[PHP] PHP5.3.5: error message for date()
After a long battle to get my system back on air after a hard disk crash, I got PHP 5.3.5 running under Apache 2.2.3. I now get a diagnostic every time I call date(), complaining about a missing parameter. The manual states that the second parameter is optional, and even phpinfo doesn't know about this new requirement, as it contains the same diagnostic: Warning: phpinfo(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Australia/Melbourne' for '11.0/DST' instead in D:\Websites\index.php on line 1 Warning: phpinfo(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Australia/Melbourne' for '11.0/DST' instead in D:\Websites\index.php on line 1 . Is this a bug, or a new requirement we will have to get used to? Roger Riordan AM -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] erratic results from ftp_rawlist
I had a procedure for listing the files on a remote directory recursively using FTP, using the code below. I thought it was working, but when I tried to use it yesterday I found it listed every second directory, and returned false for the others. I then tried replacing line A with line B (shown at the end of the procedure). The procedure then worked (usually), but the number of times I had to try the ftp_rawlist was most often 2, but varied randomly from 1 to 5, and on one occasion failed after five tries. I get the feeling that for some reason the system takes some time to recover after one invocation of ftp_rawlist, before it is ready to run it again, but I can find no indication of why this should be so, or what I can do about it. Can anyone cast any light on this? My remote website is running under PHP 5.1.6 (I have now investigated the recursive option on this command, and realise that I should use this, instead of calling the procedure recursively, although this will require a significant amount of work to implement.) Clancy /* --- 1.0 List the contents of remote directory $source recursively ---*/ function list_recsv ($conn_id, $source_dir, $recsv) { //echo 'h5Rndx_'.__LINE__.': Source_dir = '.$source_dir.'/h5'; set_time_limit(5); $files = ftp_rawlist ($ftp_id, $source_dir) // Line A $i = 0; $j = 0; $n = count ($files); $sub_dirs = ''; echo 'h5nbsp;/h5h5TB_11_'.__LINE__.': Get_recsv: '.$source_dir.' has '.$n.' files, Try = '.$try.'/h5'; while ($i $n) { $aa = decrypt ($files[$i]); // (Code to list files removed) if (substr($aa[0], 0, 1) == 'd') { $sub_dirs[$j++] = $aa[8]; } ++$i; } if ($recsv) {$i = 0; while ($i $j) { $file = $sub_dirs[$i++]; $new_source = $source_dir.$file; list_recsv ($ftp_id, $new_source, $recsv, $down_load); } } } Line B: $try = 1; while ((($files = ftp_rawlist ($ftp_id, $source_dir)) == false) $try 5) { ++$try; } -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Array Search Not Working?
On Wed, 10 Mar 2010 09:52:30 -0500, aj...@alumni.iu.edu (Alice Wei) wrote: Hi, I have two arrays here that I have combined into a new array, as shown here: $from = explode(-, $from); $change = explode(-,$change); $new_array = array_combine($from,$change); I then tried reading it from a file and do string matches, trying to find out the key using the array_search of the individual array elements. I seem to have no such luck, even when I copied one of the elements after I do a print_r($new_array); Here is the code, foreach ($lines2 as $line_num = $line2) { $style_line_num = $line_num+3; if(preg_match(/^style/,$line2)) { if(preg_match(/inkscape:label/,$lines2[$style_line_num])) { $location = explode(=,$lines2[$style_line_num]); $location2 = substr($patient_location[1],1,-6); if(in_array($location2, $from)) { $key= array_search($location2,$new_array); //Find out the position of the index in the array echo Key . $key . br; //This only gives me a blank space after the word Key } } //end preg_match inkscape } //If preg_match style I looked at the example from http://php.net/manual/en/function.array-search.php, and looks like what I am trying to do here is possible, and yet, why am I not getting a proper key return? Thanks for your help. Alice I have a very handy utility for problems like this: // Expand string array, list all terms function larec($array, $name) // List array recursive { if (is_array($array)) { $j = count ($array); $temp = array_keys($array); $i = 0; while ($i $j) { if(isset($array[$temp[$i]])) { $new_line = $name.['.$temp[$i].']; larec ($array[$temp[$i]], $new_line); } $i++; } } else { echo 'p'.$name.' = '.$array.'/p'; } } If you have some array $foo then larec($foo,'Foo'); will list all the elements of $foo recursively, without any obvious limits. This makes it very easy to see what you have actually got, as opposed to what you thought you would get. The following is an abridged example of the result of listing an array $wkg_sys of mine, using: larec ($wkg_sys,'Sys'); Sys['class'] = W Sys['style']['0']['wkg_style'] = basic_tab Sys['style']['0']['pad'] = Sys['style']['0']['stripe'] = 0 Sys['style']['1']['wkg_style'] = nrml_style Sys['style']['1']['pad'] = 1 Sys['style']['1']['stripe'] = 0 Sys['valid'] = 1 Sys['entries'] = 15 Sys['f_title'] = Developmental Web Page Sys['version'] = IF1.4 Sys['ident'] = 0800 Sys['directory_id'] = Sys['index'] = 2 Sys['date'] = CCY2N Clancy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP: inexplicable behaviour of pre- and post-increment operators
On Wed, 3 Mar 2010 08:21:06 -0600, halip...@gmail.com (haliphax) wrote: On Fri, Feb 26, 2010 at 11:01 PM, clanc...@cybec.com.au wrote: while ($i $j) { $b[$i] = $a[$i++]; } B. You get $b[0] = $a[1], and so on (as you would expect). Wouldn't that be $b[0] = $a[0], with the value of $i being 1 *after* the statement was finished executing? You used a post-decrement operator on $i at the end of your statement, so I don't think that $i would be increased before being used to index into the $a array. Try it! Clancy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP: inexplicable behaviour of pre- and post-increment operators
A week ago Dasn asked a question about converting arrays, and I quoted one possible way of achieving his task, using the operation: $i = 0; while ($i $k) { $b[$a[$i++]] = $a[$i++]; } I added the comment that I have always been wary of using statements like this because I was unsure when the incrementing would occur, so I tried it. I received several CC e-mails replying to this post, including one rather critical comment to the effect that pre-and post-increment were all quite simple, and I really ought to learn the fundamentals before I started trying to do anything elaborate. I posted a reply to these e-mails, but as neither they, nor my reply, or any follow-up discussion ever appeared in the discussion group I will repost this reply. (I did have a power failure at this time, so it is conceivable that any follow-up was lost as a result of a glitch in my mailer, but I think it is more likely that there was a glitch in the discussion group server.) Unfortunately things aren't nearly as simple as this writer believes. The rule I have always used is that if you use the same variable as an index on both sides of an assign statement it is not safe to change the value of the index within the statement. While I have achieved the result I wanted in the example above (using PHP 5.1.6 -- there is no guarantee it would work with other implementations of PHP) the results of doing this in the general case can be quite inexplicable. The particular case which prompted my comment was the one where you want to copy part of one array into the corresponding elements of another array. In accordance with my rule, I normally write: $i = 0; $j=count($a); while ($i $j) { $b[$i] = $a[$i]; ++$i; } It is tempting to try to put the increment into the assignment statement. Clearly the value of $a[$i] has to be read before it can be written to $b[$i], so the logical expression would be: while ($i $j) { $b[$i++] = $a[$i]; } A. However if you try this, you get $b[1] = $a[0], and so on. But if you try the alternative: while ($i $j) { $b[$i] = $a[$i++]; } B. You get $b[0] = $a[1], and so on (as you would expect). Out of curiosity, I then tried: $i = -1; $j=count($a) - 1; while ($i $j) { $b[$i] = $a[++$i]; } C This gave the desired result, and seemed moderately logical. However when I tried: $i = -1; $j=count($a) - 1; while ($i $j) { $b[++$i] = $a[$i]; } D This gave exactly the same result. It is quite impossible to explain the results in cases A and D from the definitions of the pre-and post-increment operator, so I think I will stick to my safe rule! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Creating Days in a Year - Stored Procedure
On Tue, 23 Feb 2010 14:49:01 -0800, d...@pointmade.net (Pointmade_Noah1) wrote: I found this code below online and I am trying to modify it for my needs. I want to pass a YEAR (Int) to the stored procedure and have it create all the day in that passed year. With one tweak, If the day is Sunday the sStatus field will equal Closed ELSE Open. All attempts come up with ERRORS. Also, I would like the sdate field to be a DATE result. Little help please? I appreciate it. USE colombo; -- this table will store dates sequence CREATE TABLE seq_dates ( sdate DATETIME NOT NULL, sStatus VARCHAR NULL, ); DROP PROCEDURE IF EXISTS colombo.sp_init_dates; CREATE PROCEDURE colombo.sp_init_dates (IN p_fdate DATETIME, IN p_tdate DATETIME) BEGIN DECLARE v_thedate DATETIME; DECLARE v_Status VARCHAR; TRUNCATE TABLE colombo.seq_dates; SET v_thedate = p_fdate; WHILE (v_thedate p_tdate) DO IF (DayName(v_theDate) = Sunday { SET v_Status = Closed; }else{ SET v_Status = Open; } // I know this CODE is wrong -- insert dates squence into seq_dates table INSERT INTO seq_dates (sdate, sStatus) VALUES (v_thedate, v_Status); -- go to the next day SET v_thedate = DATE_ADD(v_thedate, INTERVAL 1 DAY); END WHILE; END; You could probably do something cunning with the library functions mktime(), etc, but I have two functions: Abs_day ($date); which converts $date into an absolute day, with 1:1:1800 = day 0 and Ymd ($abs_day); which converts an absolute day back into Y:M:D For your purpose there is a lot of redundancy, but between them these functions provide all the information you have asked for. Day zero was a Wednesday, so you can readily work out the DOW for any arbitrary day. I have tested these functions up to 2500, but no obvious upper limit). // Convert date :MM:DD into absolute day; 1:1:1800 = 0, Wednesday function abs_day ($u) { $days = array (0 = array(0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334, 365, 375), ( 1 = array(0, 31, 60, 91, 121, 152, 182, 213, 244, 274, 305, 335, 366, 375)); // 0 is normal year, 1 is leap year $y = $u[0]; if (($y % 400) == 0) { $ly = 1; } // See if leap year elseif (($y % 100) == 0) { $ly = 0; } elseif (($y % 4) == 0) { $ly = 1; } else { $ly = 0; } $y -= 1800; $c = (int) (($y - 0.99)/100); $c = (int) ($c * 0.75 +0.3); // Fiddle factor for centuries (most are not leap years) $abs_day = (int) (($y) * 365.25 - $c - 0.1); $d = (int) $u[1]; $abs_day += $u[2]-1 + $days[$ly][$d]; return $abs_day; } // Converts abs day to YMD. function ymd ($day) { //echo 'h5Stdu_408: Day = '.$day.'/h5'; $days = array (0 = array(0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334, 365, 375), ( 1 = array(0, 31, 60, 91, 121, 152, 182, 213, 244, 274, 305, 335, 366, 375)); $u = false; $c = (int)(($day + 0.6)/36524.25); // No of centuries $ly = 0; if ((($c + 2) % 4) == 0) { $ly = 1; }// See if leap year $d0 = $day - (int) ($c * 36524.25 + 0.3); // Calculate remaining days $yy = (int) (($d0 -$ly + 1.1)/365.25); // Calculate year $d2 = $d0 +1 - (int) ($yy * 365.25 + $ly - 0.125); // remaining days (again!) if ($yy != 0) { if (($yy % 4) == 0) { $ly = 1; } else { $ly = 0; } // See if leap year } $u[0] = 100 * $c + $yy +1800; // Calc calendar year $i = 1; $j = 0; while ($d2 $days[$ly][$i] $i 14) { $i++; } // and month day $d2 -= $days[$ly][$i-1]; $u[1] = $i; $u[2] = $d2; return $u; } -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] array conversion
Or: $a = array ('Cats', 'white', 'Dogs', 'black', 'Mice', 'grey', 'Camels', 'brown'); $b = '';// Just in case it has some leftover value $k = 2* (int) (count ($a)/2); // ensure even no of terms $i = 0; while ($i $k) { $b[$a[$i++]] = $a[$i++]; // *** } And this works: $i = 0; $k = array_keys($b); while ($i count($b)) {echo 'h5'.$i.': '.$k[$i].' = '. $b[$k[$i++]].'/h5'; } 0: Cats = white 1: Dogs = black 2: Mice = grey 3: Camels = brown ( *** I have always been wary of using statements like this because I was unsure when the incrementing would occur, so I tried it.) Clancy On Fri, 19 Feb 2010 02:26:49 -0500, simples...@gmail.com (Adam Richardson) wrote: Or, function new_arr(array $arr) { $count = count($arr); if ($count % 2 != 0) throw new Exception('The new_arr() function requires an even number of elements.'); for ($i = 0; $i $count; $i += 2) { $new_arr[$arr[$i]] = $arr[$i + 1]; } return $new_arr; } $test = new_arr(array('k1', 'v1', 'k2', 'v2', 'k3', 'v3')); exit(var_dump($test)); On Fri, Feb 19, 2010 at 1:19 AM, Larry Garfield la...@garfieldtech.comwrote: On Thursday 18 February 2010 11:58:28 pm Paul M Foster wrote: On Fri, Feb 19, 2010 at 01:20:12PM +0800, Dasn wrote: Hi guys. How to convert an array like: Array ( [0] = key1 [1] = value1 [2] = key2 [3] = value2 ) to Array ( [key1] = value1 [key2] = value2 ) Is there a built-in function to do this? Please Cc me. :) Thank you in advance. I don't believe so, but rolling your own should not be too hard: $a = array($key1, $value1, $key2, $value2); $b = array(); $numitems = count($a); for ($i = 0; $i $numitems; $i++) { if ($i % 2 == 0) { $saved_key = $a[$i]; } elseif ($i % 2 == 1) { $b[$saved_key] = $a[$i]; } } Code is crude and untested, but you get the idea. Paul This would be even shorter, I think: foreach ($items as $i = $value) { $temp[$i % 2][] = $value; } $done = array_combine($temp[0], $temp[1]); (Also untested, just off the cuff...) --Larry Garfield -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Pre/Post inc (Was array conversion)
On Sat, 20 Feb 2010 17:44:00 -0500, you wrote: On Sat, Feb 20, 2010 at 11:10 AM, Nathan Rixham nrix...@gmail.com wrote: Richard Quadling wrote: On 20 February 2010 11:18, clanc...@cybec.com.au wrote: Or: $a = array ('Cats', 'white', 'Dogs', 'black', 'Mice', 'grey', 'Camels', 'brown'); $b = '';// Just in case it has some leftover value $k = 2* (int) (count ($a)/2); // ensure even no of terms $i = 0; while ($i $k) { $b[$a[$i++]] = $a[$i++]; // *** } And this works: $i = 0; $k = array_keys($b); while ($i count($b)) {echo 'h5'.$i.': '.$k[$i].' = '. $b[$k[$i++]].'/h5'; } 0: Cats = white 1: Dogs = black 2: Mice = grey 3: Camels = brown ( *** I have always been wary of using statements like this because I was unsure when the incrementing would occur, so I tried it.) Clancy ?php $i = 10; echo $i++; // Shows 10 and $i becomes 11 echo ++$i; // $i becomes 12 and 12 is shown. ? Post increment and pre increment. No need to be wary of them. http://docs.php.net/manual/en/language.operators.increment.php Expanding on what Richard says; there does seem to be a growing number of people who haven't stopped to learn the very basics of PHP (or languages in general). I'd strongly recommend that all those in doubt over the basics take a few hours out to (re-)familiarise themselves; and there's no finer resource to do this than the php manual [1] You'll notice the manual goes as follows: # Basic syntax # Types # Variables # Constants # Expressions # Operators # Control Structures # Functions ... more And that's the order in which you should learn; in short you can't really program or script without knowing basics through control structures. Do hope this mail doesn't sound condescending in any way; as it's meant with the best intentions and really will make you're (working) life a lot easier. I myself still refer back to these base sections periodically, and every time I do - a new detail pops out that makes something easier. [1] http://docs.php.net/manual/en/langref.php Many Regards, Nathan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Clarifying what Clancy specifically said: ( *** I have always been wary of using statements like this because I was unsure when the incrementing would occur, so I tried it.) The asterisks inform us he was speaking about the first example, and the language informs us he was speaking about the statement, not the increment operator, itself. $b[$a[$i++]] = $a[$i++]; // *** It's actually quite a clever implementation of the algorithm request that prompted this thread, and because of it's uniqueness, (incrementing a variable multiple times within the same statement on both sides of the '='), I don't this reflects that Clancy stopped to learn the very basics of PHP. Actually, Clancy taking the time to try something to better learn the language (just for the sake of coding fun, no less) reflects the desire to learn new things, and that's exactly the type of person I hope is drawn to the PHP community. Thanks for the example, Clancy :) Adam Thanks, Adam. I started programming before there were any manuals (or classes), and I had to jump in at the deep end. I do like to know how things work, but the days when you could make your own complete commented disassembly of the operating system (as I did for CP/M) are long since gone, and it is no longer possible for any single person to have even a reasonable working knowledge of how all the programs on his computer operate. I regret I have to admit that it is now beyond me to have a working familiarity even with the programs I need for webpage design -- PHP, HTML, CSS and Javascript, let alone trying to throw in C++, Apache Unix. Also questions like this tend to come up when I'm in the middle of implementing something complicated, so usually I take the easy way out, instead of taking the time off to try to answer the question. The particular case which prompted my comment was the one where you want to copy part of one array into the corresponding elements of another array. Should you write: $i = 0; $j=count($a); while ($i $j) { $b[$i] = $a[$i++]; }OR $i = 0; $j=count($a); while ($i $j) { $b[$i++] = $a[$i]; } Surprisingly (to me) the answer is neither. (Assuming $j = 5) the first gives $b[1] = $a[0], with $b[0] undefined, while the second gives $b[0] = $a[1], with $b[4] undefined. Experiment shows that you can either be safe, as I have always done, and write: $i = 0; $j=count($a); while ($i $j) { $b[$i] = $a[$i]; ++$i; } or you can write: $i = -1; $j=count($a) - 1; while ($i $j) { $b[++$i] = $a[$i]; } This seemed moderately logical, but then I found you can also write: $i = -1; $j=count($a) - 1; while ($i $j) { $b[$i] = $a[++$i]; } I think I will stick to the safe way! --
[PHP] Re: Advice on maintaining public and private files
On Fri, 19 Feb 2010 13:19:50 -0500, st...@astroh.org (Michael Stroh) wrote: I have a site I'm working on with some data that I want to be readable by anyone, but some files that I want to keep hidden from outside users. Here is an example of my file structure. /products/data1/item_1/data.txt /products/data2/item_2/data.txt I would like everything in data1 to be available by anyone who visits the site, but I want to keep items in the data2 folder to only be accessible through certain web page which I hope to eventually require logins. Some of these items I'd like to not only display but also allow people to download. My main concern is that I don't want people to be able to guess the names of the files and then be able to access the information on them. Every 'item' has an entry in a MySQL database which holds some information. I was thinking I could have randomly generated folder names to take the place of the things like 'item_2' such as /products/data2/kl23j42i/data.txt and then link the folder name through a database entry. But I'm not sure if there are more elegant or easier ways to deal with this. Plus someone could still just try randomly querying the site until they get a match. I'd first like to just create a web page where you can go to access the hidden files but would later like to add more control for other users using logins and passwords. Most of my files are just text files and images. Any suggestions? Thanks in advance! Michael I have been working on a website engine for some time, and have recently been addressing these problems. The website layout is specified by textbased data files, with a separate entry for each item on the page. These may be links to subdirectories or even other websites, links to further index pages or links to individual items. Users are divided into groups, e.g. Guest, Admin, or Manager, and each data file has a field specifying who is allowed to use it. Each entry has a similar field, and when a data file is being loaded the loader checks that the current user has permission to access it before allowing the file to be loaded, and then as it processes each item in the file it checks if the user has permission to view this item, and if not skips it. This means that the user only sees the items he is entitled to see. There is nothing to indicate that anything is being hidden from him. At present I only have one allowable group for each file or item, and permit individual users to belong to multiple groups (as set up by the administrator). On reflection it would probably be better to assign each user to a single group, and allow multiple groups to be given access to the file. At first I simply assigned each user a privilege level; 0, 1, 2, .. , but this prevented giving some user groups access to some areas of the website, and other user groups access to others. Each website has one area containing data, and a separate one containing the engine (which has all the code). The data area also contains a small file index.php, which sets up site dependent parameters, and then hands access to the engine. I have several different websites sharing the same engine, and this means both that the individual websites can specify different configuration files and security requirements. One website can be fully accessible, another only accessible after the user is logged in, and another can have some areas only accessible through a hidden log in. I use parameters to specify which page to be loaded, but I've recently realised that this is a significant security hole, as the parameters are readily visible, and convey a lot of information about the structure of the site. On second thoughts it would have been better to specify the various directories and files by numbers. The engine is in a separate directory which is not under the root, so it is not readily accessible, but I wanted the photos to be able to be bookmarked, which meant that they had to be under the root, and I put the data files with them for simplicity. However this means that they can also be downloaded, so I will have to move them to a different location, as some of them contain valuable information. Fortunately the way the engine is designed makes this reasonably simple to do. You can see a very simple demonstration website at http://www.cydalba.com/?new=1. At present this is set up so that part of the website is only accessible by hidden log in. If you access it via http://www.cydalba.com/?new=1action=log_in you will be asked to log in, which you can do as 'Guest', with password 'Mandy17'. Some more of the website will then be accessible. Clancy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Manual problems
On Thu, 11 Feb 2010 10:18:18 +, a...@ashleysheridan.co.uk (Ashley Sheridan) wrote: On Thu, 2010-02-11 at 10:16 +1100, Ross McKay wrote: ... There's a good reason for OpenOffice having some difficulties with MS Office documents. Back when MS rushed through getting their document standard ratified by ISO (which itself is a whole other story) they didn't explain all the details quite as well as they might have. Later on, MS found they were having some difficulty following their own 'standard' and so altered it in various ways in Office2007. Needless to say, ISO weren't too happy when MS asked if they could just 'change the specs' for their file format, and quite rightly refused to do so. In short, this means that there is a MS ISO standard that MS is the only one not trying to follow, and software like OpenOffice is left to reverse engineering the format again. When the first Word Macro virus appeared in the early 90s, the AV industry approached Microsoft for the specifications of the internal structure of the Word documents. After some discussion Microsoft agreed to make these available to firms who signed an NDA. Several large firms did so, but when they got the specifications they immediately discovered that they bore very little relation to the actual documents. When Microsoft was approached about this their reply was Well, that's all we've got! The industry had to run a joint program to reverse engineer the specifications before they could work out how to remove the virus. The story that went around was that with each update Microsoft hired a new batch of young graduates asidethey don't have preconceived notions (a.k.a. experience), and they don't have extravagant ideas of their own worth/aside, told them vaguely what they wanted, and left them to it. Then, as soon as they had something that sort of worked, they let them go again. So there was no continuity, no documentation, no hope of bug fixes, and very little likelihood that the next update would be improved in any meaningful sense. I have seen nothing to suggest that anything has changed. And Bill actually likes it this way! Someone who did a lot of support work for small and medium enterprises told me that the biggest pressure for updating to the latest version came from workers envious of the new employee, with his new computer and the new version of the Microsoft rubbish --- sorry, wonder product. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Owner or other; permissions for webpage users
On Wed, 10 Feb 2010 16:08:42 +1030, james.mcl...@gmail.com (James McLean) wrote: On Wed, Feb 10, 2010 at 2:51 PM, clanc...@cybec.com.au wrote: I'm basically familiar with the UNIX permissions - 'owner', 'group', or 'other', but I have no real idea how these apply to webpage users under PHP. I know that if I FTP to the server I am the owner, and I think that if I, or anyone else, opens one of my webpages I am 'other'. Almost right. It's UGO, User Group and Other. When you view a PHP page, it's (usually) served by Apache, the process will be owned by a user, usually 'apache'; who is also a member of a group, usually 'apache'. On some systems these users/groups can be 'httpd', 'www-data' etc. When you or I look at a PHP file served from Apache, there is no concept of users/groups/others outside those that apply to the Apache process that served the data. However what I would like to do is assign certain users, who have logged in through a security portal, to 'group', so that they (but not 'others') have permission to write to data files on the site. It's a seperate thing, because once again inside PHP there is no concept of users/groups outside the Apache process itself. It would be up to your PHP code to manage who has access to what, the files will all be read from and written to disk by the Apache process. Thanks. So it is as I feared, and if I want any file to be editable under any circumstances, I have to give write access to 'others'. It is a little surprising that PHP has not made any provision for manipulating users write permissions, as this could provide a little extra protection from malicious users. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: poll: howto do informative error handling without the fatalities
On Tue, 9 Feb 2010 16:09:05 +, rquadl...@googlemail.com (Richard Quadling) wrote: On 9 February 2010 14:20, Ashley Sheridan a...@ashleysheridan.co.uk wrote: On Tue, 2010-02-09 at 09:19 -0500, Robert Cummings wrote: Richard wrote: Hi, I have extended the standard exception class to send me an email whenever an exception occurs. I did that once. Once being the operative word... :-) Ended up with tens of thousands of emails one morning. At first I thought... Wow, maybe my popularity has grown somewhat. But it hadn't. I have something similar... a cron job that checks the error_log file every 10 minutes and sends me the contents if any exist. I also set a special header so I can be sure it's not spam and appropriately route it into my mail folder maze, Much less spammy :) Cheers, Rob. -- http://www.interjinn.com Application and Templating Framework for PHP Real developers don't have errors in their code; they're undocumented features ;) Thanks, Ash http://www.ashleysheridan.co.uk So, no documentation AND bugs!!! Gee. I really wouldn't want to rely on that code base! So you don't use (or work with) any Microsoft product? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Manual problems
On Thu, 04 Feb 2010 02:39:03 +0100, joc...@iamjochem.com (Jochem Maas) wrote: Op 2/4/10 1:32 AM, clanc...@cybec.com.au schreef: Recently I have frequently found, especially in the morning (GMT 2200 - 0200), that I can open a bookmark in the manual, for example http://www.php.net/manual/en/ref.image.php. But if I then do a search of any type I get 'The page cannot be displayed'. I then cannot reach any page, including the one I originally opened. This morning, after some fiddling, I found that if I closed the browser, and re-opened it I could then see the original bookmark again, and link to some pages, but others would again crash the browser, as would all searches. I am using IE6, and have seen a message that I should update my browser, but only when the page is displaying properly. Firefox 3.5.5 immediately converted the above to http://au2.php.net/manual/en/ref.image.php. and then told me The manual page you are looking for (http://au2.php.net/manual/en/ref.image.php.) is not available on this server right now. there are stacks of mirrors. try one of: au.php.net tw.php.net tw2.php.net tn.php.net tn2.php.net sg.php.net sg2.php.net ... guessing those are closest to you. Thanks. I was under the misapprehension that the providers server would automatically hunt for a valid mirror, but I find that my various bookmarks are scattered on mirrors all over the place. Also that if I do a search from what appears to be the logical starting bookmark it doesn't work, but if I do it from most of the others it does. Very strange. as for using IE6 ... WTF ... you do realise this is essentially a web developers mailing list right? The interesting things in my websites go on behind-the-scenes, in the PHP, and produce relatively straightforward HTML. I have avoided the well-known bugs in IE6, and think my webpages display correctly on any of the modern browsers, but as Microsoft delights in rearranging everything in every update, and making the features you need ever harder to find, I stick to IE6 for my everyday work. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Owner or other; permissions for webpage users
I'm basically familiar with the UNIX permissions - 'owner', 'group', or 'other', but I have no real idea how these apply to webpage users under PHP. I know that if I FTP to the server I am the owner, and I think that if I, or anyone else, opens one of my webpages I am 'other'. However what I would like to do is assign certain users, who have logged in through a security portal, to 'group', so that they (but not 'others') have permission to write to data files on the site. Can this be done with PHP? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP Manual problems
Recently I have frequently found, especially in the morning (GMT 2200 - 0200), that I can open a bookmark in the manual, for example http://www.php.net/manual/en/ref.image.php. But if I then do a search of any type I get 'The page cannot be displayed'. I then cannot reach any page, including the one I originally opened. This morning, after some fiddling, I found that if I closed the browser, and re-opened it I could then see the original bookmark again, and link to some pages, but others would again crash the browser, as would all searches. I am using IE6, and have seen a message that I should update my browser, but only when the page is displaying properly. Firefox 3.5.5 immediately converted the above to http://au2.php.net/manual/en/ref.image.php. and then told me The manual page you are looking for (http://au2.php.net/manual/en/ref.image.php.) is not available on this server right now. Is this due to maintenance, or somesuch, or is it something in my system? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Appalling Dreamweaver performance
On Mon, 01 Feb 2010 00:51:39 +, a...@ashleysheridan.co.uk (Ashley Sheridan) wrote: On Mon, 2010-02-01 at 11:28 +1100, clanc...@cybec.com.au wrote: . Don't use Dreamweaver then :p Joking aside (Dreamweaver is a very capable editor, although it is quite large for simple find and replace tasks) how were you performing the find and replace? Regular expression replacements will be much slower, although it shouldn't account for quite the speed hit you saw. For simple tasks like that, I'd recommend Notepad++. It has code highlighting and folding, regex find/replace features, and a slew of other bits that make it a very good editor, and it's very speedy to boot. I was doing a simple replace: , with ; As I mentioned, I use Dreamweaver both its editing and its file managing capabilities, and as I spend a lot of time programming it is nearly always open, so it gets used for odd jobs like this (which it usually does very well). However there is definitely something seriously wrong with its implementation of this feature. After reading some of the other comments I thought I should try the same thing again this morning, while the computer was fresh. I did the same job on the same file. The screen was refreshed after each line was completely processed, and for the first few lines the cursor ran quite quickly down the screen. But by line 130 it had slowed to about 1line per second, and last time by the end it was taking more than five seconds to do each line. I didn't bother to let it run to completion, but I did look at the results log. This had a new line for every replacement-- 10 lines of log for each line of the original file. I expect this is the explanation for the initial slow performance but I can't understand what they have done to make it slow down as it progresses -- unless they start searching again at the beginning of the file after each replacement? Given the cumbersome error logging this is just conceivable. I have had it crash once or twice after I have opened a lot of files (usually after I have searched the whole folder for every reference to a variable a number of times), but generally I have found quite reliable. One feature which I find really annoying is that if you tell it to search a folder for a particular variable name, it doesn't seem to be possible to tell it to only search certain directories, and certain file extensions. If Notepad++ offered this feature I would certainly be tempted to try it. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Good source for sample data?
On Fri, 29 Jan 2010 15:08:49 -0800, br...@briandunning.com (Brian Dunning) wrote: Thanks for the suggestions but I couldn't find any that suited my needs, so I made my own. Feel free to download if you can use them, I made files with up to a million unique records. Name, Company, Address, Phone, Email, etc., all are fake but are real addresses with correct area codes, zips, exchange, so will work for mapping, phone or address validation, whatever your needs are. Hope someone find it useful. http://www.briandunning.com/sample-data/ Thank you for this. I was just wondering where I could get a reasonably large set of sample data to demonstrate my mailmerge type program, and this will serve the purpose nicely. It will also enable me to test it on a much larger set of data than my laboriously assembled private address book (which has 666 entries). (My program worked well with the 500 entry file, but had serious problems with the 5000 entry file. However when I cut this back to 1700 entries it again worked correctly, though it was a bit slow.) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Appalling Dreamweaver performance
I use Dreamweaver as my editor, mainly because I'm familiar with it, although I only use about 1% of its capabilities. However it generally handles long files well. The other day I downloaded the two shortest of Brian Dunning's sets of test data *. I opened the shortest in Dreamweaver, had a quick look at it, and realised I would have to replace the quote, comma, quote separators with semicolons, as part of converting the files to my format. So I thought I would do that while I was working out what else I had to do. I entered the old separator and the replacement in the 'Find and replace' window, then hit 'Replace all', expecting the job be done in a few seconds. First I thought nothing was happening, but then I realised it was trudging through the file, as if it was wading through waist high molasses. So I closed the results window, and opened another file, but a few seconds later focus switched back to the original file. I tried a couple of times more, but each time it returned to the original window. I watched in morbid fascination for a bit, then decided I would let it go, just to see how long it took. The file contained 500 lines, and was about 80 K. It was taking five seconds to process each line, and eventually finished in about 40 minutes. The problem appeared to be the results processing. I have only looked at the results list about twice, out of idle curiosity, but never saw any thing that I thought could be remotely useful. I would like to be able to turn results logging off altogether, as it wastes real estate (and time!), but this appears to be impossible. On this occasion the program was apparently writing a new line every time it replaced a separator (9 times in each line), and then when it finished processing a line it would erase all the intermediate result lines, and write a new one for the whole line. At the same time it reopened the results window if I had closed it, and return focus to the file being processed. I then wrote a PHP program to read the file, split it, clean up and re-arrange the various elements, enter them into an array in my format, and finally save it as a file my program could handle. After I had got this running on the 500 line file I used it to process the 5000 line file. The whole process was done in the blink of an eye -- literally a fraction of a second. * http://www.briandunning.com/sample-data/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Creating an Entire .html page with PHP
On Thu, 28 Jan 2010 13:39:31 -0800, mpet...@mac.com (Michael A. Peters) wrote: clanc...@cybec.com.au wrote: On Thu, 28 Jan 2010 21:10:42 +0100, rene7...@gmail.com (Rene Veerman) wrote: On Thu, Jan 28, 2010 at 12:31 AM, clanc...@cybec.com.au wrote: On Wed, 27 Jan 2010 10:21:00 -0800, deal...@gmail.com (dealtek) wrote: Opening tables, etc, wrongly generally messes the page up completely, but forgetting to close them again often has no affect no visible effect at all -- until you make some innocent change and everything goes haywire! whenever i write an opening tag, i immediately write the closing tag next, then cursor back to fill it in. Not so easy when you are using PHP to generate a complex layout! Use DOMDocument. Then you don't have to worry about closing the tags ;) Ohhh? The index page of the manual has 110 lines of totally meaningless entries, and the introduction doesn't open. I haven't the faintest idea what it's all about, but I very much doubt if it would mean anything to the original writer. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Creating an Entire .html page with PHP
On Thu, 28 Jan 2010 16:23:05 -0500, pa...@quillandmouse.com (Paul M Foster) wrote: On Fri, Jan 29, 2010 at 08:17:34AM +1100, clanc...@cybec.com.au wrote: On Thu, 28 Jan 2010 21:10:42 +0100, rene7...@gmail.com (Rene Veerman) wrote: On Thu, Jan 28, 2010 at 12:31 AM, clanc...@cybec.com.au wrote: On Wed, 27 Jan 2010 10:21:00 -0800, deal...@gmail.com (dealtek) wrote: Opening tables, etc, wrongly generally messes the page up completely, but forgetting to close them again often has no affect no visible effect at all -- until you make some innocent change and everything goes haywire! whenever i write an opening tag, i immediately write the closing tag next, then cursor back to fill it in. Not so easy when you are using PHP to generate a complex layout! Use heredocs to do it. Then you can generate the layout in PHP and still do what deal...@gmail.com said. I don't think heredocs is relevant. The original writer wanted to save the HTML output of a working page to a file, whereas (I think!) heredocs are involved with getting messy stuff into PHP. I still think that simply capturing the page from the browser is the simplest solution for the original question, but if you want a more elegant one see: http://codeutopia.net/blog/2007/10/03/how-to-easily-redirect-php-output-to-a-file/ The writer appears to know what he's talking about, and I am pleased to have found this, as I have often wanted to to redirect PHP output to a file. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Pointers For Newbies, Reminders For Oldies
On Thu, 28 Jan 2010 10:02:56 -0500, rob...@interjinn.com (Robert Cummings) wrote: I don't know what you guys are doing wrong but the following should be the correct behaviour: ?php function get_memory( $init=false ) { static $base = null; if( $base === null || $init ) { $base = memory_get_usage(); } return memory_get_usage() - $base; } function simple_access( $data ) { $foo = $data[100]; echo 'Memory: '.get_memory().' (simple access)'.\n; } function foreach_value_access( $data ) { foreach( $data as $value ) { $foo = $value; break; } echo 'Memory: '.get_memory().' (foreach value access)'.\n; } function foreach_key_access( $data ) { foreach( $data as $key = $value ) { $foo = $key; $foo = $value; break; } echo 'Memory: '.get_memory().' (foreach key/value access)'.\n; } function modify_single_access( $data ) { $data[100] = str_repeat( '@', 1 ); echo 'Memory: '.get_memory().' (modify single access)'.\n; } function modify_all_access( $data ) { for( $i = 0; $i 1000; $i++ ) { $data[$i] = str_repeat( '@', 1 ); } echo 'Memory: '.get_memory().' (modify all access)'.\n; } get_memory( true ); $data = array(); for( $i = 0; $i 1000; $i++ ) { $data[$i] = str_repeat( '#', 1 ); } echo 'Memory: '.get_memory().' (data initialized)'.\n; simple_access( $data ); foreach_value_access( $data ); foreach_key_access( $data ); modify_single_access( $data ); modify_all_access( $data ); ? I get the following output (PHP 5.2.11 from command-line): Memory: 10160768 (data initialized) Memory: 10161008 (simple access) Memory: 10161104 (foreach value access) Memory: 10161240 (foreach key/value access) Memory: 10267312 (modify single access) Memory: 20321576 (modify all access) I don't double up on memory consumption until I force the write onto every element... this is expected because internally every array element is individually subject to the Copy-On-Write (COW) principle since each element is internally stored as a zval just like the array itself. Thanks for this. I was just revising a bit of code to insert some extra entries into an array. Previously I had opened a new array, copied the data up to the insertion point into it, put in the new entry, then copied the tail, then renamed the new array. After reading this, I realise the correct procedure was to copy the existing data into a temporary array, insert the new entry in the existing array, and then copy the tail from the copy back into the working data. This way only the data in the tail actually has to be copied, rather than the whole array. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Creating an Entire .html page with PHP
On Thu, 28 Jan 2010 21:10:42 +0100, rene7...@gmail.com (Rene Veerman) wrote: On Thu, Jan 28, 2010 at 12:31 AM, clanc...@cybec.com.au wrote: On Wed, 27 Jan 2010 10:21:00 -0800, deal...@gmail.com (dealtek) wrote: Opening tables, etc, wrongly generally messes the page up completely, but forgetting to close them again often has no affect no visible effect at all -- until you make some innocent change and everything goes haywire! whenever i write an opening tag, i immediately write the closing tag next, then cursor back to fill it in. Not so easy when you are using PHP to generate a complex layout! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Creating an Entire .html page with PHP
On Wed, 27 Jan 2010 10:21:00 -0800, deal...@gmail.com (dealtek) wrote: On 1/26/2010 6:08 PM, clanc...@cybec.com.au wrote: In principle this is extremely simple. Take your existing procedure to generate the page then: 1. $page = ''; 2. Replace every echo 'whatever'; statement with $page .= 'whatever';, and everyhtml with $page .= 'html'; 3. file_put_contents($page,$file) // The manual is down (again!) and I have forgotten the format. 4. echo( file_get_contents($file)); // to generate the PHP page. However I strongly suspect that it is possible to simply redirect all the 'echo's in your existing procedure to write to $page (or $file?), without changing the code at all. Is this so? Thanks Clancy for the details - much appreciated, Actually I would like to use BOTH techniques. If it's possible to take an exsisting page and just save that (without all the rewriting ) that would also be great... Dead easy. View the page - any page - in your browser. Then (in Explorer) ViewSource. This will put up the HTML in the default viewer (preferably notepad; word would mess it up). Then save it from notepad as whatever.htm, and you can do what you like with it. Links to images, etc, will be saved in their original form, and will continue to work in the replica page as long as the original image is in the specified location. This would probably be the simplest solution for your original question -- much simpler than modifying the source code, or redirecting the output. It is also an excellent (in my opinion almost essential) method of doing a sanity check on any new page design, especially if it is at all complicated. On a number of occasions I have discovered PHP diagnostics hidden in the HTML which don't appear on the screen at all, and it is amazing how badly the HTML can be off without disrupting the screen appearance. Opening tables, etc, wrongly generally messes the page up completely, but forgetting to close them again often has no affect no visible effect at all -- until you make some innocent change and everything goes haywire! As an example, say you had a details master dynamic php page to display let's say a product (pulled from the database from url ID=334 or whatever) If I also wanted to create a STATIC .html page from that for just this one product - it would be great to be able to this too. Part of the reason for this is as Ashley mentioned: SEO Another thing I'm trying to do is create some admin pages - where a user can type in some text and choices - and hard coded .html pages go on the site. I'm not sure why your emphasis on the static .html page -- it doesn't seem necessary -- but what you are describing is somewhat like my new engine, which is used in the page www.corybas.com. This effectively incorporates a database, although all the data is stored in simple text files. It only has one page, but this can be modified to do wildly different things by specifying different parameters. The Engine has an address book/mail merge facility which is far more useful (and far quicker) than Microsoft's monstrosities, but this is not on show because I would have to generate a large list of bogus people to demonstrate it. It also has good facilities for editing the data files, but these again are difficult to demonstrate publicly. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Creating an Entire .html page with PHP
On Mon, 25 Jan 2010 18:31:54 -0800, deal...@gmail.com (deal...@gmail.com) wrote: On Jan 25, 2010, at 6:23 PM, Shawn McKenzie wrote: file_put_contents() is s much easier. Thanks Shawn I'll check that out ... - I see it says : This function is identical to calling fopen(), fwrite() and fclose() successively to write data to a file. my newbie brain likes that! Thanks, deal...@gmail.com [db-10] In principle this is extremely simple. Take your existing procedure to generate the page then: 1. $page = ''; 2. Replace every echo 'whatever'; statement with $page .= 'whatever';, and every html with $page .= 'html'; 3. file_put_contents($page,$file) // The manual is down (again!) and I have forgotten the format. 4. echo( file_get_contents($file)); // to generate the PHP page. However I strongly suspect that it is possible to simply redirect all the 'echo's in your existing procedure to write to $page (or $file?), without changing the code at all. Is this so? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Creating an Entire .html page with PHP
On Tue, 26 Jan 2010 18:52:06 -0800, dae...@daevid.com (Daevid Vincent) wrote: First of all writing pages in this old fashioned .cgi sort of way is so 1990's. Concatenating your whole page to a giant string is silly and defeats the benefits (and purpose) of using PHP. I'm actually in the process of porting a HUGE site from that style to a more sane MVC and PHPish way right now. It makes me cringe every day I have to look at 'old' code. I suggest you read the question that started all this. I don't know why you should want to store a compiled page, but someone asked how they could do it, and I have suggested one way. PHP doesn't seem to have any problems with long strings (file_put_contents file_get_contents actually treat the contents as a string, and they don't slow down till the length grows past ~100k), so if you did, this would work as well as any other way. And however you generate a web page, it is effectively sent to the browser as a string (which can include linefeeds and all the rest) so this would work regardless of whatever fancy tricks you used to generate it. (And I don't open HTML e-mails if I can possibly avoid it.) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Do you use a public framework or roll your own?
On Tue, 26 Jan 2010 21:57:05 -0500, pa...@quillandmouse.com (Paul M Foster) wrote: On Tue, Jan 26, 2010 at 04:17:26PM -0800, Daevid Vincent wrote: I'm not looking to start a holy war here or re-hash the tired debate. I just want some hard cold numbers to look at. Do you use a public framework or roll your own? http://www.rapidpoll.net/8opnt1e I voted, but like others, my framework is more a collection of home grown tools which seem to have generic applicability. Some of this may be because I worked for many years in construction. You get used to certain tools and the way they operate, and you prefer them. For example, I won't use screwdrivers whose handles aren't covered with rubber over the plastic of the handles (Stanley and Klein brands). What I like about programming is that you get to build your own tools, just the way you like them. ;-} I totally agree. I started programming in the 60s on the CDC 3200/3600 series, which had an incredibly primitive version of Fortran. Then I started my own business and didn't program again until the late 70s, when I purchased a North Star personal computer running CPM under N*Dos. I started writing programs in assembler for instruments using microprocessors. The first thing I did was to develop a library of useful functions to do the sorts of things you need to do in an instrument. I started with some early microprocessor I never actually used, then progressed through RCA1802, 8080, 6800, and finally 80X86. Once I had got my library working, I found it relatively simple to update it from one microprocessor to the next. In the early 1980s I got a job as a lecturer in instrumentation and assembly language programming at a College of Advanced Education. I used my library to show the students how to program simple instruments, and in the process I learned a lot about how to design programs that students could use. In 1989 the computer labs were invaded by an accidentally lethal virus, which rendered the (non-standard) computers useless. Because I understood assembler, I was able to disassemble the boot sector, and work out how to remove the virus, and because I knew how students thought I could write a program which they could use to disinfect their computers at home. Because my library had nearly all the necessary functions I was able to write my program (which removed that particular virus) in a couple of days. I gave it to the students as shareware and at the end of the year I was able to resign. Nine years later we sold the program to Computer Associates, and I retired. I am back into programming because Microsoft (and many other software firms) insist on writing programs which make you do what they think you ought to do, not what you want to do. It used to be quite simple to use Mailmerge to manage a mailing list, but a couple of updates of Windows ago it became virtually impossible. I suspect that many of these public frameworks will do the same. And if you have written your own tools, you can easily change them if you don't like them. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Cookies sessions
On Sun, 24 Jan 2010 17:44:16 +1100, clanc...@cybec.com.au wrote: On Sat, 23 Jan 2010 15:10:11 +, nrix...@gmail.com (Nathan Rixham) wrote: To answer your specific questions though - what can be done to make this process more secure - no matter what approach you take, when working via http and needing logged in / secure functionality; you need the client to identify themselves with a key of some sort - no matter how you make the key it's always going to be passed via http (GET/POST/COOKIE) - if some hacker passes the same key then your system is going to think it's the original user and give them access. To make it trickier you can store information such as the users IP address, user agent string etc in session and compare it on each request; if it changes log the user out and destroy the session data - however your never going to protect against the most common form of hacking, a nosy co-worker / person in the same house having a nosey while the user is at the toilet / making a brew. This is why many sites re-request password confirmation for potentially sensitive actions like transferring money, changing personal details and so forth (and send email confirmations to tell the user what changed - just in case). It must be pointed out though that non of this is worth even considering if you have sensitive ports (like ftp/ssh/mysql) open to the outside world as it's these back doors people will use to hack the whole server, not just one users personal account on a single site. Also protect against SQL injection attacks by sanitizing your data and so forth. Thank you for your thoughtful suggestions. I totally agree. If someone goes sniffing, or the like, they might be able to get somewhat limited access to the domain. On the other hand if they can crack the FTP, and get into the master server, they can download the whole site. Finally, view it as your responsibility to never store anything personal or identifying (or in fact anything) on the client side in a cookie - one simple key (session_id) in the cookie and everything on the safe secure server is the way to go. I have thought of storing customising information for a particular user in a cookie, but it would simply consist of a set of parameter values. As they would be processed in exactly the same way as if they had been entered as parameters they would presumably represent no more, or less, threat than the parameters which are essential to the operation of the site (and which can readily be read, or bookmarked -- or, on reflection, experimented with). Well! My reflection above cast a completely different light on the situation. It turns out that from a security point of view the multiple domains of Quadra Hosting's scheme should all be regarded as a single domain. In this system each domain has a separate directory under the site root directory. I suspect that any browser access to any of the domains is treated as user group 'other' (with the site owner being owner). This means that any program operating in any domain can read any file in any of the other domains, or in any other directory in the site. This is a bad enough security hole, but in my system I have a separate directory 'Engine' containing the logic to display any of the pages in any of the domains. Each domain has a separate copy of index.php, which sets up a few variables, and then invokes the engine. The individual pages are displayed by a call to index.php, followed by a series of parameters. I have one 'secure' site which is password protected, and engine won't do anything until the user has logged in. However the parameter system can handle indirect paths, and I discovered this morning that if I opened a page on one of the other domains, and then passed the appropriate parameters, I could get into the secure domain, and navigate normally through it. Images are not displayed, as the path is not calculated correctly, but everything else is, and you can read the image properties, and from this work out their correct path. Even worse, if you know their addresses, you can download any of the images or data files simply by typing the address into a browser. I could prevent the cross coupling trick by blocking any path referring to the secure directory, and I could put the data files in a separate directory off to the side, so that they could not be directly downloaded, but as the browser has to be able to download the images (and any documents or spreadsheets) directly I cannot see any easy way to protect them. So much for worrying about the relative virtues of cookies and sessions! Clancy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Cookies sessions
On Sat, 23 Jan 2010 09:32:37 -0500, tedd.sperl...@gmail.com (tedd) wrote: At 1:13 PM +1100 1/23/10, clanc...@cybec.com.au wrote: but I would be grateful for any suggestions how I could make this procedure more secure. We have given you advice that you should NOT use Cookies in any fashion to secure your site, but you remain steadfast that you know better -- so, what else can we say other than good luck. BUT you have told me to use sessions, and sessions use a Cookie! If the Cookie I use contains random data, the only difference in security is in the time that it remains valid. Neither contains any useful information, but while they are valid both will enable you to bypass security. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Cookies sessions
On Sat, 23 Jan 2010 15:10:11 +, nrix...@gmail.com (Nathan Rixham) wrote: To answer your specific questions though - what can be done to make this process more secure - no matter what approach you take, when working via http and needing logged in / secure functionality; you need the client to identify themselves with a key of some sort - no matter how you make the key it's always going to be passed via http (GET/POST/COOKIE) - if some hacker passes the same key then your system is going to think it's the original user and give them access. To make it trickier you can store information such as the users IP address, user agent string etc in session and compare it on each request; if it changes log the user out and destroy the session data - however your never going to protect against the most common form of hacking, a nosy co-worker / person in the same house having a nosey while the user is at the toilet / making a brew. This is why many sites re-request password confirmation for potentially sensitive actions like transferring money, changing personal details and so forth (and send email confirmations to tell the user what changed - just in case). It must be pointed out though that non of this is worth even considering if you have sensitive ports (like ftp/ssh/mysql) open to the outside world as it's these back doors people will use to hack the whole server, not just one users personal account on a single site. Also protect against SQL injection attacks by sanitizing your data and so forth. Thank you for your thoughtful suggestions. I totally agree. If someone goes sniffing, or the like, they might be able to get somewhat limited access to the domain. On the other hand if they can crack the FTP, and get into the master server, they can download the whole site. Finally, view it as your responsibility to never store anything personal or identifying (or in fact anything) on the client side in a cookie - one simple key (session_id) in the cookie and everything on the safe secure server is the way to go. I have thought of storing customising information for a particular user in a cookie, but it would simply consist of a set of parameter values. As they would be processed in exactly the same way as if they had been entered as parameters they would presumably represent no more, or less, threat than the parameters which are essential to the operation of the site (and which can readily be read, or bookmarked -- or, on reflection, experimented with). -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Users, groups, and permissions
I am using a Quadra Hosting Multi Domain (http://www.quadrahosting.com.au/) to host five different domains. As site owner I have FTP access to the root directory, and to everything underneath it. There is no domain directly attached to the root. Each domain has its own directory tree under the root directory, and I have a separate directory Engine containing the PHP code for all the sites. Each domain directory has a series of data files defining the various pages, optionally some configuration files, and a very short program index.php, which sets up a few user variables, and then passes control to the main program in Engine (by including it). The Engine processes a set of parameters, and from these generates the actual page which is passed to the user. The data files are almost entirely simple text files, and I do not use a database. The permissions are currently as they were set up by the provider. All directories in the system have permissions drwxr-xr-x, and all other files rw-r--r-- (when I read them as site owner -- I don't know if they are somehow changed when I access the site by downloading a page from one of the domains). I can load and run any of the files in Engine by including them into Index.php, and I can include images anywhere in the domain in the current page. I can also download them directly by quoting their full path. I can also show pages defined by data files in Engine, but I can neither show nor download images in Engine. I haven't tried accessing pages in other domains. As the permissions for group and others are the same for all directories, and all files, I don't understand how I can download images in the current domain, but not in Engine. Is it possible to reset the permissions so that different values are seen from different domains, and how can I tell which group I am actually in when I access a particular domain? Also is it possible to temporarily include a user in group, if they are not already there? Clancy. (The PHP manual has been down all day, and Google is not particularly helpful for this type of thing unless you already know the terminology, so I have largely been floundering in the dark. And when you look up 'user permissions' most books immediately assume database.) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Cookies sessions
On Thu, 21 Jan 2010 22:00:30 +, a...@ashleysheridan.co.uk (Ashley Sheridan) wrote: On Fri, 2010-01-22 at 08:58 +1100, clanc...@cybec.com.au wrote: On Thu, 21 Jan 2010 08:54:44 -0500, tedd.sperl...@gmail.com (tedd) wrote: At 12:15 PM +1100 1/21/10, clanc...@cybec.com.au wrote: On Wed, 20 Jan 2010 20:05:42 -0200, bsfaja...@gmail.com (Bruno Fajardo) wrote: Well, I hope this information is helpful. Yes, thanks to everyone who contributed. I now have a better understanding of what cookies are, and have turned on output buffering, enabling me to put the handler where I want, and still be able to debug it. Clancy One last thing. I use sessions for the storage of variables I need between pages, but I use cookies to leave data on the user's computer in case they come back to my site and want to pick up where they left off. Both operations store variables, but are for different purposes. Yes; I'm doing that too. I am setting up a private website, and using cookies to control access to it. Clancy Don't use cookies, use sessions for this. Information stored in cookies is susceptible to being read by pretty much anyone, hence the scare of using cookies that people get. Cookies in themselves are not the problem, but using them for anything you want to keep safe, like login details, etc, is a bad idea. Generally, a session ID is stored in the cookie, which gives nothing away to anyone trying to read it. Thank you all for your comments. My reasoning in using a cookie for user recognition, rather than relying on the session ID, was that with a cookie I could ensure that the connection effectively lasted for some specified period, whereas the session ID lifetime seems to be somewhat short and ill-defined. In this way I can be sure that the user will not be logged out unexpectedly. The actual value of the cookie I use is an MD5 hash of some user information with an additional random component, so that it would be extremely difficult to extract anything useful from it. It could equally be a random number, as it is verified by matching with a value stored on the server. I am also considering changing it every so often (every hour?) while the user is logged in, so that an old value would be useless to a hacker. At present I am using a normal text window for the user to log in, and I suspect that this is by far the weakest link in the system. The website is relatively obscure, and there is nothing particularly valuable on it, but I would be grateful for any suggestions how I could make this procedure more secure. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Cookies sessions
On Thu, 21 Jan 2010 08:54:44 -0500, tedd.sperl...@gmail.com (tedd) wrote: At 12:15 PM +1100 1/21/10, clanc...@cybec.com.au wrote: On Wed, 20 Jan 2010 20:05:42 -0200, bsfaja...@gmail.com (Bruno Fajardo) wrote: Well, I hope this information is helpful. Yes, thanks to everyone who contributed. I now have a better understanding of what cookies are, and have turned on output buffering, enabling me to put the handler where I want, and still be able to debug it. Clancy One last thing. I use sessions for the storage of variables I need between pages, but I use cookies to leave data on the user's computer in case they come back to my site and want to pick up where they left off. Both operations store variables, but are for different purposes. Yes; I'm doing that too. I am setting up a private website, and using cookies to control access to it. Clancy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Cookies sessions
On Wed, 20 Jan 2010 13:19:03 +, a...@ashleysheridan.co.uk (Ashley Sheridan) wrote: On Wed, 2010-01-20 at 15:45 +1100, clanc...@cybec.com.au wrote: On Tue, 19 Jan 2010 22:45:14 -0500, phps...@gmail.com (Phpster) wrote: The first setcookie call is empty which produces the errors that cause the second cookie to fail. I'm afraid not. I modified the program started to read: ?php //;V;;;Cypalda/Index.php Printed: 21/3/09 session_start (); setcookie ('Try_1', 'Works', time()+3600); echo 'nbsp;'; setcookie ('Try_2', 'Doesnt', time()+3600); With the result Warning: Cannot modify header information - headers already sent by (output started at D:\Websites\cypalda.com\index.php:6) in D:\Websites\cypalda.com\index.php on line 7 And cookie 'Try_2' is not set. I suspect you have been running with output buffering on, but I had left it in the default state, which is off. Well the problem here is obvious, you just changed the line that was causing the error to another line that causes another error! Why do you need to echo a space character? Remove that line and you will get rid of this new error. When you are working with sessions, provided you start your program with session_id(), you can then do anything you like with session variables at any point in your program. In my original question I asked if there was a cookie equivalent. Someone said there was, but the above is simply demonstrating that their suggested solution doesn't work. It appears there is no solution, but that the workaround is to turn on output buffering, at least until you finish setting cookies, so that you can be certain that no output is generated before this point. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Cookies sessions
On Wed, 20 Jan 2010 20:05:42 -0200, bsfaja...@gmail.com (Bruno Fajardo) wrote: 2010/1/20 clanc...@cybec.com.au: When you are working with sessions, provided you start your program with session_id(), you can then do anything you like with session variables at any point in your program. Hi, You meant session_start() instead of session_id(), right? Yes; Oops! But yes, once you started a session (before any output is sent to the browser, that includes echo and print statements, empty space chars, etc) you can do anything you like with the $_SESSION array, being able to read the stored values in other requests / scripts of your app, as long as the session is started. In my original question I asked if there was a cookie equivalent. As far as I know, yes, there is. You set a cookie using the setcookie() function. This function, in the same way as session_start(), must be called before any output is sent to the browser. Once a cookie is set in the client, you can read the $_COOKIE array in any subsequent request of your client, in any point of your app, just like session. It is not equivalent if you can't set a cookie after you have generated any output. Someone said there was, but the above is simply demonstrating that their suggested solution doesn't work. It appears there is no solution, but that the workaround is to turn on output buffering, at least until you finish setting cookies, so that you can be certain that no output is generated before this point. You don't need to use output buffering at all. You only need this mechanism if your script needs to output stuff before the session_start() or setcookie() functions get executed. I don't NEED output buffering if I put the cookie handling logic right at the start of the program, and don't ever want to put any diagnostics into it. But there is a logical place for it much later in my program, and I often want to put diagnostics into even the simplest bit of code, and life is much easier if this doesn't disable the cookie handler. Well, I hope this information is helpful. Yes, thanks to everyone who contributed. I now have a better understanding of what cookies are, and have turned on output buffering, enabling me to put the handler where I want, and still be able to debug it. Clancy Cheers, Bruno. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Cookies sessions
I am trying for the first time to use cookies. The manual contains the statement Cookies are part of the HTTP header, so setcookie() must be called before any output is sent to the browser. When I first started using sessions, I was alarmed to read a very similar statement about sessions, but I soon found that if I started my program with the statement session_start(); I could then set up, access, modify or clear any session variable at any time in my program. This is enormously useful, as I can put the session handling at any convenient point in my program, and can precede them with diagnostics if I need to. However I have almost immediately found that while I appear to be able to read cookies at any time, I cannot set them when I would like to. Is there any similar trick which will work with cookies? If I really have to work out what they should be, and then set them up, before issuing any diagnostics, etc, it will make life decidely more complicated. (I assume that I can set several cookies using successive calls to setcookie()?) I was also somewhat surprised to find that a cookie is used to implement sessions. Does this place any limitations on using both sessions and cookies in the same program? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Cookies sessions
On Tue, 19 Jan 2010 09:12:17 -0200, bsfaja...@gmail.com (Bruno Fajardo) wrote: 2010/1/19 clanc...@cybec.com.au: I am trying for the first time to use cookies. The manual contains the statement Cookies are part of the HTTP header, so setcookie() must be called before any output is sent to the browser. When I first started using sessions, I was alarmed to read a very similar statement about sessions, but I soon found that if I started my program with the statement session_start(); I could then set up, access, modify or clear any session variable at any time in my program. This is enormously useful, as I can put the session handling at any convenient point in my program, and can precede them with diagnostics if I need to. However I have almost immediately found that while I appear to be able to read cookies at any time, I cannot set them when I would like to. Is there any similar trick which will work with cookies? The only trick is that you have to call setcookie() before any output is sent to the browser, just like the session_start() behavior. .. Thank you all for your suggestions. Unfortunately I have already tried this, and it doesn't work for me (I am running PHP: 5.1.6). I have only tested this on my own PC, but if it doesn't work here, I would be very surprised if it would work on the remote server. Index.php starts: ?php //;V;;; Cypalda/Index.php Printed: session_start (); setcookie (); setcookie ('user_id', 'Wilma*Witgenstein', time()+3600); And this produces the following output: Warning: setcookie() expects at least 1 parameter, 0 given in D:\Websites\cypalda.com\index.php on line 4 Warning: Cannot modify header information - headers already sent by (output started at D:\Websites\cypalda.com\index.php:4) in D:\Websites\cypalda.com\index.php on line 5 It is interesting to note that the second diagnostic is generated because the first diagnostic is taken to have initiated the headers. I think I can live with this limitation, but this diagnostic is a warning of the hassles I am likely to face if I cannot find a way around it. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Cookies sessions
On Tue, 19 Jan 2010 16:45:37 +0530, kranthi...@gmail.com (kranthi) wrote: When I first started using sessions, I was alarmed to read a very similar statement about sessions, but I soon found that if I started my program with the statement session_start(); I could then set up, access, modify or clear any session variable at any time in my program. This is enormously useful, as I can put the session handling at any convenient point in my program, and can precede them with diagnostics if I need to. are you looking for ob_* functions ? Yes, thank you; I was! I read this, and said what the hell are they?, before I tried Bruno's setcookie() again, and verified it didn't work. Then I noticed a textbook buried on my desk opened to the section on cookies, saw output buffering, and realised what you were talking about. And, yes, they do seem to let me do what I want. Unfortunately they don't do one thing I would have liked them to, which is to enable me to see diagnostics buried in CSS code. The only way to discover these is to use the Explorer 'View source' option, and examine the HTML very carefully. While I was fiddling with the setcookie suggestion some diagnostics went missing (because I was running the wrong version), and when I looked at the HTML I found some error messages relating to an undefined variable in the CSS, which I fear have been there for a long time. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Cookies sessions
On Tue, 19 Jan 2010 22:45:14 -0500, phps...@gmail.com (Phpster) wrote: The first setcookie call is empty which produces the errors that cause the second cookie to fail. I'm afraid not. I modified the program started to read: ?php //;V;;; Cypalda/Index.php Printed: 21/3/09 session_start (); setcookie ('Try_1', 'Works', time()+3600); echo 'nbsp;'; setcookie ('Try_2', 'Doesnt', time()+3600); With the result Warning: Cannot modify header information - headers already sent by (output started at D:\Websites\cypalda.com\index.php:6) in D:\Websites\cypalda.com\index.php on line 7 And cookie 'Try_2' is not set. I suspect you have been running with output buffering on, but I had left it in the default state, which is off. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: PHP programming strategy; lots of little include files, or a few big ones?
On Wed, 6 Jan 2010 19:11:07 -0800, dae...@daevid.com (Daevid Vincent) wrote: -Original Message- From: Al [mailto:n...@ridersite.org] Sent: Wednesday, January 06, 2010 5:09 PM To: php-general@lists.php.net Subject: [PHP] Re: PHP programming strategy; lots of little include files, or a few big ones? On 1/6/2010 7:18 PM, clanc...@cybec.com.au wrote: I have a flexible program, which can do many different things according to the type of data it is fed. Ideally the flexibility is achieved by calling different functions, though when the functionality is ill-defined I sometimes just include blocks of code. Ideally, from the point of program maintenance, each module should not be too long -- preferably just a page or so. This doesn't raise problems in a compiled language, but in an interpreted language like PHP the programmer must decide whether to lump a whole lot of functions into a single large include file, or to include lots of little files as the particular functions are needed. The first case can lead to memory bloat, as there are likely to be a lot of unused functions in memory on any given pass, whereas the second case may require lots of little files to be loaded. Are there likely to be significant performance costs for either approach, and what are your feelings about the relative virtues of the two approaches? I think it's a case by case basis. Generally File I/O is expensive, but then again, as you say, having everything in a couple files is also sub-optimal for organizing and keeping things modular. I suggest you go with smaller files that are organized into logical 'chunks'. For example, functions that are used frequently are grouped into a common.inc.php rather than by topic (such as file/date/xml/forms/etc). And then use topical includes for the rest. More importantly, I suggest you get a good caching system like memecached or any of the others out there. Then you can pre-compile and load these files and the whole point becomes close to moot. ÐÆ5ÏÐ http://daevid.com Thank you all for your comments. I did not know about bytecode caches. They're an interesting concept, but if I am interpreting the paper http://itst.net/654-php-on-fire-three-opcode-caches-compared correctly they only double the average speed of operation, which is rather less than I would have anticipated. As I would have to understand yet another system to implement them, and I suspect I'd have to do a significant amount of rearranging, I don't think I will worry about them unless my webpages unexpectedly become extremely popular. Al's suggestion that my code is probably infinitesimal compared with PHP suggests that I shouldn't be worrying about memory requirements. On the other hand I agree with David that the advantages of using relatively small easy to understand modules probably outweigh the costs of loading a larger number of files. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: PHP programming strategy; lots of little include files, or a few big ones?
On Wed, 06 Jan 2010 23:20:26 -0500, kolb0...@umn.edu (Daniel Kolbo) wrote: Daevid Vincent wrote: -Original Message- From: Al [mailto:n...@ridersite.org] Sent: Wednesday, January 06, 2010 5:09 PM To: php-general@lists.php.net Subject: [PHP] Re: PHP programming strategy; lots of little include files, or a few big ones? On 1/6/2010 7:18 PM, clanc...@cybec.com.au wrote: I have a flexible program, which can do many different things according to the type of data it is fed. Ideally the flexibility is achieved by calling different functions, though when the functionality is ill-defined I sometimes just include blocks of code. Ideally, from the point of program maintenance, each module should not be too long -- preferably just a page or so. This doesn't raise problems in a compiled language, but in an interpreted language like PHP the programmer must decide whether to lump a whole lot of functions into a single large include file, or to include lots of little files as the particular functions are needed. The first case can lead to memory bloat, as there are likely to be a lot of unused functions in memory on any given pass, whereas the second case may require lots of little files to be loaded. Are there likely to be significant performance costs for either approach, and what are your feelings about the relative virtues of the two approaches? I think it's a case by case basis. Generally File I/O is expensive, but then again, as you say, having everything in a couple files is also sub-optimal for organizing and keeping things modular. I suggest you go with smaller files that are organized into logical 'chunks'. For example, functions that are used frequently are grouped into a common.inc.php rather than by topic (such as file/date/xml/forms/etc). And then use topical includes for the rest. More importantly, I suggest you get a good caching system like memecached or any of the others out there. Then you can pre-compile and load these files and the whole point becomes close to moot. ÐÆ5ÏÐ http://daevid.com Some people, when confronted with a problem, think 'I know, I'll use XML.' Now they have two problems. I had a similar issue but with classes (not functions). I opted to keep my classes short and succinct, rather than shoving all the method functionality into one all-purpose class. Instead of blindly loading all the little classes on each http request, I used (and was recommended on this list to use) __autoload(). The script would only load my classes if the individual request needed it. This helped to avoid the memory bloat. I've heard magic functions like __autoload are a bit slower, but the code is so much cleaner b/c of it. Also, an opcode cache as suggested previously would facilitate the rapid include of many small files. Unfortunately, php does not offer an __autoload() type function to autoload functions. If you are able to encapsulate your functions functionality into classes you may be able to use the above solution of using an opcode cache to help __autoload() a bunch of small classes. Although PHP doesn't offer an _autoload() function to autoload functions, it does provide function_exists, and this can readily be used to achieve the same end: If (!function_exists(feedback_handler)) { include ('Feedback_handler.php'); } -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: PHP programming strategy; lots of little include files, or a few big ones?
On Thu, 07 Jan 2010 22:48:59 -0500, rob...@interjinn.com (Robert Cummings) wrote: clanc...@cybec.com.au wrote: Thank you all for your comments. I did not know about bytecode caches. They're an interesting concept, but if I am interpreting the paper http://itst.net/654-php-on-fire-three-opcode-caches-compared correctly they only double the average speed of operation, which is rather less than I would have anticipated. I strongly advise that you take the time to try a bytecode cache. Within linux environments I am partial to eaccelerator. In IIS environments I now use WinCache from Microsoft. From my own observations with a multitude of different types of PHP web applications I find that the speed gain is closer to 5 times faster on average. Five times faster is certainly more attractive than twice as fast. But under what circumstances is this achieved? Unfortunately these days it is difficult to find any solid information on how things actually work, but my impression is that caches only work for pages which are frequently accessed. If this is correct, and (as I suspect) somebody looks at my website once an hour, the page will not be in the cache, so it won't help. Also one of the more popular parts of this website is my photo album, and for this much of the access time will be the download time of the photos. Furthermore as each visitor will look at a different set of photos, even with heavy access it is unlikely that any given photo would be in a cache. Despite these comments the access times for my websites seem to be pretty good -- certainly a lot better than many commercial websites -- but have a look at http://www.corybas.com/, and see what you think. (I am in the process of updating this, and know that the technical notes are not currently working, but there is plenty there to show you what I'm trying to do.) As I would have to understand yet another system to implement them, and I suspect I'd have to do a significant amount of rearranging, I don't think I will worry about them unless my webpages unexpectedly become extremely popular. That's your perogative, but you started this thread with a question about file access times. By your latest argument (above) you may as well ignore it since when and if the issue becomes salient then you can worry about it. However, I think that's disingenuous at best since your pages will appear slower on average, and you're just wasting CPU resources. Unfortunately I am cursed with an insatiable curiosity, and spend far too much time thinking about philosophical questions like this. But I have also been programming almost forever, and I have learned that it would now take me five times as long as (I hope) it would take you to implement something new like byte code caching. Al's suggestion that my code is probably infinitesimal compared with PHP suggests that I shouldn't be worrying about memory requirements. On the other hand I agree with David that the advantages of using relatively small easy to understand modules probably outweigh the costs of loading a larger number of files. You've missed several points. Bytecode caches allow you to skip the trip to the filesystem. They allow you to skip the parse and compile stage of PHP. They almost always make your shit run faster. Perhaps. But my visitors appear to be happy now, and my hosts aren't complaining that I'm overloading their system. Clancy PS. It does sadden me that there don't seem to be many people here who are interested in the philosophy of programming, as against the quick and dirty fix. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP programming strategy; lots of little include files, or a few big ones?
I have a flexible program, which can do many different things according to the type of data it is fed. Ideally the flexibility is achieved by calling different functions, though when the functionality is ill-defined I sometimes just include blocks of code. Ideally, from the point of program maintenance, each module should not be too long -- preferably just a page or so. This doesn't raise problems in a compiled language, but in an interpreted language like PHP the programmer must decide whether to lump a whole lot of functions into a single large include file, or to include lots of little files as the particular functions are needed. The first case can lead to memory bloat, as there are likely to be a lot of unused functions in memory on any given pass, whereas the second case may require lots of little files to be loaded. Are there likely to be significant performance costs for either approach, and what are your feelings about the relative virtues of the two approaches? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Extracting a time zone from a latitude longitude
On Sat, 21 Nov 2009 09:25:16 -0800, level...@gmail.com (Haig Davis) wrote: Good Morning all, Having a look at the time zone functions in PHP you can enter a time zone city and get it's lat long. Does anybody know how you can run the function in reverse (or know of a similar function) i.e. get the time zone city from the geographic coordinates. Google maps was a thought but the functions are only for use in google maps which rules out my use for them. Don't know what you mean by Time Zone City. IF the world were organised scientifically the time zone for a given location would be given by Time zone = GMT + (int)Long/15 But, as Stuart has pointed out, it isn't. Melbourne, Sydney, Brisbane, Port Moresby, Sakhalin Okhosh are all on GMT +10, but treat summertime in at least two and probably three different ways. Also Okhosh, Tokyo, and Adelaide all have a longitude of approximately 140°, but are on GMT +10, +9, and +9.5. If you really want to know the time zone for an arbitrary latitude and longitude, I doubt if you have any alternative to looking it up in an atlas. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] What method is best for generating thumbnails in PHP from PDF's?
On Thu, 12 Nov 2009 09:45:55 -0800 (PST), stephe...@rogers.com (Stephen) wrote: --- On Thu, 11/12/09, Chris Payne chris_pa...@danmangames.com wrote: I have been asked to create thumbnails from the first page of a PDF document on the fly with PHP, I have looked online but am confused as there doesn't seem 1 simple solution. Go to sitepoint.com and search for photo gallery in minutes Sitepoint: Home » Search for photo gallery in minutes doesn't find anything for me? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Whacky increment/assignment logic with $foo++ vs ++$foo
On Tue, 6 Oct 2009 12:15:54 -0400, tedd.sperl...@gmail.com (tedd) wrote: At 3:56 PM +0200 10/6/09, Andrea Giammarchi wrote: Does these behaves exactly? for($i=0; $i10; ++$i) for($i=0; $i10; $i++) different benchmarks showed ++$i is usually faster than $i++ Faster is a relative term that is becoming more meaningless each year. Considering that speed is increasing and memory prices are dropping exponentially, both of those are becoming less and less important in design considerations (my opinion). The speeds of the Crays of yesteryear we are now holding in our hands as cell phones. The memory we are buying today is literally fractions of a cent of the tens of thousands of dollars we spent some 20 years ago. My memory is a bit vague, but I think my first hard disk had 10 MB, and cost about $2000-- about $0.20 a kilobyte. Now you can buy a 1 TB hard disk for less than $100 -- less than $0.10 a gigabyte. I venture to claim the time it took me to write this email (and for you to read it) was longer than the total time saved between using ++$i vs $i++ for all the php scripts in the world over the remaining life span of PHP. Interesting food for thought, huh? When I started computing I could get five runs a week if I used the little local computer (with 32K of 24 bit words, and costing $500,000), or three runs a week if I used the big computer in Canberra (which had four times as much memory and cost $2 million). -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Whacky increment/assignment logic with $foo++ vs ++$foo
On Tue, 6 Oct 2009 14:08:14 -0400, tedd.sperl...@gmail.com (tedd) wrote: At 10:48 AM -0300 10/6/09, Martin Scotta wrote: No matter how silly it can looks like (a = a++) it is still completely valid code and it SHOULD run without problems. Yeah, it's a valid as: $a = $a; and does the same thing, which is nothing. No; it's worse, because it can be interpreted in two different ways, which is demonstrated by the fact that it gives different results in different languages. If you want a statement that does something, then use: $a = ++$a; or simply: $a++; or ++$a; Any of those will increment $a, whereas ($a = $a++;) does nothing. According to Schlossnagel Advanced PHP programming it is better to use ++$a, because this simply increments the variable, whereas $a++ makes a copy, and then increments the variable, so it involves additional time and memory usage. I cannot see that it would ever make a difference in the real world, but this is one of the tricks Schlossnagel advises you should use when you want the fastest possible code. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] A really wacky design decision
On Sun, 4 Oct 2009 14:52:36 +0200, an_...@hotmail.com (Andrea Giammarchi) wrote: $a = 2260; $b = 226e1; $c = 2.26e3; $d = 2260.0; $a==$b==$c==$d, and $b===$c===$d $b , $c, and $d are the same indeed ... they represent the floating point 2260.0 in I think every language ... it's like saying that 1.0 is not 1. ... both floating point numbers, so I don't get your problem ... IF they are actually floating point numbers. My problem is that I'm working with values which are strings, but which sometimes look like either integers or floating point numbers. And I apologise for falsely contradicting your previous message; I realised subsequently that I had forgotten to specify the variables as strings in my test. Thus, if I write: $a = 2260; $b = '2260'; the exact comparison returns 'false'. The same applies to all the cases I had been complaining about, and the exact comparison does indeed work as you stated. This piece of carelessness arose because my data is represented in the simple form, eg: A;e;21TH;APMusical education;090701 but is implicitly converted into strings when it is entered. (And I tend to be wary of determining the rules experimentally. I learned my programming on CDC3200 Fortran fortysomething years ago. Manuals were brief and textbooks non-existent, so whenever we were not sure of something we would try it. Unfortunately the Fortran had some very strange design features, which we learnt about when our employer upgraded to a CDC 6600. This used a much more standard Fortran, and many of the tricks we had discovered no longer worked.) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] A really wacky design decision
I am well aware of the === operator, but I had an uneasy feeling that there was still a trap. However when I tried it it worked, so I was going to thank you for your suggestion, though I find the concept of having separate 'sort of equal' and 'truly equal' operators decidedly distasteful, but then I discovered that if you have: $a = 2260; $b = 226e1; $c = 2.26e3; $d = 2260.0; $a==$b==$c==$d, and $b===$c===$d Granted $c $d are less likely to be encountered by accident, but if I want to be certain the two strings match I will have to stick to the (string) cast or use strcmp. Perhaps we need a 'really truly equal' operator ! Clancy And then you discover === $i = 0; $j = count ($names); while ($i $j) { if ($names[$i] === $target) { break; } ++$i; } ... regards To: php-general@lists.php.net From: clanc...@cybec.com.au Date: Sat, 3 Oct 2009 21:21:00 +1000 Subject: [PHP] A really wacky design decision Daevid Vincent is surprised that: $num = 123; $num = $num++; print $num; //this prints 123 and not 124 ?!! To me this is relatively logical. As I understand it, the post-increment operator says do something with the variable, and then increment it. The trouble in this case is that we are doing something irrational; we are copying the number back to itself, and to me it is reasonably logical (or at least no less illogical than the alternative) to assume that if we copy it to itself, then increment the original version, the copy will not be incremented. However there is one feature of PHP which, to my mind, is really bad design. How many of you can see anything wrong with the following procedure to search a list of names for a particular name? $i = 0; $j = count ($names); while ($i $j) { if ($names[$i] == $target) { break; } ++$i; } As long as the names are conventional names, this procedure is probably safe to use. However if you allow the names to be general alphanumeric strings, it is not reliable. One of my programs recently broke down in one particular case, and when I eventually isolated the bug I discovered that it was matching '2260' to '226E1'. (The logic of this is: 226E1 = 226*10^1 = 2260). I agree that I was well aware of this trap, and that I should not have used a simple comparison, but it seems to me to be a bizarre design decision to assume that anything which can be converted to an integer, using any of the available notations, is in fact an integer, rather than making the default to simply treat it as a string. It is also a trap that it is very easy to fall into if you start off thinking about simple names, and then extend (or borrow) the procedure to use more general strings. And can anyone tell me whether, in the above case, it is sufficient to write simply: if ((string) $names[$i] == $target), or should I write: if ((string) $names[$i] == (string) $target)? (I decided to play safe and use strcmp ().) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ Windows Live: Keep your friends up to date with what you do online. http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_1:092010 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] A really wacky design decision
On Sat, 03 Oct 2009 11:57:36 -0400, f...@thefsb.org (Tom Worster) wrote: On 10/3/09 7:21 AM, clanc...@cybec.com.au clanc...@cybec.com.au wrote: However there is one feature of PHP which, to my mind, is really bad design. How many of you can see anything wrong with the following procedure to search a list of names for a particular name? $i = 0; $j = count ($names); while ($i $j) { if ($names[$i] == $target) { break; } ++$i; } As long as the names are conventional names, this procedure is probably safe to use. However if you allow the names to be general alphanumeric strings, it is not reliable. One of my programs recently broke down in one particular case, and when I eventually isolated the bug I discovered that it was matching '2260' to '226E1'. (The logic of this is: 226E1 = 226*10^1 = 2260). I agree that I was well aware of this trap, and that I should not have used a simple comparison, but it seems to me to be a bizarre design decision to assume that anything which can be converted to an integer, using any of the available notations, is in fact an integer, rather than making the default to simply treat it as a string. this is odd. i might think it ok for (2260 == '226E1') to be true since php would be doing type juggling in a logical left-to-right manner: we start with an integer 2260, next is the juggling comparison operator, then a string, so it might reasonably try to convert the string to an integer and then compare. but with ('2260' == '226E1'), where both lhs and rhs are already of the same time, it seems elliptical, to say the least, that php should search the types to which it can convert the strings looking for one in which they are equal. The order doesn't matter; 2260 == 226e1, and 226e1==2260. It looks as if (for comparisons) PHP's order of preference is Integer Real ?? ?? String. If you use '==' it will try to convert everything to integer, but if you use '===' it will try to render them in some standard format (so that 226e1 === 2.26e3), but will not convert real to integer. Despite which if you print them without specifying a format it will print them all as 2260. All very messy! Clancy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] A really wacky design decision
Daevid Vincent is surprised that: $num = 123; $num = $num++; print $num; //this prints 123 and not 124 ?!! To me this is relatively logical. As I understand it, the post-increment operator says do something with the variable, and then increment it. The trouble in this case is that we are doing something irrational; we are copying the number back to itself, and to me it is reasonably logical (or at least no less illogical than the alternative) to assume that if we copy it to itself, then increment the original version, the copy will not be incremented. However there is one feature of PHP which, to my mind, is really bad design. How many of you can see anything wrong with the following procedure to search a list of names for a particular name? $i = 0; $j = count ($names); while ($i $j) { if ($names[$i] == $target) { break; } ++$i; } As long as the names are conventional names, this procedure is probably safe to use. However if you allow the names to be general alphanumeric strings, it is not reliable. One of my programs recently broke down in one particular case, and when I eventually isolated the bug I discovered that it was matching '2260' to '226E1'. (The logic of this is: 226E1 = 226*10^1 = 2260). I agree that I was well aware of this trap, and that I should not have used a simple comparison, but it seems to me to be a bizarre design decision to assume that anything which can be converted to an integer, using any of the available notations, is in fact an integer, rather than making the default to simply treat it as a string. It is also a trap that it is very easy to fall into if you start off thinking about simple names, and then extend (or borrow) the procedure to use more general strings. And can anyone tell me whether, in the above case, it is sufficient to write simply: if ((string) $names[$i] == $target), or should I write: if ((string) $names[$i] == (string) $target)? (I decided to play safe and use strcmp ().) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php