Re: [PHP] checking for and enforcing https
If you are running Apache you could use a rewrite rule for such a case.
Example below
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(my|folder|examples) /https/://%{HTTP_HOST}%{REQUEST_URI}
[R=301,L]
Aleksander
Per Jessen wrote:
tedd wrote:
Sometimes I feel like a child here.
Under what circumstances would one require that?
If your script is in a https directory, isn't that secure? OR, is
this something else?
Please explain.
You might want to do such checks if your website (www.example.com) is
accessible over http and https both. Typically you'll have separate
content, but it might be possible for a user to accidentally access
non-secure content over https which is just wasteful, or vice versa
which is clearly a security risk.
/Per Jessen, ZĂĽrich
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] crc check for JPEG file exists
I would rather use md5_file() for file uniqueness. Aleksander Olav Mřrkrid wrote: hello is crc32() an acceptable way of managing whether a JPEG file exists (in a database or similar collection)? i mean doing a crc32() on the binary data of the JPEG file, and then check the database if there is already another entry with the same CRC. the database has relatively few images (some thousands). is there any chance of collision (two different JPEG images generating the same CRC) that is anywhere near likely, or is this extremely remote? advice would be appreciated. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Uploading PDF
Upload error 2 occurs when the file size exceeds the maximum allowed
upload size.
Aleksander
David Robley wrote:
Pastor Steve wrote:
Greetings,
I am getting an error when I am trying to upload a PDF file through a
script.
When I do a print_r($_FILES) I get the following:
Array
(
[userfile] = Array
(
[name] = document.pdf
[type] =
[tmp_name] =
[error] = 2
[size] = 0
)
)
Docs and html will both upload. Anybody have an idea why?
Here is the script that I am using:
?php
// In PHP versions earlier than 4.1.0, $HTTP_POST_FILES should be used
instead
// of $_FILES.
$uploaddir = '../cms/documents/';
$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
$filename = $_FILES['userfile']['name'];
echo bFile is valid, and was successfully uploaded./b\n
br /Select and copy the link below to reference this file.p /
prelt;a href=\documents/$filename\gt;$filenamelt;/agt;/prep
/
bWARNING:/b This link will not be available anywhere else.
;
} else {
echo Possible file upload attack!\n;
}
echo 'pre';
echo 'Here is some more debugging info:';
print_r($_FILES);
print /pre;
?
Thanks,
The error number tells you what is happening - check the values at
http://php.net/manual/en/features.file-upload.errors.php
Essentially, the file is bigger than the MAX_FILE_SIZE directive that was
specified in the HTML form
Cheers
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Template system in PHP
Because its painful and fun at the same time :) Aleksandar Quoting Nate Tallman [EMAIL PROTECTED]: Ditto on Eval() PHP is already a templating system. Why go the long way around? On Feb 12, 2008 10:13 AM, Greg Donald [EMAIL PROTECTED] wrote: On 2/12/08, Xavier de Lapeyre [EMAIL PROTECTED] wrote: Do any of you guys gurls know of a way to implement that template system. eval() is my favorite templating engine. http://php.net/eval -- Greg Donald http://destiney.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Question about development
Could you explain this a little better - ...into using a database[1] for storing the pages and using browser sniffing to find out what language preference they currently had selected to display in that language? Aleksandar Quoting Jason Pruim [EMAIL PROTECTED]: On Feb 12, 2008, at 1:03 PM, Nathan Rixham wrote: Jason Pruim wrote: Hi Everyone, I know this isn't 100% on topic... But when is any post to this list 100% on topic? :) I've been doing some googling trying to find info on how to plan for what a website needs. Stuff like Does it need a forum, live support, database driven etc. etc. Does anyone have a form that they use to give to the client asking them to outline some ideas that they have about the website? What I'm looking for is something that I could give to a potential client and ask them to describe some basic aspects of their target audience, a rough idea of what they want it to look like, or at least other sites that they like. Stuff like that.. Even if you don't have such a form, I'm sure you all have standard questions you ask each client before giving a quote :) Anyone want to share with the class? If there is interest, I may even put it together on a webpage to help future people :) -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424 www.raoset.com [EMAIL PROTECTED] I always take the simple approach, ask them what they want to achieve/expect from the website. Then verbally work backwards with them to figure out what the website needs in order to reach the clients goal. (personally) In all honesty I'd stay away from any kind of form, as they'll just pick nice to have boxes and end up with something overpriced, not suited to there needs and you'll get complaints in 6 months time. hope that makes sense! ps: the only thing I've found useful that way after many years, is to make the base site structure with very short text descriptions on each page + links to the next page | and for god sake, leave the home page will very very last! Nathan Hey Nathan, Thanks for the reply. I'm just getting more and more into freelance web work and have my first client asking for a quote. Before now, it's all been internal applications, and the companies website that I have worked on. Nothing for other people. I was actually thinking that the form would be for me to make sure I covered the basics... I'm alot better if I have something written down and I can ask the client Do you need to support multiple languages? Which to me then, would lead me into using a database[1] for storing the pages and using browser sniffing to find out what language preference they currently had selected to display in that language :) [1] As I was typing this I realized that maybe a database isn't the best idea for that, but it's the only way I can think of. Anyone who wants to give me another option is more then welcome to do so! -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424 www.raoset.com [EMAIL PROTECTED] --Email and Googletalk/Jabber IM ID. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Empty Array?
I think the $lock_result is just a resource #id you haven't fetched any data
yet. True?
Aleksander
Dan Shirah wrote:
Ah, what a lovely case of the Friday morning brain farts!
I have a query that selects some data from a table based on the current ID
selected.
If the query does not return any results, I want it to continue to another
query that will insert a record into the table.
Below is what I have...but it will not insert anything if the first query
does not find a match.
?php
$request_id = $_GET['id'];
$current_user = substr($_SERVER['AUTH_USER'], 13);
$lock_query = SELECT id, locked_by_user FROM locked_payments WHERE id =
'$request_id';
$lock_result = mssql_query($lock_query) or die(mssql_get_last_message());
if (empty($lock_result)) {
$set_lock = INSERT into locked_payments (
id,
locked_by_user)
VALUES
('$request_id',
'$current_user');
mssql_query($set_lock) or die (Insert failed: br
/.mssql_get_last_message());
}
?
Any ideas on what I'm doing wrong? My guess is that (empty($lock_result))
is probably not the correct way to check if an array is empty?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] error messages
try putting this on the top of your PHP page ?php error_reporting(E_ALL); ? tbt wrote: yes it is pscott wrote: On Fri, 2007-10-05 at 00:32 -0700, tbt wrote: I added the following lines to the top of my script but still no error messages show up on the browser. When a php error occurs the entire page is still shown blank. Is your script *supposed* to output something? --Paul All Email originating from UWC is covered by disclaimer http://www.uwc.ac.za/portal/uwc2006/content/mail_disclaimer/index.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] error messages
Maybe display errors is set on off?
?
ini_set('display_errors','1');
?
Aleksander
tbt wrote:
yes it is
pscott wrote:
On Fri, 2007-10-05 at 00:32 -0700, tbt wrote:
I added the following lines to the top of my script but still no error
messages show up on the browser.
When a php error occurs the entire page is still shown blank.
Is your script *supposed* to output something?
--Paul
All Email originating from UWC is covered by disclaimer
http://www.uwc.ac.za/portal/uwc2006/content/mail_disclaimer/index.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Empty Array?
$request_id = $_GET['id']; --- I suppose this would be an int. True? If
so then add:
?php
$request_id = intval($_GET['id']);
?
Aleksandar
marek wrote:
Even better:
?php
$request_id = $_GET['id'];
$current_user = substr($_SERVER['AUTH_USER'], 13);
$lock_query = SELECT id, locked_by_user FROM locked_payments WHERE id =
'$request_id';
$lock_result = mssql_query($lock_query) or die(mssql_get_last_message());
$lock_row = mssql_fetch_array($lock_result);
if (empty($lock_row)) {
$lock_id = $lock_row['id'];
$lock_user = $lock_row['locked_by_user'];
$set_lock = INSERT into locked_payments (
id,
locked_by_user)
VALUES
('$request_id',
'$current_user');
mssql_query($set_lock) or die (Query failed: br
/.mssql_get_last_message());
}
?
Dan Shirah wrote:
Okay, gotcha!
I changed it to this and it works:
?php
$request_id = $_GET['id'];
$current_user = substr($_SERVER['AUTH_USER'], 13);
$lock_query = SELECT id, locked_by_user FROM locked_payments WHERE id =
'$request_id';
$lock_result = mssql_query($lock_query) or
die(mssql_get_last_message());
$lock_row = mssql_fetch_array($lock_result);
$lock_id = $lock_row['id'];
$lock_user = $lock_row['locked_by_user'];
if (empty($lock_row)) {
$set_lock = INSERT into locked_payments (
id,
locked_by_user)
VALUES
('$request_id',
'$current_user');
mssql_query($set_lock) or die (Query failed: br
/.mssql_get_last_message());
}
?
Thanks! :)
On 10/5/07, Aleksandar Vojnovic [EMAIL PROTECTED] wrote:
I think the $lock_result is just a resource #id you haven't fetched any
data yet. True?
Aleksander
Dan Shirah wrote:
Ah, what a lovely case of the Friday morning brain farts!
I have a query that selects some data from a table based on the
current
ID
selected.
If the query does not return any results, I want it to continue to
another
query that will insert a record into the table.
Below is what I have...but it will not insert anything if the first
query
does not find a match.
?php
$request_id = $_GET['id'];
$current_user = substr($_SERVER['AUTH_USER'], 13);
$lock_query = SELECT id, locked_by_user FROM locked_payments WHERE
id =
'$request_id';
$lock_result = mssql_query($lock_query) or
die(mssql_get_last_message());
if (empty($lock_result)) {
$set_lock = INSERT into locked_payments (
id,
locked_by_user)
VALUES
('$request_id',
'$current_user');
mssql_query($set_lock) or die (Insert failed: br
/.mssql_get_last_message());
}
?
Any ideas on what I'm doing wrong? My guess is that
(empty($lock_result))
is probably not the correct way to check if an array is empty?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] A two flavored post
This might be a way to do it:
*Example 1*
script
function appendMeBaby(aVar){
self.location.href = 'img.php?s=' + aVar +
'someOtherVar=itIsMeTheValue';
}
/script
a href=javascript:appendMeBaby(?php echo($value);?);Click here/a
*Example 2*
script
function appendMeBaby(aVar, bVar){
self.location.href = 'img.php?s=' + aVar + 'someOtherVar=' + bVar;
}
/script
a href=javascript:appendMeBaby(?php echo($value);?,
'itIsMeTheOtherValue');Click here/a
Hope this helps
Aleksandar
Daniel Brown wrote:
On 10/5/07, tedd [EMAIL PROTECTED] wrote:
At 11:18 PM -0400 10/4/07, Nathan Nobbe wrote:
On 10/4/07, tedd mailto:[EMAIL PROTECTED][EMAIL PROTECTED] wrote:
Hi gang:
I asked this question on the javascript list, but for some reason
it's taking forever to post there. So, I figured that I would ask
here as well.
I'm currently sending data (the value of s) to another script via the
html statement:
a href=img.php?s=?php echo($value);?Click here/a
However, I need to add another variable, namely a javascript
variable, to the GET string.
How can I send both a php and a javascript variable together at the same time?
the question is when is the variable you want to append available to
the javascript.
as soon as you get the variable in the javascript the next thing you
can do is append
it to the value of the href attribute of the a tag.
html
head
script type=text/javascript
window.onload = function() {
var someLinkHref = document.getElementById('someLink').href;
someLinkHref += anotherVar=8;
alert(someLinkHref);
}
/script
/head
body
a id=someLink href=
http://somesite.com?a=5http://somesite.com?a=5;
click here
/a
/body
/html
if you want to use the onclick event handler as rob suggested, you
could stash the variable in the Window global object, then reference
it in the implementation of the onclick function (though i still
have mixed feelings about that approach [the Window object part that
is]).
-nathan
-nathan:
Your example worked very well to provide an alert showing exactly
what I needed to be in the href string. However, it didn't work to
actually alter the actual link href string -- even when I commented
out the alert. IOW, it remained:
http://somesite.com?a=5http://somesite.com?a=5
instead of:
http://somesite.com?a=5http://somesite.com?a=5anotherVar=8
I like the idea of keeping the code unobtrusive and working as it did
-- I just need it to work as a link.
Any ideas? This is so close.
Cheers,
tedd
--
---
http://sperling.com http://ancientstones.com http://earthstones.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Tedd, try this (it's also live and working at
http://www.crusar.org/test.php):
?
$s = $_GET['s'];
?
script language=JavaScript
function writeHREF(value,title) {
var url = http://www.crusar.org/test.php;;
var currentTime = new Date();
var month = currentTime.getMonth();
var day = currentTime.getDate();
var year = currentTime.getFullYear();
var jsvalue = month + '/' + day + '/' + year;
document.write('a href=' + url + '?s=' + value + 'jsvalue='
+ jsvalue + '' + title + '/a');
}
/script
This is where your JS link will appear, Tedd:
script language=JavaScript
writeHREF('?=$s;?','Test Link');
/script
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] inserting ´ in a db
Pick one: http://si2.php.net/manual/en/function.htmlentities.php http://si2.php.net/manual/en/function.addslashes.php http://si.php.net/mysql_escape_string Aleksandar Yamil Ortega wrote: Hi list, good day. I have a simple script that inserts text on a mysql table, that has a field named description and the type is text. Everting works fine, except when I try to insert a text that includes a simple quote. For example Yamil´s car I send the character string to a variable and then insert into a query. But the mysql says that something is wrong with the query because the quote after the l looks like the end of the string, and “s car” doesn`t look like a valid part of the query. Can anyone help me out, how to handle this error? Thanks Yamil -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: the opposite of a join?
I would also suggest to limit yourself to things you actually need not to select the whole table. Aleksandar Jim Lucas wrote: Colin Guthrie wrote: Martin Marques wrote: SELECT * FROM company WHERE id NOT IN (SELECT companyID FROM contacts); Not ideal as has been mentioned else where in this thread. Col I think one would have to take into account the DB type being used here. I can have MySQL and PostgreSQL setup and running with the same table structure (well, as close as you can get) configured with two different databases in them. SQL #1SELECT* FROMcompany WHEREid NOT IN( SELECTcompanyID FROMcontacts ); SQL #2 SELECTcompany.* FROMcompany LEFT JOIN contacts ON( company.companyID = contacts.companyID ) WHEREcontacts.companyID IS NULL Now, both SQL statements will perform relatively the same on either DB's with a small data set. but, if you have a large data set, MySQL will benefit from having the Sub-Query style statement Where-as PostgreSQL will shine with the JOIN command. This is only from my own personal testing. Mind you that I have only been using PostgreSQL for a year or so. But one problem that I have always ran into with MySQL is that when JOIN'ing tables that have large data sets is a PITA. So, if I was running MySQL, I would use SQL #1, but if I were using PostgreSQL, I would use SQL #2 If anybody else has suggestions or comments about performance between MySQL vs. PostgreSQL with regards to similarly formed SQL calls, I would like to hear their experiences. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: [PHP-DB] Re: [PHP] Re: the opposite of a join?
It seems you missed my point :) if you would need all the data then select them all, but if you need only partial data from the table then you could limit yourself to that specific columns. I doubt everybody need everything all the time. True? Aleksandar Chris wrote: Aleksandar Vojnovic wrote: I would also suggest to limit yourself to things you actually need not to select the whole table. In this case you can't because you're looking for records that exist in one table that don't exist in another. Apart from looking at the whole table in each case how else would you do that? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Public Announcement
Hahaha oh wow. -Xander Stut wrote: Sascha Braun - CEO @ Braun Networks wrote: hi stut, thank you for your advices. Ok, just so it's perfectly clear to you... I'm taking the piss. Still, since you provided apparently serious answers I'm going to continue to enjoy myself... - Screentexts are texts shown as link texts or descriptions in forms and other page elements which remain static in one language area. The screentexts are getting replaced by they' re coresponding translations as the user selects a different language. Wow, a multi-lingual website, how innovative of you. And look, you gave the text on the page a name, how twee. - The Google standard, of websites describes, that Query URL's like ?param1=XYZparam2=123 or as in $_SERVER['QUERY_STRING'] are not human readable, which makes them not acceptable as valid content links. Nope, sorry, not a standard. When you claim something is standards compliant you really should make sure the standards it's complying with are actually standards backed by a reputable organisation. But as I am pretty familar with search engine optimisation, my system is creating metatags for every page, h1 tags are used for headlines, h2 tags for subheads and so on. Please, for the love of $DEITY get yourself an English spelling checker and use it. I'd also recommend a grammar checker. If you are a professional in search engine optimisation, you will not find any weakness in my application anymore. Its happending absolutely automatically the authors don't have to do anything, for make it happen. Stopword lists like in my- sql are removing useless keywords and so on. Wow, so the user doesn't need to worry about URLs or SEO optimisation. You truly have created a masterpiece. As Gavin pointed out this sounds a lot like a CMS and not a framework. - Yes, my system is the only application framework worldwide with its capabilities. I added a neural networking functionality which makes it possible to autodecide which contents are inte- resting for the viewers on a page. Yeah, sorry to destroy your delusions of grandeur, but that's not even slightly unique (not that uniqueness has multiple levels, but I'm using some artistic licence). I'm also fairly certain it's covered by numerous patents, so you might not want to shout about it too loudly. Fx: If a user is allergic, no products containing large amounts of the alergen are shown in the shop anymore. As well it is possi- ble to create psychological profiles from the users of the system during the runtime of the application. Sold!! I have read a paper from the department of defence, from year 2004. I first read it in the early beginning of this year. I figured out, that my application framework is the perfect psynet application for performing psychological operations over the internet. I guess I developed one of the biggest weapon systems available now a days. I really have nothing useful to say here. If you can't see how ridiculous (and hilarious) such a claim is then there really is no hope. - As a blogging standard I would describe websites which contain a linklist to the left or the right of the blogs content as well as a calender and a search field. I guess this makes a blog. Again, not a standard. The term Weblog (from which the word blogging is derived) is (according to Wikipedia) a web-based publication consisting primarily of periodic articles (normally in reverse chronological order). There is no requirement for a particular page layout or for specific page elements to be present. - The shop system is widely using ajax for performing fast shopping actions, its possible to use videos or audiofiles as product descip- tion media, as well as soon you change product parameters these me- dias are getting replaced by different color media or size images as what ever you could think of. Again with the uniqueness - you're on fire! A customisable shop for your website, whatever will you geniuses think of next. And as well my system is using XLinks, which means, you add a link to a document, you are able to select the target document from one of the content modules, automatically the headline of the target document is used as link description and as well the link is shown as a nonquery url, like: http://www.domain.com/en/magazin/something-new/while-i-wrote-it-here.html Ah, so by nonquery you actually mean without a query string. Not really the same thing so I'm glad you cleared up the confusion. Done without mod_rewrite. Being serious for a second (don't worry, it's just for a second), how is this accomplished? I know there are several ways to do this but I'd be interested to know which you are using and what you have against mod_rewrite. I hope I answered all your questions. That would be a bit of a stretch, but I appreciate the effort. Best Regards, Yours sarcastically, -Stut Am Montag, den 10.09.2007, 16:39 +0100 schrieb Stut: Things to
Re: [PHP] remove page referrer
You can not control this, but you might be able to control the page
where the user is going back through the third page :)
like this:
page 1: submit to page 2
page 2: header('Location: /page 3');
page 3: the final page
if the user clicks back he is going to end up on page 2 which has
location redirect to page 3. True?
-Xander
Stut wrote:
Shahrzad wrote:
I have 2 page ,when I go from first page to second page , I don't
want the user can back to first page where it come from. is there any
way to do this in php ? to remove or disactive
$_SERVER[HTTP_REFERER] in php?
No, this is not something the server (where PHP lives) can control.
Why do you think you need to do this?
-Stut
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
