php-general Digest 11 Jun 2010 07:22:56 -0000 Issue 6792
Topics (messages 306011 through 306034):
Re: Redirect to
306011 by: Daniel P. Brown
306012 by: Ashley Sheridan
306018 by: Ahmed Mohsen
bug in mkdir?
306013 by: Mike Wright
306014 by: Ashley Sheridan
Re: bug in mkdir? [SOLVED]
306015 by: Mike Wright
Re: Question - foreach.
306016 by: Paul M Foster
306017 by: Bob McConnell
306031 by: David McGlone
Brandon Rampersad wants to chat
306019 by: Brandon Rampersad
306020 by: Ashley Sheridan
is <?= good?
306021 by: Ahmed Mohsen
306022 by: Ashley Sheridan
306023 by: David Harkness
306024 by: Daniel Brown
306025 by: Ahmed Mohsen
306026 by: David Harkness
306028 by: Daevid Vincent
306032 by: Daniel P. Brown
306033 by: Floyd Resler
PHP -r, -a and .php return different results based upon " or ' marks !? [BUG]
306027 by: Daevid Vincent
306029 by: Simon J Welsh
306030 by: Ashley Sheridan
How does php server identify that the particular session belongs to particular
user
306034 by: Peter
Administrivia:
To subscribe to the digest, e-mail:
php-general-digest-subscr...@lists.php.net
To unsubscribe from the digest, e-mail:
php-general-digest-unsubscr...@lists.php.net
To post to the list, e-mail:
php-gene...@lists.php.net
----------------------------------------------------------------------
--- Begin Message ---
On Thu, Jun 10, 2010 at 14:06, Ahmed Mohsen <mre...@gmail.com> wrote:
[snip!]
>
> I don't want to enter (example.com/public) to view index.php file. I just
> want to enter (example.com) and it redirects to the public folder and shows
> only (example.com/index.php) in the URL. And for login.php should display
> (example.com/admin/login.php) not (example.com/public/admin/login.php)
That's an HTTP server configuration. For example, with Apache,
you should look at the DocumentRoot setting.
--
</Daniel P. Brown>
daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
We now offer SAME-DAY SETUP on a new line of servers!
--- End Message ---
--- Begin Message ---
On Thu, 2010-06-10 at 21:06 +0300, Ahmed Mohsen wrote:
> Hi folks,
> I know that this is not a php question, but I'm sure it some kind
> related to it. I need to put my public files under "public" folder, and
> other includes files and database config in other folder not shown to
> the public, but i don't know how to do that. I hope if some one show me
> how to achieve this.
>
> For example, this is the directory structure:
>
> /root
> --/includes
> ----db.php
> ----config.php
>
> --/public
> ----/index.php
> ----/images
> ----/admin
> ------/login.php
>
>
>
> I don't want to enter (example.com/public) to view index.php file. I
> just want to enter (example.com) and it redirects to the public folder
> and shows only (example.com/index.php) in the URL. And for login.php
> should display (example.com/admin/login.php) not
> (example.com/public/admin/login.php)
>
> Kind regards,
> Ahmed.
>
If /public is your web root, then alter your virtual hosts file to
reflect this, so that it is the one that is used as the web root.
If /public is not your web root, then you could consider using
mod_rewrite() to internally redirect the content the visitors see,
without them actually knowing about it.
Thanks,
Ash
http://www.ashleysheridan.co.uk
--- End Message ---
--- Begin Message ---
Thanks for help.
--- End Message ---
--- Begin Message ---
Hi all,
Using 5.2.9
I'm trying to create a directory but it is being created with incorrect
permissions. I'm following the online manual.
This is the command being used:
mkdir('/srv/www/domain/data/R1276190214358/thumbs', 0770, true);
This is what is created:
drwxr-x--- 2 apache apache 4096 2010-06-10 10:33 R1276190214358
Isn't that supposed to be 0770 instead of 0750? Either the manual is
wrong, the command is broken, or I'm screwing it up (most likely).
Thanks for any help,
Mike Wright
--- End Message ---
--- Begin Message ---
On Thu, 2010-06-10 at 11:32 -0700, Mike Wright wrote:
> Hi all,
>
> Using 5.2.9
>
> I'm trying to create a directory but it is being created with incorrect
> permissions. I'm following the online manual.
>
> This is the command being used:
>
> mkdir('/srv/www/domain/data/R1276190214358/thumbs', 0770, true);
>
> This is what is created:
>
> drwxr-x--- 2 apache apache 4096 2010-06-10 10:33 R1276190214358
>
> Isn't that supposed to be 0770 instead of 0750? Either the manual is
> wrong, the command is broken, or I'm screwing it up (most likely).
>
> Thanks for any help,
> Mike Wright
>
Did the R1276190214358 directory already exist? If so, it will retain
the permissions it had, and only the thumbs sub-directory within it will
have the new permissions.
Also, is this on a shared hosting server? It could be that a security
restriction in-place is not allowing the permissions to be configured as
the directory is written, and you may have to manually update them with
the chmod() function.
Thanks,
Ash
http://www.ashleysheridan.co.uk
--- End Message ---
--- Begin Message ---
Ashley Sheridan wrote:
On Thu, 2010-06-10 at 11:32 -0700, Mike Wright wrote:
Hi all,
Using 5.2.9
I'm trying to create a directory but it is being created with incorrect
permissions. I'm following the online manual.
This is the command being used:
mkdir('/srv/www/domain/data/R1276190214358/thumbs', 0770, true);
This is what is created:
drwxr-x--- 2 apache apache 4096 2010-06-10 10:33 R1276190214358
Isn't that supposed to be 0770 instead of 0750? Either the manual is
wrong, the command is broken, or I'm screwing it up (most likely).
Thanks for any help,
Mike Wright
Hi, Ash. Thanks for the help.
Did the R1276190214358 directory already exist?
No.
If so, it will retain
the permissions it had, and only the thumbs sub-directory within it will
have the new permissions.
Also, is this on a shared hosting server? It could be that a security
restriction in-place is not allowing the permissions to be configured as
the directory is written, and you may have to manually update them with
the chmod() function.
It's under my control.
Solution: run umask(000) first. (of the 3 choices above it turned out
to be #3 ;(
--- End Message ---
--- Begin Message ---
On Thu, Jun 10, 2010 at 11:16:08AM -0400, tedd wrote:
> At 9:32 AM -0400 6/10/10, Paul M Foster wrote:
>> On Thu, Jun 10, 2010 at 07:03:28AM -0400, tedd wrote:
>>
>> > This is one of those questions that you can test very easily, just
>>> initialize an array and try it.
>>
>> +1
>>
>> This is Tedd's modus operandi. His website(s) are full of exactly this
>> type of thing. And I have to agree. I can't count the number of
>> questions I *haven't* asked on this list, because I built a page to test
>> a particular concept. And this sort of activity (as opposed to just
>> reading about something) really locks in your understanding of a
>> concept.
>>
>> Paul
>
> Paul:
>
> Now, if I could get the old memory to "lock in" and remember it, it
> would be great!
>
> I spend much of my time thinking "Did I do that before?"
<grin> I know the feeling. I will say this, though. I have yet to figure
out, from your URLs, how your site(s) is/are organized. Maybe a reorg
would help?
Paul
--
Paul M. Foster
--- End Message ---
--- Begin Message ---
From: Paul M Foster
> On Thu, Jun 10, 2010 at 11:16:08AM -0400, tedd wrote:
>
>> At 9:32 AM -0400 6/10/10, Paul M Foster wrote:
>>> On Thu, Jun 10, 2010 at 07:03:28AM -0400, tedd wrote:
>>>
>>
>> Paul:
>>
>> Now, if I could get the old memory to "lock in" and remember it, it
>> would be great!
>>
>> I spend much of my time thinking "Did I do that before?"
>
> <grin> I know the feeling. I will say this, though. I have yet to
figure
> out, from your URLs, how your site(s) is/are organized. Maybe a reorg
> would help?
ISTR there are three signs of old age. The first is loss of memory, but
I can never remember the other two.
Bob McConnell
--- End Message ---
--- Begin Message ---
On Thursday 10 June 2010 11:16:08 tedd wrote:
> At 9:32 AM -0400 6/10/10, Paul M Foster wrote:
> >On Thu, Jun 10, 2010 at 07:03:28AM -0400, tedd wrote:
> > > This is one of those questions that you can test very easily, just
> >>
> >> initialize an array and try it.
> >
> >+1
> >
> >This is Tedd's modus operandi. His website(s) are full of exactly this
> >type of thing. And I have to agree. I can't count the number of
> >questions I *haven't* asked on this list, because I built a page to test
> >a particular concept. And this sort of activity (as opposed to just
> >reading about something) really locks in your understanding of a
> >concept.
> >
> >Paul
>
> Paul:
>
> Now, if I could get the old memory to "lock in" and remember it, it
> would be great!
>
> I spend much of my time thinking "Did I do that before?"
Looks like you and I are in the same boat! My memory these days has went to
the dumps.
Although I do the same thing Paul does to actually grasp a more in depth
understanding of something, sometimes in a day or two it's often forgotten.
--
Blessings,
David M.
--- End Message ---
--- Begin Message ---
-----------------------------------------------------------------------
Brandon Rampersad wants to stay in better touch using some of Google's
coolest new
products.
If you already have Gmail or Google Talk, visit:
http://mail.google.com/mail/b-b89a7a894d-87f44ca42c-QxVqdDj-Y-taKgwQ_V0g-Q8WRBY
You'll need to click this link to be able to chat with Brandon Rampersad.
To get Gmail - a free email account from Google with over 2,800 megabytes of
storage - and chat with Brandon Rampersad, visit:
http://mail.google.com/mail/a-b89a7a894d-87f44ca42c-QxVqdDj-Y-taKgwQ_V0g-Q8WRBY
Gmail offers:
- Instant messaging right inside Gmail
- Powerful spam protection
- Built-in search for finding your messages and a helpful way of organizing
emails into "conversations"
- No pop-up ads or untargeted banners - just text ads and related information
that are relevant to the content of your messages
All this, and its yours for free. But wait, there's more! By opening a Gmail
account, you also get access to Google Talk, Google's instant messaging
service:
http://www.google.com/talk/
Google Talk offers:
- Web-based chat that you can use anywhere, without a download
- A contact list that's synchronized with your Gmail account
- Free, high quality PC-to-PC voice calls when you download the Google Talk
client
We're working hard to add new features and make improvements, so we might also
ask for your comments and suggestions periodically. We appreciate your help in
making our products even better!
Thanks,
The Google Team
To learn more about Gmail and Google Talk, visit:
http://mail.google.com/mail/help/about.html
http://www.google.com/talk/about.html
(If clicking the URLs in this message does not work, copy and paste them into
the address bar of your browser).
--- End Message ---
--- Begin Message ---
Please could you not send out these auto messages Brandon as I believe
this is the second time a message has hit both my email address and the
mailing list with a request for Google chat from you.
Thanks,
Ash
http://www.ashleysheridan.co.uk
On Thu, 2010-06-10 at 13:46 -0700, Brandon Rampersad wrote:
> -----------------------------------------------------------------------
>
> Brandon Rampersad wants to stay in better touch using some of Google's
> coolest new
> products.
>
> If you already have Gmail or Google Talk, visit:
> http://mail.google.com/mail/b-b89a7a894d-87f44ca42c-QxVqdDj-Y-taKgwQ_V0g-Q8WRBY
> You'll need to click this link to be able to chat with Brandon Rampersad.
>
> To get Gmail - a free email account from Google with over 2,800 megabytes of
> storage - and chat with Brandon Rampersad, visit:
> http://mail.google.com/mail/a-b89a7a894d-87f44ca42c-QxVqdDj-Y-taKgwQ_V0g-Q8WRBY
>
> Gmail offers:
> - Instant messaging right inside Gmail
> - Powerful spam protection
> - Built-in search for finding your messages and a helpful way of organizing
> emails into "conversations"
> - No pop-up ads or untargeted banners - just text ads and related information
> that are relevant to the content of your messages
>
> All this, and its yours for free. But wait, there's more! By opening a Gmail
> account, you also get access to Google Talk, Google's instant messaging
> service:
>
> http://www.google.com/talk/
>
> Google Talk offers:
> - Web-based chat that you can use anywhere, without a download
> - A contact list that's synchronized with your Gmail account
> - Free, high quality PC-to-PC voice calls when you download the Google Talk
> client
>
> We're working hard to add new features and make improvements, so we might also
> ask for your comments and suggestions periodically. We appreciate your help in
> making our products even better!
>
> Thanks,
> The Google Team
>
> To learn more about Gmail and Google Talk, visit:
> http://mail.google.com/mail/help/about.html
> http://www.google.com/talk/about.html
>
> (If clicking the URLs in this message does not work, copy and paste them into
> the address bar of your browser).
>
--- End Message ---
--- Begin Message ---
I know that i should use the full open tag in php <?php ?> but i want to
know if its good to use this tag <?=$name?> instead of <?php echo $name ?>
--- End Message ---
--- Begin Message ---
On Fri, 2010-06-11 at 01:34 +0300, Ahmed Mohsen wrote:
> I know that i should use the full open tag in php <?php ?> but i want to
> know if its good to use this tag <?=$name?> instead of <?php echo $name ?>
>
Depends who you ask, there was a discussion of this on the list a while
back, and the result was pretty split 50/50. Personally I think it's a
bad idea, as those tags only work when short_tags are turned on, which
itself causes problems with outputting XML from PHP. Yes it saves a
little bit of typing, but with a decent IDE you can set up a shortcut
for that sort of thing anyway, negating the extra seconds spent on a
large project by typing the echo statement.
There is also a potential issue when you move your code to a different
server, as short tags are not enabled by default as of PHP 5.
But, like I said, if you ask someone else, you'll likely get a different
opinion on this issue.
If you're the only one using this code, and the server is in your
control, then it's down to what you prefer to use. If the codebase is
shared, or the hosting is not in your control (shared hosting, etc) then
it's probably best to stick to the regular <?php echo $name ?> format.
Thanks,
Ash
http://www.ashleysheridan.co.uk
--- End Message ---
--- Begin Message ---
On Thu, Jun 10, 2010 at 3:34 PM, Ahmed Mohsen <mre...@gmail.com> wrote:
> I know that i should use the full open tag in php <?php ?> but i want to
> know if its good to use this tag <?=$name?> instead of <?php echo $name ?>
>
According to some PHP 6 will remove support for short tags. They won't be
disabled by default--the feature simply won't exist.
http://www.slideshare.net/thinkphp/php-53-and-php-6-a-look-ahead
David
--- End Message ---
--- Begin Message ---
On Thu, Jun 10, 2010 at 19:35, David Harkness <davi...@highgearmedia.com> wrote:
>
> According to some PHP 6 will remove support for short tags. They won't be
> disabled by default--the feature simply won't exist.
>
> http://www.slideshare.net/thinkphp/php-53-and-php-6-a-look-ahead
I don't know why Stefan said that, but in fairness, that slideshow
is two years old. You'll still see short_open_tags, but you'll no
longer have ASP-style tags or the little-known <script language="PHP">
options available.
--
</Daniel P. Brown>
daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
We now offer SAME-DAY SETUP on a new line of servers!
--- End Message ---
--- Begin Message ---
On 6/11/2010 2:49 AM, Daniel Brown wrote:
On Thu, Jun 10, 2010 at 19:35, David Harkness<davi...@highgearmedia.com> wrote:
According to some PHP 6 will remove support for short tags. They won't be
disabled by default--the feature simply won't exist.
http://www.slideshare.net/thinkphp/php-53-and-php-6-a-look-ahead
I don't know why Stefan said that, but in fairness, that slideshow
is two years old. You'll still see short_open_tags, but you'll no
longer have ASP-style tags or the little-known<script language="PHP">
options available.
It still much safer to use the full tag to avoid any errors in the future
--- End Message ---
--- Begin Message ---
On Thu, Jun 10, 2010 at 4:49 PM, Daniel Brown <danbr...@php.net> wrote:
> You'll still see short_open_tags,
That's good to hear. Not that we're in any rush to jump into PHP6 given that
we're only just now *close* to deploying 5.3.
> but you'll no
> longer have ASP-style tags or the little-known <script language="PHP">
> options available.
>
Heh, that's funny since that old slideshow said that <script language="PHP">
would always be an option. I've never seen it myself so I'm not too worried.
;)
David
--- End Message ---
--- Begin Message ---
I use them ALL the time. MUCH cleaner IMHO than the alternatives.
And *IF* someday it is ever depricated, it's trival to:
s/<?=/<? echo/g
Don't let 'em scare ya!
> -----Original Message-----
> From: Ahmed Mohsen [mailto:mre...@gmail.com]
> Sent: Thursday, June 10, 2010 3:35 PM
> To: php-gene...@lists.php.net
> Subject: [PHP] is <?= good?
>
> I know that i should use the full open tag in php <?php ?>
> but i want to
> know if its good to use this tag <?=$name?> instead of <?php
> echo $name ?>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
--- End Message ---
--- Begin Message ---
On Thu, Jun 10, 2010 at 20:53, Daevid Vincent <dae...@daevid.com> wrote:
> I use them ALL the time. MUCH cleaner IMHO than the alternatives.
>
> And *IF* someday it is ever depricated, it's trival to:
>
> s/<?=/<? echo/g
Right. Because if we do away with short_open_tags, the fix is to
replace them all with short_open_tags. ;-P
P.S. - You may want to sed your vim. ;-P
--
</Daniel P. Brown>
daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
We now offer SAME-DAY SETUP on a new line of servers!
--- End Message ---
--- Begin Message ---
On Jun 10, 2010, at 8:53 PM, Daevid Vincent wrote:
I use them ALL the time. MUCH cleaner IMHO than the alternatives.
And *IF* someday it is ever depricated, it's trival to:
s/<?=/<? echo/g
Don't let 'em scare ya!
-----Original Message-----
From: Ahmed Mohsen [mailto:mre...@gmail.com]
Sent: Thursday, June 10, 2010 3:35 PM
To: php-gene...@lists.php.net
Subject: [PHP] is <?= good?
I know that i should use the full open tag in php <?php ?>
but i want to
know if its good to use this tag <?=$name?> instead of <?php
echo $name ?>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
I have to agree that <?= is much cleaner and I use them all the time
as well.
Take care,
Floyd
--- End Message ---
--- Begin Message ---
Chew on this...
develo...@mypse:~$ cat ./md5test.php
#!/usr/bin/php
<?php
$password = '12345678';
echo md5(strtoupper($password));
echo "\n";
echo md5(strtoupper('12345678'));
echo "\n";
$password = '$12345678';
echo md5(strtoupper($password));
echo "\n";
echo md5(strtoupper('$12345678'));
echo "\n";
?>
develo...@mypse:~$ ./md5test.php
25d55ad283aa400af464c76d713c07ad
25d55ad283aa400af464c76d713c07ad
2d05c0e3d6d22343123eae7f5678e34c
2d05c0e3d6d22343123eae7f5678e34c
develo...@mypse:~$ php -r "echo md5(strtoupper('12345678'));"
25d55ad283aa400af464c76d713c07ad
develo...@mypse:~$ php -a
Interactive shell
php > echo md5(strtoupper('$12345678'));
2d05c0e3d6d22343123eae7f5678e34c
develo...@mypse:~$ php -r "echo md5(strtoupper('$12345678'));"
b3275960d68fda9d831facc0426c3bbc
Why is the "-r" command line version different?
man php:
Using parameter -r you can directly execute PHP code simply as
you
would do inside a .php file when using the eval() function.
develo...@mypse:~$ php -v
PHP 5.2.4-2ubuntu5.10 with Suhosin-Patch 0.9.6.2 (cli) (built: Jan 6 2010
22:01:14)
Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies
Then I tried it again on two different servers with the same result:
PHP 5.2.6-2ubuntu4.6 with Suhosin-Patch 0.9.6.2 (cli) (built: Jan 6 2010
22:03:33)
Zend Engine v2.2.0, Copyright (c) 1998-2008 Zend Technologies
PHP 5.3.2-1ubuntu4.2 with Suhosin-Patch (cli) (built: May 13 2010 20:01:00)
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
So now it get's more interesting...
A co-worker suggested to reverse the quotes:
develo...@mypse:~$ php -r 'echo md5(strtoupper("$12345678"));'
2d05c0e3d6d22343123eae7f5678e34c
Note the use of the single and double quotes are reversed. This gives me
the RIGHT checksum.
To me this version is syntactically wrong because the " would indicate in
normal PHP to pre-parse the literal $12345678 and treat $1 as some kind of
variable or something. Whereas a ' says use the literal AS IS.
Not to mention that it is completely confusing that -r gives different
results than -a and using it in a .php file all together.
IF quotes are a factor (as they seem to be), then the -r PHP
behind-the-scenes code should flip them around or something so the
developer doesn't have to be concerned with this edge case nonsense.
Sanity would dictate that all ways of executing the SAME PHP code would
give the SAME results.
*sigh*
--- End Message ---
--- Begin Message ---
On 11/06/2010, at 12:49 PM, Daevid Vincent wrote:
> Chew on this...
>
> develo...@mypse:~$ cat ./md5test.php
> #!/usr/bin/php
> <?php
> $password = '12345678';
> echo md5(strtoupper($password));
> echo "\n";
> echo md5(strtoupper('12345678'));
> echo "\n";
>
> $password = '$12345678';
> echo md5(strtoupper($password));
> echo "\n";
> echo md5(strtoupper('$12345678'));
> echo "\n";
> ?>
>
> develo...@mypse:~$ ./md5test.php
> 25d55ad283aa400af464c76d713c07ad
> 25d55ad283aa400af464c76d713c07ad
> 2d05c0e3d6d22343123eae7f5678e34c
> 2d05c0e3d6d22343123eae7f5678e34c
>
> develo...@mypse:~$ php -r "echo md5(strtoupper('12345678'));"
> 25d55ad283aa400af464c76d713c07ad
>
> develo...@mypse:~$ php -a
> Interactive shell
> php > echo md5(strtoupper('$12345678'));
> 2d05c0e3d6d22343123eae7f5678e34c
>
> develo...@mypse:~$ php -r "echo md5(strtoupper('$12345678'));"
> b3275960d68fda9d831facc0426c3bbc
>
> Why is the "-r" command line version different?
>
> man php:
>
> Using parameter -r you can directly execute PHP code simply as
> you
> would do inside a .php file when using the eval() function.
>
> develo...@mypse:~$ php -v
> PHP 5.2.4-2ubuntu5.10 with Suhosin-Patch 0.9.6.2 (cli) (built: Jan 6 2010
> 22:01:14)
> Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies
>
> Then I tried it again on two different servers with the same result:
>
> PHP 5.2.6-2ubuntu4.6 with Suhosin-Patch 0.9.6.2 (cli) (built: Jan 6 2010
> 22:03:33)
> Zend Engine v2.2.0, Copyright (c) 1998-2008 Zend Technologies
>
> PHP 5.3.2-1ubuntu4.2 with Suhosin-Patch (cli) (built: May 13 2010 20:01:00)
>
> Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
>
> So now it get's more interesting...
>
> A co-worker suggested to reverse the quotes:
>
> develo...@mypse:~$ php -r 'echo md5(strtoupper("$12345678"));'
> 2d05c0e3d6d22343123eae7f5678e34c
>
> Note the use of the single and double quotes are reversed. This gives me
> the RIGHT checksum.
>
> To me this version is syntactically wrong because the " would indicate in
> normal PHP to pre-parse the literal $12345678 and treat $1 as some kind of
> variable or something. Whereas a ' says use the literal AS IS.
>
> Not to mention that it is completely confusing that -r gives different
> results than -a and using it in a .php file all together.
>
> IF quotes are a factor (as they seem to be), then the -r PHP
> behind-the-scenes code should flip them around or something so the
> developer doesn't have to be concerned with this edge case nonsense.
>
> Sanity would dictate that all ways of executing the SAME PHP code would
> give the SAME results.
>
> *sigh*
It's your shell doing what it's supposed to, by replacing $12345678, when the
entire string's in double quotes, with the contents of the shell variable
12345678 (most likely nothing), so all that PHP sees is: echo
md5(strtoupper(''));
---
Simon Welsh
Admin of http://simon.geek.nz/
Who said Microsoft never created a bug-free program? The blue screen never,
ever crashes!
http://www.thinkgeek.com/brain/gimme.cgi?wid=81d520e5e
--- End Message ---
--- Begin Message ---
On Thu, 2010-06-10 at 17:49 -0700, Daevid Vincent wrote:
> Chew on this...
>
> develo...@mypse:~$ cat ./md5test.php
> #!/usr/bin/php
> <?php
> $password = '12345678';
> echo md5(strtoupper($password));
> echo "\n";
> echo md5(strtoupper('12345678'));
> echo "\n";
>
> $password = '$12345678';
> echo md5(strtoupper($password));
> echo "\n";
> echo md5(strtoupper('$12345678'));
> echo "\n";
> ?>
>
> develo...@mypse:~$ ./md5test.php
> 25d55ad283aa400af464c76d713c07ad
> 25d55ad283aa400af464c76d713c07ad
> 2d05c0e3d6d22343123eae7f5678e34c
> 2d05c0e3d6d22343123eae7f5678e34c
>
> develo...@mypse:~$ php -r "echo md5(strtoupper('12345678'));"
> 25d55ad283aa400af464c76d713c07ad
>
> develo...@mypse:~$ php -a
> Interactive shell
> php > echo md5(strtoupper('$12345678'));
> 2d05c0e3d6d22343123eae7f5678e34c
>
> develo...@mypse:~$ php -r "echo md5(strtoupper('$12345678'));"
> b3275960d68fda9d831facc0426c3bbc
>
> Why is the "-r" command line version different?
>
> man php:
>
> Using parameter -r you can directly execute PHP code simply as
> you
> would do inside a .php file when using the eval() function.
>
> develo...@mypse:~$ php -v
> PHP 5.2.4-2ubuntu5.10 with Suhosin-Patch 0.9.6.2 (cli) (built: Jan 6 2010
> 22:01:14)
> Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies
>
> Then I tried it again on two different servers with the same result:
>
> PHP 5.2.6-2ubuntu4.6 with Suhosin-Patch 0.9.6.2 (cli) (built: Jan 6 2010
> 22:03:33)
> Zend Engine v2.2.0, Copyright (c) 1998-2008 Zend Technologies
>
> PHP 5.3.2-1ubuntu4.2 with Suhosin-Patch (cli) (built: May 13 2010 20:01:00)
>
> Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
>
> So now it get's more interesting...
>
> A co-worker suggested to reverse the quotes:
>
> develo...@mypse:~$ php -r 'echo md5(strtoupper("$12345678"));'
> 2d05c0e3d6d22343123eae7f5678e34c
>
> Note the use of the single and double quotes are reversed. This gives me
> the RIGHT checksum.
>
> To me this version is syntactically wrong because the " would indicate in
> normal PHP to pre-parse the literal $12345678 and treat $1 as some kind of
> variable or something. Whereas a ' says use the literal AS IS.
>
> Not to mention that it is completely confusing that -r gives different
> results than -a and using it in a .php file all together.
>
> IF quotes are a factor (as they seem to be), then the -r PHP
> behind-the-scenes code should flip them around or something so the
> developer doesn't have to be concerned with this edge case nonsense.
>
> Sanity would dictate that all ways of executing the SAME PHP code would
> give the SAME results.
>
> *sigh*
>
>
I believe that when you're running the PHP with the -r, the quotation
marks are treated as Bash (or whichever shell you're using) quotes, and
so the variable is possibly being parsed as an empty string value, which
is why reversing the quotes is having the right effect.
Thanks,
Ash
http://www.ashleysheridan.co.uk
--- End Message ---
--- Begin Message ---
Hi All,
My Question is "How does php server identify that the particular session
belongs to particular user?"
Please help me out
Regards
Peter.m
--- End Message ---
