Re: [PHP] How to pronounce PHP code over the phone?
On 10/16/2009 9:31 PM, Dotan Cohen wrote: Wow! Here goes: Open-bracket, dollar item hypen greater-than, get service id, no all one word but with a capital S and I. Open and close brackets, question mark, dollar item again, then a hyphen and greater-than, that get service id and brackets bit again, exactly the same as last time; yes, capital S and I again. Colon, no the colon is the one with two dots, not dot and comma. Dollar item again, then hypen, greater-than, get id, with a capital I. Nope, no service bit this time. Now, open bracket and two closing brackets (I assumed the final two on your example were typos?!). now a semi-colon, yes the one with the comma. That's pretty much how I could foresee me telling someone this on the phone, but to be honest, I'd really prefer an email ;) So it really involves mentioning each character. I was hoping that there would be a shared language for constructs such as - and the like. There are, what you'd call, technical jargon for them. However, it'd pretty obviously depend on the extent of knowledge of the person on other side of phone line. If she understands PHP objects, difference between OOP in PHP4 PHP5, and ternary operator, things would be fairly simple. In any case, Ashley's nailed the foolproof technique for sure :) Thanks. -- Dotan Cohen http://what-is-what.com http://gibberish.co.il --Bipin Upadhyay. http://projectbee.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] RE: [Formaldehyde] The Most Basic Ajax - PHP Error Debugger
I do use FirePHP and your project looks interesting to evaluate. Will check it out in a couple of days. It would be more interesting if they really are complimentary. I think people who use FireBug's console API would be able to appreciate FirePHP/formaldehyde more. However, I do NOT deny the fact that not every project needs them. --Bipin Upadhyay. Andrea Giammarchi wrote: So nobody here debugs interaction and nobody uses Selenium for application tests ... fair enough. Would be nice to receive some response for those developers whose deal everyday with big/complex applications, 'cause here seems nobody i susing FirePHP or frameworks debuggers while numbers tell me the scenario is totally different. Regards Subject: RE: [PHP] RE: [Formaldehyde] The Most Basic Ajax - PHP Error Debugger From: a...@ashleysheridan.co.uk To: tedd.sperl...@gmail.com CC: an_...@hotmail.com; php-general@lists.php.net Date: Fri, 11 Sep 2009 15:39:12 +0100 On Fri, 2009-09-11 at 10:35 -0400, tedd wrote: At 3:27 PM +0200 9/11/09, Andrea Giammarchi wrote: That's a finished production site ... how did you debug during its development? 'Cause Formaldehyde is for development, not for production ... I guess you have implented your own error manager/debugger, right? What's to debug? The site -- http://webbytedd.com/a/ajax-site/ -- uses a very simple ajax script, namely: http://webbytedd.com/a/ajax-site/js/a.js Outside of that, everything else is done in php, html, and css, which is completely separate from ajax. I can create a very extensive and complicated site using that simple ajax routine without any alteration whatsoever. I don't need a debugger because I never touch the code. Now maybe I'm not getting it, but from my perspective ajax is pretty simple. The point I'm getting at is that ajax is simply a method of communication -- you send stuff and you read stuff. You don't need to rewrite the US Postal Service every time you send/receive a letter. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com I agree. I tend to reuse the same basic functionality whenever I use AJAX. With some half-decent unit-testing, you can debug the Javascript parts easily enough. Thanks, Ash http://www.ashleysheridan.co.uk _ Share your memories online with anyone you want. http://www.microsoft.com/middleeast/windows/windowslive/products/photos-share.aspx?tab=1
Re: [PHP] Forcing a Post of data
You could use auto form submission using javascript. A quick search should help. --Bipin Upadhyay. http://projectbee.org/ Richard Kurth wrote: How can I force this to be a POST and not a GET a href=customer.php?cid=1location=customeradd.php Add Customer /a or is the only way you can pass data with a POST is from a Form submission. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Please Help Me ASAP
', '$address', '$city', '$state',
'$code', '$phone', '$email', '0', '0', '0', '$refer_id'); UPDATE id_users
SET refer_id = '1' where username = 'refer_id';;
$queries =
preg_split(/;+(?=([^'|^\\\']*['|\\\'][^'|^\\\']*['|\\\'])*[^'|^\\\']*[^'|^\\\']$)/,
$insert);
foreach ($queries as $query){
if (strlen(trim($query)) != 0) mysql_query($query) or die(mysql_error());
}
//mysql_query($insert) or die(mysql_error());
//mysql_close();
//$update = update id_users set refer_id='1' where username='refer_id';
//mysql_query($update) or die(mysql_error());
//mysql_close();
echo html;
echo nbsp;;
echo nbsp;;
echo nbsp;;
echo nbsp;;
echo nbsp;;
echo nbsp;;
echo nbsp;;
echo nbsp;;
echo nbsp;;
echo table align=center border=1 cellpadding=0 cellspacing=0
bordercolor=#FF6600 bgcolor=#C0C0C0 width=50% height=10;
echo tr td align=centerp font color=black span
style=font-size:11pt;bYou have successfully Registered, Please
Login/b/span/font/p/td /tr /table /html;
include 'login.php';
}
}
}
?
Thanks Kunal
Kunal,
The trouble is the way you've commented things here (and in the
following lines):
code
//}elseif (empty($username)|| empty($password1) || empty($password2) ||
empty($name) || empty($address) || empty($city) || empty($state) ||
empty($code) || //empty($phone) || empty($email) || empty($refer_id)){
...
/code
Due to these comments, you are missing a semicolon.
On a very friendly note, here are a few comments:
1. The code is very ugly. Almost unmaintainable.
2. It seems to have almost every vulnerability I can think of -SQL
Injection, XSS, etc.
3. You don't seem to be using an IDE. Any basic PHP IDE will at least
eliminate these parsing related issues.
4. .
There are a few things that you'd need to learn before you can actually
put your code in a live environment.
BTW, which book are you referring to write code?
--Bipin Upadhyay.
http://projectbee.org/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Smarty Tips and Techniques
Bob McConnell wrote: [SNIPPED] the fireman. Going futher, using OOP let's you do all sorts of generic Hi Rob, Unfortunately, you still don't understand the problem I have. While it takes a while to puzzle out the details, I don't have any trouble reading, understanding or debugging code like this, even though you skipped completely over several major components (*). I have even modified existing methods and made minor adjustments to classes, _once they have been written_. What I can't do is take a problem description and turn it into classes that will actually solve the problem. I can usually turn it into procedures relatively quickly. I can and have built real-time, multi-tasking and multi-threaded applications on a variety of kernels and operating systems with no significant trouble. I have written device drivers, interrupt service routines, message queues and I/O buffering routines without spending a lot of time thinking about them. But defining objects and then figuring out how to create and use them completely escapes me. My mind simply won't map a problem into objects, it only sees procedures. Even when I look at classes, they resolve only as loose groupings of functions and variables, not as unified components. If anyone knows how to fix that, please tell me. In the meantime, in my continuing effort to eschew obfuscation, I will stick with procedural programming. Bob McConnell (*) For example, $this- suggests you have added an array of pointers. Some are pointers to functions (aka methods) others are pointers to variables (aka members). But there is no indication where this array came from, what it means, nor how it affects the code structure. From experience I know that $this- is not always needed, but the C++ rules for when it is or isn't are neither clear nor consistent. There are no declarations nor assignments for it. It simply adds another level of obfuscated dereferencing that needs to be done in my head to understand what is going on. You also failed to explain what new does, or parent::__constructor. What is the relationship between a class and an object? I get frustrated because of the extra overhead required to instantiate an object with its members before they can be referenced, instead of simply being able to use them at any time from anywhere in my code. Likewise, having to pass a pointer for one object to another object before the second can call the first is also counter-intuitive. They're all part of the same application, why doesn't the compiler take care of those details like it should? Bob, One of the best books that can help attain a practical understanding of OOP is Head First Java. Please do not be eluded by Java in the title. I'd sincerely encourage you to borrow Head First Java from someone, and then buy Head First Object Oriented Analysis Design. You'll find answer to most of the questions raised by you, and in pretty interesting ways. Obviously, I don't expect answers for these questions, but hopefully this will give you a better understanding of the greater issues involved. This is a far cry from the Fortran IV I was taught in college 40 years ago. B.M. -- Regards, Bipin Upadhyay. http://projectbee.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] xss filter
IMHO, the obvious choice (for PHP) should be HTML Purifier by Edward Yang. Link: http://htmlpurifier.org/ --Bipin Upadhyay. On Mon, Sep 8, 2008 at 5:46 PM, Emil Edeholt [EMAIL PROTECTED] wrote: Hello, Do you know of any good ways to filter out javascript from html code? I've seen this code http://kallahar.com/smallprojects/php_xss_filter_function.php but I found some old discussions about it saying that it wasn't really secure. There most be some safe way to filter out xss without filtering out all html. Or...? Kind Regards Emil -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- I'd love to change the world, but they won't gimme the source code. http://projectbee.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] OpenID
Clamshell -- http://wiki.guruj.net/Clamshell!Home HTH On Fri, Jul 18, 2008 at 1:36 AM, Alex Chamberlain [EMAIL PROTECTED] wrote: Hi, Has anybody had any success implementing an OpenID server in PHP?? Alex -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Bipin Upadhyay I'd love to change the world, but they won't gimme the source code. http://projectbee.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP shell commands
Lucas Prado Melo wrote: Hello, Some php applications store database passwords into files which can be read by the user www-data. Why not keep them out of the web tree and inform the application regarding the same. I am sure almost all good applications would provide a simple way for doing it. So, a malicious user which can write php scripts could read those passwords. What should I do to prevent users from viewing those passwords? I am not sure I understand this. Do you mean the attacker would upload scripts and execute them to read th config files? If yes then that's a different problem altogether. regards Regards, Bipin Upadhyay. http://projectbee.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP shell commands
Daniel Brown wrote: [SNIPPED] Just keep in mind that anything that can be accessed by any means is never going to be 100% secure. I like the the line :) --Bipin Upadhyay, http://projectbee.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
