I almost exclusively use bluefish, the closest I come to an IDE for anything >> I do is emacs + AUCTeX for my occasional TeX needs. >> >> I also use vim and on the rare occasions I'm stuck with Windows, something I >> think called PSPad (not sure, downloaded it awhile back at my parents >> house). I actually have a license for Homesite, but I don't think I can >> install it on their computer and I don't run Windows anymore. That was nice. >> >> On a Mac - bbedit for everything. >> >> However, all that being said, I do very little php. Right now though a >> little more than usual. >> >> -- >> PHP General Mailing List (http://www.php.net/) >> To unsubscribe, visit: http://www.php.net/unsub.php >> >> > > over the past little while I have been using > > komodo edit (free) - good (more like a text editor with some brains), > good code completion and hinting > aptana studio (free) - eclipse based, bigger learning curve, but lots > of functionality > netbeans (free) - good, nice interface > > > > > -- > > Bastien > > Cat, the other other white meat > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > Well the thing about being productive out of the box with Zend Studio isn't entirely related to Zend Studio, it's more of an Eclipse problem. Eclipse itself, whether using it in a heavily modified form like Aptana or PDT or Zend Studio, or just using it out of the box for Java development or C/C++ development or anything in between, has a ridiculously steep learning curve for what's really just a fancy text editor. While this turns a lot of people off, I was lucky (although I sure didn't think so at the time) enough to have it forced on me when I was learning Java in school. And in the end, I'm pretty glad that I was forced to learn Eclipse because it's been the go to editor for all my coding needs, whether PHP, Python, C, Java, even complex shell scripting. And whenever someone is learning to develop and gets to the point that they'd actually take advantage of some of the more advanced features of Eclipse - step through debugging, code autocompletion, etc. - I recommend that they take some time out of learning the code, or coding, and learn Eclipse. The second Java class I took was actually "learning Eclipse" and it was one of the more useful classes that I've taken, given that there's no longer a learning curve for any IDE that I want to use. Yes, Eclipse is pretty intimidating and oftentimes more complicated than it needs to be, but there's a level of customizability that doesn't exist in any other editors that I've seen. Whether it's making code look and behave exactly the same, or binding keybindings to things like SVN commit / update / resolve, it's all possible in Eclipse. Whether you use Aptana, PDT, Zend Studio (>= 6.0) or another derivative, I'd definitely recommend using Eclipse and once you've topped the learning curve, you'll be able to say that your IDE actually boosts your productivity significantly, which is the ultimate goal anyway. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] OT mysql pivot table problem
You'd be much, much better off creating a query by concatenating ", ($uid, $groups[$i])" into one huge insert query. YOU SHOULD NEVER, EVER EVER EVER EVER RUN QUERIES IN A LOOP! On Thu, Jun 25, 2009 at 4:11 PM, Matt Giddings wrote: > Thanks for taking the time to provide an example. I'm going to take the > advice given by you and others and simply do this in php instead of looking > for a fancy mysql solution. ; ) Dang, and I was really wanting to wow > myself today... > Thanks again! > Matt > > On Thu, Jun 25, 2009 at 3:51 PM, Ashley Sheridan > wrote: > >> On Thu, 2009-06-25 at 15:20 -0400, Matt Giddings wrote: >> > I know this is the off topic (sorry), but it is a php project that I'm >> > working on! I need some pointers on how to pivot a mysql column >> (containing >> > comma delimited data) into an equal number of rows (see example). Any >> > direction (pointers to links, etc. would be appreciated). >> > >> > From this: >> > >> > user.table >> > uid|name|groups >> > 1|mcgiddin|1,4,7,10,12 >> > >> > >> > To this: >> > >> > pivot.table >> > uid|group >> > 1|1 >> > 1|4 >> > 1|7 >> > 1|10 >> > 1|12 >> >> I don't know of any fancy ways of doing it just in MySQL, but if the >> records are all as simple as that, something like this should do the >> trick: >> >> $query = "SELECT * FROM `user`"; >> $result = mysql_query($query); >> while($row = mysql_fetch_array($result)) >> { >> $uid = $row['uid']; >> $groups = explode(','$row['groups']); >> for($i=0; $i> { >> $query2 = "INSERT INTO `pivot` VALUES($uid, $groups[$i])"; >> $result2 = mysql_query($query2); >> } >> } >> >> Also, I'd recommend having some sort of auto increment value on that >> pivot table, so you can manipulate specific rows at a later date. >> >> Thanks >> Ash >> www.ashleysheridan.co.uk >> >> > > > -- > Matt Giddings > Web Programmer > Information Technology Services > Saginaw Valley State University > Phone: 989.964.7247 > > http://www.svsu.edu > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Removing empty values from array
On Thu, Jun 25, 2009 at 5:00 PM, Ashley Sheridan wrote: > On Thu, 2009-06-25 at 17:52 -0300, Martin Scotta wrote: >> Hi all >> >> I have this in a simple routine... >> >> for($i=0, $if=count($array); $i<$if; ++$i) >> if( $array[$i] == '' ) >> { >> array_splice( $array, $i, 1); >> >> --$i; >> --$if; >> } >> >> My question: is this the better way to do it? >> >> -- >> Martin Scotta >> > array_filter() will return an array without any elements that equate to > false (empty strings, 0, false) although you can use the optional > argument to specify your own function which should return true if you > want to keep an element, or false if you want to ditch it, if you need > to eliminate only empty strings. > > > Thanks > Ash > www.ashleysheridan.co.uk > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > I'd just do foreach($array as &$v) { if($v === false || $v === null || $v === 0) { unset($v); } } I wouldn't do anything more complicated >.> -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Does php have multithread, shared object(like jsp application)
PHP doesn't support threading. On Thu, Jun 25, 2009 at 10:59 PM, WenDong Zhang wrote: > Hi guys: > > Now days I want to develop a web application like a chat room. the requests > per seconds maybe very large, so I want to save some common info into to > memory (quick access). > > So, I want to know does php have the follow features or implement them in > other ways. > 1. server scope objects, mostly like application in jsp. // the most > important~ > 2. multithread synchronize. > 3. I want to start a thread timed execute, like Timer in java > > thanks > -- > Best Regards! > Wen Dong > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Fwd: [PHP] What does this mean?
Just getting this back on the list >.> -- Forwarded message -- From: Eddie Drapkin Date: Fri, Jun 26, 2009 at 2:36 AM Subject: Re: [PHP] What does this mean? To: Jason Carson It's used in key value combinations in several places. When building an array: $foo = array('key' => 'value', 'another_key' => 'another value'); which will give you an array that looks like $foo['key'] = 'value'; $foo['another_key'] = 'another_value'; Also, in foreach(), which is a language construct used to iterate over arrays: foreach($foo as $key => $val) { echo "The key for this element is $key and the value is $val\n"; } will output: The key for this element is key and the value is value The key for this element is another_key and the value is another_value Those are the two most common places you'll see it (and perhaps the only, I don't want to speak conclusively, though, I'm awfully tired this evening!) On Fri, Jun 26, 2009 at 2:31 AM, Jason Carson wrote: > Hey all, I'm new to the list and I have a question... > > What does => mean? > > The book I am reading is called Programming PHP published by O'Reilly. I > haven't read the whole book yet. I was flipping through the pages and in > the book there is mention of <= (less than or equal) and >= (greater than > or equal)but it doesn't say what => is even though it is used numerous > times in the example code. > > Thanks > > Jason > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Does something like this exist?
Have you looked at class_parents()? http://www.php.net/manual/en/function.class-parents.php On Mon, Jun 29, 2009 at 4:42 PM, Christoph Boget wrote: >>> * What files are include in which scripts >> pecl.php.net/package/inclued - an awesome tool, will show you >> includes/require calls to other ones, show you any redundancy (dotted >> lines) etc. helps you clean up any nested and unnecessary includes or >> requires. Rasmus approved(tm) >> use it with graphviz and you've got visual maps of your entire >> include/require structure. > > Ok, I'll look in to it. Thanks! > >>> * The relationships between defined classes (eg A extends B) >>> * What other classes are utilized by which classes (eg, instantiation) >> doesn't phpdoc or something do this stuff? might need comments before >> each function/method to make it really work well. not sure. i think >> there's also something called "phpxref" as well that might work... > > It does. But I'm looking to use this on an inherited framework that, > unfortunately, includes very little PHPDoc comments. Considering how > large the codebase is, it'd be quicker for me to write this > functionality (to at least give us something to reference) than it > would be to add the necessary comments. Granted, that's something > we'd want to eventually add anyway but it's something we could do over > time as we became much more familiar with the framework. > > thnx, > Christoph > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Scope woe
It should be passed into the constructor as a parameter. If you're using OOP properly, there's no reason to use $GLOBALS, ever. Any variable in the $GLOBALS array exists twice in memory, so just keep that in mind, if you plan to use it. On Tue, Jun 30, 2009 at 8:43 AM, Peter Ford wrote: > Luke wrote: >> Hello again guys, >> >> I was wondering the best way to tackle the following problem: >> >> I've got a class, containing a property which is another object. So from >> outside I should be able to do >> $firstobject->propertycontainingobject->methodinsidethatobject(); >> >> The $firstobject variable is in the global namespace (having been made with >> $firstobject = new FirstObject;), and I'm having a problem that I'm sure >> many people have when accessing it inside another class, so: >> >> class otherObject >> { >> static function messwithotherthings () >> { >> $firstobject->propertycontainingobject->methodinsidethatobject(); >> } >> } >> >> But $firstobject is blank, which makes sense because in there it is pointing >> to the local variable within the method. >> >> To solve this, I could add 'global $firstobject' inside every method, but >> this is very redundant and boring. I've tried a couple of things like >> adding: >> >> private $firstobject = $GLOBALS['firstobject']; >> >> But apparently that's bad syntax. I was just wondering the best way to get >> around this? >> >> Thanks a lot for your help, >> > > > Set the value of $firstobject in the constructor of otherObject (that's what > constructors are for!): > > eg. > > class otherObject > { >   private $firstobject; > >   function __construct() >   { >     $this->firstobject = $GLOBALS['firstobject']; >   } > >   static function messwithotherthings () >   { >     $this->firstobject->propertycontainingobject->methodinsidethatobject(); >   } > } > > > -- > Peter Ford                phone: 01580 89 > Developer                fax:  01580 893399 > Justcroft International Ltd., Staplehurst, Kent > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Scope woe
On Tue, Jun 30, 2009 at 10:44 AM, Luke wrote: > > > 2009/6/30 Eddie Drapkin >> >> It should be passed into the constructor as a parameter.  If you're >> using OOP properly, there's no reason to use $GLOBALS, ever.  Any >> variable in the $GLOBALS array exists twice in memory, so just keep >> that in mind, if you plan to use it. >> >> On Tue, Jun 30, 2009 at 8:43 AM, Peter Ford wrote: >> > Luke wrote: >> >> Hello again guys, >> >> >> >> I was wondering the best way to tackle the following problem: >> >> >> >> I've got a class, containing a property which is another object. So >> >> from >> >> outside I should be able to do >> >> $firstobject->propertycontainingobject->methodinsidethatobject(); >> >> >> >> The $firstobject variable is in the global namespace (having been made >> >> with >> >> $firstobject = new FirstObject;), and I'm having a problem that I'm >> >> sure >> >> many people have when accessing it inside another class, so: >> >> >> >> class otherObject >> >> { >> >> static function messwithotherthings () >> >> { >> >> $firstobject->propertycontainingobject->methodinsidethatobject(); >> >> } >> >> } >> >> >> >> But $firstobject is blank, which makes sense because in there it is >> >> pointing >> >> to the local variable within the method. >> >> >> >> To solve this, I could add 'global $firstobject' inside every method, >> >> but >> >> this is very redundant and boring. I've tried a couple of things like >> >> adding: >> >> >> >> private $firstobject = $GLOBALS['firstobject']; >> >> >> >> But apparently that's bad syntax. I was just wondering the best way to >> >> get >> >> around this? >> >> >> >> Thanks a lot for your help, >> >> >> > >> > >> > Set the value of $firstobject in the constructor of otherObject (that's >> > what >> > constructors are for!): >> > >> > eg. >> > >> > class otherObject >> > { >> >   private $firstobject; >> > >> >   function __construct() >> >   { >> >     $this->firstobject = $GLOBALS['firstobject']; >> >   } >> > >> >   static function messwithotherthings () >> >   { >> > >> >  $this->firstobject->propertycontainingobject->methodinsidethatobject(); >> >   } >> > } >> > >> > >> > -- >> > Peter Ford                phone: 01580 89 >> > Developer                fax:  01580 893399 >> > Justcroft International Ltd., Staplehurst, Kent >> > >> > -- >> > PHP General Mailing List (http://www.php.net/) >> > To unsubscribe, visit: http://www.php.net/unsub.php >> > >> > >> >> -- >> PHP General Mailing List (http://www.php.net/) >> To unsubscribe, visit: http://www.php.net/unsub.php >> > > Thanks for the replies :) > > Surely if I pass it as a parameter to the __construct then I would have to > make an instance of the otherObject, notice that messwithotherthings is > static? > > Also, if I'm not using OOP properly, Eddie, how would I use it properly to > prevent this situation? > > Thanks, > > -- > Luke Slater > :O) > > Well all you'd really need to do is something like this (for an instance class): class ExampleClassYay { private $instance; public function __construct(someOtherClass $instance) { $this->instance = $instance; } public function foo() { var_dumP($this->instance); } } So, all you'd have to do is something like: $foo = new someOtherClass(); $example = new ExampleClassYay($foo); $example->foo(); Whereas, for a static class, you can use a static property accessed via self::$property instead of $this->property, like so: Well all you'd really need to do is something like this: class StaticExampleClassYay { private static $instance; static public function setInstance(someOtherClass $instance) { self::$instance = $instance; } static public function foo() { var_d
Re: [PHP] Re: Scope woe
On Tue, Jun 30, 2009 at 11:12 AM, Peter Ford wrote: > Luke wrote: >>> >> Thanks for the replies :) >> >> Surely if I pass it as a parameter to the __construct then I would have to >> make an instance of the otherObject, notice that messwithotherthings is >> static? >> >> Also, if I'm not using OOP properly, Eddie, how would I use it properly to >> prevent this situation? >> >> Thanks, >> > > Hmmm, I didn't notice the method was static - that means my idea really won't > work... > > I did have a bad feeling about this, and Eddie confirmed my unease with the > point about OOP. > > Really, you should need your $firstobject to be a singleton: > eg. > > class FirstObject > { >   private static $theInstance = NULL; > >   public $propertyContainingObject; > >   protected function __construct() >   { >     // whatever >   } > >   public static function getInstance() >   { >     if (!self::$theInstance) >     { >       self::$theInstance = new FirstObject(); >     } >     return self::$theInstance; >   } > >   // ... other methods ... > } > > > So then: > > class OtherObject > { >   static function messWithOtherThings() >   { >     $firstObject = FirstObject::getInstance(); >     $firstObject->propertyContainingObject->methodInsideThatObject(); >   } > } > > > > I think that works, and is reasonable to the OOP purists... > > > -- > Peter Ford                phone: 01580 89 > Developer                fax:  01580 893399 > Justcroft International Ltd., Staplehurst, Kent > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > I wouldn't really recommend going with a singleton in this situation, as there exists a different solution (my other post :P) and there are very few actual use-cases where the pattern makes sense, and deploying it unnecessarily can cause a whole lot of headache D: -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Scope woe
On Tue, Jun 30, 2009 at 12:37 PM, Paul M Foster wrote: > On Tue, Jun 30, 2009 at 11:17:17AM -0400, Eddie Drapkin wrote: > > > >> >> I wouldn't really recommend going with a singleton in this situation, >> as there exists a different solution (my other post :P) and there are >> very few actual use-cases where the pattern makes sense, and deploying >> it unnecessarily can cause a whole lot of headache D: >> > > I disagree. A singleton is quite a good solution, particularly when you > only want one instance of an object. You can also create a "registry" > class which contains instances of objects which might be useful to other > classes. > > Why would a singleton lead to headaches? > > Paul > -- > Paul M. Foster > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > If you only want one instance of a class at any point, that's the whole purpose of the pattern, so how could I argue against that? All I said was it's really rare that there's a justifiable reason (and in the above example, it's simply to compensate for not wanting to handle it elsewhere i.e. laziness) to actually use the pattern. A lot of the times you see singletons in use, it's for ease of use, not functionality; database layers, for example, have no necessity of being singletons and it's restrictive to do so, yet it's done all the time. For a generic question like this, suggesting a single design pattern as the solution is a bad idea, as someone who doesn't know better will assume it's the only solution, thus leading to those headaches of dealing with a misapplied paradigm to a particular situation. As far as the registry class paradigm goes, it's occasionally useful, as is the singleton pattern, but it's not a solution I'd necessarily recommend because of the overhead implications, especially not in such a simple situation as storing an instance in a static variable. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] exasperated again - shot in the foot
On Tue, Jun 30, 2009 at 4:50 PM, Bastien Koert wrote: > On Tue, Jun 30, 2009 at 4:48 PM, PJ wrote: >> PJ wrote: >>> Could somebody please explain to me what is wrong with this code? >>> In my script it works, returns the correct id, but when I try it in a >>> test pages, nothing in the world gets it to work. This is rather >>> frustrating, again: >>> THIS WORKS IN ANOTHER PAGE; IN THE TEST PAGE ID DOES NOT. >>> $sql = "SELECT id FROM publishers >>> WHERE publisher = 'whoever'"; >>> $result = mysql_query($sql,$db); >>> $row = mysql_fetch_assoc($result); >>> if (mysql_num_rows($result) !== 0) { >>> $pub = $row['id']; >>> Syntax is ok, echo "hello"; works. >>> >>> >>> This works in the test page: >>> $aid = array(); >>> $ord = array(); >>> $sql = "SELECT authID, ordinal >>> FROM book_author WHERE bookid = 624 ORDER BY ordinal ASC"; >>> $result = mysql_query($sql, $db); >>> //$row = mysql_fetch_assoc($result); >>> while ( $row = mysql_fetch_assoc($result) ) { >>> $aid[]=$row['authID']; >>> $ord[]=$row['ordinal']; >>> } >>> var_dump($aid); >>> echo ""; >>> var_dump($ord); >>> echo $aid[0], " - "; >>> echo $ord[0]; >>> >>> This does not: >>> $fi="joe"; $la="joe"; >>> $sql = "SELECT id FROM author >>> WHERE first_name = '$fi' && last_name = '$la'"; >>> $result = msql_query($sql, $db); >>> $row = mysql_fetch_assoc($result); >>> $count=mysql_num_rows($result); >>> echo $count; >>> if (mysql_num_rows($result) > 0) { >>> $a_id=$row['id']; >>> } >>> echo $a_id, ""; >>> The test page prints out echo "some text"; but no results when the >>> results are there >>> Tell me I have missed something simple here, or is this normal for php ? >>> I have checked the queries on Mysql command line and they are fine. >>> I have verified the syntax and Netbeans tells me it is fine. >>> Same results Firefox3 (2 machines) & IE 8. >>> What is not fine? >>> >>> >> Damn, it's frustrating to find that there is a difference between msql >> and mysql... ouch, the foot hurts now! >> >> -- >> Hervé Kempf: "Pour sauver la planète, sortez du capitalisme." >> - >> Phil Jourdan --- p...@ptahhotep.com >> http://www.ptahhotep.com >> http://www.chiccantine.com/andypantry.php >> >> >> -- >> PHP General Mailing List (http://www.php.net/) >> To unsubscribe, visit: http://www.php.net/unsub.php >> >> > > Blame the native, libraries that is > > -- > > Bastien > > Cat, the other other white meat > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > Take it as a sign you shouldn't be using mysql_ at all :) Use the OOP interface to mysqli or PDO and these problems don't happen -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Scope woe
> You are correct as there was no metaphor in here at all! Â This, "It > helps to think of classes like cars on a highway", is almost a simile, > but on the whole I would probably say that you were using an analogy :-) > HEIL SPELLCHECK! I bow to my grammar nazi superior *bow* -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Epiphany - a salute to APC
if you want a pure opcode cache, APC is a great choice. APC should //not// be used for persistent RAM storage. Memcached is much faster and designed for that aim, while not being tied to the webserver. On Sun, Jul 5, 2009 at 2:10 AM, Brandon Johnson wrote: > you think this is similar to http://www.danga.com/memcached/ or you think > this method would be faster ? Which do you say would be the greatest > benfit ? > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Epiphany - a salute to APC
On Sun, Jul 5, 2009 at 2:43 AM, Paul Scott wrote: > Eddie Drapkin wrote: >> if you want a pure opcode cache, APC is a great choice. >> >>> you think this is similar to http://www.danga.com/memcached/ or you think >>> this method would be faster ? Which do you say would be the greatest >>> benfit ? >>> > A simple rule of thumb that I use is: > > If you have one machine and medium to large traffic loads, go APC > If you have more machines for caching servers (dedicated) and large to > holy mofo loads, then go MemcacheD > > This ALL assumes that you have followed a logical scalability plan and > have separate DB servers, app servers and possibly even using a CDN or > something beforehand. > > -- Paul > > http://www.paulscott.za.net/ > http://twitter.com/paulscott56 > http://avoir.uwc.ac.za > There are several problems with using APC instead of memcached, even on a single machine: 1) APC is tied to the wbserver. This brings up a lot of (not so) obvious problems. The processing is handled by the webserver, instead of a dedicated process. This can mean that a CPU intensive APC operation ties up the webserver, which results in less concurrency for your site, while just waiting to hear back from memcached means idle webserver process, which allows for greater concurrency. 2) APC is designed to be an opcode, first and foremost. And while it may perform as well, or better, on infrequently modified data, memcached is designed and optimized internally to map memory chunks and utilize best memory management practices, which mean data that changes frequently is better stored in memcached. There's a slideshow somewhere about facebook's internal caching, and they store things like school names / info in APC, because fetching it is a tad faster (especially localhost v. network), but the constant rewiring of webserver memory is a bad idea, so they store data that changes often (like status updates) in memcached. 3) memcached has a much richer, better API. Things like CAS can solve race conditions, while APC cannot. There's also increment/decrement, replace, etc. etc. 4) APC shares its memory between storage and opcodes, afaik. So, you fill up APC too much and you start to lose your cached opcodes? I'd rather not. 5) APC, once again, is tied to the webserver, so a webserver restart means you either have to a) prime your cache or b) let your database be hammered while you "live prime" the cache. Neither of these are particularly pleasant, as cache priming is a very difficult task, while allowing direct read access to the database on all pageloads is usually a problem when you have to have a key-val cache system in place. Long story short, if you're using some sort of RAM based cache to store heavy data, use memcached, while light data (configuration values read from a text file, maybe) are fine in APC. --Eddie -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Epiphany - a salute to APC
> -=- (from other discussion) > Interesting that facebook uses both. The fedora maintainer for the apc rpm > listed it as conflicting with memcache. If you can use both, that's a fedora > packaging but that should be fixed. I've never seen, nor heard of, a full scale caching implementation that doesn't use both. Digg uses both, too. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Simple login form with cookies
On Mon, Jul 6, 2009 at 1:45 AM, Jason Carson wrote: >> Hello everyone, >> >> I am trying to create a PHP login script using cookies but am having some >> troubles. Here is my setup >> >> index.php -> authenticate.php -> admin.php >> >> I want a login form on index.php that allows me to login with my username >> and password and then passes $_POST['username'] and $_POST['password'] to >> authenticate.php >> >> Then authenticate.php authenticates against a database of allowed users >> (Which I already have setup and it works fine), if a valid user has >> entered the correct information then admin.php is loaded... >> >> header("location:admin.php"); >> >> ...the admin.php code would look something like the following.. >> >> Code: [Select] >> > if (isset($_COOKIE['username'])) { >> echo "success!"; >> } else { >> echo "Failure"; >> } >> ?> >> >> So basically I think I need to create a cookie from index.php OR >> authenticate.php and then pass the information to admin.php. >> I set the cookie like this... >> >> setcookie("Admin", $username); >> >> Which file(index.php OR authenticate.php) do I create the cookie and how >> do I access the information in the cookie on admin.php? >> >> >> -- >> PHP General Mailing List (http://www.php.net/) >> To unsubscribe, visit: http://www.php.net/unsub.php >> >> > I finally got it working. I needed to setcookie() in login.php. Also, the > names of the cookies(Using setcookie()) where wrong (The names where > "Admin" when they should have been "adminuser" and "adminpass") Once I > fixed that then the following worked in admin.php... > if (isset($_COOKIE['adminuser']) && isset($_COOKIE['adminpass'])) { > echo "Success"; > } else { > echo "Failed"; > } > ?> > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > You're not storing anything usable in the adminpass cookie, are you? It sort of sounds like you're storing a password, or even a passhash, in the cookie and you might want to rethink what that cookie contains to prevent session hijacking. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Simple login form with cookies
On Mon, Jul 6, 2009 at 2:01 AM, Jason Carson wrote: >> On Mon, Jul 6, 2009 at 1:45 AM, Jason Carson wrote: Hello everyone, I am trying to create a PHP login script using cookies but am having some troubles. Here is my setup index.php -> authenticate.php -> admin.php I want a login form on index.php that allows me to login with my username and password and then passes $_POST['username'] and $_POST['password'] to authenticate.php Then authenticate.php authenticates against a database of allowed users (Which I already have setup and it works fine), if a valid user has entered the correct information then admin.php is loaded... header("location:admin.php"); ...the admin.php code would look something like the following.. Code: [Select] >>> if (isset($_COOKIE['username'])) { echo "success!"; } else { echo "Failure"; } ?> So basically I think I need to create a cookie from index.php OR authenticate.php and then pass the information to admin.php. I set the cookie like this... setcookie("Admin", $username); Which file(index.php OR authenticate.php) do I create the cookie and how do I access the information in the cookie on admin.php? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php >>> I finally got it working. I needed to setcookie() in login.php. Also, >>> the >>> names of the cookies(Using setcookie()) where wrong (The names where >>> "Admin" when they should have been "adminuser" and "adminpass") Once I >>> fixed that then the following worked in admin.php... >>> >> if (isset($_COOKIE['adminuser']) && isset($_COOKIE['adminpass'])) { >>> echo "Success"; >>> } else { >>> echo "Failed"; >>> } >>> ?> >>> >>> >>> -- >>> PHP General Mailing List (http://www.php.net/) >>> To unsubscribe, visit: http://www.php.net/unsub.php >>> >>> >> >> You're not storing anything usable in the adminpass cookie, are you? >> It sort of sounds like you're storing a password, or even a passhash, >> in the cookie and you might want to rethink what that cookie contains >> to prevent session hijacking. >> > Yeah, I am storing an unencrypted password in the cookie. Should I encrypt > it, if so how, if not what should I do? > > I am new to programming and PHP web development so I am not aware of all > the security problems that can occur. > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > That's an enormous question without an easy, or even a correct answer. I'd start by googling around for "session hijacking." One of the things that's probably not PC to say, is don't learn to prevent session hijacking, learn to hijack sessions. Once you know how to hijack a session, you can audit your own code and fix the security holes. Although the best advice would probably be to find someone else's session implementation and use that, seeing as there's no real reason to recreate such a worn-in wheel. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Simple login form with cookies
On Wed, Jul 8, 2009 at 10:44 AM, Andrew Ballard wrote: > On Wed, Jul 8, 2009 at 9:48 AM, Martin Scotta wrote: >> $sql = 'SELECT * FROM your-table WHERE username = \''. $username .'\' >> and passwd = md5( concat( \'' . $username .'\', \'@\', \'' . $password >> .'\'))'; >> >> I use this solution because md5 run faster in Mysql >> >> >> >> >> -- >> Martin Scotta >> > > If you were running a loop to build a rainbow table or brute-force a > password, I could see where that would matter. For authenticating a > single user it seems like premature optimization to me. On my > development machine, where PHP runs slow inside of the IDE, the > average time to perform an md5 hash on a text string of 38 characters > (much longer than most passwords) over 1 iterations is around > 0.00085 seconds. I can live with that. :-) I still like handling the > encryption in PHP and then passing the encrypted value to the database > for storage/comparison. > > Andrew > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > You shouldn't be using md5 or sha1 to hash passwords as both have been attacked and successfully exploited. There are other hashing functions in PHP that you should use. And FWIW, you WANT hashing to be slow. The faster it is, the less complicated the algorithm is (assuming all implementations are equal), the more easy it is to break. And if you're storing hashed passwords as a means of verification, SALT THEM FOR CHRIST'S SAKE. //somewhere where you can access it several places, like config.php define('SALT', '2435kh...@#$@#14asdnaksa10=nsdf'); //random characters, the longer and more random, the better. If it was email compatible, I'd have given a "real" salt read out of /dev/random at some point, like you should be doing. //prepare the password $password = $_POST['password'] . SALT; $password = hash('sha512', $password); //assume you've validated $_POST['password'] //query the database to make sure the password is the right one $stmt = $db->prepare('SELECT password FROM users WHERE user_name=?); $stmt->bindParam(1, $password); list($dbPass) = $stmt->fetch(); if($dbPass == $password) { echo 'success'; } else { echo 'failure'; } The reason you salt passwords, especially with binary characters, is that without knowing what the salt is, it's nearly impossible to create a rainbow table and run rainbow table attacks on your database. It costs nearly nothing to do, in terms of resource usage and any sort of human comprehensible scheme to store those hashes is easily broken. I've seen "{$user}{$randomCharacter}{$password}" used before, and I'd never recommend something so simple. --Eddie -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Obeying the rules (was Simple login form with cookies)
> I called him "intolerant" because he jumps on issues which other people just > don't care about. > > I called him "small minded" because he concentrates on small issues which > simply don't matter in the great scheme of things. That sounds like fair > comment to me It's just like those people who have endless arguments about > when to use uppercase and when to use lower case. It simply doesn't matter, > so stop wasting your time in arguing about it. And it's not just as small minded (I'm not agreeing with you, by the way) to assume that your point is the only valid point in the discussion? Nor is it just as small minded to systematically attack someone, and the community they take part in, because they have the audacity to disagree with you? > Irrelevant. It does not matter how much good work anybody does if they go > and ruin it by trying to enforce some inconsequential petty rule. It's obviously not inconsequential, as you're making such a fuss about it. If it's so inconsequential, why not bottom post and be done with it? > > The conventions in other newsgroups are different, and I can't be bothered > to change my habits for different newsgroups just becase some internet Nazi > says so. > Congratulations, rule-abiding denizens of php-general, we're now all Nazis! Way to invoke Godwin, by the way, it clearly always wins these internet argu-debates and doesn't make you look like a loon at all. I'm going to take this opportunity to jump on the "no more respect" bandwagon. > So not only are you dictating how I post, you are also dictating which > newsreader I should use? How arrogant! "I don't like your rules, rules that existed before I got here and will exist after I leave and are agreed on by the community, so I'll not follow them!" is one of the most arrogant things I've ever seen on this list. He was making a suggestion, ffs, and you just want to be an ass and take everything personally. You're making an entire mountain range out of the proverbial molehill. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Obeying the rules (was Simple login form with cookies)
I honestly think this is a case of the subject being broached in a less-than-super-friendly-with-hugs-and-butterflies way and someone getting unduly offended about that. Why not chill out and look at this objectively? Mailing lists are historically, as I'm sure you know, a nearly invaluable research for someone with a problem and a search engine. I would bet that there are few people who subscribe to this list have never found a solution to a problem on a mailing list, somewhere and somewhen. I know I personally subscribed to this list because quite a few questions I had when I was just starting out with PHP came from here and I wasn't subscribing with a news reader at the time. I think you (the OP) is being unnecessarily short-sighted in assuming that 1, everyone has a news reader and uses it to read this list and 2, the threads are only relevant for the duration of their life. The posts here are archived here forever and ever and a rule that suggests posting on either the top or the bottom of the list keeps it consisten for future readers. Breaking that convention because you don't like it is just being grumpy and stickly for no other reason than you can, and potentially harming future developers who could find the information from this list a valuable resource. I like the escalator analogy, because either side of the escalator would do to allow people who want to stand and people who want to walk up to co-exist in harmony, yet there's a standard. Luckily for us, this isn't the New York subway where you get cursed at for standing on the wrong side (I learned that lesson the wrong way when I moved here!). In other words, it's not that top posting is empirically and inherently a worse method than bottom posting, it's that it's a generally accepted standard that helps ensure the longevity of posts on this list. If it was top posting, I'm sure replying would be a lot easier to most of us, but like a dozen people said in the first thread, it takes two seconds to move the cursor each time. Why choose to be overly ornery about a point so trivial? It seems like you're trying to turn this into a "Fight the Power" battle, when the only power you're fighting are your peers. --Eddie -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] HTTP headers and include()
On Fri, Jul 10, 2009 at 1:21 AM, James Colannino wrote: > Hey everyone, > > I've been hard at work on a new web application, and discovered > something that I would never have seen coming. I was noticing that when > I called session_start() after a few lines of includes, I was getting > complaints because the HTTP headers had already been sent out. Then, > after putting session_start() above the include lines, suddenly > everything was working fine. > > The files that were included were nothing more than functions; there was > no code executing that I could tell up to the point of the call to > session_start(). > > I was just wondering if anybody on the list knows why HTTP headers were > being sent out by my includes. I'm sure there's a good reason. I'm > just very curious :) > > Thanks very much in advance. > > James > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > HTTP headers are sent and finalized after the first bit of output. I had the same problem before and it turned out to be because I had a close tag "?>" at the end of a file followed by some whitespace. The solution was to remove the ?> from the end of all the files and I haven't closed an entire file since. Perhaps that might be it? --Eddie -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Error Trapping
On Fri, Jul 10, 2009 at 10:56 AM, Floyd Resler wrote: > I'm having a hard time getting my head around this problem. I have to > connect to a FoxPro database using an ODBC driver. Sometimes when I connect > I get an error. The error doesn't occur all the time and usually another > connect attempt works. I can trap the error through an error handler. > However, I use a class to connect to the database. What I want to do is to > check for that error and, if it occurs, try to connect again. Since the > error handler is outside the class, how can I create the object again and > make sure it gets passed back to my script that called it? I hope that made > sense! > > Thanks! > Floyd Why is the error outside the class? If you connect with a class, something like: public function __construct() { $this->handle = false; while($this->handle === false) { $this->handle == odbc_connect(); } } ought to work fine. Alternatively, you could check out PDO, which is supposed to be the next generation of database connections in PHP, and won't create an object without a connection. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Error Trapping
On Fri, Jul 10, 2009 at 11:39 AM, Floyd Resler wrote: > Eddie, > Thanks for the tip. It suddenly occurred to me what I was doing > wrong. I do use an error trap but I was telling my script to stop running > after the error. So, now I ignore it and continue through the loop you > suggested. I guess it was working exactly the way I had written it! > > Thanks! > Floyd > > On Jul 10, 2009, at 11:23 AM, Eddie Drapkin wrote: > >> On Fri, Jul 10, 2009 at 10:56 AM, Floyd Resler >> wrote: >>> >>> I'm having a hard time getting my head around this problem. I have to >>> connect to a FoxPro database using an ODBC driver. Sometimes when I >>> connect >>> I get an error. The error doesn't occur all the time and usually another >>> connect attempt works. I can trap the error through an error handler. >>> However, I use a class to connect to the database. What I want to do is >>> to >>> check for that error and, if it occurs, try to connect again. Since the >>> error handler is outside the class, how can I create the object again and >>> make sure it gets passed back to my script that called it? I hope that >>> made >>> sense! >>> >>> Thanks! >>> Floyd >> >> Why is the error outside the class? If you connect with a class, something >> like: >> >> public function __construct() { >> $this->handle = false; >> while($this->handle === false) { >> $this->handle == odbc_connect(); >> } >> } >> >> ought to work fine. Alternatively, you could check out PDO, which is >> supposed to be the next generation of database connections in PHP, and >> won't create an object without a connection. >> > > ;) Sometimes all it takes is a fresh look at an old problem! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] HELP SQL INJECTION
On Fri, Jul 10, 2009 at 3:50 PM, Daniel Brown wrote: > On Fri, Jul 10, 2009 at 15:48, Chris Payne wrote: >> Hi everyone, >> >> My server appears to be the victim of a chinese hack-attack and I >> believe they managed to change pages via SQL Injection, do any of you >> have any ideas how to lock down my forms so MySQL cannot be used from >> my forms? > > First and foremost: > > http://php.net/mysql_real_escape_string > > -- > > daniel.br...@parasane.net || danbr...@php.net > http://www.parasane.net/ || http://www.pilotpig.net/ > Check out our great hosting and dedicated server deals at > http://twitter.com/pilotpig > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > You, sir, are an email list ninja. Not ten seconds before I hit Send, Gmail tells me you ninja'd my response! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] I am RTFM, but still stumbling on how to get built-in functions parsed in heredoc
On Fri, Jul 10, 2009 at 8:25 PM, Govinda wrote: > How do I get > basename(__FILE__) > or > htmlentities($somevar) > to be evaluated in a heredoc? > > > Govinda > govinda.webdnat...@gmail.com > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > You actually can't, sorry. At least not as far as I know. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] I am RTFM, but still stumbling on how to get built-in functions parsed in heredoc
On Sat, Jul 11, 2009 at 2:01 PM, Daniel Brown wrote: > On Sat, Jul 11, 2009 at 13:45, Eddie Drapkin wrote: >> >> If that's true, then we've found an error reporting bug! I've never >> seen an error/warning raised, even with my usual >> "error_reporting(E_ALL | E_STRICT | E_DEPRACATED)"! The warning is >> raised here, though: >> $foo = $bar[hello]; >> >> but not here: >> $foo = "$bar[hello]" > > No, we're crossing subjects here, actually. The error would be > raised in something such as the following: > > > $bar['hello'] = 'World!'; > $bar['world'] = 'Hello,'; > > $foo = << $bar['world'] $bar['hello'] > EOT; > > echo $foo."\n"; > ?> > Yeah, that (echo "$bar['hello']") would raise an error the same way as if you had said: echo $bar['\'hello\'']; because, as far as my understand goes, the array key "word" inside the doublequotes/heredoc is literally evaluated, so it'll look for the literal 'hello' key instead of the literal hello key, if that makes sense given the lack of formatting on my part. It looks like, when in lexing mode inside of doublequotes/heredoc, the lexer stops lexing at the first ] after a $ and inside the square bracketed "word", it interprets it as a hash table key, rather than as the literal word, which would be cast to a string (as an undefined constant) and then used as a hash table key outside of "lexing mode" (which is probably not the right way to describe what's going on inside heredoc or doublequotes). > You don't sound like an ass at all (quite the contrary, actually), > and not changing them certainly isn't the end of the world. Alright, was just a tad worried ;) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] I am RTFM, but still stumbling on how to get built-in functions parsed in heredoc
On Sat, Jul 11, 2009 at 11:03 AM, Daniel Brown wrote: > On Sat, Jul 11, 2009 at 10:42, Ashley Sheridan > wrote: >> >> The braces ensure that PHP doesn't stop parsing the variable name once it >> reaches the [. By default, it will only match a variable name up to the [ >> sign, so you couldn't access arrays without the braces. > > Couldn't have said it better myself. > > As for the braces in the HEREDOC around {$somevar}, while it works > absolutely fine, it was a typo on my part: I intended to show all > manner of usage and processing of variables within the HEREDOC syntax. > However, in my own code, I generally include all variables between > {braces} when inside a HEREDOC block. Sheer preference for > readability in a large HEREDOC: because I don't normally use curly > braces around variables, when I see that on the page, I instantly > recognize that I'm still in the block (if all other clues miraculously > fail --- and we all know that they sometimes do). > > -- > > daniel.br...@parasane.net || danbr...@php.net > http://www.parasane.net/ || http://www.pilotpig.net/ > Check out our great hosting and dedicated server deals at > http://twitter.com/pilotpig > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > Uhm you don't need braces around arrays unless you're using more than one dimension in the array. This works perfectly fine for me: "goodbye"); $foo = << Something this simple should be common knowledge :X but I still agree with Daniel that you ought to use {} around variables in HEREDOC (or double-quotes) as it makes your code much more readable. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] I am RTFM, but still stumbling on how to get built-in functions parsed in heredoc
On Sat, Jul 11, 2009 at 1:41 PM, Daniel Brown wrote: > On Sat, Jul 11, 2009 at 13:35, Daniel Brown wrote: >> >> It works fine because you're forcing PHP to cast 'hello' in your >> array from a simple boolean TRUE to the string equivalent. > > sed "s/string equivalent/literal 'hello' string/g" > > (The way I'd worded it before seemed to me, upon re-reading it, > like I was implying it would cast the boolean TRUE to the string > 'TRUE'.) > > -- > > daniel.br...@parasane.net || danbr...@php.net > http://www.parasane.net/ || http://www.pilotpig.net/ > Check out our great hosting and dedicated server deals at > http://twitter.com/pilotpig > If that's true, then we've found an error reporting bug! I've never seen an error/warning raised, even with my usual "error_reporting(E_ALL | E_STRICT | E_DEPRACATED)"! The warning is raised here, though: $foo = $bar[hello]; but not here: $foo = "$bar[hello]" At the risk of sounding like an inane ass, I quote, from php.net/strings: "With array indices, the closing square bracket (]) marks the end of the index. The same rules apply to object properties as to simple variables." Sorry if I sound like an ass, just trying to defend myself from having to go change several thousand array items referenced from doublequotes / HEREDOC. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] I am RTFM, but still stumbling on how to get built-in functions parsed in heredoc
On Sat, Jul 11, 2009 at 3:53 PM, Govinda wrote: > On Jul 11, 2009, at 11:26 AM, Eddie Drapkin wrote: > >> $foo = <<> $bar[hello] >> EOT; > > what does "EOT" stand for? > (I realize that string can be anything.. but I am just asking what EOT > means to everyone? I just use it as "End of Term" because I'm used to "EOF" as "End of File" -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] I am RTFM, but still stumbling on how to get built-in functions parsed in heredoc
On Sat, Jul 11, 2009 at 5:37 PM, tedd wrote: > At 3:34 AM +0700 7/12/09, Lenin wrote: >> >> On Sun, Jul 12, 2009 at 2:56 AM, Eddie Drapkin wrote: >> >>> On Sat, Jul 11, 2009 at 3:53 PM, Govinda >> >> > wrote: >> > > what does "EOT" stand for? >>> >>> > (I realize that string can be anything.. but I am just asking what >>> EOT >> >> > > means to everyone? >> > >> > I just use it as "End of Term" because I'm used to "EOF" as "End of >> File" >> >> EOT used to mean End of Text. reference ASCII-7 notatioin > > > Yes, but in both cases the operator is used at both the beginning AND at the > end of the heredoc. I normally don't start anything with an "End" term. > > That's what I liked about the underscore (_) -- there's no inference that > it's an acronym. > > $whatever = <<<_ > whatever > _; > > However with that said, one could come up with a dual purpose acronym like: > > TO = (TEXT On or TEXT Off) > > or if you need three characters. > > HDO = (HEREDOC ON or HEREDOC OFF) > > I'm sure some clever person could come up with something better. > > Cheers, > > tedd When I see something like $foo = <<http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MySql Injection advice
On Sat, Jul 11, 2009 at 6:39 PM, Haig Dedeyan wrote: > On July 11, 2009 10:57:14 am Haig Dedeyan wrote: >> At 10:12 PM -0400 7/10/09, Haig Dedeyan wrote: >> >> [1] >> >> >$fname = mysql_real_escape_string($fname); >> >$lname = mysql_real_escape_string($lname); >> > >> >$sql = "UPDATE phonedir SET fname = '$fname',lname = '$lname' WHERE >> > id=$id"; $result = mysql_query($sql); >> >echo mysql_error() . "\n"; >> > >> >This will result in the addition of the slashes. >> >> [2] >> >> >If I do the following, there are no slashes. Just wondering if I'm on the >> >right path with the 1st code set.. >> > >> >$sql = "UPDATE phonedir SET fname = >> >'".mysql_real_escape_string($fname)."',lname = >> >'".mysql_real_escape_string($lname)."' WHERE id=$id"; >> >$result = mysql_query($sql); >> >echo mysql_error() . "\n"; >> >> Haig: >> >> Interesting, I did not know that -- that sounds like a bug to me -- >> both should be the same. >> >> However, I commonly do [1] and when I have to display the data to a >> browser, then I use htmlentities() and stripslashes() before >> displaying the data. That way names like O'Brian appear correctly -- >> else they appear 0\'Brian. >> >> Now maybe I'm doing something wrong, but this way works for me. If >> there is a better way, I would like to here it. >> >> Cheers, >> >> tedd > > > Thanks Tedd. > > I did more testing and here's what I have found. > > @PHPSter - magic quotes are off > > > Just entering simple data where an apostrophe is part of the data. > > The following code is entering the slash but that's becuase I am escaping it > twice since mysql_num_rows is throwing an error if an apostrophe is in its > search: > > 1 - > $new_fname = mysql_real_escape_string($new_fname); > $new_lname = mysql_real_escape_string($new_lname); > > $result = mysql_query("SELECT * FROM phonedir WHERE fname = '$new_fname' && > lname = '$new_lname'"); > $num_rows = mysql_num_rows($result); > > if($num_rows > 0) > > { > echo $fname." ".$lname." already exists"; > } > > else > { > > mysql_query("INSERT INTO phonedir > (fname, lname) > VALUES('".mysql_real_escape_string($new_fname)."','".mysql_real_escape_string($new_lname)."')") > or die(mysql_error()); > > > > > > 2 - If I do the same code above without the mysql_num_rows and no escaping, > the data doesn't get entered. > > I think this is normal behaviour. > > > > > > 3 - If I do any of the 2 following sets of code where there is 1 instance of > escaping, the data gets entered with the apostrophe but I don't see any back > slash entered. > > The part that I am concerned about is if I should be seeing the backslash > entered without having to double escape, > > > $new_fname = mysql_real_escape_string($new_fname); > $new_lname = mysql_real_escape_string($new_lname); > > > $result = mysql_query("SELECT * FROM phonedir WHERE fname = '$new_fname' && > lname = '$new_lname'"); > $num_rows = mysql_num_rows($result); > > if($num_rows > 0) > > { > echo $fname." ".$lname." already exists"; > } > > else > { > > mysql_query("INSERT INTO phonedir > (fname, lname) VALUES('$new_fname','$new_lname')") > or die(mysql_error()); > > > > or > > > mysql_query("INSERT INTO phonedir > (fname, lname) > VALUES('".mysql_real_escape_string($new_fname)."','".mysql_real_escape_string($new_lname)."')") > or die(mysql_error()); > > > No offense or anything, but all of this work you've done is immediately mode obsolete the second you switch to prepared statements. They're easier to use and more secure, as well as making code more readable. I don't understand why it's so hard for them to catch on among PHP developers when they're so popular in other languages. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] I am RTFM, but still stumbling on how to get built-in functions parsed in heredoc
On Sun, Jul 12, 2009 at 3:05 AM, Lenin wrote: > On Sun, Jul 12, 2009 at 6:49 AM, Daniel Brown wrote: >> >> > Sorry for TOP posting This mailing list also don't force us to be >> > good >> > :) >> >> FORCE, no. ENCOURAGE, yes. Particularly in long threads like >> this one. Check the rules. They're not just there to take up space >> on the paper. ;-P > > If I reply from my Nokia 6020's wap (as gmail app would hang now due to less > memory) and I include the receiver's text I cant choose to place it at top > or bottom. So, that way it would always be top posting. > > Also from that wap device you will have REAL difficulty if mails are not TOP > posted. Because, then you'd have to scroll all the pages by clicking "next > message">> "next message" blah blah blah. > > Of course it is better for reading if mails are written bottom posted or > inline answered. > > Regards > > Lenin > Two things: 1) I've never head of an email list changing their rules to cater to a fringe crowd, like Nokia 6020 users. 2) Why does every thread lately degrade into chatter about top/bottom posting? *looks RIGHT AT D. Brown* -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php