[PHP] simple xml object
I have the following xmlwith standard tags changed to [ and ] to prevent mail clients from encoding it as html. [?xml version=1.0?] [resultset errors=0 results=86] [result id=20080922133104871678 lastinspected=9/29/2009 0:00]0.4[/result] [result id=20080922133104871678 lastinspected=8/28/2009 0:00]1.1[/result] . . . I am using the simplexml_load_string to read it in to an object and execute the following code $xml = simplexml_load_string($content); foreach($xml as $Result){ print_r($Result); foreach($Result-attributes() as $i = $v){ $$i = $v; print Attr: $i = '$v'\n; } } that all works fine. Problem is I can't figure out how to get the acutual value (0.4 and 1.1). I also don't know why I can't simply do something like $id = $Result-attributes()-id; the output of this looks like SimpleXMLElement Object ( [...@attributes] = Array ( [id] = 20080922133104871678 [lastinspected] = 9/29/2009 0:00 ) [0] = 0.4 ) Attr: id = '20080922133104871678' Attr: lastinspected = '9/29/2009 0:00' SimpleXMLElement Object ( [...@attributes] = Array ( [id] = 20080922133104871678 [lastinspected] = 8/28/2009 0:00 ) [0] = 1.1 ) Attr: id = '20080922133104871678' Attr: lastinspected = '8/28/2009 0:00' How do I read the [0] value? $Result[0] gives me nothing. -- Chris W KE5GIX Protect your digital freedom and privacy, eliminate DRM, learn more at http://www.defectivebydesign.org/what_is_drm; Ham Radio Repeater Database. http://hrrdb.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] MySQLi and prepared statements
If I am using the mysqli extension and prepared statements, after I execute bind_param, is there a away to print the actual query that gets sent to the server? -- Chris W KE5GIX Protect your digital freedom and privacy, eliminate DRM, learn more at http://www.defectivebydesign.org/what_is_drm; Ham Radio Repeater Database. http://hrrdb.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] preg_match_all
What I want to do is find all links in an html file. I have the pattern below. It works as long as there is only one link on a line and as long as the whole link is one line. It seems there should be a way to get this to work with more than one link on a single line. The work around I have done for now is to read the whole file into a buffer and remove all new lines and then add a new line after every closing a tag. Then process each line. There has to be a better way. Any Ideas? Also note I don't want to find any a tags that don't have an href there probably aren't any but just in case. preg_match_all(/( *a[^]*href[^]+)(.*)\/a/, $Line, $matches, PREG_PATTERN_ORDER); -- Chris W KE5GIX Protect your digital freedom and privacy, eliminate DRM, learn more at http://www.defectivebydesign.org/what_is_drm; Ham Radio Repeater Database.preg_match_all(/( *a[^]*href[^]+)(.*)\/a/, $Line, $matches, PREG_PATTERN_ORDER); http://hrrdb.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: array recursion from database rows
Bob wrote: Hi. I have a database table I have created for navigation. The table fields are uid, parent_id, menu_name. Each entry is either a top level element with a parent_id of 0 or a child which has a parent_id that relates to the parent uid. What I am trying to do is recurse through a set of rows adding the child(ren) of a parent to a multi-dimensional array. Does anyone know how I can do this, I've tried (unsuccessfully) to traverse the rows to create this array but I keep failing miserably. This is probably very easy for the people on this list so I am hoping someone could help me out. I recently wrote a function to do just that. My data structure is a little different than yours. My table is called menuitems and is designed to store menu items for many different menus. But I do use the same ParentID concept you described to link sub menus in. I just call my function recessively. Here is a slightly simplified version of my function. I replaced the standard html tags with [ and ] to avoid stupid email clients trying to encode it as an html message. function PrintMenu($MenuID, $ParentItemID) { $query = SELECT * \n; $query .= FROM `menuitem` \n; $query .= WHERE `MenuID` = '$MenuID' AND `ParentItemID` = '$ParentItemID' \n; $query .= ORDER BY `OrderBy` \n; //print [pre$query[/pre\n; $result = mysql_query($query); QueryErrorLog($result, $query, __FILE__, __LINE__, __FUNCTION__, mysql_error(), mysql_errno(), 1); if(mysql_num_rows($result) 0){ print [ul]\n; while ($row = mysql_fetch_array($result, MYSQL_ASSOC)){ foreach($row as $TmpVar = $TmpValue){ $$TmpVar = $TmpValue; } print [li][a href='$URL']$Title[/a][/li]\n; PrintMenu($MenuID, $MenuItemID); } print [/ul]\n; } } -- Chris W KE5GIX Protect your digital freedom and privacy, eliminate DRM, learn more at http://www.defectivebydesign.org/what_is_drm; Ham Radio Repeater Database. http://hrrdb.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] String searching
I need to find the position of the first character in the string (searching from the end) that is not one of the characters in a set. In this case the set is [0-9a-zA-z-_] I guess to be even more specific, I want to split a string into to parts the first part can contain anything and the second part must be only in the set described above. What is the easiest way to do this? -- Chris W KE5GIX Protect your digital freedom and privacy, eliminate DRM, learn more at http://www.defectivebydesign.org/what_is_drm; Ham Radio Repeater Database. http://hrrdb.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] urlencode and urldecode
Whenever you build a query string you need to us the urlencode to encode any characters that may be in there that aren't legal for a URL. On the server I am using now, when you access values using $_GET['xyz'], it does the urldecode for you. I'm not positive, but I am pretty sure, that at one time on a server I used in the past, that I had to manually call urldecode to decode GET vars. Is there a setting to change this or is it something that changed in php in the last few years? -- Chris W KE5GIX Protect your digital freedom and privacy, eliminate DRM, learn more at http://www.defectivebydesign.org/what_is_drm; Ham Radio Repeater Database. http://hrrdb.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: question about validation and sql injection
Sudhakar wrote: A) validating username in php If you do what needs to be done to prevent sql injection, it doesn't matter what you let users have for their user name. B) preventing sql injection htmlentities this has nothing to do with sql injection it just is needed so when you print data to the screen that may include html entities, they display right. addslashes This is a generic way to escape things and is a bad idea since it doesn't know what system you are using for your DB so you can't be sure it does it right. trim This is handy when reading form data just so you don't store any extra spaces at the beginning and end of entries. Often users will inadvertently add a space to the end or have spaces the come in from copy and paste. Again nothing to do with sql injection. mysql-real-escape-string If you are using MySQL this is the only function you need to prevent sql injection. Simply run any variable that will be part of a query through this function and then put single quotes around all variables in your queries and sql injection will be a non issue. Example $UserName = mysql_real_escape_string($UserName); $query = SELECT * FROM `user` WHERE `UserName` = '$UserName' ; run the query and all will be good. Many add the password to the where clause too but I prefer to use a php if statement to be sure the comparison is case sensitive (depending on the Collation you use in MySQL your conditional tests may or may not be case sensitive). magic_quotes_gpc is ON If you can, you should have this off. In php 6 Off will be the only option. With it on it adds slashes in an attempt to do a generic escape of characters to prevent sql injection. Since you can't be sure that will work right, the best bet is to read in your form data like this $UserName = trim(stripslashes($_POST['UserName'])); I do the same thing for all data read from forms. Then before I use the var as part of a query, I use the mysql_real_escape_string function on it. The only exception is when I am expecting an integer returned from a form, in which case I use this... $Status = (int) $_POST['Status']; that way no mater what the user or some hacker tries to get in, I am sure $Status contains an integer and I don't need to bother with the mysql_real_escape_string on that var. If magic_quotes_gpc is off, you can and should remove the strip slashes function call. Note the only reason I use trim is to get rid of any white space that may be at the ends of the string. magic_quotes_runtime is OFF magic_quotes_sybase is OFF These should both be off too. -- Chris W KE5GIX Protect your digital freedom and privacy, eliminate DRM, learn more at http://www.defectivebydesign.org/what_is_drm; Ham Radio Repeater Database. http://hrrdb.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: changing order of items
afan pasalic wrote: this one bugs me for a while. how to change order. I have a list of tasks. by status, task could be 1 (todo) or 0 (done) - status value stored in mysql. I can list tasks per status or all. order number is stored in mysql too. the easiest way to change order is to have form for each task where you will enter manually number and then submit (one submit button for whole form). but, if you change order number for any task you have to change then all order numbers below the task manually solution with arrows (or up/down buttons) where you click on arrow and the task switch the place with its neighbor is easy and fancy. Though, I get in trouble if, e.g. tasks 10, 11, 12, and 13 change status from 1 to 0 and I have to move task 14 to place 6. I have to click first 4 times (to switch places with tasks 13, 12, 11, and 10) - but nothing is actually happening on screen (of course) before start switching places with 9, 8, 7, and 6. how do you avoid this gap? what solution do you use at all? thanks for any help. -afan If I understand you right the problem is because you are showing a list of items with the status of todo and there are other items with a status of done, that if shown would have a priority in between the the ones with a status of todo. So if you simply swithch the priority value with the next record up in the priority order, it may not move because of unseen items with the done status. I have had this problem before but in much different type of application. Basically you have several groups of records in the same table and you want to sort them independent of each other. What I have done is to specify what field(s) in the table define each group. In my case I have often had 1 2 or even 3 fields needed to define the groups. In your case it is just the todo / done status field. What I do is have the up and down arrow and have the link pass the ID of the item I want to move, the sort order value(priority in your case), the value(s) of the group field(s) and the direction I want to move the item. So the url for the move button would be something like this Status ToDo = 1 Status Done = 2 ID of Record to move is say 34 priority of record 34 is say 21 Record has a status of ToDo. Move.php?ID=34Order=21Status=1Move=Up Then the move function does something like this. if($Move == 'Up){ $query = SELECT ID, Priority FROM `todolist \n; $query .= WHERE `Priority` '$Order' AND `Status` = '$Status' \n; $query .= ORDER BY `Priority` DESC \n; $query .= LIMIT 1 \n; }else{ $query = SELECT ID, Priority FROM `todolist \n; $query .= WHERE `Priority` '$Order' AND `Status` = '$Status' \n; $query .= ORDER BY `Priority` \n; $query .= LIMIT 1 \n; } run query $TempID = $row['ID']; $TempPriority = $row['Priority']; $query = UPDATE `todolist` SET `Priority` = '$Order' \n; $query .= WHERE `ID` = '$TempID' run query $query = UPDATE `todolist` SET `Priority` = '$TempPriority' \n; $query .= WHERE `ID` = '$ID' run query... -- Chris W KE5GIX Protect your digital freedom and privacy, eliminate DRM, learn more at http://www.defectivebydesign.org/what_is_drm; Ham Radio Repeater Database. http://hrrdb.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Validating Form input
I was wondering what others think of my approach to form validation. I know many use Java script to do various validation. However, since there is no way to be sure the data sent to the server is actually valid, you have to check it in your php code on the server anyway. Granted you don't have to, but if you don't, you are just asking for someone to hack your system, or at the very least screw up your data. So my question is since you have to do a validity check on the server, why bother with the Java script? The only advantage I can see to doing it with Java script is it will cut down on the errors in data that get to the server and then in turn reduce the number for resubmits and keep traffic down a little. However since none of the projects I have worked on are very high traffic sites, that hasn't been much of a concern. Any thoughts? -- Chris W KE5GIX Protect your digital freedom and privacy, eliminate DRM, learn more at http://www.defectivebydesign.org/what_is_drm; Ham Radio Repeater Database. http://hrrdb.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] validating textarea using php
Dotan Cohen wrote: 2008/5/14 Richard Heyes [EMAIL PROTECTED]: It also makes the code less portable. If that's even a concern. A lot of the time, it's not. A lot of people think that, until their host upgrades php. Have you seen how many things are being removed for php6? From the article I read, that isn't one of them. -- Chris W KE5GIX Protect your digital freedom and privacy, eliminate DRM, learn more at http://www.defectivebydesign.org/what_is_drm; Ham Radio Repeater Database. http://hrrdb.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Division [maybe a bug]
jo opp wrote: 2008/5/11 Chris W [EMAIL PROTECTED]: jo opp wrote: Hello! $var1= 2155243640%31104000; $var2= 2147309244%31104000; echo $var1 // Return -24651656 echo $var2 // Return 1133244 $var2 return the correct result, but $var1 is wrong (the correct result is 9067640) Probably because the maximum signed 32 bit integer value is 2,147,483,648 OK, but with bigger numbers works fine again. Right now I made a function to deal with this issue: function remainder($dividend,$divisor){ $remainder= $dividend-(floor($dividend/$divisor)*$divisor); return $remainder; } What do you think about it? That will convert the numbers to floating point, which will give you round off error if the numbers get too big. -- Chris W KE5GIX Protect your digital freedom and privacy, eliminate DRM, learn more at http://www.defectivebydesign.org/what_is_drm; Ham Radio Repeater Database. http://hrrdb.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Division [maybe a bug]
jo opp wrote: Hello! $var1= 2155243640%31104000; $var2= 2147309244%31104000; echo $var1 // Return -24651656 echo $var2 // Return 1133244 $var2 return the correct result, but $var1 is wrong (the correct result is 9067640) Probably because the maximum signed 32 bit integer value is 2,147,483,648 if you are dealing with numbers that large, consider using some arbitrary precision math functions that can work with as large of numbers as you need. http://us3.php.net/manual/en/refs.mathcrypto.math.php -- Chris W KE5GIX Protect your digital freedom and privacy, eliminate DRM, learn more at http://www.defectivebydesign.org/what_is_drm; Ham Radio Repeater Database. http://hrrdb.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] xml processing cdata
I have an xml file with a cdata element like the one below. How would I use the php xml functions to extract that cdata and save it as a pdf file? attach id=2 display-name=207069.pdf file-name=207069.pdf obj-type=1 system=0 ![CDATA[eJysumVQW1/0NtoWK95CcXe3EFxK8QDBCQ5 .. ]] /attach The code I have is this... $in = fopen(test.xml, 'r'); $XMLStr = ''; while (!feof($in)) { $LineNumber++; $XMLStr .= fgets($in); } $XML = simplexml_load_string($XMLStr); foreach($XML-props-attachments-attach as $Attachment){ print_r($Attachment); } The output looks like this... SimpleXMLElement Object ( [EMAIL PROTECTED] = Array ( [id] = 2 [display-name] = 207069.pdf [file-name] = 207069.pdf [obj-type] = 1 [system] = 0 ) ) -- Chris W KE5GIX Protect your digital freedom and privacy, eliminate DRM, learn more at http://www.defectivebydesign.org/what_is_drm; Ham Radio Repeater Database. http://hrrdb.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] module loading problems
I'm running PHP 5.2.0 on windows XP SP2 lately when it starts I have been getting the an error when it tries to load the mysqli dll. It loads the standard mysql dll fine and all the dlls are in the same place the path and php ini file all seem to be fine. I recently added the exif module and now it doesn't load either. Anyone have any idea why these 2 modules won't load when the others do? -- Chris W KE5GIX Protect your digital freedom and privacy, eliminate DRM, learn more at http://www.defectivebydesign.org/what_is_drm; Gift Giving Made Easy Get the gifts you want give the gifts they want One stop wish list for any gift, from anywhere, for any occasion! http://thewishzone.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] module loading problems
That helped... Seems I need to load the multi-byte string module before I load the exif module... so now exif loads fine. However mysqli still doesn't load which is less of a concern since I'm not using that module at this time anyway. It does puzzle me thought because the standard mysql module does load and work fine. I didn't notice any dependencies unique to mysqli that didn't apply to mysql on the site I saw the requirement to load the multi-byte module before exif. I did confirm using the phpinfo page that the php.ini file being used is the one I thought and all paths and files are in the right place. I am running on Apache/2.0.55 Richard Davey wrote: Hi Chris, Wednesday, July 25, 2007, 5:36:29 PM, you wrote: I'm running PHP 5.2.0 on windows XP SP2 lately when it starts I have been getting the an error when it tries to load the mysqli dll. It loads the standard mysql dll fine and all the dlls are in the same place the path and php ini file all seem to be fine. I recently added the exif module and now it doesn't load either. Anyone have any idea why these 2 modules won't load when the others do? Have you changed anything else recently? Perhaps installing a new version of PHP, moving some files around, updating Windows, etc? What do you use to set the location of the PHP files? (i.e. have you modified your System Path, or did you just throw them all into the Windows\System folder?) Is this with Apache or IIS btw? My checklist would be something like this: 1) Check that the PHP.INI file you *think* PHP is using, it really is. 2) Check that you don't have redundant DLL files lurking around (in the Windows folder for example) 3) Ensure you're using a recent enough version of the MySQL DLL for it to work 4) Check your paths! 5) Check your dependances.. some DLLs require others. The following may help: http://wamp.corephp.co.uk and http://www.corephp.co.uk/archives/36-A-Guide-to-using-PHP-5-Extensions-on-Windows.html Sorry that my blog is running so slow, for some reason sy3 has crawled to a halt, while other sites on my server work perfectly. Most annoying! Cheers, Rich -- Chris W KE5GIX Protect your digital freedom and privacy, eliminate DRM, learn more at http://www.defectivebydesign.org/what_is_drm; Gift Giving Made Easy Get the gifts you want give the gifts they want One stop wish list for any gift, from anywhere, for any occasion! http://thewishzone.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] List
On Tuesday, April 24, 2007 6:02 PM Richard Lynch mailto:[EMAIL PROTECTED] said: I do not have any problems, but I'm not using Outlook, and never will. Okay... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Question about OO design
On Monday, April 09, 2007 4:24 PM Jochem Maas mailto:[EMAIL PROTECTED] said: Ok. I see what you're saying. If I populate all that data during the constructor why would I ever call the function again right? you could refresh the data if needed - but basically the idea is to cut down the user data grab into a single sql call. [snip useful bits] Thanks for the help Jochem! I appreciated it. Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Question about OO design
Hello, I'm working on a project now and I'd like to get some feedback on how to implement a proper class (or two). This is an application that records an employee's used vacation time. There are two tables: (1) events, (2) users. Users: id (int) name (varchar) email (varchar) balance (mediumint, stored in seconds) // this is the balance for // the user after all events // have been accounted for. accrual (smallint, stored in seconds) is_manager (bool) Events: id (int) uid (int, users.id) date (date) duration (smallint, stored in seconds) balance (smallint, stored in seconds) // this is the balance for // the user at the time the // event was added. created (datetime) Currently I have just one class called User that looks like this: (I'm dealing with PHP4.) class User { var id; var name; var email; var balance; var accrual; var is_manager; function User($user_id) { $this-id = $user_id; $this-name = get_name(); // ... $this-accrual = get_accrual(); } function get_name() { // get name from db $sql = ...; $db = DB::singleton(); $db-execute($sql); } function get_email() function get_accrual() function is_manager() { // same as above more or less } function get_events() { // this function gets all the events for // the current users and returns them // as an array. } function add_event() { // this function adds a single event for // the current user. it also recalculates // the 'balance' for each event because // of data display requirements. } function del_event($event_id) { // delete an event from the current user's // events list based on $event_id. } } As I started to write this and use it I get the feeling that there should also be an Event class that is extended by the User class. Reason being that each User object is a reference to the currently logged in user, not anyone else. But if you're a manager you have the responsibility to approve/deny and/or add/delete events for your employees. But with that in mind I've gone from a class that handles the currently logged in user to one that handles the currently logged in user plus any number of other users. I guess I'm thinking of this in the same terms as db normalization. Ex: I could add an extra price_level column to my products table each time I need a new pricing level but it's probably better to create a separate table called products_prices. It's slightly more complicated but it would allow me to have as many pricing levels as I want without modifying my databse or code. I'd appreciate any kind of feedback on this. If I haven't been clear with something please let me know. Thanks, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Question about OO design
On Monday, April 09, 2007 3:51 PM Jochem Maas mailto:[EMAIL PROTECTED] said: Thanks for the response Jochem. Chris W. Parker wrote: [snip] you probably only want one DB call to populate the User object with all the relevant user data at the point where the object is created. [snip] Ok. I see what you're saying. If I populate all that data during the constructor why would I ever call the function again right? [snip] As I started to write this and use it I get the feeling that there should also be an Event class that is extended by the User class. Reason if you use an Event class then it should just represent an Event (and a User object would [probably] contain an array of Event objects). AFAICT there is no good reason to have Event extend User. I see. being that each User object is a reference to the currently logged in user, not anyone else. the User class is merely a representation of *a* user - you can use an instance for the currently logged in user, but that doesn't stop you from using the same class to model the collection of users that fall under a given manager. I see. // you might need to f around with returning references here, // (I can never quite get that right without a bit of trial and error in php4) function getEmployees() { // consider caching the result? $emps = array(); if ($this-is_manager) { // get user data from db $sql = SELECT * FROM users WHERE manager_id={$this-id}; // error checking? $db = DB::singleton(); $db-execute($sql); while ($data = $db-getRow()) $emps[] = new User($data); } return $emps; } How do I reference a User object within the $emps array? Is it like $emps[0]-accrual ? Thanks, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Why do some pages repeat a previous page's action(s) after redirect?
Hello, I have a form page and a processing page. After submitting the form the processing page does whatever it needs to do (insert a record, send back validation errors, etc.) After determing what to do it always redirects somewhere with header('Location: URL'); But sometimes when I'm back at the form page (after the redirect) and I refresh the page it does the previous page's actions again. And again and again. Why would it do that? Shouldn't a refresh just resubmit whatever is in the address bar and not go through a certain path? The only way I've found to make it stop redoing the previous page's actions is to put my cursor in the address bar and press enter. I don't remember seeing this behavior in the past so I wonder if it has something to do with Apache's or PHP's configuration. Thanks, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Why do some pages repeat a previous page's action(s) after redirect?
On Tuesday, April 03, 2007 11:44 AM Tijnema ! mailto:[EMAIL PROTECTED] said: This is the only behavior i know of, a refresh action does the same action he did for loading the current page again. If you submit data to that page, it will resubmit the data. If you're using the Location:URL header entry, the browser doesn't saves this action as an action did by the browser itself, and so it will submit the data to the page where you redirect. If you want to bypass this, you should use the javascript window.location method instead. formpage.php: html form method=get action=process.php /form /html process.php: ?php // do stuff // ... header(Location: http://www.domain.com/formpage.php;); exit; ? With those two pages in mind you're saying that after I submit the form on formpage.php, do stuff on process.php, then get redirected back to formpage.php that it will replay my form submission when I hit refresh? Thanks, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Why do some pages repeat a previous page's action(s) after redirect?
On Tuesday, April 03, 2007 12:35 PM Chris Shiflett mailto:[EMAIL PROTECTED] said: But sometimes when I'm back at the form page (after the redirect) and I refresh the page it does the previous page's actions again. Can you provide a raw HTTP dump of the complete scenario? Two things: 1. How do I do that? 2. The issue has gone away. I don't know what I've done differently. I haven't changed the way I handle sessions, redirects, or form submission. All that stuff is still the same. Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Security: Passing URLs between pages for redirect
Hi. Currently I'm building a small application for internal office use but I'd like to get some feedback on a certain aspect of it. When someone tries to access a page they do not have access to they are redirected to the login page with the URL they tried to access in the querystring. This URL is then snuck into the login form as a hidden variable (called 'nexturl') so they can be sent back to the page they came from after a successful login. I can see this happening when someone bookmarks one of their own pages and then tries to go directly there after their session has ended. Instead of making them navigate all the way back to that page I figure I'll just send them directly. My question for the list is: Are there any validation checks I should do on the 'nexturl' variable before it is used as a redirect? The only situation I can come up with where this could be exploited is if someone sends a malicious URL through email to another employee with the intention of course being that after they successfully login they will be redirected to desired URL. Are there any best practices for this kind of thing? Would it be enough to verify that the page being redirected to is within my own domain? Thanks, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Can't get PHP errors to display or log consistently
On Friday, March 16, 2007 4:04 PM Robert Cummings mailto:[EMAIL PROTECTED] said: Update: Now that I've corrected my mistake in php.ini and set the level of error reporting that I want I can see *most* errors. But shouldn't the following produce a visible error? ?php error_reporting(E_ALL); ini_set('display_errors','On'); x echo 'hello'; ? If I comment the x I see 'hello'. If I uncomment the x I don't see anything. Thanks, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Can't get PHP errors to display or log consistently
On Monday, March 19, 2007 11:28 AM Brad Fuller mailto:[EMAIL PROTECTED] said: Syntax errors like that will cause a startup error, which means your code can't be evaluated. So those 2 lines of code that turn the error reporting on never get executed. Oooohh it's a startup error. Didn't know that. Now everything seems to be working the way I want it to. Thanks! Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Name Capitalization
On Monday, March 19, 2007 10:24 AM Leonard Burton mailto:[EMAIL PROTECTED] said: For instance, McDonald needs to remain that way even if it comes in as MCDONALD, or mcdonald. [snip] Yeah, nothing is a perfect solution but anything is better than nothing. That's probably true when you're talking about cash in your pocket but probably not in this case. Guys, Thanks for the replies and the link to the recent thread, even though that didn't discuss any solutions to the problem I am asking about (other than to point it out which helps because it points out a few of the name problems)! That's because there are no solutions. There are options but not solutions. Here is one option. Make a long list (array) of search/replace pairs and loop through your text replacing as necessary. 'mcdonald' = 'McDonald' 'mcdowell' = 'McDowell' 'o\'reilly' = 'O\'Reilly' 'de la rosa' = 'De La Rosa' etc ad nauseum... Let us know when you're done! :) Also, there's no difference between MCDONALD and mcdonald if you convert everything to lower (or upper) case first. Thanks, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Can't get PHP errors to display or log consistently
Hello, Using CentOS 4 and I can't get errors to display on the page AT ALL or log errors consistently. Some errors get logged (forgetting to us $this- in a class for example) but most don't. I've tried: * using .htaccess to set the error reporting. * checking and double checking my php.ini file for the correct setting. * using error_reporting(E_ALL) at the top of my page. Nothing works. When a page has an error it's goes blank. Nothing is sent to the client. There must be a setting somewhere that is overriding all of this. Any ideas? Thanks, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Can't get PHP errors to display or log consistently
On Friday, March 16, 2007 12:37 PM Robert Cummings mailto:[EMAIL PROTECTED] said: Is there a custom error handler in place? Try grepping for set_error_handler. Not in this project. Being used in another project wouldn't count towards this one would it? Thanks. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Can't get PHP errors to display or log consistently
On Friday, March 16, 2007 12:49 PM Robert Cummings mailto:[EMAIL PROTECTED] said: If either project overrides the error handler than a custom error handler is in place. All depends on whether the code that sets it gets run. (Was at lunch.) I see. In that case how do I override it in this project? Can the two projects coexist without causing trouble for one another? Thanks, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] reverse http authentication
I want to read a page that is protected with http authentication. How do I pass the user name and password to be authenticated with my php code? -- Chris W KE5GIX Protect your digital freedom and privacy, eliminate DRM, learn more at http://www.defectivebydesign.org/what_is_drm; Gift Giving Made Easy Get the gifts you want give the gifts they want One stop wish list for any gift, from anywhere, for any occasion! http://thewishzone.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Storing dynamic attribute data in a db
Hello, This is now my 3rd attempt at writing this email. :) The first two were pretty long... I'm currently working on trying to find a solution that is both simple and flexible for storing the data of a complicated set of dynamic options for some of our products. My current thinking is that I will use Modified Preorder Tree Traversal to organize the data. Each record will have the following: id (auto-number) sku (related product's sku) lft (hierarchy data) rgt (hierarchy data) attribute (like: Size, Color, Style) option (like: Blue, Large, Plain) pricemodifier (-$20, +$20) This kind of data is not difficult to handle if every combination that is available through the different options is actually available from the manufacturer. However, some combinations are not possible so the data needs to represent itself that way. For example, all t-shirts come in Red, Green, or Blue but only Green shirts come in Large. All other colors have only Small and Medium. Is there a standard way to handle this kind of thing if not, how would you handle it? (On a side note, when the solution is found, could it be called a pattern?) Thanks, Chris. p.s. Yes this is the short email. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Storing dynamic attribute data in a db
On Thursday, January 18, 2007 3:51 PM Chris mailto:[EMAIL PROTECTED] said: Hey Chris, If you have to write a 6 page document to explain what's going on, that's probably bad.. because in 6 months time if you need to revisit it, you're going to have issues. hehe I wouldn't say that my other emails were 6 pages(!) but I tend to ramble on sometimes. And not only that, sometimes complicated problems are difficult to explain simply. As I think we've discovered. :P Why do you think you need to use a tree? I'm sure it's just a case of me not understanding something.. Anyway I'd move the attributes to another table (pseudo-sql): [snip] Then you can get all attributes easily: select * from attributes where productid='X'; Consider this. You have three attributes: Color, Size, Collar. Colors: Red Green Blue Sizes: Small Medium Large Collars: V-Neck Plain Turtleneck If the manufacturer allowed me to order any combination of the above attributes (and their options) I would need to create only three tables to organize it: products, products_attributes, and products_attributes_options. This would allow me to do basically what your SQL from above does. 1. Give me all the attributes for product 'X'. 2. Then give me all the options for all the attributes returned in Step 1. 3. Display three dropdown boxes. But the complication comes when the manufacturer says: 1. You can only order a turtleneck if the shirt is green. 2. You can only order red shirts in small and medium. At this point there is a breakdown in the data. With the three table setup how can I indicate these requirements in the data? I don't think I can, but I'm not positive. On the other hand, if I use a hierarchical dataset I can make the following tree: (Copy and paste this into Notepad if it doesn't appear aligned properly.) Root |-Red | |-Small | | |-V-Neck | | |-Plain | |-Medium | |-V-Neck | |-Plain |-Green | |-Small | | |-V-Neck | | |-Plain | | |-Turtleneck | |-Medium | | |-V-Neck | | |-Plain | | |-Turtleneck | |-Large | |-V-Neck | |-Plain | |-Turtleneck |-Blue |-Small | |-V-Neck | |-Plain |-Medium | |-V-Neck | |-Plain |-Large |-V-Neck |-Plain The reason I am writing to the list is to see if there is an easier way to do this or if I'm heading in the right direction. No idea what price modifier is or if it applies to specific attributes but if it does, move it as well. I should have left this part out... It's just the amount the price of a product will change for that option. Example: Large green shirts are +$5 while all small shirts are -$2. Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Storing dynamic attribute data in a db
On Thursday, January 18, 2007 5:09 PM Paul Novitski mailto:[EMAIL PROTECTED] said: Are you considering keeping all the levels of your data tree in a single table because you can't predict how many levels there will be? If you CAN predict its depth, wouldn't it be simpler and easier to conceive, code, and debug with N tables chained in parent-child relationships? I'm not asking rhetorically but seriously, for discussion. How are you weighing the pros cons of using MPTT? Good question. In my case it is not possible to determine the depth of each product's attributes. We deal with many different manufacturers and they all set their products up differently. Some have (maybe) one attribute while others can have four or five. I wouldn't doubt that sometime in the future I will see six or more. Also, I personally prefer not to hard code values and to instead make everything flexible. I've done that in the past and it kicks my butt when requirements change and I have to go through and fix things. I prefer a slightly higher learning curve in the beginning for greater flexibility in the future. Lastly, I don't know if you're familiar with MPTT but it's actually quite easy to work with once you have a stable set of functions to manipulate the tree. (I got mine from the Sitepoint article where I learned about it a few years ago.) Hope that answers your question. Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] DOMDocument Size limit
When calling |-createElement($name, $value) My content is truncated to around 4k. If what is in $value is less than 4000 bytes then it works fine but if it is more, the data is truncated. Is there a setting I don't know about that will change that limit? I need it to be more like 100k or maybe even more.| -- Chris W KE5GIX Protect your digital freedom and privacy, eliminate DRM, learn more at http://www.defectivebydesign.org/what_is_drm; Gift Giving Made Easy Get the gifts you want give the gifts they want One stop wish list for any gift, from anywhere, for any occasion! http://thewishzone.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] DOMDocument Size limit
Jochem Maas wrote: what version of php? what version of libxml? php: 5.2.0 libxml: 2.6.26 is the limit actually 4096 bytes per chance? (that seems more likely) the limit is probably 4096 but I think it may be due to the length of tags and other things not just the value. what happens when you create the element with an empty value then use something like this?: $el = $foo-createElement($name, ''); $el-nodeValue = $yourBigString; Same thing happened there also are you able to use $foo-createElementNS() ? does that suffer from the same limit? I'm not familiar enough with the how this dom works to make that modification. I didn't write this code I'm just trying to fix it. could it be a problem with the actual contents of your $value variable? what does it contain? (especially around the 4K bytes mark) the variable contains htmlspecialchars encoded html. The next character after it stops is either a space or a period. I tried in vain to find something in the php source that might point to your problem.. that's not to say there is nothing there, it's just my skills/understanding aren't up to the job. I looked for something in the php.ini file but the only thing I found was output_buffering = 4096 and that doesn't seem like it would be a problem. -- Chris W KE5GIX Protect your digital freedom and privacy, eliminate DRM, learn more at http://www.defectivebydesign.org/what_is_drm; Gift Giving Made Easy Get the gifts you want give the gifts they want One stop wish list for any gift, from anywhere, for any occasion! http://thewishzone.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] +AFs-OT+AF0- Working with version control
Hello, This is off topic but I wanted to get the list member's opinions on the subject as it will probably benefit someone else. Currently I don't use version control at all. What I do instead is have one directory that contains my development website and one directory that contains the live website which I do not directly modify. When I need to fix something or add a new feature I edit the development site and copy the files that I've changed. Sometimes I will start on a new feature before I am able to finish a previous one. This is a major problem when the features overlap and I have to edit the same file for both features. Even if I finish one of the features I cannot publish the files because the other feature is not ready yet. What I'm looking to the list for is how I can overcome this through version control. What I'm thinking I'd do is create a base level (say v1.0) that I then create a branch for every new feature and then merge those things together. The issue I see in this case is the merging. Is this a sound strategy or should I just realize that I can't publish until all current features enhancements are completed? Thanks, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Data validation at the db level
Hey everyone, Is there any work being done in the database world for data validation at the db level? It would be cool to just define a field as being an email address (of length nn) instead of saying a TEXT field (of length nn) and validating it in the application layer. Same goes for other things as well. Sure, it's not really possible to account for all different types of data, but the basics would be nice. (email, numbers only, letters only, alphanumeric only, [a-z0-9#-] only, etc.) Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Data validation at the db level
Jay Blanchard mailto:[EMAIL PROTECTED] on Thursday, September 07, 2006 5:16 PM said: There are all sorts of ways to validate data at the DB level and this is a PHP question how? Just because! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Format of Encrypted Password
Kevin Murphy mailto:[EMAIL PROTECTED] on Tuesday, September 05, 2006 3:27 PM said: The passwords are called in the application by: $_SERVER['PHP_AUTH_PW'] Is there any way to tell how these passwords were encrypted? Have you tried searching the entire codebase for that string? Might get you some clues. From the commandline (and at the root of the codebase): # grep -R PHP_AUTH_PW * Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Shopping cart
Richard Lynch mailto:[EMAIL PROTECTED] on Tuesday, August 22, 2006 10:30 AM said: Guys, don't take this wrong but... How do you think all the other PHP shopping carts got started?... Pretty much the same way. So you really need to spend the next couple months figuring out what they did wrong, why they did that, and how to avoid doing it... Finally, some sanity. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] OT alternate website authentication methods
Everyone, Been out of the office for a few days... As nearly everyone has pointed out, the downside(s) to visual/audial authentication methods are greater than the benefits Thanks! Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] active directory and PHP
Richard Lynch mailto:[EMAIL PROTECTED] on Friday, August 18, 2006 9:47 AM said: Active Directory is a bastardized LDAP with goofy idiosyncracies to drive you crazy. And you're speaking from experience? Never use AD myself. Oh wait, I guess not... :/ Chris. p.s. I'm just having fun. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] OT alternate website authentication methods
Hello, Last night I was reading Chris Shiflett's PHP Security book from O'Reilly and got to thinking about ways to authenticate a user other than using a password. Ideas: 1. Use flash to allow the user to draw an image. If the original image created during signup is within an acceptable range of the image used to authenticate, let them in. 2. (I saw this somewhere else... don't remember where or what it's called.) Use flash (again) to allow the user to click on an image in certain places. I think it was that you clicked the image in three places and then when you later authenticated you were supposed to click in those same places plus one more (to throw off anyone looking over your shoulder I think). As long as three of the 4 places clicked matched your original points (within a certain tolerance) you were authenticated. I'm not sure that these systems are any more SECURE than a simple username/password combo (keep in mind though, you'll also need some kind of username) but at the very least it seems that it could be more usable. I'd be interested in hearing your thoughts as well as any links for further reading. Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Creating User Friendly URLS
tedd mailto:[EMAIL PROTECTED] on Thursday, August 17, 2006 8:29 AM said: And then stripping out the index.php, and using the remainder for both the URL and the database lookup. Why not just place all your pages inside folders with the names you want and then link to the folders? Because he said database lookup and that means there are no files to be put into any folders. Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] I need an array of state abbrev to names...
Daevid Vincent mailto:[EMAIL PROTECTED] on Thursday, August 17, 2006 12:58 PM said: B/c I'm too busy (and lazy) to hand type it all in, wondering if someone has an array of state abbreviations to names like so... $states = array( ... 'NY' = 'New York', 'WA' = 'Washington', ... ); HERE LAZY! $GLOBALS['usps_states_list'] = array( 0 = array('name'='Alaska','code'='AK','contiguous'=true), 1 = array('name'='Alabama','code'='AL','contiguous'=true), 2 = array('name'='American Samoa','code'='AS','contiguous'=false), 3 = array('name'='Arizona','code'='AZ','contiguous'=true), 4 = array('name'='Arkansas','code'='AR','contiguous'=true), 5 = array('name'='California','code'='CA','contiguous'=true), 6 = array('name'='Colorado','code'='CO','contiguous'=true), 7 = array('name'='Connecticut','code'='CT','contiguous'=true), 8 = array('name'='Delaware','code'='DE','contiguous'=true), 9 = array('name'='District of Columbia','code'='DC','contiguous'=true), 10 = array('name'='Federated States of Micronesia','code'='FM','contiguous'=false), 11 = array('name'='Florida','code'='FL','contiguous'=true), 12 = array('name'='Georgia','code'='GA','contiguous'=true), 13 = array('name'='Guam','code'='GU','contiguous'=false), 14 = array('name'='Hawaii','code'='HI','contiguous'=false), 15 = array('name'='Idaho','code'='ID','contiguous'=true), 16 = array('name'='Illinois','code'='IL','contiguous'=true), 17 = array('name'='Indiana','code'='IN','contiguous'=true), 18 = array('name'='Iowa','code'='IA','contiguous'=true), 19 = array('name'='Kansas','code'='KS','contiguous'=true), 10 = array('name'='Kentucky','code'='KY','contiguous'=true), 21 = array('name'='Louisiana','code'='LA','contiguous'=true), 22 = array('name'='Maine','code'='ME','contiguous'=true), 23 = array('name'='Marshall Islands','code'='MH','contiguous'=false), 24 = array('name'='Maryland','code'='MD','contiguous'=true), 25 = array('name'='Massachusetts','code'='MA','contiguous'=true), 26 = array('name'='Michigan','code'='MI','contiguous'=true), 27 = array('name'='Minnesota','code'='MN','contiguous'=true), 28 = array('name'='Mississippi','code'='MS','contiguous'=true), 29 = array('name'='Missouri','code'='MO','contiguous'=true), 30 = array('name'='Montana','code'='MT','contiguous'=true), 31 = array('name'='Nebraska','code'='NE','contiguous'=true), 32 = array('name'='Nevada','code'='NV','contiguous'=true), 33 = array('name'='New Hampshire','code'='NH','contiguous'=true), 34 = array('name'='New Jersey','code'='NJ','contiguous'=true), 35 = array('name'='New Mexico','code'='NM','contiguous'=true), 36 = array('name'='New York','code'='NY','contiguous'=true), 37 = array('name'='North Carolina','code'='NC','contiguous'=true), 38 = array('name'='North Dakota','code'='ND','contiguous'=true), 39 = array('name'='Northern Mariana Islands','code'='MP','contiguous'=false), 40 = array('name'='Ohio','code'='OH','contiguous'=true), 41 = array('name'='Oklahoma','code'='OK','contiguous'=true), 42 = array('name'='Oregon','code'='OR','contiguous'=true), 43 = array('name'='Palau','code'='PW','contiguous'=false), 44 = array('name'='Pennsylvania','code'='PA','contiguous'=true), 45 = array('name'='Puerto Rico','code'='PR','contiguous'=false), 46 = array('name'='Rhode Island','code'='RI','contiguous'=true), 47 = array('name'='South Carolina','code'='SC','contiguous'=true), 48 = array('name'='South Dakota','code'='SD','contiguous'=true), 49 = array('name'='Tennessee','code'='TN','contiguous'=true), 50 = array('name'='Texas','code'='TX','contiguous'=true), 51 = array('name'='Utah','code'='UT','contiguous'=true), 52 = array('name'='Vermont','code'='VT','contiguous'=true), 53 = array('name'='Virgin Islands','code'='VI','contiguous'=false), 54 = array('name'='Virginia','code'='VA','contiguous'=true), 55 = array('name'='Washington','code'='WA','contiguous'=true), 56 = array('name'='West Virginia','code'='WV','contiguous'=true), 57 = array('name'='Wisconsin','code'='WI','contiguous'=true), 58 = array('name'='Wyoming','code'='WY','contiguous'=true), 59 = array('name'='Armed Forces Africa','code'='AE','contiguous'=false), 60 = array('name'='Armed Forces Americas (except Canada)','code'='AA','contiguous'=false), 61 = array('name'='Armed Forces Canada','code'='AE','contiguous'=false), 62 = array('name'='Armed Forces Europe','code'='AE','contiguous'=false), 63 = array('name'='Armed Forces Middle East','code'='AE','contiguous'=false), 64 = array('name'='Armed Forces Pacific','code'='AP','contiguous'=false)); Please send me a check $250. Thanks! Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Looking for caveats to the following code
Hello, While experimenting with some object stuff I stumbled upon something new (although not object related). Normally I would do this: ?php function do_something($input) { if($input == 'hello') { return $input; } else { return false; } } $result = do_something('hello'); if($result !== false) { // do something with $result } else { // do some other stuff } ? Using the same function above I discovered I can do this: ?php if($result = do_something('hello')) { // do something with $result } else { // do some other stuff } ? The issue is whether or not this is a safe test. My initial thought is that it is safe since I'm simply checking for true/false-ness. I either check for '!== false' explicitly or (in the case of the latter example) check that something other than 'false' is returned. It's slightly less readable but it seems more efficient (if nothing more than to save on the number of lines typed). Thoughts? Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Setting flags versus checking for existing/nonexisting values
Hello, Is it a better practice to set flags to determine the action of your code or is it perfectly acceptable to have your code determine what it should do based on the existence (or lack thereof) of data? For example: ?php if($value == 1) { $flag = true; } if($flag === true) { echo I wish I could come to the PHP meetup in Chicago! :(; } ? versus: ?php if($value == 1) { echo I wish I could come to the PHP meetup in Chicago! :(; } ? Of course this is an overly simplistic example but you get the idea. Are there pros and cons to both sides or should I just avoid the latter example all together? Thanks, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Setting flags versus checking for existing/nonexisting values
Brad Bonkoski mailto:[EMAIL PROTECTED] on Tuesday, August 15, 2006 10:04 AM said: Pros: potentially more readable code. Cons: Wasted energy typing unnecessary lines of code. Really I would say it comes down to coder preference. (and why would you avoid the latter all together? Testing a boolean may be cleaner, but setting the boolean still relies on the value of $value, so if that value was fubar then the boolean would be too.) Thanks for the response. Those are basically the same assumptions I had. I was curious to find out if there were more points I should be aware of. To answer your question, in case the cons outweigh the pros. If I felt an overwhelming majority of the people on the list said, In my experience you should always set flags because you'll run into a, b, c, d, e, f, g, etc. I would probably agree to avoid the latter practice altogether. Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Easier way to get the name of a variable?
Hello, After some intense searching of Google I found one example at http://us2.php.net/language.variables on how to get the name of a variable. But it looks pretty expensive. ?php function vname($var, $scope=false, $prefix='unique', $suffix='value') { if($scope) $vals = $scope; else $vals = $GLOBALS; $old = $var; $var = $new = $prefix.rand().$suffix; $vname = FALSE; foreach($vals as $key = $val) { if($val === $new) $vname = $key; } $var = $old; return $vname; } ? Anyone aware of a simple language construct(?) that can do this? I'm on PHP 4.3.9. Thanks, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] OT? Verifying mail was received
tedd mailto:[EMAIL PROTECTED] on Thursday, August 10, 2006 7:59 PM said: Not a php solution, but send them all a buck via PayPal. For $90 you'll learn if their email addresses are correct. That should be cheaper than writing a program to figure it out for you, if it can be done. Here's an even better idea. Why don't YOU send me the $90 and then I'll keep it. How about that? Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] OT? Verifying mail was received
Hello, I have about 90 customers who have created accounts but not yet activated them in the past 11 months. That's less than one every 3.6 days but compared to our total number of customers, it's right at the edge of being a significant number. I'm curious to find a way to determine if the mail was actually delivered to the customer's mailbox. I know there are many factors involved in this, the most difficult of which being spam filters. One method I thought of was to put a web bug in the email which will effectively tell me if the email was read or not. Perhaps by the time the customer gets the click-this-link-to-activate-your-account email they've lost interest and ignore it. Or maybe they do in fact read it but they just don't click. A web bug will help me to determine this. On the other hand, a web bug won't tell me if the mail actually reached their inbox. The only way I can come up with to even closely determine this is to monitor my sendmail logs for proof that their mail server (at the very least) accepted the message. Has anyone implemented something like this already and have code to share with regards to parsing the sendmail log? Or are there more clever or more simple ways to do this out there? Thanks! Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] OT? Verifying mail was received
Richard Lynch mailto:[EMAIL PROTECTED] on Thursday, August 10, 2006 1:14 PM said: Keep in mind that for many mere mortals, the process of dealing with your email confirmation goes like this: 1. surf to site, put in email 2. check email, find nothing. 3. go back to site, use work/home/other email 4. success! So of those 90 customers, at least some of them are activated, only under a different email, rather than diving into spam filters and all that. True true. Good point. In this case monitoring my logs will help to know that at least my server has sent the email successfully. Virtually all the things you COULD do to attempt to monitor the email getting read or not will drastically INCREASE the odds that the email will get marked as spam and trashed before they CAN open it. Another good point. Perhaps it would be better to allow for an optional phone number by the visitor to be put in, that you can call if they don't activate their account, to help them out. 90 phone calls is a lot of calls, but it probably beats having fewer activations because your tracking attempts get your emails banned. Just a thought. All good ideas! Thanks, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Best way to get PHP5
Hello, Generally (well, actually 100%) I just use whatever version of PHP is included with a certain distro (Redhat pre-Fedora, Fedora Core, CentOS). None of the versions I've used have come with PHP5 and I'd really like to get with the times and use PHP5. I know that Fedora Core 5 offers PHP 5.1.2 but I've heard some negative things about it in general (FC5). I've never compiled PHP myself so admittedly I'm a bit skeered... Is the recommended path to just go with whatever distro I prefer and then download PHP5 from php.net and install it myself? Thanks, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Best way to get PHP5
Jochem Maas mailto:[EMAIL PROTECTED] on Wednesday, August 09, 2006 11:05 AM said: [snip useful stuff] 1. you can skip 'make test' 2. if in doubt do 'make clean' before 'make' 3. rinse and repeat 'configure', 'make', 'make install' as required 4. do './configure --help' to see all the options you can pass to configure 5. get stuck with a configure option (for instance enabling GD) come back here :-) Thanks Jochem. That's exactly what I'll do! :) Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Best way to get PHP5
Jack Gates mailto:[EMAIL PROTECTED] on Wednesday, August 09, 2006 10:16 AM said: On Wednesday 09 August 2006 12:02, Chris W. Parker wrote: I know that Fedora Core 5 offers PHP 5.1.2 but I've heard some negative things about it in general (FC5). What sort of negative things have you heard in general about (FC5)? Honestly I don't remember. But I've now got a generally negative view of FC5 versus previous versions (last one I used was 4 I think). If you're aware of any FUD that's been spread about it, feel free to speak the truth. Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Best way to get PHP5
Jonathan Duncan mailto:[EMAIL PROTECTED] on Wednesday, August 09, 2006 3:55 PM said: If you want to really learn Linux, try Gentoo. If you just want a very good and easy to use Linux, go with SuSE. To keep this related to the question I asked... Do either of the latest builds of these distros have PHP5? Thanks, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Enterprise grade CMS+Ecomm
Larry Garfield mailto:[EMAIL PROTECTED] on Thursday, July 20, 2006 6:36 PM said: On Thursday 20 July 2006 11:30, Chris W. Parker wrote: Drupal has its own ecommerce suite that is reasonably robust all on its own. Yeah I saw that module. I think today I am going to try to set them both up. Thanks for your input. Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Enterprise grade CMS+Ecomm
Hello, So we're getting ready to redo our website once again to integrate some modern changes and a shift in branding. I'm currently looking at all my options as far as software goes. The question I have to answer is Do I write everything by myself from scratch and spend 3-6 months doing it? Or do I spend that same amount of money on a prebuilt system and spend 1 month integrating our new branding? The answer doesn't even have to be specifically one way or the other. It could be a mixture of the two. Perhaps I use something like Drupal (which I have no experience with) for the CMS part and write my own ecommerce application. Or perhaps I write my own basic CMS and purchase an ecommerce application? I've seen X-Cart and at first glance it doesn't look terrible so far. At least the design templates look to be pretty flexible. I'm definitely not interested in osCommerce or derivatives thereof. Why? Because I've worked with osC in the past and I dislike it very much. As for a CMS, I just watched a video on Drupal 4.7 and it looks quite interesting. Opinions? I'm also currently looking at www.opensourcecms.com and have been to the Joomla, XOOPS, Xaraya, and Mambo websites also. Thanks, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Enterprise grade CMS+Ecomm
Brady Mitchell mailto:[EMAIL PROTECTED] on Thursday, July 20, 2006 12:25 PM said: The answer to this question depends heavily on your needs. What kind of functionality do you need to get out of your website? If you are looking for a website that is similar to others in function, than I would definitely suggest looking at an existing CMS package. [snip] The bottom line is that there are lots of great CMS options, and the best way to choose one is to know exactly what you want from a CMS and compare them with that in mind. Yeah I understand that it's a pretty open ended question, and thanks for the info about Drupal. We want to maintain 2 different sites as well and authenticating against the same table sounds nice. But as for recommendations, keeping in mind the difficulty in answering a question like mine, I am mostly just looking for things like what you've said: I use $cms because I like that it can do $feature. Thanks, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Image submit with mouse over
Skip Evans mailto:[EMAIL PROTECTED] on Friday, July 14, 2006 4:33 PM said: My apologies to all. I assumed that JS questions would be entertained as the application is within a PHP app. No need to apologize. My off-list email wasn't meant to berate but merely let you know what the purpose of this list is. But perhaps we should also field questions about how to repair motherboards since, after all, PHP runs on servers, and servers use motherboards. Or how about this one? My can't keeps walking on my keyboard while I'm trying to write a PHP page. What should I do? Thank you, you're beautiful. I'll be here all week folks. Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Image submit with mouse over
Chris W. Parker on Monday, July 17, 2006 10:23 AM said: motherboards. Or how about this one? My can't keeps walking on my keyboard while I'm trying to write a PHP page. What should I do? Okay that should be CAT, not can't. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Better way of doing this? (menu and submenus)
Ryan A mailto:[EMAIL PROTECTED] on Wednesday, June 21, 2006 10:51 AM said: @K. Bear - Thanks for the link, I'll check it out as soon as i get a little time. Read that article. I personally like the Nested Set (also called Modified Preorder Tree Traversal) method. It may at first be a little daunting but once you understand how it works, it all makes sense. Only one table is needed and you can have as many children, grand children, etc. as want/need. Chris. p.s. I found out about it originally here at Sitepoint: http://www.sitepoint.com/article/hierarchical-data-database/2 The diagram at Sitepoint is better than the original article (though the original article seems to be more indepth). -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Paged Results Set in MySQL DB with one result
tedd mailto:[EMAIL PROTECTED] on Friday, May 12, 2006 12:23 PM said: That's as it should be -- and technically, Next did appear so the page wasn't blank. Splitting hairs aside, a user, civilian or not, would not expect they need to click Next from a blank page to get to the content they are looking for. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Paged Results Set in MySQL DB with one result
tedd mailto:[EMAIL PROTECTED] on Friday, May 12, 2006 11:01 AM said: At 6:03 PM +0100 5/12/06, Porpoise wrote: tedd [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Try this: http://xn--ovg.com/ajax_page1 Eerrrm... Blank Page!?! It shouldn't be blank. There should be a Next/Previous button -- isn't there? If so, then click Next If not, please tell me. I got a blank page too. Had to click Next before any content would appear. Fx 1.5.0.3 on Windows 2000 Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Another Shell Caught
Wolf mailto:[EMAIL PROTECTED] on Thursday, May 11, 2006 8:01 AM said: If any of you guys want to know when I get another shell caught on my site, email me off-list and I'll set you up as a mailing list personally. This new one is the r57shell and is picked up by Symantec What is a shell and why is being caught? Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Creating an OO Shopping Cart
Richard Lynch mailto:[EMAIL PROTECTED] on Thursday, May 04, 2006 2:06 AM said: Contact the bank with which you already HAVE a merchant account for your point-of-sale credit card swiper thingies. Already have the info in front of me. :) If you're re-doing it anyway, you might as well do it right. :-) I totally agree. Thanks Richard! Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Maximum URL length (Pretty much 0T)
Ryan A mailto:[EMAIL PROTECTED] on Thursday, May 04, 2006 10:38 AM said: - Anything else you wish to add pertaining to the above. You could try sending an insanely long value to a script on your page and see how much of the actual data it received before being truncated or causing an error. Open notepad (if on Windows) and hold down the 1 key for about a 2 minutes. Then copy all that and paste it back into notepad. Then put all that into a page like this: (Oh and you'll need to know exactly how many 1's are in your document.) html body ?php $number_of_chars = strlen($_GET['v']); echo pI received $number_of_chars/p; ? a href=test.php?v=1...click me!/a /body /html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Maximum URL length (Pretty much 0T)
Jay Blanchard mailto:[EMAIL PROTECTED] on Thursday, May 04, 2006 10:42 AM said: [snip] - Anything else you wish to add pertaining to the above. [/snip] People who use GET requests are lazy. What does... a href=edit_user.php?uid=241241Edit User #241241/a ...have to do with being lazy? Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Maximum URL length (Pretty much 0T)
Ryan A mailto:[EMAIL PROTECTED] on Thursday, May 04, 2006 1:18 PM said: Thanks for replying, thats an idea, but was hoping people from this list could reply with their experiences because my local server might be different from production servers that you guys access everyday (as the article i read said that this setting varies from browser to browser and server to server)... Are you sure you searched on this subject? maximum url length in Google turns up a number of resources saying 2083 due to IE's limit. But really, do you need to know an exact number? Do you realize how BIG 2083 characters is? Here, as an example, is 2000: Are you really planning to jam that much data into the URL? At most I'd suspect you could wind up using a few hundred. But beyond that you probably need to rethink your implementation. Just be wise about it and don't get wrapped around the axle while trying to find a hard and fast rule/number. Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Test URL length please (Pretty much 0T)
Ryan A mailto:[EMAIL PROTECTED] on Thursday, May 04, 2006 1:36 PM said: (Basically, I am checking to see how many characters we can have in a URL that the server will accept and process, the script checks 200-1000 chars.. add more if you want to) Without any tweaking of the server mine went up to 4000 without a problem. However, 5000 always times out. Fx 1.5, Apache 2, Fedora 4, PHP 4.3.11 fwiw, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Test URL length please (Pretty much 0T)
Ryan A mailto:[EMAIL PROTECTED] on Thursday, May 04, 2006 4:08 PM said: Are you sure you searched on this subject? maximum url length in Google turns up a number of resources saying 2083 due to IE's limit. Yes, I mentioned that in my original post... Yes I know, that's why I said, are you sure. To question your claim of having searched. but read that carefully, it says IE's limit,not everyone uses IE and if you continue sifting through googles results you will see that it also mentions some servers settings may allow more or less. Infact, your test itself proves that it was worth it coz you took it way up more than the 2083 limit that you found :-) Well of course but that's because I wasn't using IE so my point is that I don't think it matters (that I got over 2083). I would be willing to say that 3/4 of all internet users are on IE still so tweaking server settings and testing with browsers other than IE is useless. Unless of course you know exactly your audience's setup (for example in a corporate setting where you know your client's setup) in which case this could possibly be worthwile. But then again if someone is passing long strings like that they should rethink their implementation anyway... so back to square one. Chris. p.s. fiddleIf I sound snippy it's because I'm at the office later than planned because something has not gone as planned.../fiddle -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sanity checker?
Ezra Nugroho mailto:[EMAIL PROTECTED] on Wednesday, May 03, 2006 10:51 AM said: Well, Reservoir, I envision a tool that would audit your php code, and tell you if your code is good or not, if it has scaling issues, etc, etc. Basically it tells if your php code is sane or not. Is this even possible? How could one program determine that another was sane? You might be able to write a program that can determine where optimizations could be made, but sanity? fwiw, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Creating an OO Shopping Cart
Steve mailto:[EMAIL PROTECTED] on Friday, April 21, 2006 5:58 PM said: So everyone's aware, I have NO intention of storing credit card #'s. I don't see why anyone needs to.. especially after reading Richard's past posts in the archive. Perhaps if you don't use a merchant account and process all your cards in house instead?? We keep the cc numbers stored until the card has been run at which time the site attendant clicks an icon in the administration side that does two things (1) sends an email giving some shipping details to the customer, (2) changes the cc number from 4111--- to ---. We don't get a lot of orders* so at worst if the db were stolen there'd be possibly 5-10 cc numbers in there. Some people (possibly Richard) would have a heart attack to hear something like that but we've decided that it's a reasonable risk. This is the implementation we decided to take with the cart I wrote myself. It's better than the old version which never removed or protected the cards in any way. (It was an out-of-the-box solution.) I would be extremely interested to learn about the flaws in our current implementation so that I can continue to improve it (short of using an online cc processor). Thanks, Chris. * But if we did get a lot of orders I would reconsider even the current implementation and decided whether or not it was suitable. In fact I'm going to be redoing the entire thing coming up soon so this is good. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Creating an OO Shopping Cart
Edward Vermillion mailto:[EMAIL PROTECTED] on Wednesday, May 03, 2006 4:15 PM said: Ahh!! *thud* Count me in the heart attack group. So would it be a reasonable risk if it was *your* cc # that was stolen? And do your customers *know* that you're handling their sensitive info in this way? I.E. is there a big red lettered notice that they see before they hit submit? Would *you* be willing to have your cc sitting in the db at all times? I'd think that would be a reasonable request. Overall I think you bring up a good point but I don't think our method is unreasonable. There's risk involved in everything and I do in fact think it is a reasonable risk, even for my cc. I bought something oversees once and my cc was used to buy jewelry in another country. That was a number of years ago and I've since made numerous other purchases on the internet (without any problems). Those purchases were made on both well known and mompop shops around the world. I'm definitely open to suggestions on how we can minimize our customers' risk. Even moving to an online cc processor if need be. In fact I wouldn't be surprised if our current merchant account company has the ability to process cards online. But until that kind of system can be implemented what suggestions do you have for me right now? Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] ????,????????????
Yes definitely. I totally agree. Please send me more on the product/service you're giving away/trying to sell to me/us. I'd really like to see/hear/experience more. Thanks/Regards/Sincerely! Chris. -Original Message- From: abzgjisf5 [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 02, 2006 3:23 PM To: php-general@lists.php.net Subject: [PHP] , 华明集团有限公司 与多家省市公司合作,现有部份余额发票可对外代开,收取费用低,可提供给贵公司作帐及(进项)抵扣用,降低成本、提高效率。 收费如下: 普通商品销售发票及建筑安装专用发票,加工修理等普通发票按金额大小算:5万以下收2个点,5万以上收1.5,50万以上收1个点;(金额越大价钱越优惠) 代开范围:商品销售、运输物流、广告、服务、建筑安装等, 本公司郑重承诺所用票据均为各单位在税务局所申领,可上网查询或到税务局抵扣验证。(国内各大城市均有我们的合作公司) (金额越大、价钱越优惠,以上价钱仍有商量) 本公司开出的发票绝对正规,均可先验票后收钱。 联系人:吕先生 联系电话:13620912191 E-MAIL:[EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] ????,????????????
Yeah it's Chinese. I can see the characters fine. The subject is just ? marks, though I'm not sure why. -Original Message- From: Rory Browne [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 02, 2006 4:45 PM To: Chris W. Parker Cc: php-general@lists.php.net Subject: Re: [PHP] , It's probably some unrenderable character set - like chinese or something like that. On 5/3/06, Chris W. Parker [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Yes definitely. I totally agree. Please send me more on the product/service you're giving away/trying to sell to me/us. I'd really like to see/hear/experience more. Thanks/Regards/Sincerely! Chris. -Original Message- From: abzgjisf5 [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 02, 2006 3:23 PM To: php-general@lists.php.net Subject: [PHP] , 华明集团有限公司 与多家省市公司合作,现有部份余额发票可对外代开,收取费用低,可提供给贵公司作帐及(进项)抵扣用,降低成本、提高效率。 收费如下: 普通商品销售发票及建筑安装专用发票,加工修理等普通发票按金额大小算:5万以下收2个点,5万以上收1.5,50万以上收1个点;(金额越大价钱越优惠) 代开范围:商品销售、运输物流、广告、服务、建筑安装等, 本公司郑重承诺所用票据均为各单位在税务局所申领,可上网查询或到税务局抵扣验证。(国内各大城市均有我们的合作公司) (金额越大、价钱越优惠,以上价钱仍有商量) 本公司开出的发票绝对正规,均可先验票后收钱。 联系人:吕先生 联系电话:13620912191 E-MAIL:[EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP Standard style of writing your code
Richard Lynch mailto:[EMAIL PROTECTED] on Saturday, April 29, 2006 12:12 AM said: Okay, but let's do keep this fairly serious, and let's NOT let it devolve into the usual religious flame-war this topic gets to... Yeah I should have asked off list as I'm not interested in debating, just simply curious of the other side's point of view. Thanks! Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP Standard style of writing your code
Richard Lynch mailto:[EMAIL PROTECTED] on Monday, April 24, 2006 11:50 PM said: So no matter what was actually typed, *I* would see: function foo ($x) { //body } but some heretic who doesn't know any better would see: function foo($x) { //body } Now *THAT* would be a feature worth paying for in an IDE! :-) Setting aside the fact that you're completely wrong about your preference... ;) What, in your mind, is the advantage to putting the opening brace on the same line as the function call, logic statement, etc.? (Btw, this is a serious question!) Chris. p.s. Yes I'm still alive. Just haven't been able to work on any web related stuff for a long time here are work. :( The downside of being the IT department. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] phpmyadmin problems with quoting exported text
Richard Lynch wrote: On Sun, November 6, 2005 2:17 am, Chris W wrote: I just tried to use the output of the export function on phpmyadmin and got a million errors. After looking at the file I found that certain columns that are strings were not quoted at all. I can't find any reason why some are and some are not quoted. Anyone have any idea why this is happening? Because unless a field contains a ',' or '' character, it doesn't NEED quotes to delineate it: 1,test,3 1,I said,It's not the same,3 is the same thing as: 1,test,3 1,I said,It's not the same,3 Your import function is BROKEN in a major way, by requiring quotes where they are not strictly necessary to conform to the CSV specification. That said, it's probably easier to get phpMyAdmin to always quote the output than it is to fix whatever broken import tool you are using. The program I am using to import the data is the MySQL tools. They don't like the output of phpMyAdmin 2.6.1-rc1. And I don't have any control over the server so I can't upgrade the version either. Unless I find a work around, I'm SOL -- Chris W KE5GIX Gift Giving Made Easy Get the gifts you want give the gifts they want One stop wish list for any gift, from anywhere, for any occasion! http://thewishzone.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: How to account for misspellings and alternatives insearching?
Jochem Maas mailto:[EMAIL PROTECTED] on Friday, October 28, 2005 1:33 AM said: James Benson wrote: Not sure about the numbers but soundex could be useful http://php.net/soundex right and maybe its easier to just index thing like '5.11' as '511' - ie just stripping off everything not alphanumeric ... How do I index thing like '5.11' as '511'? (I know how to strip off the characters. It's the indexing part that I'm not sure about.) and never underestimate a users ability to start writing about eating dessert in the desert, no doubt they had sandcakes. ;-) Better yet! Icecream flavored snakes! Thanks, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] How to account for misspellings and alternatives in searching?
Hello, On my site right now if someone searches for 511 (a misspelling of the manufacturer 5.11) they are not presented with the right products because 511 is not found anywhere in the database. I've got a few ideas on how to solve this but I want to find one that requires as little administrative overhead as possible. 1. I could add a field to the db for each product that would be used for associated words for a product as well as misspellings. PROS: Very customizable on an individual product level. CONS: Would need to be updated for each and every product individually. 2. Make a field for each manufacturer's record for alternate spellings/keywords. PROS: Little administrative overhead. CONS: Is only manufacturer name based and could not account for specific products. 3. Both #1 and #2. PROS: Flexible. CONS: Lots of administrative overhead. 4. A one-to-many table that associates individual words with product skus. This one is pretty much the opposite of #1 with one key difference: the interface. It would be probably be easier to enter a desired word and then choose each sku from a multi-select dropdown than it would be to go from product to product entering one word at a time. 5. I'm not sure how this would be accomplished from a technical standpoint but it would be nice to have the program know that when someone types in 511 they really meant 5.11. Or (hopefully this isn't a bad example) if they type in dessert (as in cake and icecream) they really meant desert (as in snakes and sand). In my case that wouldn't be a bad assumption since our site will never contain the word desert unless it's a misspelling. What does everyone think? What other options are out there? Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Ugh, w32 anything is making me want to drink!
Jordan Miller mailto:[EMAIL PROTECTED] on Friday, October 21, 2005 1:32 PM said: I agree with John. It looks like you either need a hammer or the rooftop of a 5-story building... zooom!How is he supposed to smash a computer with the rooftop of a 5-story building? It's too big!!/zooom! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Upgraded mail server today, testing functionality! (Sorry!)
I know I know I know. I don't like test message either but since I started the upgrade I haven't received any new PHP mailings. Could be just because of low traffic, but I need to make sure. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Still struggeling with my first script...
twistednetadmin mailto:[EMAIL PROTECTED] on Friday, October 14, 2005 12:39 PM said: Here are all the scripts original. It still won't work. I can't see what's wrong with it??? It's from the tutorial PHP5 and Mysql for dummies. What exactly is the problem? It still won't work is not the problem, nor is I can't see what's wrong with it???. I have shorted it down though, since I am the only one who will register the User with a password. What I did was removing the Switch at the beginning of the loginscript(Guildlogin1.php) and change it with an if statement instead. Don't think that is the problem though. Did it work before you made these changes? Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Still struggeling with my first script...
twistednetadmin mailto:[EMAIL PROTECTED] on Friday, October 14, 2005 5:15 PM said: All: Sorry. I forgot to write what's wrongstupid me... No problem. You'll get used to it. (I don't mean you'll get used to being stupid! I mean you'll get used to including all the relevant info!) It's just rather annoying that all the tutorials I have tried seems to fail. How can I learn when I'm apparently given the wrong information. The best way to learn is start with the very basics (which according to this one example you are not). First try to simply connect to a database and execute a simple query. --- Guildlogin.php --- This should create a session variable for the authentication, but it fails at some point. The way to debug this is by adding simple echo statements in each block of code. This will tell you what path the code is taking while processing. ?php if (this) { echo 1; } else { echo 2; if(this and that and the other) { echo 3; } } ? I have checked the sessiondata on my testserver, and that shows blank. Does every page that uses the $_SESSION variable have session_start() at beginning? I don't get any sql errors, so I don't think that is the problem. But then againit is my first script, and I could offcourse be wrong. I'm not sure where I should put the echo $sql; to check the query. Since the Guildlogin.php sends me directly to the error page at the end of execution. You should place the echo statement immediately before the SQL query is executed. (See below.) Code for Guildlogin.php: -- ?php include (connections/HOoStest.php); session_start(); if (@$_GET['guildaction'] == login); { $sql = SELECT guilduser_name FROM guildlogin WHERE guilduser_name='$_POST[guilduser_name]'; $_POST[guilduser_name] should look like {$_POST['guilduser_name']}. When an array is within a string it needs to be wrapped in curly braces. You should also always quote all your keys with ' so that the parser doesn't get confused with constants. Put the echo statement immediately before the following line. $result = mysql_query($sql) or die(Couldn't execute query.); That's all I have time for right now. HTH, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] creating a shopping cart.
Jay Blanchard mailto:[EMAIL PROTECTED] on Monday, October 03, 2005 5:30 AM said: A basic flowchart could have helped you to answer your question and broken down the processes into their componenet parts. Heck, you don't even need fancy flowcharting software...just write down the steps. Believe it or not (you who have not actually used a flowchart for planning your code) you really *will* find flaws before you waste time coding. Another thing I've found is that it's not important to get hung up on what-shapes-do-what* in your flowchart. Just start making the chart and revising it as necessary, putting as much detail as you can. Chris. * Except for diamonds being logic gates (e.g. is the value hot or cold? yes/no), hotdogs being beginning and ending markers of a process/function/page, and squares being a process itself (e.g. add 5 to the variable). Having those in mind will help you keep things organized. You can later branch out into all the other shapes. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Mixing PHP VBSCript
Jay Blanchard mailto:[EMAIL PROTECTED] on Thursday, September 29, 2005 11:03 AM said: I have a situation where I have to fix an app interface that was constructed with hundreds of lines of VBScript. The quickest way for me to do this would be to replace the offending VBScipt with PHP. Does anyone see any potential problems with doing this? I did a diagram on paper and see no gotcha's..TIA You don't mean within the same file do you? If so (though I doubt it) I'm sure there will be lots of problems! On the other hand if you're just having one file (that may be written in vbs) talk to another file (PHP perhaps) via GET, POST, or COOKIE I don't see why you would have a problem. Working with the SESSION might be a problem though. Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Mixing PHP VBSCript
Jay Blanchard mailto:[EMAIL PROTECTED] on Thursday, September 29, 2005 1:34 PM said: Darn right 'wow'! I can keep the ASP seperate from the PHP by use of the proper tags for this instance. So... % stuff here gets executed by ASP % ?php stuff here gets executed by PHP ? Wow. I didn't think that would work! haha Nuts, huh? Yes. C. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Array Select from database
Silvio Porcellana mailto:[EMAIL PROTECTED] on Wednesday, September 28, 2005 9:37 AM said: In addiction, I would (SQL)escape the values joined: supposing you are using MySQL, I'd do: $values = join(', ', array_map('mysql_real_escape_string', $array)); Now that's a Freudian slip if I ever saw one. :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] OT - database and indexes... but anyone please?
Gustav Wiberg mailto:[EMAIL PROTECTED] on Saturday, September 24, 2005 9:48 PM said: Thanx! Ok so I had to look up and down that message 3 or 4 times before I found this insignificant one line response. TRIM YOUR POSTS! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Bitwise operators
[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] on Monday, September 26, 2005 9:18 AM said: So i ask what this output? $a = 4; $b = 3; echo $a $b; echo $a $b; You just spent 3-5 minutes writing an email and now almost 10 minutes waiting for a reply to something that would have taken you 2 minutes to test on your own. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] mysql/php date functions..
bruce mailto:[EMAIL PROTECTED] on Monday, September 26, 2005 11:13 AM said: i'm concerned that i can't seem to craft/create a basic sql cmd within mysql to get a value (other than NOW()) to work... [snip] my question is why??? MySQL timestamps are different from UNIX timestamps. Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] mysql/php date functions..
John Nichel mailto:[EMAIL PROTECTED] on Monday, September 26, 2005 12:43 PM said: I don't convert it. I store the UNIX timestamp in an INT(11) column. This is going to be a basic question I'm sure but why INT and not VARCHAR? Is it simply because a timestamp is a number? Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Subtracting dates w/o database interaction (MySQL)
Philip Thompson mailto:[EMAIL PROTECTED] on Friday, September 23, 2005 9:12 AM said: I'm needing to find the number of days between two dates without using an database functions (DATE_SUB, etc)... only PHP. Is there an easy way to accomplish this? I have searched the PHP site, but have not been successful in finding anything that will assist me. Any help would be appreciated. There might be an easier way but... convert to timestamp, subtract smaller number from bigger number, figure out how much time has passed. Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] basic user/input form questions... more validation!
bruce mailto:[EMAIL PROTECTED] on Friday, September 23, 2005 10:46 AM said: which is why it's critical/important to really lay out (architect) your app and to think about how the app should be handling various data types. this also goes to thiking about how you name variables in your app. all of this is really software design 101 Oh whatever, I don't quote everything in my own apps anyway. You just seem to be so confused about this whole thing* that it'd be easier for you to just quote everything and escape everything and run everything through htmlspecialchars(). Chris. * Not that I'm not completely confused about other subjects myself. And doesn't anyone know how to trim anymore? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] basic user/input form questions... more validation!
bruce mailto:[EMAIL PROTECTED] on Thursday, September 22, 2005 4:19 PM said: the articles i've seen imply that if you addslashes, you also need to stripslashes on the backend... That's probably because gpc_magic_quotes (I think that's what it's called) is turned on and doing addslashes will double escape everything leaving you with a \ in the db. No escaping: Hello, I'm... Result after db insertion: Error, cannot insert gpc_magic_quotes: Hello, I\'m... Result after db insertion: Hello, I'm... gpc_magic_quotes + addslahes: Hello, I\\\'m... Result after db insertion: Hello, I\'m... So when you retrieve the data you would indeed have to do stripslashes() because escapging is being done wrong. With distributed apps it's a good practice to determine whether or not gpc_magic_quotes is turned on and then act accordingly. I don't know if mysql_real_escape_string() is subject to over escaping or not. You'd have to test it. Hth, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] basic user/input form questions... more validation!
bruce mailto:[EMAIL PROTECTED] on Thursday, September 22, 2005 11:05 AM said: if the app allows the user to enter the input (call it 'foo') and then submits the form via a POST, where the data is then written to the db, what kind of validation should occur? Depends on what kind of a form field 'foo' is. Is it a name? A zip code? A phone number? If it's a zip code you can do a simple regex \d{5}(-\d{4})? to make sure it follows the correct (US) format. If it passes the test you know it's safe to be put into the database. This kind of data does not need to be escaped. On the other hand if it's a name you'll first want to make sure it's the correct length and contains only the characters you want it to. If the data passes all the tests you'll definitely want to escape the string before you insert it into the db because some names might have an apostrophe in them which will cause an error during insertion. No need to run htmlspecialchars() in this case since a name that has or (or similar characters) should fail the test anyway. and where should the validation take place? Validation should take place before the value is used. ?php // include files // instantiate any objects if necessary // define default values for page specific variables if necessary // validate incoming data // deal with invalid data by displaying error messages or redirecting // to another page // if data is all clean continue processing like normal ? for my $0.02 worth, there should be be validation of the 'foo' var, to determine if the var is legitimate. there should also be validation/filterin of the var when it's placed in the db_sql command... No need to validate data twice. As stated above, validation should happen before the data is used at all and I would do the escaping just before the data is inserted into the db. my question (and it's basic), what validation should be performed on the 'foo' var, and why? i've seen htmlspecialchars/magic_quotes/etc.. in varius articles, but i can't find a definitive answer!! See above. also, when inserting/updating a db item, what is the 'correct' process for data? should all data that gets inserted into a db be quoted? if it should, what's the 'standard' practice? Again, if the data requires escaping, escape it. If not, there's no need. If the data falls outside the realm of a-zA-Z0-9 it has a high potential for escaping. psuedo examples of this stuff would be really helpful! thanks for clarifying some of these issues... hth, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] basic user/input form questions... more validation!
bruce mailto:[EMAIL PROTECTED] on Thursday, September 22, 2005 11:58 AM said: hey chris... Hi. so you're sayng that if data is outside of a-zA-Z0-9 ' then it should probably fail the regex anyway.. and it should error out.. (Where did that apostrophe come from? That wasn't in my list on purpose.) Yes and no. It all depends on what kind of data you're expecting. Here are some quick assumptions. (Assuming US style data.) A zip code should only contain: 0-9 - A zip code does not need to be escaped because it doesn't have any special db characters in it like the apostrophe. A name should only contain: a-z A-Z 0-9 - ' A name should be escaped because it might possibly have an apostrophe in it. A phone number should only contain: 0-9 ( ) - . A phone number does not need to be escaped because it doesn't have any special db characters in it like the apostrophe. A paragraph (or rather, very general input) on the other hand is more complicated because it's very application specific. If your paragraph could possibly have some HTML in it and still be valid then of course you would not be using simply a-z A-Z 0-9 for validation. But at the same time you would definitely want to escape the string. if i understnad you, you're also saying that if the information has an ' in it, then it should be escaped, but you didn't say how.! Yes that's correct. Google is your friend. But in any case you can do mysql_escape_string(). (Note: You don't have to deslash your data on the way out, it only happens on the way in.) also, what's the function of the 'addslashes', and when is it used?! I don't use addslahes() much. A good place to start reading would be www.php.net/addslahes hth, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Opensource webshop
Gustav Wiberg mailto:[EMAIL PROTECTED] on Thursday, September 22, 2005 1:21 PM said: Hi there! Hi. I'm just beginning to test if there is some interest in an opensource-webshop... Do you mean a shopping cart? The admin-part is not opensource.. Hmm... why not? And do I have to pay for it? Is it web based? If so, is it encoded or something? Interested? http://www.varupiraten.se/doc.php The site doesn't seem to work. It's just not loading. Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] basic user/input form questions... more validation!
bruce mailto:[EMAIL PROTECTED] on Thursday, September 22, 2005 3:33 PM said: further investigation seems to imply that 'strings' that are to be inserted into the mysql db should be 'backslashed' for the chars \x00, \n, \r, \,', and \x1a. That's what escaping is. the mysql_real_escape_string function requires a db connection and the app might not have opened up a connection to the db at this point in the code.. (or i could rewrite the code!!) Unless you have warnings print to the screen you should be fine. Or you could just suppress the errors on that one function. numeric data: -doesn't need quoting, but it shouldn't hurt to quote anyway.. (quote all numeric values inserted in the db...) -but wouldn't this require the app to detect numeric vals in the db, and to convert the 'type'!!) No. Why would it? If you quote everything then there's no need to check for type. -how does this affect date/float vars... I'm not sure. Check the MySQL manual on column types. extracting data from the db: numeric data -get the data/val from the db -check the type/convert the db to int/float/date/etc... No type conversion is necessary. PHP is a loose typed language. string data -get the vals from the db, -strip any slashes that were added to the data/vars -process/use accordingly... As I said in my previous email, stripping of slashes is not necessary. The reason data is escaped before it's put into the database is so that you don't confuse the engine. $string_data = Hello I'm a string.; $sql = INSERT INTO table (thestring) VALUES ('$string_data'); That would be the same as: INSERT INTO table (thestring) VALUES 'Hello I'm a string' The engine is going to choke on the apostrophe in I'm. With escaping it would be ... VALUES 'Hello I\'m a string'. When you retrieve that data you'll get exactly Hello I'm a string. There will be no backslash. It also prevents SQL injection attacks. have i left anything out..?? I don't know. hth, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php