Re: [PHP] Anyone using Aptana and Xdebug? Or other debugger recommendations besides Zend?
On 11/9/2009 11:42 PM, Ali Asghar Toraby Parizy wrote: On Mon, Nov 9, 2009 at 7:58 PM, Martin Scottawrote: On Mon, Nov 9, 2009 at 1:04 PM, Arno Kuhl wrote: -Original Message- From: Dave M G [mailto:mar...@autotelic.com] Sent: 09 November 2009 05:36 PM To: php-general@lists.php.net Subject: [PHP] Anyone using Aptana and Xdebug? Or other debugger recommendations besides Zend? PHP List, I won't go into a big rant about Zend, and instead simply say that while I was using Zend Studio to debug PHP pages since version 5.0. I was never really all that happy with it. It seemed to be the most complete debugging environment for PHP, so I put up with it. I will say that the Studio installation procedure has got better, but setting up a reliable debugging server has not. Now, the current version of Zend Studio (7.0) is based on Eclipse (I think since v6.0), and so I'm just not sure what I'm paying for anymore. Aptana Studio, also based on Eclipse has pretty much the exact same interface and can even connect to a Zend server. Since one of those is free, I can't see why I wouldn't switch. The issue for me is that paying for Zend hasn't really saved me much hassle, so even if Aptana has difficulties, at least they are free difficulties. The main failing point, so far as I can see, of Aptana/Xdebug, is a lack of good, clear, documentation (also note that Zend doesn't have great documentation either). Especially on how to set it up. I was wondering if anyone has used it and could provide a link or instructions on how to get the debugging environment up and running. Or, equally as valuable, would be recommendations on other debugging environments. The key is finding one that has a clear set of instructions for how to set it up (On Ubuntu/Debian Linux with a local LAMP server.) Thanks for any advice. Dave M G -- Dave, take a look at PhpED from Nusphere. I've used the Windows version very happily for the last 6 years. There is a Linux version but I haven't tried it so can't comment - from the forum I gather that most users use the Windows version. Debugging in PhpED is brilliant, but so is the rest of the IDE. I also looked at Zend Studio every now and then over the last few years to see how it was progressing, but wasn't that impressed. Cheers Arno -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Why anyone needs to buy a IDE for develop PHP code? You can use any text editor. I use SciTE. It is free and open source. It does not provide any tool of any kind. It just allow me to write code, and that's all I need. Also there are a lot of tools for development. And IDE is just a fat text editor with lot of tools on it, and in some cases it can make your development slower. You can improve your development with a set of lightweight tools, this is the linux style. -- Martin Scotta What do you think IDE is? Do you think you can build a real commercial application without debugging and project management tools? Okay, before the answers deviate from the topic, a few quick personal pointers. --> Zend IDE's good, but as you mention not _worth_ the price. --> I use a number of editors based on which system I am using at the time, and they range from vim to NetBeans to EclipsePDT (and sometimes an unregistered demo version of Zend 7). --> I prefer NetBeans-PHP and have it configured with XDebug. The configuration's fairly simple and documentation can help you do in several steps. Please search on NetBeans portal for the same. IMHO, the same steps can be replicated for even an Eclipse based IDE. --Bipin Upadhyay. http://projectbee.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to pronounce PHP code over the phone?
On 10/16/2009 9:31 PM, Dotan Cohen wrote: Wow! Here goes: Open-bracket, dollar item hypen greater-than, get service id, no all one word but with a capital S and I. Open and close brackets, question mark, dollar item again, then a hyphen and greater-than, that get service id and brackets bit again, exactly the same as last time; yes, capital S and I again. Colon, no the colon is the one with two dots, not dot and comma. Dollar item again, then hypen, greater-than, get id, with a capital I. Nope, no service bit this time. Now, open bracket and two closing brackets (I assumed the final two on your example were typos?!). now a semi-colon, yes the one with the comma. That's pretty much how I could foresee me telling someone this on the phone, but to be honest, I'd really prefer an email ;) So it really involves mentioning each character. I was hoping that there would be a shared language for constructs such as -> and the like. There are, what you'd call, technical jargon for them. However, it'd pretty obviously depend on the extent of knowledge of the person on other side of phone line. If she understands PHP objects, difference between OOP in PHP4 & PHP5, and ternary operator, things would be fairly simple. In any case, Ashley's nailed the foolproof technique for sure :) Thanks. -- Dotan Cohen http://what-is-what.com http://gibberish.co.il --Bipin Upadhyay. http://projectbee.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] RE: [Formaldehyde] The Most Basic Ajax - PHP Error Debugger
I do use FirePHP and your project looks interesting to evaluate. Will check it out in a couple of days. It would be more interesting if they really are complimentary. I think people who use FireBug's console API would be able to appreciate FirePHP/formaldehyde more. However, I do NOT deny the fact that not every project needs them. --Bipin Upadhyay. Andrea Giammarchi wrote: So nobody here debugs interaction and nobody uses Selenium for application tests ... fair enough. Would be nice to receive some response for those developers whose deal everyday with big/complex applications, 'cause here seems nobody i susing FirePHP or frameworks debuggers while numbers tell me the scenario is totally different. Regards Subject: RE: [PHP] RE: [Formaldehyde] The Most Basic Ajax - PHP Error Debugger From: a...@ashleysheridan.co.uk To: tedd.sperl...@gmail.com CC: an_...@hotmail.com; php-general@lists.php.net Date: Fri, 11 Sep 2009 15:39:12 +0100 On Fri, 2009-09-11 at 10:35 -0400, tedd wrote: At 3:27 PM +0200 9/11/09, Andrea Giammarchi wrote: That's a finished production site ... how did you debug during its development? 'Cause Formaldehyde is for development, not for production ... I guess you have implented your own error manager/debugger, right? What's to debug? The site -- http://webbytedd.com/a/ajax-site/ -- uses a very simple ajax script, namely: http://webbytedd.com/a/ajax-site/js/a.js Outside of that, everything else is done in php, html, and css, which is completely separate from ajax. I can create a very extensive and complicated site using that simple ajax routine without any alteration whatsoever. I don't need a debugger because I never touch the code. Now maybe I'm not getting it, but from my perspective ajax is pretty simple. The point I'm getting at is that ajax is simply a method of communication -- you send stuff and you read stuff. You don't need to rewrite the US Postal Service every time you send/receive a letter. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com I agree. I tend to reuse the same basic functionality whenever I use AJAX. With some half-decent unit-testing, you can debug the Javascript parts easily enough. Thanks, Ash http://www.ashleysheridan.co.uk _ Share your memories online with anyone you want. http://www.microsoft.com/middleeast/windows/windowslive/products/photos-share.aspx?tab=1
Re: [PHP] Forcing a Post of data
You could use auto form submission using javascript. A quick search should help. --Bipin Upadhyay. http://projectbee.org/ Richard Kurth wrote: How can I force this to be a POST and not a GET Add Customer or is the only way you can pass data with a POST is from a Form submission. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Please Help Me ASAP
kunal sharma wrote:
Hello,
I'm building my own website without any knowledge of PHP, & i'm almost done
with that..as my website works fine on my local server
i:e WAMPSERVER 2.0,
but the same code is not working on server...n i'm rilli 'd of coz of
that...
The error is :"PHP Parse error: syntax error, unexpected $end in
/home/usang2me/public_html/sign_up.php on line 145"
"145" happens to be last line i:e "?>" , but here becoz of pattern..itz not
into its proper way...
&
After filling the sign up form correctly . it says ALL FIELD ARE
MANDATORYi dont understand ...y soi'm pasting my code here...please
help me asap ...
each and every suggestion will be appreciat'd
Here Is The Code:
";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo "";
echo " Minimum length values for Username or Password or
Pincode or Mobile is missing. Please try again with correct
values. ";
include 'signup.php';
exit;
//die("User/password was not long enough!");
}elseif (!is_numeric($code) || !is_numeric($phone)){
echo "";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo "";
echo " Non Numeric Character Where only Numeric Value is
Allowed. ";
include 'signup.php';
exit;
//}elseif (empty($username)|| empty($password1) || empty($password2) ||
empty($name) || empty($address) || empty($city) || empty($state) ||
empty($code) || //empty($phone) || empty($email) || empty($refer_id)){
//echo "";
//echo " ";
//echo " ";
//echo " ";
//echo " ";
//echo " ";
//echo " ";
//echo " ";
//echo " ";
//echo " ";
//echo "";
//echo " All fields are Mandatory
//";
//include 'signup.php';
}else{
// checks if the username is in use
$checkuser = mysql_query("SELECT username FROM id_users WHERE
username='$username'");
$username_exist = mysql_num_rows($checkuser);
$referid = mysql_query("SELECT username FROM id_users WHERE
username='$refer_id'");
$referid_exist = mysql_num_rows($referid);
if($username_exist != 0){
echo "";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo "";
echo " I'm sorry but the username you specified has
already been taken. Please pick another one.
";
unset($username);
include 'signup.php';
}elseif($referid_exist > 0){
echo "";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo "";
echo " I'm sorry but the referral id doesn't exist. Please
check the referral id or enter the valid one.
";
unset($username);
include 'signup.php';
}else{
// this makes sure both passwords entered match
if ($password1 != $password2) {
die('Your passwords did not match.');
}else{
//}
// now we insert it into the database
//$password3 = md5($_POST['password1']);//
$insert = "INSERT INTO id_users (username, password, name, address, city,
state, code, phone, email, payment_status, member_status, total_member,
refer_id)
VALUES ('$username', '$password1', '$name', '$address', '$city', '$state',
'$code', '$phone', '$email', '0', '0', '0', '$refer_id'); UPDATE id_users
SET refer_id = '1' where username = 'refer_id';";
$queries =
preg_split("/;+(?=([^'|^\\\']*['|\\\'][^'|^\\\']*['|\\\'])*[^'|^\\\']*[^'|^\\\']$)/",
$insert);
foreach ($queries as $query){
if (strlen(trim($query)) != 0) mysql_query($query) or die(mysql_error());
}
//mysql_query($insert) or die(mysql_error());
//mysql_close();
//$update = "update id_users set refer_id='1' where username='refer_id'";
//mysql_query($update) or die(mysql_error());
//mysql_close();
echo "";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo "";
echo " You have successfully Registered, Please
Login ";
include 'login.php';
}
}
}
?>
Thanks Kunal
Kunal,
The trouble is the way you've commented things here (and in the
following lines):
//}elseif (empty($username)|| empty($password1) || empty($password2) ||
empty($name) || empty($address) || empty($city) || empty($state) ||
empty($code) || //empty($phone) || empty($email) || empty($refer_id)){
...
Due to these comments, you are missing a semicolon.
On a very friendly note, here are a few comments:
1. The code is very ugly. Almost unmaintainable.
2. It seems to have almost every vulnerability I can think of -SQL
Injection, XSS, etc.
3. You don't seem to be using an IDE. Any basic PHP IDE will at least
eliminate these parsing related issues.
4. .
There are a few things that you'd need to learn before you can actually
put your code in a live environment.
BTW, which book are you referring to write code?
--Bipin Upadhyay.
http://projectbee.org/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Smarty Tips and Techniques
Bob McConnell wrote: [SNIPPED] the fireman. Going futher, using OOP let's you do all sorts of generic Hi Rob, Unfortunately, you still don't understand the problem I have. While it takes a while to puzzle out the details, I don't have any trouble reading, understanding or debugging code like this, even though you skipped completely over several major components (*). I have even modified existing methods and made minor adjustments to classes, _once they have been written_. What I can't do is take a problem description and turn it into classes that will actually solve the problem. I can usually turn it into procedures relatively quickly. I can and have built real-time, multi-tasking and multi-threaded applications on a variety of kernels and operating systems with no significant trouble. I have written device drivers, interrupt service routines, message queues and I/O buffering routines without spending a lot of time thinking about them. But defining objects and then figuring out how to create and use them completely escapes me. My mind simply won't map a problem into objects, it only sees procedures. Even when I look at classes, they resolve only as loose groupings of functions and variables, not as unified components. If anyone knows how to fix that, please tell me. In the meantime, in my continuing effort to eschew obfuscation, I will stick with procedural programming. Bob McConnell (*) For example, "$this->" suggests you have added an array of pointers. Some are pointers to functions (aka methods) others are pointers to variables (aka members). But there is no indication where this array came from, what it means, nor how it affects the code structure. From experience I know that "$this->" is not always needed, but the C++ rules for when it is or isn't are neither clear nor consistent. There are no declarations nor assignments for it. It simply adds another level of obfuscated dereferencing that needs to be done in my head to understand what is going on. You also failed to explain what "new" does, or "parent::__constructor". What is the relationship between a class and an object? I get frustrated because of the extra overhead required to instantiate an object with its members before they can be referenced, instead of simply being able to use them at any time from anywhere in my code. Likewise, having to pass a pointer for one object to another object before the second can call the first is also counter-intuitive. They're all part of the same application, why doesn't the compiler take care of those details like it should? Bob, One of the best books that can help attain a practical understanding of OOP is "Head First Java". Please do not be eluded by "Java" in the title. I'd sincerely encourage you to borrow "Head First Java" from someone, and then buy "Head First Object Oriented Analysis & Design". You'll find answer to most of the questions raised by you, and in pretty interesting ways. Obviously, I don't expect answers for these questions, but hopefully this will give you a better understanding of the greater issues involved. This is a far cry from the Fortran IV I was taught in college 40 years ago. B.M. -- Regards, Bipin Upadhyay. http://projectbee.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] xss filter
IMHO, the obvious choice (for PHP) should be HTML Purifier by Edward Yang. Link: http://htmlpurifier.org/ --Bipin Upadhyay. On Mon, Sep 8, 2008 at 5:46 PM, Emil Edeholt <[EMAIL PROTECTED]> wrote: > Hello, > > Do you know of any good ways to filter out javascript from html code? I've > seen this code http://kallahar.com/smallprojects/php_xss_filter_function.php > but I found some old discussions about it saying that it wasn't really > secure. > > There most be some safe way to filter out xss without filtering out all > html. Or...? > > Kind Regards Emil > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- I'd love to change the world, but they won't gimme the source code. http://projectbee.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] OpenID
Clamshell -- http://wiki.guruj.net/Clamshell!Home HTH On Fri, Jul 18, 2008 at 1:36 AM, Alex Chamberlain <[EMAIL PROTECTED]> wrote: > Hi, > > > > Has anybody had any success implementing an OpenID server in PHP?? > > > > Alex > > > > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- Bipin Upadhyay I'd love to change the world, but they won't gimme the source code. http://projectbee.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP shell commands
Daniel Brown wrote: [SNIPPED] Just keep in mind that anything that can be accessed by any means is never going to be 100% secure. I like the the line :) --Bipin Upadhyay, http://projectbee.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP shell commands
Lucas Prado Melo wrote: Hello, Some php applications store database passwords into files which can be read by the user www-data. Why not keep them out of the web tree and inform the application regarding the same. I am sure almost all good applications would provide a simple way for doing it. So, a malicious user which can write php scripts could read those passwords. What should I do to prevent users from viewing those passwords? I am not sure I understand this. Do you mean the attacker would upload scripts and execute them to read th config files? If yes then that's a different problem altogether. regards Regards, Bipin Upadhyay. http://projectbee.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
