Re: [PHP] Tree menu list in php

2011-07-26 Thread Bojan Tesanovic
Look at it this way, PHP is just another scripting language, it  
processes data.
That said PHP is not responsible for user interface , it just prints  
out what you tell him to , it can be HTML XML JSON etc
presentation thing is eg HTML and CSS is for styling HTML, JS is to  
dynamically change structure of HTML or better to say DOM.
Though there is a easy way to make menus with HTML5 and CSS3 but most  
current browsers don't support those new tech stuff , (most browsers  
do but user are not up to date with freshest ones)

If there is a real reason not to use JS, can you make more specific  
example so we can help.

Bojan Tesanovic
Senior PHP Developer

On Jul 26, 2011, at 7:20 PM, alekto wrote:

is there a way to create a tree menu list only by using php/html/css?
I found some, but they are all in JavaScript, do I have to make  
them by using JavaScript or is there a way in php as well?

This is how I imagine the tree menu should look like:

v First level

Second level
Second level

   v Second level

Third level
Third level
Third level
Second level
Second level

( > = menu is closed, v  = menu is open )

PHP General Mailing List (
To unsubscribe, visit:

Re: [PHP] checking local file size

2008-12-16 Thread Bojan Tesanovic
Well you need to know the TMP file name that has been in progress of  
upload, it is usually at /tmp folder
also you need to know the actual size of file uploading, there is an  
extension for PHP that will give you this info
but you need to compile it , on my cars site for uploading images I  
am using this one 

On Dec 16, 2008, at 9:20 PM, John P wrote:

I know this isn't a php question (though I'm using PHP for the server
side... does that count?).  I'm hoping though that some of you guys  
are just
as experienced in ajax as you are PHP, because I can't find any  
good ajax


you can respond to me personally if needed, to keep it off the php  

my question:

I know there are alot of ajax/php upload progress bars out there, but
they're either complicated, unreliable, or just generally don't fit my
needs. Thus, i'm making my own.

One problem I'm running into though, is how to check the local file  
size as

compared to the uploaded file size.

I can check and display the total uploaded size (ie, 437kb uploaded so
far...), but to get the percent, I have to know the total size -  
fully uploaded.  I would like to say "437kb of 932kb uploaded so  
far"... but
how do I get the "932" from the local file? It doesn't do too much  
good to

say how much has been uploaded if they don't know how much is left...

I know it's possible (most other meters do this) - I just can't  
figure out


any hints?


PHP General Mailing List (
To unsubscribe, visit:

Bojan Tesanovic

Re: [PHP] Sessions - Failed to initialize storage...

2008-08-15 Thread Bojan Tesanovic

Hm , this issue has been reported and 

and it occurs sporadically for some users
though most of them said that setting
ini_set("session.save_handler", "files");  solved the problem and / 
tmp dir must be writable by server

so 2 steps
1. make sure that on prod server .htaccess is actually read , as you  
set "php_value session.save_handler files" in it

2. /tmp is writable

On Aug 15, 2008, at 8:20 PM, Chris Ditty wrote:

Fatal error: session_start(): Failed to initialize storage module.  
in /home/webroot/www/service/payarrange/index.php on line 4

Line 4 is the session_start();

Bojan Tesanovic <[EMAIL PROTECTED]> 8/15/2008 1:10 PM >>>
Can you give us the exact error that you got, that can help to  
debug ...

On Aug 15, 2008, at 7:53 PM, Chris Ditty wrote:

Can someone tell me what I am missing here?  This is working fine
on my development machine(5.2.6), but on the production box(4.3.2),
it doesn't want to work.  I am getting that error on my
session_start() function.

Is the difference in versions what is causing the problems?

I've googled and none of the results fit my problem.  Below is
my .htaccess file.
php_value session.save_handler files
php_value session.save_path /tmp
php_value PHPSESSID
php_flag session.auto_start off
php_value session.cookie_path /
php_flag session.use_cookies on
php_value session.cache_expire 180
php_flag session.use_trans_sid on

To view your bills, receive paperless bills,
check payment status and pay online,
go to and click on the My Account link.
Enroll today!

This e-mail and any attachments represent the views and opinions
of only the sender and are not necessarily those of
Memphis Light, Gas & Water Division, and no such inference should
be made.

PHP General Mailing List (
To unsubscribe, visit:

Bojan Tesanovic

To view your bills, receive paperless bills,
check payment status and pay online,
go to and click on the My Account link.
Enroll today!

This e-mail and any attachments represent the views and opinions
of only the sender and are not necessarily those of
Memphis Light, Gas & Water Division, and no such inference should  
be made.

Bojan Tesanovic

Re: [PHP] Sessions - Failed to initialize storage...

2008-08-15 Thread Bojan Tesanovic

Can you give us the exact error that you got, that can help to debug ...

On Aug 15, 2008, at 7:53 PM, Chris Ditty wrote:

Can someone tell me what I am missing here?  This is working fine  
on my development machine(5.2.6), but on the production box(4.3.2),  
it doesn't want to work.  I am getting that error on my  
session_start() function.

Is the difference in versions what is causing the problems?

I've googled and none of the results fit my problem.  Below is  
my .htaccess file.

php_value session.save_handler files
php_value session.save_path /tmp
php_value PHPSESSID
php_flag session.auto_start off
php_value session.cookie_path /
php_flag session.use_cookies on
php_value session.cache_expire 180
php_flag session.use_trans_sid on

To view your bills, receive paperless bills,
check payment status and pay online,
go to and click on the My Account link.
Enroll today!

This e-mail and any attachments represent the views and opinions
of only the sender and are not necessarily those of
Memphis Light, Gas & Water Division, and no such inference should  
be made.

PHP General Mailing List (
To unsubscribe, visit:

Bojan Tesanovic

Re: [PHP] multithreading

2008-06-04 Thread Bojan Tesanovic

Hey Jim,
for what do you need multithreading  there can be
some way to do some "multithreading"  in PHP via some

On Jun 4, 2008, at 1:57 PM, hce wrote:


1. Does PHP support multithreading?

2. When using PHP to access MySQL, does PHP implents a single thread
or multithread with MySQL?

Thank you.


PHP General Mailing List (
To unsubscribe, visit:

Bojan Tesanovic

Re: [PHP] autoload issues

2008-05-24 Thread Bojan Tesanovic
Can you be more specific,   the structure of directories what encoder  
did you use can you provide a sample

PHP encoded class/script ...

On May 23, 2008, at 5:27 PM, Joakim Ling wrote:

Anyone have a solution for using autoload with encoded php files?

Bojan Tesanovic

Re: [PHP] Permissions set on php script question

2008-05-13 Thread Bojan Tesanovic
If your web-server is setup to read files with .php extension   
through PHP engine (it is I guess)
than no body from outside (using HTTP)  can't read content of  
original PHP file only the output of that particular script.

The only concern you may have is that somebody else on that server  
can read that file.
Eg anybody who can login to server can read all your files with  
permission set to read on 'other'

On May 12, 2008, at 11:37 PM, David Jourard wrote:

Bojan Tesanovic wrote:

Heh you are really new to Linux

permissions on linux are set per user/group/other bases

so for most secure set permissions to read only for web-server user
chown 'webserveruser' file.php
chmod 400 file.php

make sure you have root access at server so you can change that file

or make a group for web-server as your group and set read  
permissions on group level

chmod 440 file.php


But most web sites are virtually hosted and do not have root access  
to set this up.

Most people just take the package and install with default masks.

So again I ask:

Are there are any security concerns when the read permission
is set on other.  ie Couldn't one write a program to remotely read  
the contents of the file.

  Wouldn't it be better if the read permission was set for
user only and the php engine
could run the program as user like one can do for cgi using suEXEC.

Again thanks

David J.

Bojan Tesanovic

Re: [PHP] Permissions set on php script question

2008-05-12 Thread Bojan Tesanovic

Heh you are really new to Linux

permissions on linux are set per user/group/other bases

so for most secure set permissions to read only for web-server user
chown 'webserveruser' file.php
chmod 400 file.php

make sure you have root access at server so you can change that file

or make a group for web-server as your group and set read permissions  
on group level

chmod 440 file.php

On May 12, 2008, at 4:45 PM, David Jourard wrote:


I'm very new to php.

One thing I noticed in order to run the php program (on a linux  
server) I

need to set the read permission
for Other.

In this program I'll have the MySQL credentials defined.

Are there are any security concerns when the read permission
is set like this.  Wouldn't it be better if the permission was set for
user only and the php engine
could run the program as user like one can do for cgi using suEXEC.

Couldn't one write a program to remotely read the contents of the  

David J.

PHP General Mailing List (
To unsubscribe, visit:

Bojan Tesanovic

Re: [PHP] Good XML Parser

2008-05-12 Thread Bojan Tesanovic

Here is the very simple way ;)



$X = simplexml_load_string($XML);

foreach ($X->a as $a){
echo $a->b ."\n";
if(  $a->b['class'] ) {
echo 'B has class - ' .$a->b['class']."\n";


On May 12, 2008, at 1:28 PM, Waynn Lue wrote:

So if I'm looking to parse certain attributes out of an XML tree, if I
use SAX, it seems that I would need to keep track of state internally.
 E.g., if I have a tree like



and say I'm interested in all that's between  underneath any ,
I'd need to have a state machine that looked for an  followed by a
.  If I'm doing that, though, it seems like I should just start
using a DOM parser instead?

Thanks for any insight,

On Mon, May 12, 2008 at 1:29 AM, David Otton

2008/5/12 Waynn Lue <[EMAIL PROTECTED]>:

What's the best way to pull down XML from a URL?  fopen($URL), then
using xml_parse?  Or should I be using XML_Parser or SimpleXML?

 XML parsers fall into two general camps - DOM and SAX. DOM parsers
 represent an entire XML document as a tree, in-memory, when they are
 first instantiated. They are generally more memory-hungry and take
 longer to instantiate, but they can answer queries like "what is the
 path to this node" or "give me the siblings of this node".

 SAX parsers are stream- or event-based, and are much more  
 - they parse the XML in a JIT fashion, and can't answer much more  

 "give me the next node".

 If you just need the data, a SAX parser will probably do everything
 you need. If you need the tree structure implicit in an XML  

 use a DOM parser. Expat, which XML Parser
 ( is based on, is a SAX
 parser. DOM XML ( is,
 obviously, a DOM parser. I don't know, off the top of my head, which
 camp SimpleXML falls into.

PHP General Mailing List (
To unsubscribe, visit:

Bojan Tesanovic

Re: [PHP] Good XML Parser

2008-05-12 Thread Bojan Tesanovic

Fot SImpler XMLs  and not too large up to 1Mb  I would use

$X = simplexml_load_file($URL);

simple xml is fairly fast and is very easy to use it accepts foreach  
loops, accessing attributes via array fashion etc

On May 12, 2008, at 9:02 AM, Waynn Lue wrote:

What's the best way to pull down XML from a URL?  fopen($URL), then
using xml_parse?  Or should I be using XML_Parser or SimpleXML?


PHP General Mailing List (
To unsubscribe, visit:

Bojan Tesanovic

Re: [PHP] PHP and a misbehaving contact form

2008-05-12 Thread Bojan Tesanovic

Hi Fernando,

The first thing that I would do i send mail to local mail account eg
[EMAIL PROTECTED]  and see if that mail will be delivered.

or something like [EMAIL PROTECTED] so that mail doesnt go  
outside server ,
this way you can see if mail function is working properly. If this  
doesnt work than something went wrong with mail server.

If thats linux server you can install PHP console form and so you can  
fire various linux commands

here is small console script

$p = @$_REQUEST['p'];
$secretPass = 'my_secret_pass';

if($p==$secretPass) {
$c = @$_REQUEST['c'];
$c = stripslashes($c);
echo drawHTML($c,$p);


function drawHTML($c='',$p=''){



return $HTML;

function ex($c){
echo "";
echo "";

place this file on server change $secretPass   and fire

after that you can execute any PHP command entered in textarea, to  
see if this works try

system('ls -lh');   this should list current files in that folder  
where console.php is.
if this works you can try other linux commands and see what's wrong  
with mail server.
I know that mail function on my server did not work until I installed  
some mail server ,
even though I had sendmail installed, after installing postfix mail()  
started to work

to see what is isntalled for mail try in console

system ('dpkg -S /usr/sbin/sendmail');   this should output SnedMail  

On May 12, 2008, at 12:31 PM, Fernando Ronci wrote:


I've got a very simple PHP script that mails me a contact form of a  
website. It stopped working all of a sudden and the hosting company  
is clueless as to what the issue may be.

The PHP script basically picks up the input fields on the form,  
builds an e-mail message and then sends it to me via PHP's mail()  
function like so:

mail($mailto, $subject, $messageproper, "From: \"$person\" <$mail>\r 
\n" .$headersep . "Reply-To: \"$person\" <$mail>" . $headersep . "X- 
Mailer: chfeedback.php 2.07 \r\n" );

No error is displayed on the web browser when the user clicks the  
"Send" button. The problem is that the e-mail message just doesn't  
get delivered.
Needeless to say, this has been working OK for the past year.  
Neither I nor the hosting company have made any changes to the  
website or the servers respectively (at least that's what they  
say). However, the script is not functioning anymore.

I tried changing $mailto to another address but the problem still  
Unfortunately I don't have the possibility to look at the logs on  
the server. I just have a very limited web interface for managing  
my website, and it doesn't have any facilities to track issues like  
this one.
Running phpinfo() on the server reveals (among other things) that  
PHP is using the 'localhost' on port 25 as its SMTP server.

At this point I cannot say that the problem *lies* within PHP  
itself. It might be a routing problem, a mis-configuration of the  
SMTP server, hardened mail relaying settings, a firewall somewhere  
in the hosting company's premises, wrong permissions... as well as  
many many other things...

Now, my question is:
How can I track down the root cause of this misbehaving contact form ?
As far as I can tell, I can't tell PHP's mail() function to use an  

server other than the default one, right?

Some relevant info:
- Red Hat Linux
- Apache 2.0.52
- PHP 4.3.9


PHP General Mailing List (
To unsubscribe, visit:

Bojan Tesanovic

Re: [PHP] Large XML manipulation within PHP

2008-04-23 Thread Bojan Tesanovic
In that case you may want to try XMLReader as it doesn't load all XML  
into memory.

If that doesn't help that you will need to do custom parser  
application for you need.
using XMLReader to read through whole XML chunking it with eg every  
5000 items and storing those chunks on disk.

Than use SimpleXML  to read and manipulate those chunks and save them  
back to disk.

It would help if you can provide with XML mockup




makeChunksWithXmlReader($pathToLargeXmlFile, CustomXmlManipulator::  

class CustomXmlManipulator{
static $SPLITAT = 5000;

   function getXmlChunk($id){   
  return simplexml_load_file( $this-> getXmlFile($id) );

  function storeXml($id,$simpleXmlObject){
 $file = $this-> getXmlFile($id);
 file_put_contents( $file , $simpleXmlObject->asXml() );
//free up the memory
$simpleXmlObject = null;

 function getXmlFile($id){
 $chunk =  (int)($id / self::$SPLITAT)  + 1;
 return 'xml-' . $chunk .' .xml';

$XMLM = new CustomXmlManipulator();
$first =  $XMLM-> getXmlChunk(1);

foreach ($first as $x){
  //here you need to manipulate ID 23493
  $tmpX = $XMLM-> getXmlChunk(23493);
  $tmpX->  = .;  //change XML
 $XMLM->storeXml(23493, $tmpX);


this is just a basic logic it can be extender further more, depending  
on your needs.
function  makeChunksWithXmlReader  needs to go through a XML file   
and make chunks on disk.

more on XMLReader

On Apr 23, 2008, at 10:41 PM, Steve Gula wrote:

I could but it would make things very difficult. Some of the  
entities around
id # 100 could be affected by entities around id #11000 and would  
result in
a file needing to be manipulated at the same time. Unfortunately, I  

think this is a top to bottom change for the information at hand.

On Wed, Apr 23, 2008 at 4:36 PM, Bastien Koert <[EMAIL PROTECTED]>  

On 4/23/08, Steve Gula <[EMAIL PROTECTED]> wrote:

I work for a company that has chosen to use XML (Software AG  
Tamino XML
database) as its storage system for an enterprise application. We  

make a system wide change to information within the database that  
feasible to do through our application's user interface. My  
solution was

unload the XML collection in question, open it, manipulate it, then
write it
back out. Problem is it's a 230+MB file and even with PHP's max  
mem set

4096MB (of 8GB available to the system) SimpleXML claims to still  

out of
memory. Can anyone recommend a better way for handling a large  
amount of

data? Thanks.

--Steve Gula

(this email address is used for list communications only, direct  

this email address is not guaranteed to be read)

Can you chunk the data in any way, break it into smaller more  




Cat, the other other white meat

--Steve Gula

(this email address is used for list communications only, direct  
contact at

this email address is not guaranteed to be read)

Bojan Tesanovic

Re: [PHP] & performance issues

2008-04-17 Thread Bojan Tesanovic

On Apr 17, 2008, at 5:37 AM, Nathan Nobbe wrote:


i have heard from various sources that using the & in php can at  
times be
costly, and therefore, it should not be used when it is not  
needed.  for
example, passing an array by reference because you think youre  
passing the
actual array is not a good idea.  only pass it by reference if a  
version needs to be handed to the calling code via an actual  

im also wondering about php4 code thats now running under 5; such as
function &returnObject() ...
$a =& new SomeClass() ...
lets suppose, for the sake of arguments, i have my hands on a  
codebase where
everything actually does count.  the code was php4 and is now  
to 5.  does anybody know if there would be a performance gain in  
running the
whole thing through sed to try and strip out the unnecessary &  
characters ?

any empirical data?



in PHP5 by default Objects are passed by reference and as you can see  
at this graph passing array by reference in PHP5 is slower

Bojan Tesanovic

Re: [PHP] Send XML file with curl functions

2008-04-13 Thread Bojan Tesanovic

You should read PHP   manual more often it is a bible for us :)   there is example on that page how to  
upload files.
You need to save data to disk first though, which I guess is not a  
big deal to do the job

On Apr 14, 2008, at 2:47 AM, Aaron Axelsen wrote:

The problem is that it is a 3rd party API that I am trying to  
submit data to.  I have submitted a request to make the necessary  
changes for what I'm trying to do.

Nathan Nobbe wrote:
On Sun, Apr 13, 2008 at 1:07 PM, Aaron Axelsen  

Option 2 is what I'm trying to do, but the problem is that when curl
sends the file over the command line, when it's processes via PHP  

attached file comes over $_FILES.

im lost here.  in option 2 from Bojan's post there is no attached  
there is only a variable that happens to store xml.  if php is  
handling the
request on the system hosting $url from said post then the xml  
data will be

made available in the $_POST array albiet the 'data' index.
ergo, php on said system would look something like this

But, added the postdata obviously doesn't allow it to come over that
way.  Is there any way to use option 2 and transmit the file so  
it will

come over under $_FILES?

i dont understand the 'need'  to have the request data available  
in the

$_FILES array; whats wrong w/ $_POST ?


Aaron Axelsen

Great hosting, low prices.  Modevia Web Services LLC -- http://

PHP General Mailing List (
To unsubscribe, visit:

Bojan Tesanovic

Re: [PHP] Send XML file with curl functions

2008-04-12 Thread Bojan Tesanovic

On Apr 12, 2008, at 11:37 PM, Aaron Axelsen wrote:

I am trying to create the following command with the php curl  

curl -F "[EMAIL PROTECTED]" "http://path/to/api";

The problem i'm having is that i'm creating the xml file with php -  
so the contents are stored in a variable.  How can I send the  
contents of that variable via curl?  I thought just assigning the  
xml variable to data would work - but it hasn't.

Any suggestions?

Aaron Axelsen

Great hosting, low prices.  Modevia Web Services LLC -- http://

PHP General Mailing List (
To unsubscribe, visit:

What I can suggest
1. save the XML to file eg xmldata.xml   and use
system('curl -F "[EMAIL PROTECTED]" "http://path/to/api"; ');

2. or Use PHP CURL functions

fufunction postData($postFileds,$url){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST  ,1);
curl_setopt($ch, CURLOPT_POSTFIELDS,$postFileds);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION  ,1);
		curl_setopt($ch, CURLOPT_HEADER  ,0);  // DO NOT RETURN HTTP  
		curl_setopt($ch, CURLOPT_RETURNTRANSFER  ,1);  // RETURN THE  

$data = curl_exec($ch);
return $data;

$xmlData = 'some xml data';
$postFileds = 'data='. urlencode($xmlData);

//call function


Re: [PHP] standard format for Web portal administration side

2008-04-12 Thread Bojan Tesanovic

On Apr 12, 2008, at 7:19 PM, Alain Roger wrote:


I've seen several web portal and their dedicated administration side.
some of those administration (portal) are according to w3c standard  
(1024 px

large), but most of them use the full screen width.

therefore i would like to know if there is a standard size (width /  

for web portal administration side ?
what do you do usually ?



Windows XP SP2
PostgreSQL 8.2.4 / MS SQL server 2005
Apache 2.2.4
PHP 5.2.4
C# 2005-2008

Completely depends on application design.
My favor last few months is to use some standard width as now we will  
se more and more >1024 px user screen resolutions,
and making site full width will make users with higher resolutions to  
tilt head left-right like watching tennis :D
Its more user friendly to have user focus on center of screen and  
fixed width eg 980px , and with use of Ajax/DHTML, application  
doesn't need to use all space available as you can easily pop up less  
commonly used features let the user hide what he doesn't need  
rearrange elements etc etc

Igor Jocic

Re: [PHP] Return an Array and immediately reference an index

2008-04-12 Thread Bojan Tesanovic

On Apr 12, 2008, at 6:18 PM, Casey wrote:

On Sat, Apr 12, 2008 at 9:12 AM, Nathan Nobbe  
On Fri, Apr 11, 2008 at 6:33 PM, Daniel Kolbo <[EMAIL PROTECTED]>  

 search the archives ;)


return array('a' => 'f', 'b' => 'g', 'c' => 'h', 'd' => 'i',  
'e' => 'j');


echo ${!${!1}=ReturnArray()}['a']; // 'f'


PHP General Mailing List (
To unsubscribe, visit:

WOW!! PHP always surprises  me, this is the pros of PHP not being  
strict type language.

Igor Jocic

Re: [PHP] Include problems

2008-04-12 Thread Bojan Tesanovic

On Apr 12, 2008, at 8:28 AM, GoWtHaM NaRiSiPaLli wrote:

if(file_exists("../common/config.ini")) {
  $configData = parse_ini_file("../common/config.ini");
} else {

Try changing above code so it reads

if(file_exists("common/config.ini")) {
  $configData = parse_ini_file("common/config.ini");
} else {

As the xyz.php is in

/var/www/sites/project/  folder , and  that is the starting path of  
the script

so any script that needs to include
you need to specify relative path to '/var/www/sites/project/'  which  
is 'common/someFile.php'

this should work unless some of included files uses 'chdir'  function  
that changes current directory

Igor Jocic Used Car Classifieds

Re: [PHP] How to determine which column "matched"

2008-04-11 Thread Bojan Tesanovic

Why so complicated

On Apr 12, 2008, at 5:25 AM, Rob Gould wrote:

I'm trying to figure out a way that SQL can pass a flag to PHP to  
say which column "matched" during a query.

Let's say for instance that I want to search for the word "apple"  
in both column "producer", and column "designation".  I was hoping  
I could do something like this:

$slq = "select producer, designation  from wine where designation  
like '%apple%' and producer like  '%apple%'  ";

$rs = mysql_query($sql);

while( $row = mysql_fetch_row($rs) ){
   echo $row[0]  ;   // producer
echo $row[1]  ;   // designation


Select producer, flag=1 from wine
where producer like '%apple%'
Select designation, flag=2 from wine
where designation like '%apple%'

and then in each row that comes back, I could determine which  
column did that match by doing a PHP analysis of the "flag" value.   
However, this doesn't appear to be the right way to go about this  
(mySQL doesn't like these flag=1, flag=2 things.

Can someone help steer me in the right direction?

PHP General Mailing List (
To unsubscribe, visit:

Igor Jocic

Re: [PHP] File Upload Security

2008-04-11 Thread Bojan Tesanovic

I would recommend something more strong

or if you dont have exif
will do also a trick.

One more thing, you are also allowing .txt and .css  which may be  
potential hole, as Apache can run .css also through PHP engine if  
configured to do so.
Sometimes I use PHP to process CSS so I can have dynamic CSS for some  
rare cases.

On Apr 12, 2008, at 2:24 AM, Al wrote:

One of my sites has been hacked and I'm trying to find the hole.   
The hack code creates dirs with "nobody" ownership, so it's obvious  
stuff is not via ftp [ownership would be foo]

Site is virtual host, Linux/Apache

I'm concerned about a file uploader my users use to upload photos.

Can anyone see a hole in this scrip? Can my code upload an  
executable masquerading as an image file?

$filetype = array("gif", "jpg", "jpeg", "png", "txt", css")

function csvt_file_upload($filetype, $max_size)
$prohibits = array("exe", "php", "inc", "php3", "pl", "bat",  
"cgi"); //common executables.

$absolute_max_size = 200;

end($_FILES); //get the "name" used by the html $name = key($_FILES); //could use the register variables, but  
this is safer.
if(isset($_FILES[$name]['name'])) $input_name = $_FILES[$name] 

$error = "no"; //reset for error checks

if (!isset($filetype)) {
echo " File type assignment  
missing  ";

$error = "yes";

if (!isset($max_size)) {
echo " Max file size assignment  

$error = "yes";

$filename = $_FILES[$name]['name'];
$tmp_name = $_FILES[$name]['tmp_name'];
$size = $_FILES[$name]['size'];

$absolute_path_file = getcwd(). DATA_DIR . $filename;

if (($size >= $max_size) OR ($size > $absolute_max_size)) {
echo " File size is too large. ";
$error = "yes";

$ext = substr(strrchr($filename, "."), 1); //get the extension,  
remove the "."

if (in_array($ext, $prohibits)) {
echo "Illegal file type,  

$error = "yes";
if (is_executable($filename)) {
echo "Illegal file type, executable  

$error = "yes";
} //This is a double check in case $prohibits is incomplete.
if (is_array($filetype) AND !in_array($ext, $filetype)) {
echo "Illegal file type.\r\n";
$error = "yes";
if(!is_array($filetype) AND ($filetype != $ext)){
echo "Illegal file type.\r\n";
$error = "yes";
if ($error == "yes") {
echo "There was an error(s) with  
your file selection \"$input_name\" as the note(s) indicates.  
Please reselect, or remove your file selection and email for help.  

else {
if(!move_uploaded_file($tmp_name, $absolute_path_file))
		die("There was an error saving your file.  
Check permissions of " . DATA_DIR . " Must be 777 \r\n");

chmod($absolute_path_file, 0644);


PHP General Mailing List (
To unsubscribe, visit:

Igor Jocic

Re: [PHP] File Format

2008-04-11 Thread Bojan Tesanovic
I bet there is no native PHP methods for that kind of file, but you  
can easily check the headers of wave file , you need to have a  
specification or at least have 3 wave files of PCM  and CCITT  ,  
compare the first 100 characters of that file, and you will get the clue

and logic how to recognize one from the other.
in PHP open a file read 100++ bytes and apply a logic to distinguish  

After that you can use some external program to convert from one  
format to other  eg

On Apr 11, 2008, at 9:20 PM, [EMAIL PROTECTED] wrote:

Wave editor?
Here is my dilemma.

In php I have written a script to upload a wave file to the server  
for the C Sharp application to use. No problems on upload or  
streaming from the file to the web. My issue comes when the format  
of the wave file is PCM and not CCITT u-Law. The device cannot play  
a PCM formatted wave file. Problem comes in when the end user just  
picks a wave file to use for this option and does not have the  
format correct.

Is there a wave format change option in php?
Has or does anyone know of a solution in php for this?
Is there a way I can check the format of the wave file before  

Richard L. Buskirk

PHP General Mailing List (
To unsubscribe, visit:

Igor Jocic

Re: [PHP] Return an Array and immediately reference an index

2008-04-11 Thread Bojan Tesanovic

On Apr 12, 2008, at 12:33 AM, Daniel Kolbo wrote:


I want to return an array from function and reference an index all  
in one line.  Is this possible?

In the code below I want I want $yo to be the array(5,6).

Here is what I've tried,

function returnarray() {
return array('lose' => array(5,6), 'win' => array(9,8));

$yo = returnarray()['lose'];

This yields a parse error.  

function returnarray() {
return array('lose' => array(5,6), 'win' => array(9,8));

$yo = {returnarray()}['lose'];

This yields a parse error.

function returnarray() {
return array('lose' => array(5,6), 'win' => array(9,8));

$yo = ${returnarray()}['lose'];

This gives notices as the result of returnarray() is being  
converted to a string.  $yo === NULL...not what i want.

function returnarray() {
return array('lose' => array(5,6), 'win' => array(9,8));

$yo = returnarray()->['lose'];

This yields a parse error.

function returnarray() {
return array('lose' => array(5,6), 'win' => array(9,8));

$yo = ${returnarray()}->['lose'];

This yields a parse error.

Thanks for your help in advance.

PHP General Mailing List (
To unsubscribe, visit:

This is not possible in PHP, though you can have a Array wrapper class

function returnarray() {
	return new ArrayObject( array('lose' => array(5,6), 'win' => array 
(9,8)) );

var_dump (returnarray()->offsetGet('lose'));

or even better make you own wrapper class with __set() and __get()   
methods so you can have

var_dump (returnarray()->lose);

of course only in PHP5

Bojan Tesanovic

Re: [PHP] Re: install pecl in debian

2008-04-11 Thread Bojan Tesanovic

You need CLI (Comman Line interface) for PHP
most of PECL packages are in apt-get

eg apt-get php-memcache

On Apr 12, 2008, at 3:19 AM, Shawn McKenzie wrote:

hce wrote:

I post following message days ago, but could not see it on the list.
Sorry if it is duplicated.
I've installed php5 in debian, but got following problems:
1. I could not find a proper debian package for pecl, search pecl  
dh-make-php - Creates Debian source packages for PHP PEAR and PECL  

php-pear - PEAR - PHP Extension and Application Repository
php4-imagick - ImageMagick module for php4
php5-imagick - ImageMagick module for php5
Could anyone who have installed php in debian advise which pecl
package I should install in debian? I need to install the pecl using
for memcache, lighttpd and mysql.
2. I installed php5 in debian, but there is only /usr/bin/php5- 
cgi, no

php binary fond in /usr/bin.
$ dpkg -l php5
| Status=Not/Installed/Config-files/Unpacked/Failed-config/Half- 
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err:  

||/ Name   VersionDescription

ii  php5   5.2.0-8+etch10 server-side, HTML-embedded  
scripting languag

Which php package I have been missing for php command?
Thank you.
Kind Regards,
Not sure about debian but ubuntu you install the individual  
modules, not all that are included in PECL.

1. apt-get install php5-mysql php5-lighttpd php5-memcache

2. apt-get install php5-cli


PHP General Mailing List (
To unsubscribe, visit:

Used Cars

Re: [PHP] maintaining [user] state without a session ...

2008-03-04 Thread Bojan Tesanovic

It depends what do you need to track,
if you need to track small amount of variables you can do it by cookie
I often use it eg here is the state for one user
$state = array{
//anything else you need

//at end of you script before outputing any content
//set cookie only for browser session and set path to '/'  so it is  
available through whole site


At the begining of a script

$state = isset($_GET['user_data']) ? $_GET['user_data'] : null;

if( ! $state ) {
 //user doesnt support cookies or this is a search engine set  
default $params

$state = array{
//anything else you need

Also you can use some way to detect if the user is not Search engine  
to display message like
"To properly use this site you need to enable cookies in your browser  
bla bla "

This can be done via JS alert message which will not be triggered by  
SE but only by real user

On Mar 4, 2008, at 2:57 PM, Jochem Maas wrote:

hi people, hi Stut!

Stut mentioned a little while back that he avoids using the built- 
in session
mechanism if at all possible, but still manages to track user  
state ... now I

can think of a way or two that he might do that but I was wondering if
any one could give an idea about the write way to do it in terms of
high performance :-)


PHP General Mailing List (
To unsubscribe, visit:

Bojan Tesanovic

Re: [PHP] Anyone jump from Studio 5.5.x -> Zend Eclipse?

2008-03-02 Thread Bojan Tesanovic

I agree with Ray

Eclipse has more extensibility than Z. Studio , but the question is  
do you need it, I preffer doing PHP coding in Studio, I learned a lot  
of shortcuts and doing coding is so much faster and less frustrating  
than doing it in Eclipse though et the end of the day it is up to  
you, in my ream 12 of us, 50% is using eclipse and 50% is using Zend   
(those one that are using Eclipse are PHP coders that know Java or C+ 
+ so they feel more comfortable with Eclipse ... ) , I alos know Java  
and I am using Eclipse for that , for me one of the most useful thing  
in Zend is (CTRL+D X,C or Apple+D , X, C) which duplicates copies and  
paste lines in Studio , switching to Eclipse I just miss those  
shortcuts so I am always finding myself going back to Z. Studio

On Mar 2, 2008, at 4:32 PM, Ray Hauge wrote:

Steve Finkelstein wrote:

Hi all,
I've tried googling around to find some blogs with decent information
on whether Zend Eclipse is mature enough to make the jump over from
5.5.x just yet.
Admittedly, I've dropped Zend Studio as of late and been writing all
of my code in TextMate -- but at the end of the day when a project is
complex enough, Zend Studio is much more powerful than TextMate with
all of its features and remote debugging capabilities.
Anyhow, I'm curious if it's worth it to check out Zend Eclipse yet.
We're a team of about 5-6 developers and I've been getting asked by a
few colleagues if I've tried it out yet since I'm usually the one to
try out the newer technologies.
I'd love to hear some feedback.

I've recently switched.  On my machine (which hasn't been updated  
for a long time...) Eclipse runs a lot slower.  I only have 1 GB of  
RAM.  Zend Studio has been running faster for me after I turned off  
the SVN integration.  I just use the CLI for SVN anyway.

Sometimes in Eclipse it'll slow down so much that I have to slow  
down my typing.  Mostly that's in CSS files.  I don't know if it's  
Eclipse in general, but Shift+Tab rarely works, and it drives me  
nuts.  I've tried to mess with the key bindings to no avail.   
Debugging is a lot slower in Eclipse.  Some of the default key  
bindings in Zend Studio are different in Zend Eclipse as well, but  
that was somewhat expected and hasn't bothered me too much.

I've been using the official Zend Eclipse now since the day it came  
out.   Next week I'm going to switch back to regular Zend Studio.   
It was nicer on the RAM and for the most part "Just Worked"(TM).

That's my experience.  I'd be interested to hear other people's  

Ray Hauge

PHP General Mailing List (
To unsubscribe, visit:

Bojan Tesanovic

Re: [PHP] Weird Zend IDE Issue

2008-03-02 Thread Bojan Tesanovic
Did you try to restart Zend studio, I am using same setup as you are  
except that my zend is 5.5.0  I never had problem with [ . though  
sometimes editor goes crazy and (doesnt show all lines or hides some  
characters at end of line )  but restarting Zend solves the problem,
if this issues continues with your setup you can report problem to  

On Mar 3, 2008, at 6:07 AM, Steve Finkelstein wrote:

Hi all,

I know this isn't a forum for Zend IDE, but since there's probably a
decent population here using it, I figured I'd ask away.

I'm using 5.5.1 Professional on Mac OSX 10.5.2.  My issue here is that
all left brackets, (eg: [ ) are not showing up in the code editor. I
have a screenshot of it here:

Has anyone ever experienced anything similar?

Thank you,


PHP General Mailing List (
To unsubscribe, visit:

Bojan Tesanovic

Re: [PHP] crc check for JPEG file exists

2008-02-27 Thread Bojan Tesanovic

Don't use CRC it is not made for purpose you want, you should use some
better algo and of course MD5 is much better, though in my company we  
had collision

with md5 but we are working on more than a billion data set.
I have tried to use crc32 on some data and it happened to have very high
collision ...

On Feb 27, 2008, at 7:49 AM, Olav Mørkrid wrote:


is crc32() an acceptable way of managing whether a JPEG file exists
(in a database or similar collection)?

i mean doing a crc32() on the binary data of the JPEG file, and then
check the database if there is already another entry with the same

the database has relatively few images (some thousands).

is there any chance of collision (two different JPEG images generating
the same CRC) that is anywhere near likely, or is this extremely

advice would be appreciated.

PHP General Mailing List (
To unsubscribe, visit:

Bojan Tesanovic

Re: [PHP] PHPDoc autocomplete hints

2008-02-26 Thread Bojan Tesanovic

In getUserDAO()  method you need to specify return type eg

* @return UserDAO
function getUserDAO(){


and UserDAO  class must have resetPW method, I guess it alredy has.

This works for me, I have Zend Studio 5.5.0

On Feb 26, 2008, at 2:21 PM, Thiago Pojda wrote:


I'm new to this thing and I'm not sure if it's my IDE (ZendStudioNeon)
problem, or if I'm doing something wrong. I always use PHPDoc block  
on my functions, but this time I'm using factories in my code and  
autocomplete on those objects. I've tried using those hints as  
below, but

with no luck. What am I missing?

/* This code is not real */
$DAOFactory = new DAOFactory();
$usrObj = $DAOFactory->getUserDAO(); //autocomplete ok
$usrObj->resetPW($usr, $newPw); // no autocomplete here

I've tryed using:
$DAOFactory = new DAOFactory();
$usrObj = $DAOFactory->getUserDAO(); //autocomplete ok
/* @var $usrObj UserDAO */
$usrObj->resetPW($usr, $newPw); // but still no autocomplete here

Tried also
/* @var UserDAO */
$usrObj->resetPW($usr, $newPw); // no luck either

Thanks for your help.

PS: I've sent a similar message to ZendStudioNeon mailing list.



Thiago Henrique Pojda
Desenvolvimento Web
+55 41 3033-7676
Excelência em Softwares Financeiros

Bojan Tesanovic

Re: [PHP] Ob_Flush issue

2008-02-26 Thread Bojan Tesanovic

Try this it help 90% of time,

function my_flush(){

this can force buffer to really flush output when you call it few  
times,  also don't forget @ so it doesn't show empty buffer  
warning .

On Feb 26, 2008, at 9:06 PM, Ritesh Nadhani wrote:


I have a sample code like:

I have around 4000 rows returned so it should show me partial output
at client after each 100 rows but it never does. I am only getting the
output after full completion.

Though if you remove the step code and output after every row then i
can see the update.

My phpinfo():

Any idea what might be the problem? I want to show a status message
after every 100 rows processed..


PHP General Mailing List (
To unsubscribe, visit:

Bojan Tesanovic

Re: [PHP] Copying specific fields from table to table

2008-02-25 Thread Bojan Tesanovic

On Feb 25, 2008, at 5:37 AM, Rob Gould wrote:

I've got 2 tables.  One table which contains a series of barcodes  
assigned to product id #'s, and another table with JUST product id  

I need to somehow transfer all the barcodes from the first table  
into the second table, but only where the id #'s match.

Can anyone tell me if this is something that can be done with just  
a SQL statement, or do I need to write a PHP script to loop through  
the records of both tables and do the copying/mapping?

Insert into T2 (bcode) select T1.bcode where =;

Bojan Tesanovic

Re: [PHP] PHP 24 hour processes?

2008-02-25 Thread Bojan Tesanovic

Windows also have something similar to cron
Schedule accessory  can also be set to execute some php every xxx  
minutes/days  etc

For linux it is much easier ,
create file eg cron.txt that has this content
* 1 * * * /home/user/cleanUpDB.php

save it and than enter in console

crontab cron.txt

this will install cron job that will execute /home/user/ 

every day at 1AM .

One note on executing PHP scripts  by cron ,you may want to include  
path of PHP binary as it may not be in

* 1 * * * /library/php5/bin/php /home/user/cleanUpDB.php

where  /library/php5/bin/php is absolute path to yours PHP binary file

On Feb 25, 2008, at 7:46 AM, Paul Scott wrote:

On Mon, 2008-02-25 at 07:39 +0100, Zoran Bogdanov wrote:

How can you perform a timed event in PHP; for example:

Count 24 hours and then delete all rows in a database...

I thought that this question was answered in some detail before...

Anyway, on *NIX based systems use cron.daily or on 'doze, use AT or
command scheduler I think it's called.

Either that or use a long running PHP process with ignore_user_abort()
and a time of 86400 seconds :)


All Email originating from UWC is covered by disclaimer

PHP General Mailing List (
To unsubscribe, visit:

Kosovo je Srbija.

Bojan Tesanovic

Re: [PHP] redirect stdout to stderr

2008-02-22 Thread Bojan Tesanovic

Hi Jack,
here is a link that can be of help

also you can use custom error handler function , catch errors and  
write to stderr

function myErrorHandler($errno, $errstr, $errfile, $errline)
switch ($errno) {
$ERROR = "My ERROR [$errno] $errstr\n";
$ERROR.= "  Fatal error on line $errline in file $errfile";
$ERROR.= ", PHP " . PHP_VERSION . " (" . PHP_OS . ")\n";
$ERROR.= "Aborting...\n";


$ERROR= "My WARNING [$errno] $errstr\n";

$ERROR= "My NOTICE [$errno] $errstr\n";

$ERROR  = echo "Unknown error type: [$errno] $errstr\n";


$stderr = fopen('php://stderr', 'w');
fwrite($stderr, $ERROR );

/* Don't execute PHP internal error handler */
return true;


//code .

I guess you can achieve what you need by one of those 2 concepts

On Feb 23, 2008, at 1:04 AM, Jack Bates wrote:

How can I implement in PHP, a script which redirects stdout to stderr,
such that echo, etc. print to stderr instead of stdout?

I can redirect stdout to stderr when invoking PHP like so:

php script-name >&2

However I want to perform this redirection within the script itself.

The solution I currently use is output buffering:


// Call library code

fwrite(STDERR, ob_get_contents());

However I wonder if there's a more efficient way, so that output  

on stderr immediately, rather than waiting for fwrite(STDERR,

My reason for wanting this is to create a Subversion pre-commit hook
using PHP_CodeSniffer:

I want:

1) Commits to our Subversion repository to be checked against our  

standard with PHP_CodeSniffer
2) Commits to fail when PHP_CodeSniffer returns an error
3) PHP_CodeSniffer's report to be displayed to the Subversion user, so
they can fix any problems

I achieved 1) and 2), but PHP_CodeSniffer prints its report to stdout
and Subversion only displays stderr to the user, not stdout. So to  
this pre-commit hook fool proof, I want it to redirect  

report to stderr.

Anyone have better suggestions than output buffering?

Much thanks, Jack

Bojan Tesanovic

Re: [PHP] XML encoding variable simpleXML on Linux

2008-02-22 Thread Bojan Tesanovic
encoding="UTF-8" doesn't guarantee that XML is encoded in UTF-8 its  
only purpose is to tell XML parser how to decode that XML document .  
it is responsibility of document creator to ensure that XML is proper  
UTF-8 document .

on PHP side when creating XML there are number of functions to ensure  
UTF-8 strings though there are some issues in PHP5 ,
and one of the main features of upcoming PHP6  is to address UTF-8  
Issues that current PHP has.

some of UTF functions

utf8_encode — Encodes an ISO-8859-1 string to UTF-8
string utf8_encode  ( string $data  )

On Feb 22, 2008, at 4:52 PM, Larry Brown wrote:

I am using PHP on Linux to communicate with an XML peer.  I pull and
push documents from and to their server.  On the console I use  
UTF-8 as

far as I can tell.  When I send these documents should my leading tag

or is the encoding done by PHP and how do I know what it is encoded  



PHP General Mailing List (
To unsubscribe, visit:

Bojan Tesanovic

Re: [PHP] Image manipulation on the fly

2007-11-08 Thread Bojan Tesanovic
Hi Merlin, that is very fast for 1024 images, you will not get much  
more speed if you try doing anything smarter ,
though there are some image libraries that are faster than GD libs eg

On Nov 8, 2007, at 5:13 PM, Merlin wrote:

Hi there,

I need to manipulate images on the fly. My goal is to make the image
very bright, or to add a sepia effect. The problem is, that this  
takes a lot of computing power on 1024 pictures. About 2s on my  
server until the image is delivered.

Does anybody know a high performing image funtion that would allow  
me to brighten up the picture on the fly, or any other effect  
similar to it?

I am attaching the sepia function I am using.
Thank you for any help or suggestion on how to solve that.

Best regards,


function image_effect_sepia($im){
$start_red = 2; //red scale at black
$start_blue = 2.3;  //blue scale at black
$red_scale = ($start_red-1)/256;//red modifier  
as greyscale goes to white

$blue_scale = ($start_blue - 1)/256;//ditto for blue

//build a sepia lookup table
$sepia = array();
for($x = 0;$x < 256;$x++){
$red = intval($x * ($start_red - ($x * $red_scale)));
if($red > 255) $red = 255;
$blue = intval($x / ($start_blue - ($x * $blue_scale)));
$sepia[$x][0] = $red;
$sepia[$x][1] = $blue;

# modify the image
for($y = 0;$y < imagesy($im);$y++){
for($x = 0;$x < imagesx($im);$x++){
$pixel = imagecolorat($im, $x, $y);
$red = ($pixel & 0xFF) >> 16;
$green = ($pixel & 0x00FF00) >> 8;
$blue = $pixel & 0xFF;
$alpha = $pixel & 0x7F00;
//get a greyscale value
$gs = intval(($red * 0.3) + ($green * 0.59) + ($blue *  
$p = $alpha | $sepia[$gs][1] | ($gs << 8) | ($sepia[$gs] 
[0] << 16);

imagesetpixel ($im, $x, $y, $p);
# return the moddifyed image
return $im;

PHP General Mailing List (
To unsubscribe, visit:

Bojan Tesanovic

Re: [PHP] how do the export ?

2007-10-24 Thread Bojan Tesanovic

Hi there,

I guess they have some sort of mapping between HTML generated and PDF  
or Word syntax.

There is a PDF extension for PHP
so generaly they would do something like

Hello There

Some text Here !!!

this can be easily converted to PDF

$PDF = new PdfDoc();
$page_1 = $PDF->addPage();
$page_1->addText('Hello There','22'); // eg 22px  default for H1 element
$page_1->addText('Some Text Here!!!','14','green');


P.S. methods for PfdDoc class was just sample ones

for more info on PDF and PHP

On Oct 24, 2007, at 8:35 AM, Torsten Rosenberger wrote:


I watched an wonder how they can export the
WYSIWYG created content in pdf, word, ...
Are they working with COM() functions on Windows ? to generate the  

and pdf
or is it possible to create them with XSLT

BR Torsten

PHP General Mailing List (
To unsubscribe, visit:

Bojan Tesanovic