[PHP] PHP / MYSQL security bug
Maybe I missed the thread but I was wondering if anyone has seen this report or done any testing on it. We tested it and it seems a pretty valid problem. Can anyone comment on a fix that may be in the works? Gerard - Security Advisory DW020203-PHP Release: 3rd February 2002 PHP Safe Mode Filesystem Circumvention Problem Severity: Medium to high. Affects: PHP, all versions which include safe_mode feature. Platform: UNIX, Microsoft Windows, any platforms on which PHP is available. Vendor: http://php.net. Discovered: 12th January 2002, Dave Wilson [EMAIL PROTECTED], using PHP 4.1.0 Apache 2 on Linux. -- VULNERABILITY IN BRIEF PHP (since version 3?) includes a commonly used feature known as Safe Mode. When enabled, scripts are highly limited in their ability to access or execute local files, among other things. PHP relies on a wrapper function around all filesystem calls to perform access checks, but unforunately the bundled MySQL client library has not been modified to perform such checks on LOAD DATA INFILE LOCAL statements. If an attacker has access to a MySQL server (either provided by you or himself), he can use it as a proxy by which to download files residing on the safe_mode-enabled web server. For large ISPs relying on this feature for individual customer privacy, it could mean clients accessing each other's files, or viewing of files on an improperly secured server. FIX Currently, no fix exists. You may use other PHP safe_mode functions to disable the use of the MySQL client library, or secure your servers in a proper fashion.. A suggested fix for the PHP developers might be to scan mysql_query()s for strings similar to LOAD DATA LOCAL INFILE. Happy hackers out there might like to look at libmysql.c:1764 if interested in fixing this problem, although that may only be possible from within PHP. EXAMPLE The attached script will (once configured correctly) attempt to read /var/log/lastlog via the SQL daemon and return it to the client. $ cp safe_mode.php /www $ wget -qO lastlog_via_mysql localhost/safe_mode.php $ diff /var/log/lastlog lastlog_via_mysql; echo $? 0 COMMENTS Due to the nature of the PHP project, development is very rapid and hence many sites do not keep up with latest PHP versions. If a fix was available, it would take quite a while to propagate. It is likely that this is not an isolated problem in PHP, my bets are on PostgreSQL and other PHP database extensions missing this one too. The MySQL support has been enabled in PHP by default for as long as I can remember. DAVE WILSON Currently residing in Belfast, Northern Ireland, he is available for work relating to network security auditing, post-attack recovery and forensics, and penetration testing. He may be contacted at [EMAIL PROTECTED]. If you have any comments regarding this advisory, please contact him directly. Sun Feb 3 21:23:03 GMT 2002 -dw --- Outgoing mail is certified Virus Free By AVG Anti-Virus. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.319 / Virus Database: 178 - Release Date: 1/28/2002 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Swapping BR for \n... ?
On this page at php.net http://www.php.net/manual/en/function.nl2br.php# You will find a function by [EMAIL PROTECTED] which is a great implimentation of replacing the /n in a line. I would suggest you take a look. Gerard At 03:19 PM 1/30/2002 +1100, Jason Murray wrote: Isn't there a function br2nl() and it's relative nl2br() ?? There's nl2br, but I don't believe there's one that goes the other way. J -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] --- Incoming mail is certified Virus Free By AVG Anti-Virus. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.319 / Virus Database: 178 - Release Date: 1/28/2002 --- Outgoing mail is certified Virus Free By AVG Anti-Virus. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.319 / Virus Database: 178 - Release Date: 1/28/2002 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] How to copy a substring of a string
http://www.php.net/manual/en/function.substr.php On Sat, 29 Dec 2001 18:28:57 -0600, Carlos Fernando Scheidecker Antunes wrote: Hello All, I've been searching on the online documentation and I'm pretty sure I've done it before but I don't recall how. The problem is. I have a string with 17 characteres and I want to copy from the fourth character 6 characteres. Under Pascal I usually do copy(string,4,6). That means, copying from the fourth characters a quantity of 6 characteres. Is there any built in function that does that? Could anyone tell me that? Thanks, Carlos Fernando. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Only one instance of a script at a time !
There may be a much easier method however why not write a file and then check for it's
existence on the next execution. Delete the file at the end of
execution to clear the way for the next pass.
Quick and dirty so probably at least on typo
?
$pidFile = path/to/file/filename;
if (!is_file ($pidFile)) {
touch ($pidFile);
// code to execute
unlink ($pidFile);
}
?
On Fri, 28 Dec 2001 15:31:33 +0100, Nicolas Guilhot wrote:
Running a php script with a cron job, how can I do to have only one instance
of the script running ?
Thanks for any answer.
Nicolas
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Only one instance of a script at a time !
Nicolas,
You could try something like
?
$pifFile = /path/to/file/filename;
if(file_exists($pifFile))
{
$fp = fopen($pifFile, r);
flock($fp, 2);
// your code
fclose($fp);
}
Note: Just wrote it, not tested.
Note: You would probably want to do somethig more graceful then simply rely on the
file existing... like create the file if it doesn't exist and then lock it.
Note: From the manual - flock() will not work on NFS and many other networked file
systems. Check your operating system documentation for more details.
On some operating systems flock() is implemented at the process level. When using a
multithreaded server API like ISAPI you may not be able to rely on flock() to
protect files against other PHP scripts running in parallel threads of the same server
instance!
Anybody has an example of how to use flock ?
Re: [PHP] Show only few words that var contains
Daniel,
Here is a rather inelegant way to do this. I am sure there is a better way and I would
love for someone to point it out to us.
This function simply pulls out the first N words using the space as a delimiter.
function firstN($string, $N) {
// remove all double and more spaces
$string = ereg_replace([[:space:]][[:space:]]+, ,$string);
// explode the string on spaces, slice off the amount of words you want and
then implode it back to a single string
$return = implode( , array_slice (explode( ,$string, $N + 1), 0, $N));
// return it
return $return;
} //end firstN
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Question
Hello all, In an effort NOT to make this sound like spam I will be as vague as possible. My suite mates and I are trying to put together a conference (classes and exhibits) based around PHP and MYSQL. They are a very successful conference company and I am a lowly developer who the give out some office space to. The plan is to offer the classes and conference free of charge to all who want to come. This is an idea we recently started kicking around. I was wondering if there is anyone on this list who wouldn't mind lending me a few minutes in exchanging emails so that I can ask for a little input on how you all would feel about this. I apologize for posting something a bit off topic here. Thanks, Gerard Onorato -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Mailling Lists
Ben, These aren't pure PHP however if you are using qmail I would tell you to take a look at ezmlm (http://www.ezmlm.org/) and if your using sendmail you may want to try majordomo (http://www.ualberta.ca/CNS/MAJORDOMO/). If your using something else... well I honestly have no clue. :) Gerard -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] PEAR E-mail
Hello All, I was wondering if anyone could point me towards some good documentation on the PEAR e-mail functions. I was unable to turn up anything. Thanks, G -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] SSL Connection with cURL
Roman,
This is certainly not the exact answer you are looking for however...
We had a lot of trouble using the PHP curl commands directly. We are currently doing a
large volume of transactions using cURL with great success by
shelling to it. I am attaching a very simple example of what we are doing below. Most
of this code is straight out of the cURL web site.
function call_CURL($data) {
$URL=www.foo.com/cgi-bin/blah.pl?submit;
exec(/path_to_curl/curl -m 120 -d \$data\ https://$URL -L,$return_message_array,
$return_number);
for ($i = 0; $i count($return_message_array); $i++) {
$results = $results.$return_message_array[$i];
}
return $results;
}
I hope this helps some.
Gerard
On Thu, 20 Dec 2001 21:14:35 +0100, Roman Eich wrote:
Hi NG,
i want to establish an SSL connection with cURL. I used two different
scripts,
1)
$URL=ssl.server.com/path/file.ext;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,https://$URL;);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS , $data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$result = curl_exec($ch);
$x = curl_errno($ch);
print($xbr$result);
curl_close ($ch);
and get exitcode 1
2)
function cURL ($URL, $options=)
{
$command=/usr/local/bin/curl;
$options.= --stderr;
$execstring=escapeshellcmd($command. .$URL. .$options);
exec($execstring, $stdout, $errorcode);
$output = implode (\n, $stdout);
if ($errorcode0) $output=;
return $output;
}
$URL=https://ssl.server.com/path/file.ext;;
$options= -d $data;
$data = cURL ($URL, $options);
and get exitcode 2
Why i get two different exitcodes and why i get in the second version
exitcode 2?
Can anyone help me to solve this problem?
--
Roman
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] MS Word text pasted into forms
Jim, Have you tried a regular expression. Something like ereg_replace([^[:alnum:]|[:space:]|[:punct:]@], , $string); to clean the string? Gerard O On Thu, 20 Dec 2001 17:02:58 -0500, jimtronic wrote: Occasionally, I have a problem dealing with some of the special characters from text authored in MS Word, and then pasted into a web form. It seems that somewhere something bad happens and what eventually gets put into mysql via php is not correct. In particular, I have trouble with apostrophes and accented vowels. Is the solution to disallow users (it's an admin, so this is realistic) from pasting from MS Word? -- Jim Musil - Multimedia Programmer Nettmedia - 212-629-0004 [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] HTML Email
Okay I know I must be overlooking somethign super obvious but
I am trying to send a simple HTML email. It works in Netscape mail, Pegasus etc
however in Outlook and Outlook express it actually places the
Content-Type: text/html;
charset=iso-8859-1 Content-Transfer-Encoding: 7bit
in the body of the email all displays all the HTML instead of showing the email as a
web page. I ahev inserted the code below. I know it is something stupid,
so please help.
if ($htmlEmail) {
$headers = MIME-Version:
1.0\r\n;
$headers .= Content-Type:
text/html; charset=iso-8859-1\r\n;
$headers .=
Content-Transfer-Encoding: 7bit . \r\n;
$body = $html_body;
}
$headers .= From: $from\r\n\;
($cc != )?($headers .= Cc: $cc\r\n):();
($bcc != )?($headers .= Bcc: $bcc\r\n):();
mail($email, $subject, $body, $headers);
Anyone see what I am doing wrong? Thanks in advance!
Gerard
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] HTML Email
Eureka! That seems to have fixed the problem. Now to test on the Mac clients.
G
On Tue, 18 Dec 2001 23:11:31 +0100, TD - Sales International Holland B.V. wrote:
On Tuesday 18 December 2001 15:51, you wrote:
Ok, just a guess here I'm not that familiar with writting my own
headers What I THINK that might help is using only \n for a newline and
not the \r. \r is windoze stuff while the first mta's (mail transfer agents)
where unix systems. Perhaps that's your problem... then again, it's just a
guess :-)
If this is true, your probably only need that for the headers and not for the
content of the email, since if you'd write an email in outlook express and
press enter in it it should be a CRLF (\r\n)
regards
Okay I know I must be overlooking somethign super obvious but
I am trying to send a simple HTML email. It works in Netscape mail, Pegasus
etc however in Outlook and Outlook express it actually places the
Content-Type: text/html;
charset=iso-8859-1 Content-Transfer-Encoding: 7bit
in the body of the email all displays all the HTML instead of showing the
email as a web page. I ahev inserted the code below. I know it is something
stupid, so please help.
if ($htmlEmail) {
$headers = MIME-Version:
1.0\r\n;
$headers .= Content-Type:
text/html; charset=iso-8859-1\r\n;
$headers .=
Content-Transfer-Encoding: 7bit . \r\n;
$body = $html_body;
}
$headers .= From: $from\r\n\;
($cc != )?($headers .= Cc: $cc\r\n):();
($bcc != )?($headers .= Bcc: $bcc\r\n):();
mail($email, $subject, $body, $headers);
Anyone see what I am doing wrong? Thanks in advance!
Gerard
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] fgets and eval
Hello all, Okay here is the situation. I am reading a file using fgets up until I hit a certain delimiter within the text. No problem there. This text file may or may not contain php in the format ? blah ?. So I now have two variables $header and $footer which may or may not contain some php within them. I need to echo the variables at the top and bottom of other files but need any php that may be in there to execute. I tried echo(eval($header)) and I also tried $header = addslashes($header); eval(\$header = \$header\;); $header= stripslashes($header); echo($header); The first produces and error, the second produces no error however only variables evaluate while actual commands, such as echo just get written into the code. Any idea what I may be doing wrong here? Thanks, Gerard -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] using variables
David, Your code should read: html body img src=? echo($ulo); ? /body /html -Original Message- From: David Killingsworth [mailto:[EMAIL PROTECTED]] Sent: Sunday, December 16, 2001 2:39 AM To: [EMAIL PROTECTED] Subject: [PHP] using variables I'm trying to determing why this won't work. I wish to assign graphics to variables then call them within the HTML on my .php pages. --test.php-- ? $ulo = /images/ulo.gif; ? html body img src=?$ulo? /body /html ---end test.php- The resulting output viewing the html source from the browser is: html output-- html body img src= /body /html ---end html output- there is obviously a programming error here, but after hours of trying things I'm just missing what it is. the img src tag should read img src=/images/ulo.gif What am I missing? David. __ Do You Yahoo!? Check out Yahoo! Shopping and Yahoo! Auctions for all of your unique holiday gifts! Buy at http://shopping.yahoo.com or bid at http://auctions.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Re: ordered alpabeticaly list
Okay, haven't tested this but it should work.
I would let mysql do some of the work here. In your select add something
like
Something like
$result = mysql_query('select ucase(left(name,1)) as foo, name from userlist
order by name');
$lastletter = '';
while ($data = mysql_fetch_array($result)) {
$curletter = ($data['foo']);
if ($curletter != $lastletter) {
echo(br . $curletter . br);
}
echo($data['name'] . br);
$lastletter = $curletter;
}
As I say, I haven't tested this but it should work. Unless I stink... which
I often do.
-Original Message-
From: Rodrigo Peres [mailto:[EMAIL PROTECTED]]
Sent: Thursday, December 13, 2001 1:36 PM
To: [EMAIL PROTECTED]
Subject: Re: [PHP] Re: ordered alpabeticaly list
Thnk's Mike,
But what I really need is create a separation like this
ex:
A
ab...
ac..
ad..
B
be...
bee...
..
for all the names in my table
Thank's again
Rodrigo
on 12/13/01 4:30 PM, Mike Eheler at [EMAIL PROTECTED] wrote:
If I understand you correctly, you want to put a separator when the
letter changes.
Try this:
$result = mysql_query('select name from people order by name');
$lastletter = '';
while ($data = mysql_fetch_array($result)) {
$curletter = strtolower(substr($data['name'],0,1));
if ($curletter != $lastletter) {
// Put code to insert a separator here
}
// put code to display the name here
$lastletter = $curletter;
}
Mike
Rodrigo Peres wrote:
Hi list,
I have a mysql tables, with names on it. I'd like to select this names
ordered by name and output it to a html in alphabetical order, but
separates
by letter, ex: a, names with a, b
I've done the select, but I can't figure out how to output the respective
letters separated.
Thank's in advance
Rodrigo Peres
--
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Apache restart env - i issues as concerns PHP
I have a question about PHP under apache. I was playing with some PHP4.0.6 apps running under apache 1.3.20 on a vanilla RedHat 7.1 box. I was logged in as 'xyz' on the box via SSH. I 'su'd to root to restart apache (/etc/init.d/httpd restart) a few times during testing. In one of my tests I exploited an exec function that sent unchecked input to shell. The input I gave was ...some expected input; echo TEST|mail myuserID and I ended up getting the email but (the part that concerns me even more than the hole) is that the email came from the 'xyz' userID! A peek at 'ps' shows httpd -is- running as 'apache' (as expected) but...after quite a lengthy investigation, phpinfo(), e.g. ? // phpinfo.php phpinfo(); ? shows, in the Environment section of the output, the environment VARS (PATH, MANPATH, USER, SSH session, etc... ) of the -xyz- user that restarted httpd! I rebooted and let httpd come up normally and the same exploit sends mail as 'anonymous'. But after 'xyz' login, su and restart...email is sent as -xyz-?!? After more investigation, I see this has been discussed before: Some defensiveness from apache developers: http://www.geocrawler.com/mail/thread.php3?subject=general%2F6600%3A+phpinfo %28%29+returns+a+user+environmentlist=192 workaround offered at: http://www.phpbuilder.com/mail/php-developer-list/2001042/0459.php So... I added env -i to the /etc/init.d/httpd script e.g. daemon env -i $httpd .. 'xyz' login, su and restart (with 'env -i') and now the phpinfo() output has -nothing- listed in the Environment section. I guess that's to be expected but I'm still left scratching my head as to why the 'env -i' is not used -by default- in the RedHat (or other) httpd rc script for apache and what else might be impacted by doing so. Is this just a PHP-under-apache issue? Insight anyone? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] in_array error
Steve,
What version of PHP are you running. in_array is = 4.0. is_array was in 3.0
so this may be an issue for you.
Gerard
-Original Message-
From: Steve Osborne [mailto:[EMAIL PROTECTED]]
Sent: Thursday, November 29, 2001 3:08 PM
To: PHP-General (E-mail)
Subject: [PHP] in_array error
Can anyone explain why I am getting the following error?
Fatal error: Call to unsupported or undefined function in_array() in
includes/chinlib21stCentury.inc on line 3131
Code:
if( (is_array($List)) AND (is_array($RemoveList)) )
{
$ListItems = count($List);
sort($List);
for($ListItem=0; $ListItem $ListItems; $ListItem++)
{
//printf(brList value: $List[$ListItem]br\n);
if(!(in_array($List[$ListItem],$RemoveList)) AND (trim($List[$ListItem])
) ) // Line 3131
$diff[] = $List[$ListItem];
}
}elseif($debugit){
echo In function ListDiff List and RemoveList are NOT arraysBR;
}
return ($diff);
Thanks,
Steve Osborne
Database Programmer
Chinook Multimedia Inc.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Trainers / Instructors
Hello All, Does anyone know of, or is anyone out there, a trainer or trainers interested in giving classes in PHP-MYSQL to corporate clients in Feb? This is not for myself but rather my suitemates. They have a seminar coming up and are looking for some qualified trainers in PHP or MYSQL. If Anyone out there is interested, please e-mail me directly and I will forward it on to them. Thanks very much, Gerard Onorato -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] curl and HTTPS
Hello all, Okay I have figured out that I will not be able to use fsockopen with https to submit a form. Now I am on to using CURL with openssl. Does anyone know of a sample of how to do this? I have seen mentions of it being done but can not find any examples. Thanks in advance. Gerard -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Excel to MySQL
Another idea that may work... and I say may because I have never done it myself. Is to use MyODBC drivers and do the import code native to Access. I would be interested to hear if others have done this. Gerard -Original Message- From: Jeff Gannaway [mailto:[EMAIL PROTECTED]] Sent: Saturday, October 27, 2001 10:30 AM To: Daniel Harik; [EMAIL PROTECTED] Subject: Re: [PHP] Excel to MySQL At 04:11 PM 10/27/01 -0800, Daniel Harik wrote: You see i have huge(for me) 100 000 record access table, i wanted to convert it to mysql, i thought of making php convertor that uses odbc and mysql, but maybe there is faster way? Daniel, You're making it too hard on yourself. 1. CREATE TABLES in MySQL that match up to your Access tables. 2. In MICROSOFT ACCESS, go to the Export... command (I believe it's under the File menu.) 3. You'll save it as a .txt file with NO TEXT QUALIFIERS, TAB DELIMITED, without having column names on the first row. 4. FTP the .txt file to your server. I always use ASCII mode for it because I remember one time having some problem which I think was due to Binary transfer (I could've been wrong about that, though). 5. Go into MySQL an use the LOAD DATA INFILE command. ie: LOAD DATA INFILE '/home/virtual/yoursite/home/html/filename.txt' REPLACE INTO tablename; The first few times it can be kind of sticky, but after you do it a couple fo times, it will be as easy as breathing. There is 1 compatibility issue that I ran into. If a field in MS ACCESS has data on 2 lines For instance... ++---+ | ID | Address | ++---+ | 1 | 123 Evergreen Terrace | -- This is GOOD ++---+ | 2 | 321 Pine Street | -- This is BAD || Apartment A | ++---+ You see, when MySQL runs the LOAD DATA, new records are indicated by a NEW LINE. You'll want to check your ACCESS table for new lines before creating the export file. Later, Jeff Gannaway ___ Save 15% on 2002 Calendars and Holiday Cards! http://www.AvantGifts.com Discount Code: hopper22ct Offer Good Through October 31, 2001 ___ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] php-mysql question
Hello, I am a recent return to the list. Wow has the traffic grown! This is awesome. I have a couple of questions and one may be a RTFM but I can't find the answer. #1) While I thought I was extremely familiar with the MYSQL functions available in PHP I found on e in a code snippet that I have not used before and can't find. It is simply MYSQL(dbname, querystring). On a *nix box with Apache it is returning a resource ID but on a w2k box with apache (or iss) it is returning nothing at all. It does execute the query however. Any ideas or any pointer as to where I can actually find this function would be appreciated! Thanks. #2) Does anyone know of a convention / conference which will have any PHP coverage in the North East? Thanks, Gerard Onorato -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Re: Error: Can't redeclare already declared function (PHP 3.0.15)
Hi,
Another solution I have used when I have to do conditional includes which
may cause the same page to be included twice
At the top of the code to be included (the separate file) put something
like:
if ($theFileAlreadyInclude != 1) {
and at the bottom you may put:
}
$theFileAlreadyIncluded =1;
depending on the way your coding you may need make the variable global.
Hope this helps.
Gerard
-Original Message-
From: Jason Wood [mailto:[EMAIL PROTECTED]]
Sent: Friday, October 26, 2001 3:43 PM
To: [EMAIL PROTECTED]
Subject: [PHP] Re: Error: Can't redeclare already declared function (PHP
3.0.15)
I had the same type of problem. ( i think)
I had one main page (say index.php) that had a bare bones html page. No
functions or anything.
Then i had separate pages that would be included only if i was using them
(like, say, a category.php for displaying categories, then products.php for
showing products.)
I had a function called printlist(); that would create a drop down menu
with categories/subcategories; this was in both category.php and
products.php. Niether of those files were included at the same time though,
and it'd give me the redeclare error... what i did was rename the function
in each file (like for category.php, rename it to printlist1(); and then in
products.php rename it to printlist2();... this is a quick fix). Let me
know if this was any help :)
--
Jason Wood
Chief Technology Officer
Expressive Tek, Inc.
407 Kehrs Mill Road
Ballwin, MO 63011
Phone 636.256.1362
www.expressivetek.com
Patrick Dunford [EMAIL PROTECTED] wrote in message
001501c15e27$1a738b80$bd84a7cb@patricks">news:001501c15e27$1a738b80$bd84a7cb@patricks...
I have a script (let's call it a.php3) that brings in another script
b.php3
with the include or require call.
In script b.php3 there is an include or require call to bring in script
c.php3.
Script a.php3 after making one and only one include (the include is not
repeated anywhere in a.php3) then calls a function x which is defined in
script b.php3.
The first time the function is called it executes without any problems.
The
second time in which it is called, in exactly the same way, with the same
parameters, it errors with the message
Can't redeclare already declared function in c.php3 at line the last line
of the first function declaration in c.php3
The function is not actually named in the error message. This is the code
block in c.php3 which the error occurs:
top of file
?php
function getDirNames($sourceDir,$includeBase)
{
global $pathList;
function findAllDirsInDir($sourceDir)
{
global $pathList;
$dirHandle=opendir($sourceDir);
while (($subDir=readdir($dirHandle))!=false)
{
if (is_dir($sourceDir./.$subDir))
{
if ($subDir != . $subDir != ..)
{
$dirList[] = $sourceDir./.$subDir;
$pathList[] = $sourceDir./.$subDir;
}
}
}
closedir($dirHandle);
return $dirList;
}; error occurs here
function buildDirList($sourceDir,$recurse)
{
$subDirList=findAllDirsInDir($sourceDir);
if (count($subDirList) != 0)
$recurse=true;
else
$recurse=false;
for($i=0; $icount($subDirList);$i++)
{
$currentSubDir=$subDirList[$i];
if ($recurse==true)
buildDirList($currentSubDir,$recurse);
}
}
buildDirList($sourceDir,true);
if ($includeBase == TRUE)
$pathList[] = $sourceDir;
return $pathList;
}
There are no multiple calls to include or require:
* a.php3 which is the script that calls the function several times to
output
data, contains only one call to include() that is not inside any kind of
loop. It is called once just before the first function call.
*b.php3 which is the script that is included by a.php3. It includes c.php3
ONCE ONLY, NOT IN A LOOP.
*c.php3 which is the script in which the error is occurring.
Debugging b.php3 shows that the error message is thrown when execution
reaches the line in which the function from c.php3 is called. Therefore I
surmise that the error message is ambiguous.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Posting form variables with http authentication
Hi everyone, This question is almost certainly an RTFM but I can't find it so I am going to ask anyway. I have a form on my ssl which I need to submit to a perl handler on another server. Problem is the company on the other side is requiring a http authentication to submit the form. I can't think of any way to send the authentication headers along with the form post. Perhaps I just don't know enough about that area. I was thinking that perhaps I could build a handler page on my server to take the original submission via post then send another post via PHP along with the headers needed for authentication. Before I even try this I was wondering if someone out there had ever done this or could point me in the right direction of some documentation in this area. If it can't be done I would appreciate knowing that as well. Thanks! Gerard Onorato -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] should be simple
Richard, Forgive me for stating the obvious. How are you filling the variable $cheader? If you are simply putting an echo command without pulling the info from the database first you will obviously be getting nothing. Gerard -Original Message- From: Richard Kurth [mailto:[EMAIL PROTECTED]] Sent: Monday, May 21, 2001 10:08 AM To: [EMAIL PROTECTED] Subject: [PHP] should be simple I am trying to pull html code out of a database to put in page something like this which I have stored in a database under cheader html head title/title /head body div align='center' img src=../autowebpages/autosetup.gif' width='406'height='158'border='0' alt=''/div It seams all I have to do is put ?echo $cheader? at the top of the page and it should work just like putting variables into a page. But is does nothing. I would look in the manual or the archives but I don't no wear or what to look for. It seams this should be simple what am I missing hear Best regards, Richard mailto:[EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] strange files in my upload_tmp_dir
Hello, I should probably know the answer to this but I do not. I was hoping someone here could offer me some incite. I recently changed my upload_tmp_dir from the apache default; actually it wasn't set at all, to another directory which I created for this purpose. The directory is outside of the normally accessible directory structure for apache web on my Linux box. I have no forms anywhere on the site which allow FTP just yet. I manually uploaded a few files and have been downloading them via a local VB program. So no PHP access to the directory yet. Today I noticed about 20 files, all named something like php??. They are from various time during the day and have a zero file length with no content at all. I have no idea where these files are coming from. They are certainly not session files as those are appearing correctly in another directory. Any ideas on what these might be? Thanks very much! Gerard Onorato -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
