Re: [PHP] Question Regarding Cookies, Sent Headers, and FunctionsThat Return Values
Forgive if this is not the answer to the problem. I think he means a blank line at the beginning of the file before the ? If you have anything before the ? it gets sent to the browser, and thus headers have already been sent (This is the same for print statements, etc). --Joseph Guhlin - http://www.josephguhlin.com/ Was I helpful? Let others know: http://svcs.affero.net/rm.php?r=bahwi -- or hire me! =) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Passing variables from script to script
If they are static you could store them in another php file and include them. HTTP is stateless, meaning one person can go from one page to another or log out in between all of this. It also means there is no authentication for users, you can not prove that one person is the same person the next time he visits the page. Without using GET or POST. I would go with cookies. In fact, I would go with SESSIONS. http://www.php.net/manual/en/ref.session.php This way, only the session ID is stored as a cookie, and you can store the other variables on the server under $_SESSION['username'] and $_SESSION['password']. This may not be the perfect solution to your problem, but take a look. It's really useful. You have to run session_start(); before anything else, and it does it all via cookies(and sometimes through GET), but works very well in my experience. You may also want to look at: http://www.php.net/manual/en/function.ini-set.php to control various aspects of PHP's sessions. I've found ini_set() with sessions to be invaluable. Hope this helps! --Joseph Guhlin - http://www.josephguhlin.com/ Was I helpful? Let others know: http://svcs.affero.net/rm.php?r=bahwi -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] multiline regex
Over here will help: http://www.php.net/manual/en/ref.pcre.php http://www.php.net/manual/en/pcre.pattern.modifiers.php (From the second page: /m/ (PCRE_MULTILINE) By default, PCRE treats the subject string as consisting of a single line of characters (even if it actually contains several newlines). The start of line metacharacter (^) matches only at the start of the string, while the end of line metacharacter ($) matches only at the end of the string, or before a terminating newline (unless /D/ modifier is set). This is the same as Perl. When this modifier is set, the start of line and end of line constructs match immediately following or immediately before any newline in the subject string, respectively, as well as at the very start and end. This is equivalent to Perl's /m modifier. If there are no \n characters in a subject string, or no occurrences of ^ or $ in a pattern, setting this modifier has no effect. No, I'm not posting this angrily, but sometimes it's easier to answer a question via cut and paste than writing up an answer yourself. =) I'm lazily helpful! --Joseph Guhlin - http://www.josephguhlin.com/ Was I helpful? Let others know: http://svcs.affero.net/rm.php?r=bahwi -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Advice with encrypting+storing sensitive data
Sorry, OpenSSL is base in FreeBSD, so I didn't have to set it up myself. You can check www.openssl.org and www.apache.org. You still have to buy a cert though. For that, try: www.verisign.com and www.instantssl.com --- seems alot cheaper, no experience with them however But chances are your best bet will be to just get a webhost with SSL support already and buy the cert. That way, if there are errors with openssl you don't have to fix them, someone else does. As far as anything else, see my sig, I gotta charge for Unix work so I can make the bills. That should help though. --Joseph Guhlin http://www.josephguhlin.com/ Web Programmer / Unix Consultant / PHP Programmer -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Hiding Errors
I'm not too familiar with this method, but trying putting the @ symbol in front of the statement. ex: $file = @fopen(.); Hope this helps. --Joseph Guhlin http://www.josephguhlin.com/ Web Programmer / Unix Consultant / PHP Programmer -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Advice with encrypting+storing sensitive data
Sorry, it was late at night. I'm glad you have the SSL and everything else already taken care of. What I meant was for you to build your own session system, so that it is secure, instead of using PHP's built in session system. Someone once said that it has a 1% chance of cleaning up the sessions, and that would be the secure data(the passphrase, even if encrypted) on the system. If you build your own, you can change that 1%. There may be another way. Also, if you build it yourself, you will understand what happens exactly and will be able to hide the data perhaps a bit more than the regular sessions. I hope this makes more sense. If not, tell me and I'll try to explain it again. Sorry! =) Robert Mena wrote: I do not think I understood your ideia : The next best thing is to store it in session variables, but build your own system perhaps, and yes, encrypt it lightly with some system and a system passphrase --Joseph Guhlin http://www.josephguhlin.com/ Web Programmer / Unix Consultant / PHP Programmer -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Post Variables
The problem is right here:
for ($i=0; $i=12; $i++)
{
echo $_POST['$i'];
}
Single quotes cause variables to not be interpolated. IE:
?php
$i = 5;
echo $i;
echo $i;
echo '$i';
?
this prints out:
55$i
See? Change that line to
echo $_POST[$i];
and it should work just fine.
Regards,
--Joseph Guhlin
http://www.josephguhlin.com/
Web Programmer / Unix Consultant / PHP Programmer
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] querystring and PHP 4
register_globals which turned the id= into $id is turned off in PHP 4. This is a good thing(security reasons). You need to use $_GET['id'] (or in PHP3, $HTTP_GET_VARS['id'], and this also works in PHP4). It takes a bit to get used to it, but it's a much better way to handle things, especially where security is concerned. Hope this helps. --Joseph Guhlin http://www.josephguhlin.com/ Web Programmer / Unix Consultant / PHP Programmer Dan Wade wrote: Hello, i'm grabbing querystring data like: www.myserver.com/foo.php?id=bar ? echo $id; ? It works like a champ on dev server using php 3 but the sys admin use PHP 4 on the production box and the querystring is no longer being passed. I can't imagine this changed from version to version. Is he missing something in his install? thanks, -Dan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Advice with encrypting+storing sensitive data
That's a big question. The most secure way, using either mcrypt or PGP, is to have an application on the client's side that does the encryption and the decryptiong. This is probably the best solution. Heavily encrypt things on both sides, and this assumes the client side is secure. Barring this, you're going to have holes no matter what. Especially with man in the middle attacks (MITM). Use SSL, 128-bit SSL. This will help the most. The next best thing is to store it in session variables, but build your own system perhaps, and yes, encrypt it lightly with some system and a system passphrase. Clean up the sessions as soon as possible. And store a bunch of other data in there. Perhaps store the passphrase as the variable 'Height' or 'Bytes' or something, and store 'Password' 'Passphrase' with dummy data. Not too much, you want to throw the person off as much as possible. Then, you need to obfuscate or preferably, encode your script so know one can figure out your scheme. Hope this helps some. --Joseph Guhlin http://www.josephguhlin.com/ Web Programmer / Unix Consultant / PHP Programmer -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Searchable archive
http://marc.theaimsgroup.com/?l=php-general is for the general list, other archive locations for other lists can be found at: http://www.php.net/mailing-lists.php Happy Searching! Mohanaraj wrote: Hello, Could anyone please point me to a searcheble archive of this mailing list. Thanks guys. Mohan --Joseph Guhlin http://www.bahwi.cc/ Web Developer / Unix Consultant -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Anybody knows LWC::UserAgent (Perl) equivalent for PHP?
Haha, working on this same problem myself, right now. I used curl. $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $base . $page . '?' . $query); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_COOKIE, $_SESSION['session']); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); $buffer = curl_exec($ch); curl_close($ch); It's pulling in data from the $_SESSION for the cookie, but read up and you can see how to put in your own cookies. Some more info at php.net/curl it's not very friendly there though, but once you get the idea you'll go far. Some examples(not many, I might add) over at: http://curl.haxx.se/libcurl/php/examples/ Hope this helps. As far as without curl, can't really help you there. Others can I'm sure. Vincnetas Vienozinskis wrote: message the same as the subject :) i need something for PHP to work with site that requires cookies. And i hate to handle HTTP header and all those Coocies by my self :) --Joseph Guhlin http://www.bahwi.cc/ Web Developer / Unix Consultant -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] overwrite .txt.file?
http://www.php.net/fopen Just open the file like any other time, using w+ (I believe, check the link above) and then use fputs http://www.php.net/fputs That'll overwrite it. You may want to check it to see if it exists first, http://www.php.net/file_exists --Joseph Guhlin http://www.josephguhlin.com/ Web Programming / Unix Administration PHP/Perl/MySQL/Unix Tox wrote: i seeked for the command that would have let me overwrite .txt file, but i didn't find it. is there such an opportunity? Tox [EMAIL PROTECTED] Estonia, Tartu -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] running php as cgi script
That is in no way a correct php program. What error are you getting on the page? Or are you seeing the source? If you are seeing the source when you try to view the script it is a problem on their end(they may want them named as .cgi instead of .php, although rare now, this might be how they are doing it). --Joseph Guhlin http://www.bahwi.cc/ Web Developer / Unix Consultant Scott wrote: I'm trying to run a simple test php script as a cgi script on my ISP's server and haven't been able to get it to work, although according them it is possible. I have an example from a book which gives the following steps: 1. Put the script in the cgi-bin 2. run chmod 755 3. include #!/usr/bin/php at the top. (I have checked that this is the correct location of php on the server) The test script they give looks like this: #!/usr/bin/php echo This is a small CGI program. Doesn't look like the usual php syntax to me, but I guess this is different. Anyway I've tried it a bunch of different ways and it hasn't worked and I haven't been able to find much on the subject from Google. Can someone tell me where I'm going wrong? Thanks, SW -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] running php as cgi script
Oh, sorry, I'm running the 4.2.3 standalone version(from FreeBSD Ports system) and I have to use the tags still. It looks like a CGIwrap problem, but I'm not familiar with that. =/ --Joseph http://www.josephguhlin.com/ Marco Tabini wrote: Joseph, I think he's trying to run the script from the shell--in which case it looks okay to me (besides perhaps a terminating semicolon on the last line) Marco -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] running php as cgi script
Haha, well I posted my version number because I haven't tested the new one that actually comes default with a CLI. So I don't know if the end tags are necessary or not. Marco Tabini wrote: No, that was actually my mistake, and you were right. I guess I've either had too much to drink, or too little. I'll try and post again in a couple of hours and let's see which of the two is the case :-) Marco On Fri, 2002-11-15 at 23:26, bahwi wrote: Oh, sorry, I'm running the 4.2.3 standalone version(from FreeBSD Ports system) and I have to use the tags still. It looks like a CGIwrap problem, but I'm not familiar with that. =/ --Joseph http://www.josephguhlin.com/ Marco Tabini wrote: Joseph, I think he's trying to run the script from the shell--in which case it looks okay to me (besides perhaps a terminating semicolon on the last line) Marco -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] can a popup window get the page referer?
Because you can only do that with JavaScript, and that still assures nothing. You can always just download the source of an HTML page with no problems. In UNIX with libwww installed you just type GET http://www.microsoft.com/ and it downloads the html and puts it on the screen. --Joseph Guhlin http://www.bahwi.cc/ Web Developer / Unix Consultant @ Edwin wrote: Message-ID: [EMAIL PROTECTED] References: [EMAIL PROTECTED] "Joseph Szobody" [EMAIL PROTECTED] wrote: Actually, it still won't work under Windows. Even on a pop-up window, you can right click, view properties, copy the page address, open a new browser window, paste in the address. It's takes 3 seconds. Then, why not disable "right-click" as well? - E _ 最新のファイナンス情報とライフプランのアドバイス MSN マネー http://money.msn.co.jp/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] syntax question...
There are typically called a 'heredoc' or 'here document'. basically it changes the double quotation mark() to 'content' (in this case). To start, do this content and to end it just type content; on a line by itself. The example you showed does echo the stuff out. It sets all the internal html to $var and echo's $var afterwards. Hope this helps! --Joseph Guhlin http://www.bahwi.cc/ Web Developer / Unix Consultant Kelly Meeks wrote: I saw this used in a script, but after a couple of searches didn't come up with anything on php.net. ? $var=content table tr td font color=red $phpvarhere /font /td /tr /table content; echo $var; ? So, does this allow you to output mixed html/php without having to escape offending characters with no echo or print? Conceptually, would the syntax above work? TIA Kelly -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
