Re: [PHP] openssl_sign() openssl_verify() discrepancy
On 05/23/2012 01:05 PM, Matijn Woudt wrote: On Wed, May 23, 2012 at 8:29 PM, jasjason.ger...@utah.edu wrote: I have run into a problem that I am altogether unfamiliar with. A scenario. I retrieve a users private key from a database. I then use the openssl_pkey_get_private() function to load it as a resource object and proceed to call the openssl_sign() function to obtain a digital signature of a string. No problem, I get a valid signature which I then base64 encode and store in a database. Now lets say a couple of days from now I load up the public key which corresponds to the private key which was used to originally sign the data to verify it and it does not work. The kicker is if I perform the very same routine without saving the signature and attempting to verify it it works without problems. Have you checked what $signed looks like after running the script? Compare it to $signature. Most likely you corrupted your date elsewhere, maybe when inserting it into the database. - Matijn The example that accompanies the post shows two examples, one works one does not. Neither however use any type of database, as both simply assign or use the valid signature stored within either the $signature or $signed variables. I wish I could say that is the problem, I took care to properly encode/decode when saving or retrieving the information and as well in the original post I removed this as a possible cause by simply defining the $signature variable and assigning a valid signature to it for testing. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] openssl_sign() openssl_verify() discrepancy
On 05/23/2012 01:26 PM, Matijn Woudt wrote: On Wed, May 23, 2012 at 9:12 PM, Jason Gerfenjason.ger...@utah.edu wrote: On 05/23/2012 01:05 PM, Matijn Woudt wrote: On Wed, May 23, 2012 at 8:29 PM, jasjason.ger...@utah.eduwrote: I have run into a problem that I am altogether unfamiliar with. A scenario. I retrieve a users private key from a database. I then use the openssl_pkey_get_private() function to load it as a resource object and proceed to call the openssl_sign() function to obtain a digital signature of a string. No problem, I get a valid signature which I then base64 encode and store in a database. Now lets say a couple of days from now I load up the public key which corresponds to the private key which was used to originally sign the data to verify it and it does not work. The kicker is if I perform the very same routine without saving the signature and attempting to verify it it works without problems. Have you checked what $signed looks like after running the script? Compare it to $signature. Most likely you corrupted your date elsewhere, maybe when inserting it into the database. - Matijn The example that accompanies the post shows two examples, one works one does not. Neither however use any type of database, as both simply assign or use the valid signature stored within either the $signature or $signed variables. I wish I could say that is the problem, I took care to properly encode/decode when saving or retrieving the information and as well in the original post I removed this as a possible cause by simply defining the $signature variable and assigning a valid signature to it for testing. First of all, it seems $signature is in base64 format, so I think you should base64_decode that one first. Then it appears to me that $signature is not the same as $signed, on my system. If I base64_encode $signed, save it by copying it from my browser, and then enter it as $signature, and then use base64_decode on $signature it works fine. - Matijn Those are the same steps I just mentioned. The base64_decoding is a typo on the second example. It should read openssl_verify($unsigned, base64_decode($signature), $id); -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] filter_var using regex
On 05/04/2011 03:10 PM, Ashley Sheridan wrote: On Wed, 2011-05-04 at 13:46 -0600, Jason Gerfen wrote: On 05/04/2011 01:27 PM, Ashley Sheridan wrote: On Wed, 2011-05-04 at 13:20 -0600, Jason Gerfen wrote: I am running into a problem using the REGEXP option with filter_var(). The string I am using: 09VolunteerApplication.doc The PCRE regex I am using: /^[a-z0-9]\.[doc|pdf|txt|jpg|jpeg|png|docx|csv|xls]{1,4}$/Di The function in it's entirety: return (!filter_var('09VolunteerApplication.doc', FILTER_VALIDATE_REGEXP, array('options'=array('regexp'='/^[a-z0-9]\.[doc|pdf|txt|jpg|jpeg|png|docx|csv|xls]{1,4}$/Di' ? false : true; Anyone have any insight into this? You missed a + in your regex, at the moment you're only checking to see if a file starts with a single a-z or number and then is followed by the period. Then you're checking for oddly for one to four extensions in the list, are you sure you want to do that? And the square brackets are used to match characters, not strings, use the standard brackets to allow from a choice of strings Try this: '/^[a-z0-9]+\.(doc|pdf|txt|jpg|jpeg|png|docx|csv|xls)$/Di' One other thing you should be aware of maybe, filenames won't always consist of just the letters a-z and numbers 0-9, they may contain accented or foreign letters, hyphens, spaces and a number of other characters depending on the client machines OS. Windows allows very few characters for example compared to the Unix-like OS's like MacOS and Linux. Both are valid PCRE regex's. However the rules regarding usage of parenthesis for an XOR string does not explain a similar regex being used with the filter_var() like so: return (filter_var('kc-1', FILTER_VALIDATE_REGEXP, array('options'=array('regexp'='/^[kc\-1|kc\-color|gr\-1|fa\-1|un\-1|un\-color|ben\-1|bencolor|sage\-1|sr\-1|st\-1]{1,8}$/Di'))) ? true : false; The above returns string(4) kc-1 Another test using the following works similarly: return (filter_var('u0368839', FILTER_VALIDATE_REGEXP, array('options'=array('regexp'='/^[gp|u|gx]{1,2}[\d+]{6,15}$/Di'))) ? true : false; The above returns string(8) u0368839 And return (filter_var('u0368839', FILTER_VALIDATE_REGEXP, array('options'=array('regexp'='/^[gp|u|gx]{1,2}[\d+]{6,15}$/Di'))) ? true : false; returns string(8) gp123456 As you can see these three examples use the start [] as XOR conditionals for multiple strings as prefixes. Not quite, you think they match correctly because that's all you're testing for, and you're not looking for anything that might disprove that. Using your last example, it will also match these strings: gu0368839 xx0368839 p0368839 I tested your first regex with '09VolunteerApplication.doc' and it doesn't work at all until you add in that plus after the basename match part of the regex: ^[a-z0-9]+\.[doc|pdf|txt|jpg|jpeg|png|docx|csv|xls]{1,4}$ However, your regex (with the plus) also matches these strings: 09VolunteerApplication.docp 09VolunteerApplication.docj 09VolunteerApplication.doc|-- note it's matching the literal bar character Making the changes I suggested (^[a-z0-9]+\.(doc|pdf|txt|jpg|jpeg|png| docx|csv|xls)$) means the regex works as you expect. Square brackets in a regex match a range, not a literal string, and without any sort of modifier, match only a single instance of that range. So in your example, you're matching a 4 character extension containing any of the following characters '|cdfgjlnopstx', and a basename containing only 1 character that is either an a-z or a number. You are right, after a few other tests I stand corrected. My apologies. However according to the documentation for filter_var() and the PCRE regexp option if it returns false, which it is, this is indicating an error with the regex. Here are the changes I have made: print_r(var_dump(filter_var('09VolunteerApplication.doc', FILTER_VALIDATE_REGEXP, array('options'=array('regexp'='/^[a-z0-9]+\.(doc|pdf|txt|jpg|jpeg|png|docx|csv|xls){1,4}$/Di'); I appreciate your assistance and insights. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] filter_var using regex
On 05/04/2011 03:10 PM, Ashley Sheridan wrote: On Wed, 2011-05-04 at 13:46 -0600, Jason Gerfen wrote: On 05/04/2011 01:27 PM, Ashley Sheridan wrote: On Wed, 2011-05-04 at 13:20 -0600, Jason Gerfen wrote: I am running into a problem using the REGEXP option with filter_var(). The string I am using: 09VolunteerApplication.doc The PCRE regex I am using: /^[a-z0-9]\.[doc|pdf|txt|jpg|jpeg|png|docx|csv|xls]{1,4}$/Di The function in it's entirety: return (!filter_var('09VolunteerApplication.doc', FILTER_VALIDATE_REGEXP, array('options'=array('regexp'='/^[a-z0-9]\.[doc|pdf|txt|jpg|jpeg|png|docx|csv|xls]{1,4}$/Di' ? false : true; Anyone have any insight into this? You missed a + in your regex, at the moment you're only checking to see if a file starts with a single a-z or number and then is followed by the period. Then you're checking for oddly for one to four extensions in the list, are you sure you want to do that? And the square brackets are used to match characters, not strings, use the standard brackets to allow from a choice of strings Try this: '/^[a-z0-9]+\.(doc|pdf|txt|jpg|jpeg|png|docx|csv|xls)$/Di' One other thing you should be aware of maybe, filenames won't always consist of just the letters a-z and numbers 0-9, they may contain accented or foreign letters, hyphens, spaces and a number of other characters depending on the client machines OS. Windows allows very few characters for example compared to the Unix-like OS's like MacOS and Linux. Both are valid PCRE regex's. However the rules regarding usage of parenthesis for an XOR string does not explain a similar regex being used with the filter_var() like so: return (filter_var('kc-1', FILTER_VALIDATE_REGEXP, array('options'=array('regexp'='/^[kc\-1|kc\-color|gr\-1|fa\-1|un\-1|un\-color|ben\-1|bencolor|sage\-1|sr\-1|st\-1]{1,8}$/Di'))) ? true : false; The above returns string(4) kc-1 Another test using the following works similarly: return (filter_var('u0368839', FILTER_VALIDATE_REGEXP, array('options'=array('regexp'='/^[gp|u|gx]{1,2}[\d+]{6,15}$/Di'))) ? true : false; The above returns string(8) u0368839 And return (filter_var('u0368839', FILTER_VALIDATE_REGEXP, array('options'=array('regexp'='/^[gp|u|gx]{1,2}[\d+]{6,15}$/Di'))) ? true : false; returns string(8) gp123456 As you can see these three examples use the start [] as XOR conditionals for multiple strings as prefixes. Not quite, you think they match correctly because that's all you're testing for, and you're not looking for anything that might disprove that. Using your last example, it will also match these strings: gu0368839 xx0368839 p0368839 I tested your first regex with '09VolunteerApplication.doc' and it doesn't work at all until you add in that plus after the basename match part of the regex: ^[a-z0-9]+\.[doc|pdf|txt|jpg|jpeg|png|docx|csv|xls]{1,4}$ However, your regex (with the plus) also matches these strings: 09VolunteerApplication.docp 09VolunteerApplication.docj 09VolunteerApplication.doc|-- note it's matching the literal bar character Making the changes I suggested (^[a-z0-9]+\.(doc|pdf|txt|jpg|jpeg|png| docx|csv|xls)$) means the regex works as you expect. Square brackets in a regex match a range, not a literal string, and without any sort of modifier, match only a single instance of that range. So in your example, you're matching a 4 character extension containing any of the following characters '|cdfgjlnopstx', and a basename containing only 1 character that is either an a-z or a number. You are right, after a few other tests I stand corrected. My apologies. However according to the documentation for filter_var() and the PCRE regexp option if it returns false, which it is, this is indicating an error with the regex. In addition to this I would like to point out that the same regex using the older preg_match() function works as it should while the character class following by the pattern (+) fails the validation portion of the regex. print_r(var_dump(filter_var('09VolunteerApplication.doc', FILTER_VALIDATE_REGEXP, array('options'=array('regexp'='/^[a-z0-9]+\.(doc|pdf|txt|jpg|jpeg|png|docx|csv|xls){1,4}$/Di'); returns false (invalid regex) when using the character matching class [a-z0-9]+ with the filter_var() function with the FILTER_VALIDATE_REGEXP option print_r(var_dump(preg_match('/^[a-z0-9]+\.(doc|pdf|txt|jpg|jpeg|png|docx|csv|xls){1,4}$/i', '09VolunteerApplication.doc'))); return int(1) indicating a valid regex as well as a valid match. I believe this should be reported as a bug but I appreciate your assistance and insights. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] filter_var using regex
I am running into a problem using the REGEXP option with filter_var(). The string I am using: 09VolunteerApplication.doc The PCRE regex I am using: /^[a-z0-9]\.[doc|pdf|txt|jpg|jpeg|png|docx|csv|xls]{1,4}$/Di The function in it's entirety: return (!filter_var('09VolunteerApplication.doc', FILTER_VALIDATE_REGEXP, array('options'=array('regexp'='/^[a-z0-9]\.[doc|pdf|txt|jpg|jpeg|png|docx|csv|xls]{1,4}$/Di' ? false : true; Anyone have any insight into this? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] filter_var using regex
On 05/04/2011 01:27 PM, Ashley Sheridan wrote: On Wed, 2011-05-04 at 13:20 -0600, Jason Gerfen wrote: I am running into a problem using the REGEXP option with filter_var(). The string I am using: 09VolunteerApplication.doc The PCRE regex I am using: /^[a-z0-9]\.[doc|pdf|txt|jpg|jpeg|png|docx|csv|xls]{1,4}$/Di The function in it's entirety: return (!filter_var('09VolunteerApplication.doc', FILTER_VALIDATE_REGEXP, array('options'=array('regexp'='/^[a-z0-9]\.[doc|pdf|txt|jpg|jpeg|png|docx|csv|xls]{1,4}$/Di' ? false : true; Anyone have any insight into this? You missed a + in your regex, at the moment you're only checking to see if a file starts with a single a-z or number and then is followed by the period. Then you're checking for oddly for one to four extensions in the list, are you sure you want to do that? And the square brackets are used to match characters, not strings, use the standard brackets to allow from a choice of strings Try this: '/^[a-z0-9]+\.(doc|pdf|txt|jpg|jpeg|png|docx|csv|xls)$/Di' One other thing you should be aware of maybe, filenames won't always consist of just the letters a-z and numbers 0-9, they may contain accented or foreign letters, hyphens, spaces and a number of other characters depending on the client machines OS. Windows allows very few characters for example compared to the Unix-like OS's like MacOS and Linux. Both are valid PCRE regex's. However the rules regarding usage of parenthesis for an XOR string does not explain a similar regex being used with the filter_var() like so: return (filter_var('kc-1', FILTER_VALIDATE_REGEXP, array('options'=array('regexp'='/^[kc\-1|kc\-color|gr\-1|fa\-1|un\-1|un\-color|ben\-1|bencolor|sage\-1|sr\-1|st\-1]{1,8}$/Di'))) ? true : false; The above returns string(4) kc-1 Another test using the following works similarly: return (filter_var('u0368839', FILTER_VALIDATE_REGEXP, array('options'=array('regexp'='/^[gp|u|gx]{1,2}[\d+]{6,15}$/Di'))) ? true : false; The above returns string(8) u0368839 And return (filter_var('u0368839', FILTER_VALIDATE_REGEXP, array('options'=array('regexp'='/^[gp|u|gx]{1,2}[\d+]{6,15}$/Di'))) ? true : false; returns string(8) gp123456 As you can see these three examples use the start [] as XOR conditionals for multiple strings as prefixes. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP URL query
IraqiGeek wrote: Hi all, I'm somewhat new to php, though I have played a bit with the language. I'm currently learning the language, and I'm having a problem passing variables through URL query. Here is what I have: A simple HTML file that contains: A HREF=test.php?var=test Hi, this is a test! /A and a php file that contains: ?php echo( Welcome to our Web site, $var! ); ? try echo Welcome to our website, $_GET['var']; However, when I click on the link on the HTML file, I dont get the value of $var passed to the php script. I have also tried passing multiple variables separated by , and none of those gets passed to the php script. The files are hosted on a local Debian etch server running apache 2.0.54 and php 4.3.10. Is there something I need to check/change in the config files of apache or php? Regards, IraqiGeek www.iraqigeek.com Boat: A hole in the water surrounded by wood into which one pours money. -- Jason Gerfen Student Computing Labs, University Of Utah [EMAIL PROTECTED] I will never tolerate your innocence ~ Blood has been shed -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] array insights
I am looking for some information on how to do this the correct way, here is the data I am working with: Array ( [hostname-0] = hostname [mac-0] = 00:0a:b3:aa:00:5d [ip-0] = 192.168.0.1 [subnet] = MMC-Subnet [group] = MMC-PXE [hostname-1] = tester01 [mac-1] = 00:09:02:bb:cc:zz [ip-1] = 192.168.0.2 [hostname-2] = new-test [mac-2] = 00:09:02:bb:cc:99 [ip-2] = 192.168.0.3 [cmd] = edit [import] = Re-submit ) Here is how I need the above data to look when finished processing. Array ( [0] = Array ( [0] = hostname [1] = 00:0a:b3:aa:00:5d [2] = 192.168.0.1 ) [1] = Array ( [0] = tester01 [1] = 00:09:02:bb:cc:zz [2] = 192.168.0.2 ) [2] = Array ( [0] = new-test [1] = 00:09:02:bb:cc:99 [2] = 192.168.0.3 ) ) here is the code I am using. ?PHP function ReFilter( $new ) { $x = 0; foreach( $new as $key = $value ) { if( eregi( 'hostname', $key ) ) { echo HOSTNAME: . $key . = . $value . br; $arr[$x] = $value; } if( eregi( 'mac', $key ) ) { echo MAC: . $key . = . $value . br; $arr[$x] = $value; } if( eregi( 'ip', $key ) ) { echo IP: . $key . = . $value . br; $arr[$x] = $value; } if( eregi( 'subnet', $key ) ) { echo SUBNET: . $key . = . $value . br; $arr[$x] = $value; } if( eregi( 'group', $key ) ) { echo GROUP: . $key . = . $value . br; $arr[$x] = $value; } $x++; } $data = $arr; return $data; } ? I realize I am missing a loop, but am unsure of the best practice on it. Thanks in advance -- Jason Gerfen You will never be ready for me. ~ Me -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] array insights
Dave Goodchild wrote: use: $new_array = array_chunk($input_array, 3)); Thanks, that is just the array function I was looking for. this will split your original array into a number of arrays with three elements in each and trash the original keys. If you want to preserve the keys pass a third paramater (true). Hope this helps. On 03/05/06, Jason Gerfen [EMAIL PROTECTED] wrote: I am looking for some information on how to do this the correct way, here is the data I am working with: Array ( [hostname-0] = hostname [mac-0] = 00:0a:b3:aa:00:5d [ip-0] = 192.168.0.1 [subnet] = MMC-Subnet [group] = MMC-PXE [hostname-1] = tester01 [mac-1] = 00:09:02:bb:cc:zz [ip-1] = 192.168.0.2 [hostname-2] = new-test [mac-2] = 00:09:02:bb:cc:99 [ip-2] = 192.168.0.3 [cmd] = edit [import] = Re-submit ) Here is how I need the above data to look when finished processing. Array ( [0] = Array ( [0] = hostname [1] = 00:0a:b3:aa:00:5d [2] = 192.168.0.1 ) [1] = Array ( [0] = tester01 [1] = 00:09:02:bb:cc:zz [2] = 192.168.0.2 ) [2] = Array ( [0] = new-test [1] = 00:09:02:bb:cc:99 [2] = 192.168.0.3 ) ) here is the code I am using. ?PHP function ReFilter( $new ) { $x = 0; foreach( $new as $key = $value ) { if( eregi( 'hostname', $key ) ) { echo HOSTNAME: . $key . = . $value . br; $arr[$x] = $value; } if( eregi( 'mac', $key ) ) { echo MAC: . $key . = . $value . br; $arr[$x] = $value; } if( eregi( 'ip', $key ) ) { echo IP: . $key . = . $value . br; $arr[$x] = $value; } if( eregi( 'subnet', $key ) ) { echo SUBNET: . $key . = . $value . br; $arr[$x] = $value; } if( eregi( 'group', $key ) ) { echo GROUP: . $key . = . $value . br; $arr[$x] = $value; } $x++; } $data = $arr; return $data; } ? I realize I am missing a loop, but am unsure of the best practice on it. Thanks in advance -- Jason Gerfen You will never be ready for me. ~ Me -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- http://www.web-buddha.co.uk dynamic web programming from Reigate, Surrey UK (php, mysql, xhtml, css) look out for project karma, our new venture, coming soon! -- Jason Gerfen You will never be ready for me. ~ Me -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] forms and dynamic creation and unique field names
I have come upon a problem and am not sure how to go about resolving it. I have an web form which is generated dynamically from an imported file and I am not sure how I can loop over the resulting post variables within the global $_POST array due to the array keys not being numeric. Any pointers are appreciated. -- Jason Gerfen You will never be ready for me. ~ Me -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] forms and dynamic creation and unique field names
Martin Zvarík wrote: Jason Gerfen wrote: I have come upon a problem and am not sure how to go about resolving it. I have an web form which is generated dynamically from an imported file and I am not sure how I can loop over the resulting post variables within the global $_POST array due to the array keys not being numeric. Any pointers are appreciated. You will never be ready for me. ~ Me Hahah... HAHA... -- Jason Gerfen You will never be ready for me. ~ Me -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: forms and dynamic creation and unique field names
Oops, I thought there might be an array function that would be better to use then foreach loops. Thanks. Dave Goodchild wrote: Foreach. Please try and read the manual, this is very basic stuff that could be gleaned in 5 minutes. On 27/04/06, Barry [EMAIL PROTECTED] wrote: Jason Gerfen schrieb: I have come upon a problem and am not sure how to go about resolving it. I have an web form which is generated dynamically from an imported file and I am not sure how I can loop over the resulting post variables within the global $_POST array due to the array keys not being numeric. Any pointers are appreciated. foreach? -- Smileys rule (cX.x)C --o(^_^o) Dance for me! ^(^_^)o (o^_^)o o(^_^)^ o(^_^o) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- http://www.web-buddha.co.uk dynamic web programming from Reigate, Surrey UK (php, mysql, xhtml, css) look out for project karma, our new venture, coming soon! -- Jason Gerfen You will never be ready for me. ~ Me -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] real time output from log file?
Anyone use php to tail a log file for patterns and perhaps updating a iframe or something similar? If so do you have a link to some resources on it? -- Jason Gerfen You will never be ready for me. ~ Me -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Apache/PHP/MySQL/OpenSSL upgrade question
I know this might be slightly off topic but I just upgraded PHP/MySQL/OpenSSL and Apache to the latest stable release for each project and so far so good. The one problem I am encountering is dealing with SSL and apachectl not accepting the command 'apachectl startssl' as it is depreciated. Any idea how I can get this to start with SSL enabled on port 443? -- Jason Gerfen You will never be ready for me. ~ Me -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: PHP files in the SRC attribute of an SCRIPT element
You will want to write PHP code to output the java-script. Because the java-script (client side scripting) gets executed without communicating with the server there is no PHP engine that java-script can push the PHP through on the client machine. So you would want to do something like: ?PHP $string = I want a new pop-up message; $javascript = scriptalert( $string )/script; echo $javascript; ? Karl-Heinz Christian Zeck wrote: Thank you for your quick reply. I tried to modify the file. I removed all it's content and wrote only a single line: alert(test); When I refresh the main page, I get the alert message - this means the file was loaded successfuly. Then I tried this code: alert(?php echo 'test';?); This way it doesn't work, no alert message, so the file wasn't loaded. Any ideas? Thanks! On 3/17/06, Barry [EMAIL PROTECTED] wrote: Karl-Heinz Christian Zeck wrote: Hi everybody, Are you allowed to do this? I mean, is the php file parsed by the PHP engine first and a js code is generated that will be used by the script element? Yes -- Smileys rule (cX.x)C --o(^_^o) Dance for me! ^(^_^)o (o^_^)o o(^_^)^ o(^_^o) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Jason Gerfen Student Computing Labs, University Of Utah [EMAIL PROTECTED] J. Willard Marriott Library 295 S 1500 E, Salt Lake City, UT 84112-0860 801-585-9810 You will never be ready for me. ~ Me -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: PHP files in the SRC attribute of an SCRIPT element
Well on another note I see that you are trying to point to a local file on a windows machine (i.e. c:\path\to\php-script), that won't work but if you place the php script on the server it may. i am unfamiliar with the organization you are refering to. Karl-Heinz Christian Zeck wrote: I cannot use such a code, because the file I'm using is added to the Script element in the html page. The guys from Horde, that created the files say this should work without any problems, but it doesn't. If you have any other suggestions, please let me know. Thank you! On 3/17/06, *Jason Gerfen* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: You will want to write PHP code to output the java-script. Because the java-script (client side scripting) gets executed without communicating with the server there is no PHP engine that java-script can push the PHP through on the client machine. So you would want to do something like: ?PHP $string = I want a new pop-up message; $javascript = scriptalert( $string )/script; echo $javascript; ? Karl-Heinz Christian Zeck wrote: Thank you for your quick reply. I tried to modify the file. I removed all it's content and wrote only a single line: alert(test); When I refresh the main page, I get the alert message - this means the file was loaded successfuly. Then I tried this code: alert(?php echo 'test';?); This way it doesn't work, no alert message, so the file wasn't loaded. Any ideas? Thanks! On 3/17/06, Barry [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Karl-Heinz Christian Zeck wrote: Hi everybody, Are you allowed to do this? I mean, is the php file parsed by the PHP engine first and a js code is generated that will be used by the script element? Yes -- Smileys rule (cX.x)C --o(^_^o) Dance for me! ^(^_^)o (o^_^)o o(^_^)^ o(^_^o) -- PHP General Mailing List ( http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Jason Gerfen You will never be ready for me. ~ Me -- Jason Gerfen You will never be ready for me. ~ Me -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] supressing warnings in error_log
I would like to know how to suppress Warning error_log entries dealing with undefined vars: eg. Undefined index: del_pxe in /test.php on line 33, referer: http://website.com/index.php -- Jason Gerfen Student Computing Labs, University Of Utah [EMAIL PROTECTED] J. Willard Marriott Library 295 S 1500 E, Salt Lake City, UT 84112-0860 801-585-9810 When asked what love is: Love is the Jager talking. ~Craig Baldo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] More CLASS help
I am not sure if what I am doing here is a problem or not. Pointers? class mySubnet { var $data; function SubnetSettings( $level, $add_vlan, $edit_vlan, $del_vlan ) { $subnets = new mySubnet; } } -- Jason Gerfen When asked what love is: Love is the Jager talking. ~Craig Baldo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] classes and return values
I am attempting to work up a class and because I am unfamiliar with some of the code flow I am only able to get a return value of 'object'. How can I pull the data out of a class? Any help, or pointers on what I am doing wrong is appreciated. class myAuth { var $user; var $pass; var $lvl; var $id; function login( $user, $pass ) { require 'templates/auth.tmplte.php'; global $defined, $error_message; if( ( empty( $user ) ) || ( empty( $pass ) ) ) { if( $_SESSION['count']++ = 1 ) { $errors = img src=\images/error.jpg\nbsp;nbsp;bYou need to provide a user name and password!/bbrbr; } $data = new myAuthTmplte(); $data-auth_template( 1, NULL, NULL, NULL, $errors ); logs( $error_message['str_chk'] ); } } } -- Jason Gerfen Student Computing Labs, University Of Utah [EMAIL PROTECTED] J. Willard Marriott Library 295 S 1500 E, Salt Lake City, UT 84112-0860 801-585-9810 When asked what love is: Love is the Jager talking. ~Craig Baldo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Class calling Class returning 'object'
I am in need of some assistance working with classes. I have a function (X) which calls a class (A), that class calls another class (B) and returns the results. At this point I think I am doing everything correctly within' class A because if I echo the results of Class A calling Class B the data is displayed. However, when I use 'return $data' from function X (ex. $data = $ClassA-function( $var1, $var2 ); ) the word 'object' is being displayed in the browser. Here is the code; any help, tips, pointers is appreciated. // function 'chooser' calls class 'myAuth' and returns $data function chooser( $level, $page, $user, $pass ) { if( $page == auth ) { require 'auth.inc.php'; $data = new myAuth; $data = $data-login( $_POST['user'], $_POST['pass'] ); } else { $data = error; } return $data; } // myAuth class class myAuth { var $data; function login( $user, $pass ) { if( ( empty( $user ) ) || ( empty( $pass ) ) ) { $data = new myAuthTmplte(); $data = $data-AuthTemplate( 1, NULL, NULL, NULL, $errors ); } else { $data = error; } return $data; // If I do echo $data I can see the results of calling the myAuthTmplte Class } // myAuthTmplte class class myAuthTmplte { var $data; function AuthTemplate( $cmd, $args, $num, $message, $errors ) { $data = I should be seeing this text right here; // This data should be displayed but I am only seeing the word 'object' in the browser return $data; } -- Jason Gerfen When asked what love is: Love is the Jager talking. ~Craig Baldo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] $_POST to function?
I am not sure why this is not working. Aren't $_POST vars superglobals? I am trying to pass the $_POST array as an argument to a function and nothing is being returned. Any help is appreciated. return global_template( 3, $_POST, count( $_POST ), $message ); function global_template( $cmd, $args, $num, $message ) { echo pre; print_r( $args ); echo /pre; } -- Jason Gerfen When asked what love is: Love is the Jager talking. ~Craig Baldo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: $_POST to function?
Tanoor Dieng wrote: Hi, are there some variables in your post array(aka are you sure that $_POST is not empty)? Normally this should works. Tanoor. 2006/2/24, Jason Gerfen [EMAIL PROTECTED]: I am not sure why this is not working. Aren't $_POST vars superglobals? I am trying to pass the $_POST array as an argument to a function and nothing is being returned. Any help is appreciated. return global_template( 3, $_POST, count( $_POST ), $message ); function global_template( $cmd, $args, $num, $message ) { echo pre; print_r( $args ); echo /pre; } -- Jason Gerfen When asked what love is: Love is the Jager talking. ~Craig Baldo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Yep, I just double checked the $_POST vars prior to calling the function, ex: echo pre; print_r( $_POST ); echo /pre; // This prints everything contained in $_POST without problem return global_template( 3, $_POST, count( $_POST ), $message, NULL ); function global_template( $cmd, $args, $num, $message, $errors ) { echo pre; print_r( $args ); echo /pre; // This will not display anything in the $args-$_POST array? WTH? } -- Jason Gerfen When asked what love is: Love is the Jager talking. ~Craig Baldo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: $_POST to function?
Vidyut Luther wrote: Since $_POST is a superglobal, it should not lose scope inside a function() call. I could be wrong though. Also, curious if $args is empty.. what is $num and $message. ? Also.. you're calling a function in your return statement ? On 2/24/06, Jason Gerfen [EMAIL PROTECTED] wrote: Tanoor Dieng wrote: Hi, are there some variables in your post array(aka are you sure that $_POST is not empty)? Normally this should works. Tanoor. 2006/2/24, Jason Gerfen [EMAIL PROTECTED]: I am not sure why this is not working. Aren't $_POST vars superglobals? I am trying to pass the $_POST array as an argument to a function and nothing is being returned. Any help is appreciated. return global_template( 3, $_POST, count( $_POST ), $message ); function global_template( $cmd, $args, $num, $message ) { echo pre; print_r( $args ); echo /pre; } -- Jason Gerfen When asked what love is: Love is the Jager talking. ~Craig Baldo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Yep, I just double checked the $_POST vars prior to calling the function, ex: echo pre; print_r( $_POST ); echo /pre; // This prints everything contained in $_POST without problem return global_template( 3, $_POST, count( $_POST ), $message, NULL ); function global_template( $cmd, $args, $num, $message, $errors ) { echo pre; print_r( $args ); echo /pre; // This will not display anything in the $args-$_POST array? WTH? } -- Jason Gerfen When asked what love is: Love is the Jager talking. ~Craig Baldo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Sure, by calling return function_name( args ) it just sends vars based on conditional statements to a template type setup. The $num and $message vars are used by the template function to determine what and how to display the page contents is all. That is what I thought, $_POST is a superglobal, but it is loosing scope. Could it be that I am trying to pass $_POST from one function to another function be causing the problem you think? I have never ran into this before. -- Jason Gerfen When asked what love is: Love is the Jager talking. ~Craig Baldo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: $_POST to function?
Christopher Taylor wrote: I am not as familiar with php as I am c++ but I wonder if you need to pass by reference? Does this make sense in the context of php? One other thing I would try is setting $temp = $_Post and then passing $temp. Chris Yeah, I actually tried that as well. -- Jason Gerfen When asked what love is: Love is the Jager talking. ~Craig Baldo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] $_POST to function?
Dan Parry wrote: Why are you passing the POST array? As it's superglobal why not just work directly on it within the function? Dan - Dan Parry Senior Developer Virtua Webtech Ltd http://www.virtuawebtech.co.uk -Original Message- From: Jason Gerfen [mailto:[EMAIL PROTECTED] Sent: 24 February 2006 15:27 To: PHP General (E-mail) Subject: [PHP] $_POST to function? I am not sure why this is not working. Aren't $_POST vars superglobals? I am trying to pass the $_POST array as an argument to a function and nothing is being returned. Any help is appreciated. return global_template( 3, $_POST, count( $_POST ), $message ); function global_template( $cmd, $args, $num, $message ) { echo pre; print_r( $args ); echo /pre; } Perhaps I should post some more of the code I am working. I am attempting to create a simple method of outputing data to a template function which only holds html data to be displayed on the browser. Here is a quick overview, perhaps I cannot do this. index.php calls this: $data = chooser( $_SESSION['a'], $_GET['b'], $_SESSION['c'], $_SESSION['d'] ); Contents of chooser function: function chooser( $level, $page, $user, $pass ) { if( $page == global ) { require 'global.inc.php'; $data = global_dhcp( $_SESSION['lvl'], $_POST['dn'], $_POST['lt'], $_POST['mlt'], $_POST['msc01'], $_POST['msc02'], $_POST['msc03'], $_POST['msc04'], $_POST['msc05'], $_POST['pxe'], $_POST['pxe01'], $_POST['pxe02'], $_POST['pxe03'], $_POST['pxe04'], $_POST['pxe05'], $_POST['pxe05'] ); } contents of global_dhcp function: function global_dhcp( $level, $domain, $lease, $mxlease, $msc01, $msc02, $msc03, $msc04, $msc05, $pxe, $pxe01, $pxe02, $pxe03, $pxe04, $pxe05, $pxe06 ) { global $defined, $error_message; require 'template.php'; if( ( empty( $domain ) ) || ( empty( $lease ) ) || ( empty( $mxlease ) ) ) { $db = db( $defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname'] ); $sql = @mysql_query( SELECT * FROM global, $db ) $args = @mysql_fetch_array( $sql_global ); @mysql_close( $db ); $message = message; return global_template( 1, $args, count( $args ), $message ); logs( $error_message['valid'] ); } else { return global_template( 4, NULL, NULL, NULL, NULL ); logs( $error_message['usr_chk'] ); } } and the contents of the global_template function: function global_template( $cmd, $args, $num, $message, $errors ) { if( $cmd == 4 ) { $data = img src=\images/error.jpg\nbsp;nbsp;blinkbError: /b/blinkYou do not have proper access to use this utility. Your computer information has been recorded and the Administrator has been notified.; } return $data; } So in essence: index.php-chooser-global_dhcp-global_template-output to browser I hope that clarifies my problem a bit. -- Jason Gerfen When asked what love is: Love is the Jager talking. ~Craig Baldo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] $_POST to function?
Peter Lauri wrote: Is the function actually returning anything? Aren't you just echoing the content of the $_POST? -Original Message- From: Jason Gerfen [mailto:[EMAIL PROTECTED] Sent: Friday, February 24, 2006 10:27 PM To: PHP General (E-mail) Subject: [PHP] $_POST to function? I am not sure why this is not working. Aren't $_POST vars superglobals? I am trying to pass the $_POST array as an argument to a function and nothing is being returned. Any help is appreciated. return global_template( 3, $_POST, count( $_POST ), $message ); function global_template( $cmd, $args, $num, $message ) { echo pre; print_r( $args ); echo /pre; } Well as I pass $_POST to the global_template function I am not seeing anything in the $args array in the global_template function. And to this point I still have not figured out why. -- Jason Gerfen When asked what love is: Love is the Jager talking. ~Craig Baldo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] $_POST to function? [SOLVED]
Peter Lauri wrote: http://th.php.net/manual/en/function.return.php -Original Message- From: Jason Gerfen [mailto:[EMAIL PROTECTED] Sent: Saturday, February 25, 2006 12:29 AM To: Peter Lauri Cc: php-general@lists.php.net Subject: Re: [PHP] $_POST to function? Peter Lauri wrote: Is the function actually returning anything? Aren't you just echoing the content of the $_POST? -Original Message- From: Jason Gerfen [mailto:[EMAIL PROTECTED] Sent: Friday, February 24, 2006 10:27 PM To: PHP General (E-mail) Subject: [PHP] $_POST to function? I am not sure why this is not working. Aren't $_POST vars superglobals? I am trying to pass the $_POST array as an argument to a function and nothing is being returned. Any help is appreciated. return global_template( 3, $_POST, count( $_POST ), $message ); function global_template( $cmd, $args, $num, $message ) { echo pre; print_r( $args ); echo /pre; } Well as I pass $_POST to the global_template function I am not seeing anything in the $args array in the global_template function. And to this point I still have not figured out why. Figured it out, typo. I must have fat fingers today. Thanks everyone. -- Jason Gerfen When asked what love is: Love is the Jager talking. ~Craig Baldo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] databases, loops and tables oh my...
Not sure about this one, I am trying to execute a SQL query to retrieve records then loop over the records and display X amount per line. Any help is appreciated. $sql = @mysql_query( SELECT * FROM subnets, $db ); $num = @mysql_num_rows( $sql ); $subnets .= table width=\100%\trtd bgcolor=\#C10202\ class=\fntTR\ colspan=\$num\Subnets and global parameters for each/td/trtr; $i = 1; while( $list = @mysql_fetch_array( $sql ) ) { list( $id, $subnet, $mask, $dns01, $dns02, $router, $vlan, $scope, $range1, $range2, $vlan ) = $list; if( $i % 2 == 0 ) { $tr = /trtr; } if( $scope == no ) { $range1 = NULL; $range2 = NULL; } $subnets .= td valign=\top\ valign=\center\ table cellspacing=\3\ border=\0\ trtd colspan=\2\ align=\center\bu$vlan/u/b/td/tr trtdbSubnet:/b/tdtd$subnet/td/tr trtdbMask:/b/tdtd$mask/td/tr trtdbDNS:/b/tdtd$dns01/td/tr trtdbDNS:/b/tdtd$dns02/td/tr trtdbGateway:/b/tdtd$router/td/tr trtdbVlan:/b/tdtd$vlan/td/tr trtdbScope:/b/tdtd$range1nbsp;-nbsp;$range2/td/tr /table/td . $tr; $i++; } $subnets .= /tr/table; -- Jason Gerfen When asked what love is: Love is the Jager talking. ~Craig Baldo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] [How-to]flatfile New system with comments
John Nichel wrote: Nicholas Couloute wrote: How would I make a flatfile new systen with the ability for users to comment on the news selection (no login required)? Write the code for it. lol, too funny. The filesystem reference: http://us2.php.net/manual/en/ref.filesystem.php (this will help you with some of the runtime vars) To write a file use this function: http://us2.php.net/manual/en/function.fwrite.php To read in a file use this function: http://us2.php.net/manual/en/function.fopen.php There are quite a few internal functions PHP can help you read, write files with. HTH -- Jason Gerfen When asked what love is: Love is the Jager talking. ~Craig Baldo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php ajax
pete wrote: ello all, Im a beginner at php. but I was able to get this script to work. Now I am looking to have it automatically refresh itself using ajax every 10 seconds. Can somebody explain or show me how to do this. Thank you. PHP Code: | | | meta http-equiv=REFRESH content=10; URL=http://URL; This is what you are looking for. It is HTML, but it refreshes the page as needed. ?php $httpfile = file_get_contents('http://www.game-monitor.com/client/buddyList.php?uid=8654listid=0xml=1'); $doc = DOMDocument::loadXML($httpfile); $myBuddyNodes = $doc-getElementsByTagName('buddy'); /not neccessary, but im using it $nameStatusDoc = new DOMDocument('1.0', 'iso-8859-1'); $rootElement = $nameStatusDoc-createElement('PetesList'); $rootElement = $nameStatusDoc-appendChild($rootElement); / echo table border = '0' cellpadding= '2' bgcolor='#616042'\ntheadtrth/thth/thtr/thead\n; foreach ($myBuddyNodes as $node) { echo tr; echo tdfont size='-1'.$node-firstChild-nextSibling-nodeValue./font/td; if($node-firstChild-nextSibling-nextSibling-nextSibling-nodeValue == Online) | -- Jason Gerfen When asked what love is: Love is the Jager talking. ~Craig Baldo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP Application Vuln. Testing
I have a question which as of yet I am unable to find any information about from googling. Lets say you have just written a fairly robust PHP/MySQL application and would like to put it on your production server. For reasons of clarification lets say this application handles sensitive customer data including credit infromation, so it is imperitive that the data remain secure and during the development process at every turn you went through great lengths to filter data on forms, URL's file uploads etc. Is there any product available, commercial or free which performs source code auditing which *specificly searches PHP code for SQL, XSS type of attacks or vulnerabilities? TIA. -- Jason Gerfen the life you live ignoring who, ignoring who you're giving money to. and you, you support the corrupt industries and companies who dont think to care. guilty...guilty...guilty by ignorance. no feeling... no substance... killing... you're killing through your ignorance. ~ Snapcase -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Application Vuln. Testing
Richard Davey wrote: On 7 Feb 2006, at 16:54, Jason Gerfen wrote: Is there any product available, commercial or free which performs source code auditing which *specificly searches PHP code for SQL, XSS type of attacks or vulnerabilities? TIA. No. But there are people who can perform the service for you (Brainbulb, Hardened PHP, etc) Cheers, Rich -- http://www.corephp.co.uk Zend Certified Engineer PHP Development Services Hmm, I found one but it seems it is still in beta. http://www.codescan.com/product.html I have done some of my own auditing but the application I have been working on is nothing but form after form. At each point the form is submitted I do sanity checks on the data to ensure that 1) it is being submitted from a page on the server. 2) that it doesn't contain script|object|embed type of code or SQL syntax. 3) that the specified length of the submitted data is of a certain length. Can anyone on this list perhaps engage this conversation? I am bringing up this topic, not just for the application I am working on but for the information to be spread to other developers. Any code examples, tips, resources etc., is appreciated. -- Jason Gerfen the life you live ignoring who, ignoring who you're giving money to. and you, you support the corrupt industries and companies who dont think to care. guilty...guilty...guilty by ignorance. no feeling... no substance... killing... you're killing through your ignorance. ~ Snapcase -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mcrypt
Duffy, Scott E wrote: Trying to encrypt then decrypt text with php using mcrypt. The encrypt seems to work but when I decrypt it with a different script I get most of it but some garbage. Using blowfish. So to test. Encrypt.php $iv_size = mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_ECB); $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); $key = This is a very secret key; $text = Meet me at 11 o'clock behind the monument.; //echo strlen($text) . \n; $crypttext = mcrypt_encrypt(MCRYPT_BLOWFISH, $key, $text, MCRYPT_MODE_ECB, $iv); echo $crypttext. \n; decrypt.php $server = $_SERVER['SERVER_NAME']; $url = 'http://'.$server.'/encrypt.php'; $fh = fopen($url,'r') or die (cant open: $php_errormsg); $new_string=; while (! feof($fh)) { $new_string = $new_string.rtrim(fgets($fh,4096)); } $enc=$newstring; $iv_size = mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_ECB); $enc=$_POST['text']; $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); $key = This is a very secret key; $text = Meet me at 11 o'clock behind the monument.; //echo strlen($text) . br; $crypttext = mcrypt_decrypt(MCRYPT_BLOWFISH, $key, $enc, MCRYPT_MODE_ECB, $iv); echo $crypttextbr; I get from decrypt Meet me at 11 o'clock behind the monumen3ýÚ·nÃtbr Is it doing some padding or something? When I encrypt/decrypt same script it works fine. Maybe something to do with these? $iv_size = mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_ECB); $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); Thanks, Scott Duffy Look at trim(). And your right it does have to do with using ECB. -- Jason Gerfen The charge that he had insulted Turkey's armed forces was dropped, but he still faces the charge that he insulted Turkishness, lawyers said. ~ BBC News Article -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Blocking Values From an External Source
Or try $defined['hostname'] = ALLOWED_DOMAIN_NAME; if ($_SERVER['SERVER_NAME'] != $defined['hostname']) { echo Not from my domain pal; } Michael Hulse wrote: On Dec 16, 2005, at 11:50 AM, Shaun wrote: I have a script on my site for processing values sent from a contact form and emailing them to the webmaster. The script has been abused by spammers and my hosting company has recommended that I change the script to only accept information posted from my own URL. Could someone tell me how this can be done please? Hello, Maybe try using: $_SERVER['DOCUMENT_ROOT'] Or, something similar. http://us2.php.net/reserved.variables Hth, Cheers, Micky -- Jason Gerfen Oh I have seen alot of what the world can do, and its breaking my heart in two... ~ Wild World, Cat Stevens -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Anyone getting bounces from
Yeah, I am recieving the same. Jay Blanchard wrote: [EMAIL PROTECTED] ? I am getting failure notices out the wazoo for some very old messages to the general list. -- Jason Gerfen Oh I have seen alot of what the world can do, and its breaking my heart in two... ~ Wild World, Cat Stevens -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Preventing Cross Site Scripting Vulnerbilities
comex wrote: Similarly is there a library function for escaping database content for inclusion in HTML pages? http://php.net/htmlspecialchars http://php.net/htmlentities Or roll your own and replace the eregi regex with data that is valid to your application: function chk_input( $string ) { if( eregi( ^[0-9a-z_ -]$, $string ) ) { return 0; } else { return 1; } } if( chk_input( $string ) == 0 ) { echo valid; } else { echo invalid; } -- Jason Gerfen Oh I have seen alot of what the world can do, and its breaking my heart in two... ~ Wild World, Cat Stevens -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] if statement help
I am trying to determine if it is worth my time to attempt a if statement similar to the following. I am asking because I have not found any references to something like this: if( ( !empty( $var1 ) ) || ( if( !empty( $var2 ) ) ( !empty( $var3 ) ) ) || ( $var1 == something ) ) { // do something fancy } -- Jason Gerfen My girlfriend threated to leave me if I went boarding... I will miss her. ~ DIATRIBE aka FBITKK -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] regex and global vars problem
I am having a problem with a couple of function I have written to check for a type of string, attempt to fix it and pass it back to the main function. Any help is appreciated. ?php /* * ex. 00:AA:11:BB:22:CC */ function chk_mac( $mac ) { if( ( eregi( ^[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}$, $mac ) ) || ( !eregi( ^[0-9a-fA-F]$, $mac ) ) { return 0; } else { return 1; } } /* * check validity of MAC do replacements if necessary */ function fix_mac( $mac ) { global $mac; if( eregi( ^[0-9A-Fa-f-\:]$, $mac ) ) { $mac1 = $mac; echo MAC: $mac1br; } /* strip the dash replace with a colon */ if( eregi( ^[0-9A-Fa-f]{2}\-[0-9A-Fa-f]{2}\-[0-9A-Fa-f]{2}\-[0-9A-Fa-f]{2}\-[0-9A-Fa-f]{2}\-[0-9A-Fa-f]{2}$, $mac ) ) { $mac1 = preg_replace( /\-/, :, $mac ); echo MAC: $mac1br; } /* add a colon for every two characters */ if( eregi( ^[0-9A-Fa-f]{12}$, $mac ) ) { /* split up the MAC and assign new var names */ @list( $mac_1, $mac_2, $mac_3, $mac_4, $mac_5, $mac_6 ) = @str_split( $mac, 2 ); /* put it back together with the required colons */ $mac1 = $mac_1 . : . $mac_2 . : . $mac_3 . : . $mac_4 . : . $mac_5 . : . $mac_6; echo MAC: $mac1br; } return $mac1; } // do our checks to make sure we are using these damn things right $mac1 = 00aa11bb22cc; $mac2 = 00-aa-11-bb-22-cc; $mac3 = 00:aa:11:bb:22:cc; $mac4 = zz:00:11:22:ff:xx; if( chk_mac( $mac1 ) != 0 ) { $mac = fix_mac( $mac1 ); echo $mac1 . converted to . $mac . br; } else { echo $mac1 is valid.br; } if( chk_mac( $mac2 ) != 0 ) { $mac = fix_mac( $mac2 ); echo $mac2 . converted to . $mac . br; } else { echo $mac2 is valid.br; } if( chk_mac( $mac3 ) != 0 ) { $mac = fix_mac( $mac3 ); echo $mac3 . converted to . $mac . br; } else { echo $mac3 is valid.br; } if( chk_mac( $mac4 ) != 0 ) { $mac = fix_mac( $mac4 ); echo $mac4 . converted to . $mac . br; } else { echo $mac4 is valid.br; } ? -- Jason Gerfen My girlfriend threated to leave me if I went boarding... I will miss her. ~ DIATRIBE aka FBITKK -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] regex and global vars problem
Um I did actually, but I will re-interate the problem with more detail. the vars $mac1, $mac2, $mac3 are to get passed to the chk_mac() function which determines if it is a valid hex representation of a h/w address, if it does not meet the criteria of having a : separating every two characters it then passes the var to the fix_mac() function which attempts to fix the string or h/w address by either replacing any - with a : or to break the h/w address up and insert a : every two characters. I also believe this is the one you should be playing with as the last post I added a new regex which wasn't working. Any help is appreciated. ?php /* * function to check validity of MAC address for the ISC DHCPD daemon * ex. 00:AA:11:BB:22:CC */ function chk_mac( $mac ) { if( ( eregi( ^[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}$, $mac ) ) { return 0; } else { return 1; } } /* * check validity of MAC do replacements if necessary */ function fix_mac( $mac ) { global $mac; if( eregi( ^[0-9A-Fa-f-\:]$, $mac ) ) { $mac1 = $mac; echo MAC: $mac1br; } /* strip the dash replace with a colon */ if( eregi( ^[0-9A-Fa-f]{2}\-[0-9A-Fa-f]{2}\-[0-9A-Fa-f]{2}\-[0-9A-Fa-f]{2}\-[0-9A-Fa-f]{2}\-[0-9A-Fa-f]{2}$, $mac ) ) { $mac1 = preg_replace( /\-/, :, $mac ); echo MAC: $mac1br; } /* add a colon for every two characters */ if( eregi( ^[0-9A-Fa-f]{12}$, $mac ) ) { /* split up the MAC and assign new var names */ @list( $mac_1, $mac_2, $mac_3, $mac_4, $mac_5, $mac_6 ) = @str_split( $mac, 2 ); /* put it back together with the required colons */ $mac1 = $mac_1 . : . $mac_2 . : . $mac_3 . : . $mac_4 . : . $mac_5 . : . $mac_6; echo MAC: $mac1br; } return $mac1; } // do our checks to make sure we are using these damn things right $mac1 = 00aa11bb22cc; $mac2 = 00-aa-11-bb-22-cc; $mac3 = 00:aa:11:bb:22:cc; $mac4 = zz:00:11:22:ff:xx; if( chk_mac( $mac1 ) != 0 ) { $mac = fix_mac( $mac1 ); echo $mac1 . converted to . $mac . br; } else { echo $mac1 is valid.br; } if( chk_mac( $mac2 ) != 0 ) { $mac = fix_mac( $mac2 ); echo $mac2 . converted to . $mac . br; } else { echo $mac2 is valid.br; } if( chk_mac( $mac3 ) != 0 ) { $mac = fix_mac( $mac3 ); echo $mac3 . converted to . $mac . br; } else { echo $mac3 is valid.br; } if( chk_mac( $mac4 ) != 0 ) { $mac = fix_mac( $mac4 ); echo $mac4 . converted to . $mac . br; } else { echo $mac4 is valid.br; } ? Jasper Bryant-Greene wrote: On Wed, 2005-10-26 at 11:15 -0600, Jason Gerfen wrote: I am having a problem with a couple of function I have written to check for a type of string, attempt to fix it and pass it back to the main function. Any help is appreciated. [snip] Would you mind telling us what the problem was? -- Jason Gerfen My girlfriend threated to leave me if I went boarding... I will miss her. ~ DIATRIBE aka FBITKK -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] regex and global vars problem
The code I just showed you is supposed to do the following, the chk_mac() returns a true or false on the vars $mac1, $mac2 and $mac3. $mac3 is the only var that should not be thrown into the fix_mac() function which is working correctly. The problem is when $mac1 and $mac2 get put into the fix_mac() function nothing is being returned. I am not recieving any error codes, just an empty var. Sample output: 00aa11bb22cc converted to 00-aa-11-bb-22-cc converted to 00:aa:11:bb:22:cc is valid. As you can see $mac3 is a valid example of a h/w address where $mac1 $mac2 were returned from the fix_mac() function as an empty string. Jasper Bryant-Greene wrote: On Wed, 2005-10-26 at 12:07 -0600, Jason Gerfen wrote: Um I did actually, but I will re-interate the problem with more detail. the vars $mac1, $mac2, $mac3 are to get passed to the chk_mac() function which determines if it is a valid hex representation of a h/w address, if it does not meet the criteria of having a : separating every two characters it then passes the var to the fix_mac() function which attempts to fix the string or h/w address by either replacing any - with a : or to break the h/w address up and insert a : every two characters. I also believe this is the one you should be playing with as the last post I added a new regex which wasn't working. OK, you've told us what your code does. Now can you explain what the problem is? A new regex which wasn't working is a bit vague. * Does it throw an error? - If so, can we have the error message? * Does it mark invalid strings as valid? - Or vice versa? Just posting a pile of code with an explanation of what it does and leaving the rest of us to figure out what the problem is, is not helping us to help you. -- Jason Gerfen My girlfriend threated to leave me if I went boarding... I will miss her. ~ DIATRIBE aka FBITKK -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] str_split() and errors?
I am recieving this error in the logs when attempting to split strings with str_split(). I am not sure but isn't this a default function for PHP, as in there aren't any dependant packages involved during the ./confgure time? Errors: PHP Fatal error: Call to undefined function: str_split() in file.php on line 21 -- Jason Gerfen My girlfriend threated to leave me if I went boarding... I will miss her. ~ DIATRIBE aka FBITKK -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Question on functions
John Holmes wrote: Jason wrote: My question is in regard to passing global variables to a function. Here is my code, any idea why it is not working? I suppose my understanding of a global variable being able to be used within a function is off? global $array = array( 0 = hostname, 1 = username, 2 = password ); function database() { You need to declare it global within the function... function database() { global $array; ... thanks, it figures it is something easy like that... =) -- Jason Gerfen [EMAIL PROTECTED] And remember... If the ladies don't find you handsome, they should at least find you handy... ~The Red Green show -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Remote computer name?
So in that case there isn't a $_SERVER function to gather the remote computer name? Jas John Nichel wrote: Jas wrote: I am at a loss here but doesn't $_SERVER['HTTP_HOST'] return the remote computer name? [Snippit used] $ipaddy = $_SERVER['REMOTE_ADDR']; $host = $_SERVER['HTTP_HOST']; // as of now it is getting the name of the server (i.e. localhost, 168.2.2.1) jas HTTP_HOST returns the name (or ip) of the machine on which php is running. REMOTE_ADDR will return the ip of the client accessing the document. -- Jason Gerfen Student Computing Group Marriott Library University of Utah (801) 585-9810 [EMAIL PROTECTED] I'm not a robot like you. I don't like having disks crammed into me... unless they're Oreos, and then only in the mouth. ~Phillip J. Fry -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php