php-general Digest 26 Oct 2010 02:24:28 -0000 Issue 7006
Topics (messages 309053 through 309066):
Looking for an open-source project
309053 by: Mert Oztekin
309059 by: Colin Guthrie
309061 by: Ken Guest
Re: Stripslashes redundancy question.
309054 by: Bob McConnell
309055 by: Paul M Foster
309056 by: Shawn McKenzie
309057 by: Adam Richardson
Re: Possible foreach bug; seeking advice to isolate the problem
309058 by: David Harkness
Re: Model View Concepts
309060 by: J Ravi Menon
Check for existence of mail address
309062 by: webdev.blaettner.com
309063 by: Daniel P. Brown
309064 by: Jonathan Tapicer
309065 by: webdev.blaettner.com
309066 by: Sharl.Jimh.Tsin
Administrivia:
To subscribe to the digest, e-mail:
php-general-digest-subscr...@lists.php.net
To unsubscribe from the digest, e-mail:
php-general-digest-unsubscr...@lists.php.net
To post to the list, e-mail:
php-gene...@lists.php.net
----------------------------------------------------------------------
--- Begin Message ---
Hi,
I am looking for an open-source project to help and make some fun. Anyone has
suggestions?
________________________________
Bu mesaj ve ekleri, mesajda g?nderildi?i belirtilen ki?i/ki?ilere ?zeldir ve
gizlidir. Size yanl??l?kla ula?m??sa l?tfen g?nderen kisiyi bilgilendiriniz ve
mesaj? sisteminizden siliniz. Mesaj ve eklerinin i?eri?i ile ilgili olarak
?irketimizin herhangi bir hukuki sorumlulu?u bulunmamaktad?r. ?irketimiz
mesaj?n ve bilgilerinin size de?i?ikli?e u?rayarak veya ge? ula?mas?ndan,
b?t?nl???n?n ve gizlili?inin korunamamas?ndan, vir?s i?ermesinden ve bilgisayar
sisteminize verebilece?i herhangi bir zarardan sorumlu tutulamaz.
This message and attachments are confidential and intended for the
individual(s) stated in this message. If you received this message in error,
please immediately notify the sender and delete it from your system. Our
company has no legal responsibility for the contents of the message and its
attachments. Our company shall have no liability for any changes or late
receiving, loss of integrity and confidentiality, viruses and any damages
caused in anyway to your computer system.
***?imdi her yerde ?ubemiz var:
http://www.anadolusigortaonline.com.tr a??ld?.
Disclaimer added by CodeTwo Exchange Rules 2007
www.codetwo.com<http://www.codetwo.com>
--- End Message ---
--- Begin Message ---
'Twas brillig, and Mert Oztekin at 25/10/10 13:23 did gyre and gimble:
> I am looking for an open-source project to help and make some fun. Anyone has
> suggestions?
How about helping out Zend Framework, adding useful classes for various
Service integrations etc.?
Col
--
Colin Guthrie
gmane(at)colin.guthr.ie
http://colin.guthr.ie/
Day Job:
Tribalogic Limited [http://www.tribalogic.net/]
Open Source:
Mageia Contributor [http://www.mageia.org/]
PulseAudio Hacker [http://www.pulseaudio.org/]
Trac Hacker [http://trac.edgewall.org/]
--- End Message ---
--- Begin Message ---
On Mon, Oct 25, 2010 at 7:57 PM, Colin Guthrie <gm...@colin.guthr.ie> wrote:
> 'Twas brillig, and Mert Oztekin at 25/10/10 13:23 did gyre and gimble:
> > I am looking for an open-source project to help and make some fun. Anyone
> has suggestions?
>
> How about helping out Zend Framework, adding useful classes for various
> Service integrations etc.?
>
> Or similarly for PEAR?
> Col
>
> --
>
> Colin Guthrie
> gmane(at)colin.guthr.ie
> http://colin.guthr.ie/
>
> Day Job:
> Tribalogic Limited [http://www.tribalogic.net/]
> Open Source:
> Mageia Contributor [http://www.mageia.org/]
> PulseAudio Hacker [http://www.pulseaudio.org/]
> Trac Hacker [http://trac.edgewall.org/]
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
http://blogs.linux.ie/kenguest/
--- End Message ---
--- Begin Message ---
From: Adam Richardson
> On Sun, Oct 24, 2010 at 6:29 PM, Gary <gp...@paulgdesigns.com> wrote:
>> In my form processing scripts, I usually have the variable set as so:
>>
>> $email = stripslashes($_POST['email']);
>>
>> I have discovered that the program that I use has a pre-written
function of
>> this:
>>
>> // remove escape characters from POST array
>> if (get_magic_quotes_gpc()) {
>> function stripslashes_deep($value) {
>> $value = is_array($value) ? array_map('stripslashes_deep', $value)
:
>> stripslashes($value);
>> return $value;
>> }
>> $_POST = array_map('stripslashes_deep', $_POST);
>> }
>>
>> I just put this in a script that I have been using, leaving the
original
>> stripslashes in the variable. The script still works, but is there a
>> problem
>> with redundancy, or does one cancel the other out?
>>
>> Also, which do you think is a better method to use?
>>
>
> Calling stripslashes() more than once on the same string can cause
issues.
> That said, I'd point out that as of PHP 5.3, the use of
magic_quotes_gpc()
> has been deprecated:
>
http://www.php.net/manual/en/info.configuration.php#ini.magic-quotes-gpc
>
>
<http://www.php.net/manual/en/info.configuration.php#ini.magic-quotes-gp
c>This
> was after many criticisms were leveled against the use of magic
quotes:
> http://en.wikipedia.org/wiki/Magic_quotes
>
> So, my inclination is to turn off magic quotes if they're on by using
> php.ini -OR- htaccess (if at all possible) rather than checking if
they are
> on and strip them if needed.
You can only call stripslashes once, and only if magic quotes is
enabled. Even if you can turn it off on your server, if there is any
chance your code will be used on other servers where it might not be
turned off, you need to wrap it with the test for magic quotes to make
it safe. We always used the version wrapped in the magic quotes check.
That way we don't care how the server is configured.
A Google search on the two function names will retrieve many valid
arguments for this course of action.
Bob McConnell
--- End Message ---
--- Begin Message ---
On Sun, Oct 24, 2010 at 09:33:23PM -0400, Adam Richardson wrote:
<snip>
> <http://www.php.net/manual/en/info.configuration.php#ini.magic-quotes-gpc>This
> was after many criticisms were leveled against the use of magic quotes:
> http://en.wikipedia.org/wiki/Magic_quotes
Wait-- according to this last link, magic quotes are only inserted on
GET, POST, REQUEST and COOKIE values. I've never seen this in the
php.net docs. Did I miss something? Is the link correct and the php.net
docs incomplete? Or am I just horribly misguided?
Paul
--
Paul M. Foster
--- End Message ---
--- Begin Message ---
On 10/25/2010 09:49 AM, Paul M Foster wrote:
> On Sun, Oct 24, 2010 at 09:33:23PM -0400, Adam Richardson wrote:
>
> <snip>
>
>> <http://www.php.net/manual/en/info.configuration.php#ini.magic-quotes-gpc>This
>> was after many criticisms were leveled against the use of magic quotes:
>> http://en.wikipedia.org/wiki/Magic_quotes
>
> Wait-- according to this last link, magic quotes are only inserted on
> GET, POST, REQUEST and COOKIE values. I've never seen this in the
> php.net docs. Did I miss something? Is the link correct and the php.net
> docs incomplete? Or am I just horribly misguided?
>
> Paul
>
magic_quotes_gpc yes (Get, Post, Cookie). magic_quotes_runtime controls
these:
http://www.php.net/manual/en/info.configuration.php#ini.magic-quotes-runtime
--
Thanks!
-Shawn
http://www.spidean.com
--- End Message ---
--- Begin Message ---
> You can only call stripslashes once, and only if magic quotes is
> enabled. Even if you can turn it off on your server, if there is any
> chance your code will be used on other servers where it might not be
> turned off, you need to wrap it with the test for magic quotes to make
> it safe. We always used the version wrapped in the magic quotes check.
> That way we don't care how the server is configured.
>
> A Google search on the two function names will retrieve many valid
> arguments for this course of action.
>
> Bob McConnell
Hi Bob,
You're absolutely right, you can find examples like your suggesting.
However, this can lead to issues.
For instance, some frameworks and scripts take the opportunity to
strip slashes from all GPC data at once, such as the code below:
if (get_magic_quotes_gpc()){
$_GET = array_map('stripslashes', $_GET);
$_POST = array_map('stripslashes', $_POST);
$_COOKIE = array_map('stripslashes', $_COOKIE);
}
Now, if your library is running a magic quote check and strip, but
another library is running this type of strip before yours, a
legitimate string can be mangled:
$test = 'CD "C:\Program Files\Internet Explorer\"';
$slashed_version = addslashes($test);
// the other library
$deslashed1 = stripslashes($slashed_version);
// your library
$deslashed2 = stripslashes($deslashed1);
echo $deslashed2;
This outputs:
CD "C:Program FilesInternet Explorer"
Granted, this isn't likely a frequent issue, as the type of strings
that cause this issue are used infrequently. However, given the above
potential issue, the lack of benefits in terms of preventing SQL
injection, and the increased overhead, I prefer to make sure they're
turned off (even most shared hosts allow you to turn off magic quotes
if they aren't already turned off.)
That said, I understand your approach. I just wanted to make sure I
spoke more clearly to the issues I had magic quotes.
Adam
--
Nephtali: PHP web framework that functions beautifully
http://nephtaliproject.com
--- End Message ---
--- Begin Message ---
On Sat, Oct 23, 2010 at 6:48 PM, Jonathan Sachs <081...@jhsachs.com> wrote:
> Now that I understand it, I can see the same thing would happen if I
> wrote the equivalent code in C, and probably in Java.
>
Neither C nor Java have references as PHP does, and references in C++ cannot
be changed to point to a new location after being created. None of these
languages have this particular quirk. If you use pointers in C or C++, the
way you assign an address to a pointer makes it clear you are not
overwriting whatever the pointer currently points to, so again it's not a
problem.
In PHP we have a very common pattern of using a reference in foreach(), and
the loop variable continues to reference the last item after the loop exits.
Further, the second loop has to use the iteration variable as a
non-reference. If both loops use a reference variable, the problem
disappears:
$x = array('a', 'b', 'c');
foreach ($x as &$i) echo $i;
> abc
foreach ($x as &$i) echo $i;
> abc
In my opinion, if you write code where a variable is a reference at point X
and a non-reference at point Y, you are asking for trouble. Simply separate
the loops into different functions or introduce a new loop variable.
David
--- End Message ---
--- Begin Message ---
On Fri, Oct 22, 2010 at 3:03 AM, Ashley Sheridan
<a...@ashleysheridan.co.uk> wrote:
> On Fri, 2010-10-22 at 10:16 +0200, Sebastian Detert wrote:
>
>> Hi all,
>>
>> I'm currently searching for any code snippets, tutorials, howtos,
>> concepts which explain different ways to collect all type of data/input
>> (i.e. inside a class, xml, json string whatever) and create independent
>> html files (i.e. different designs), xml files, pdf files, etc. out of
>> that pool of data. Do you have any urls or own experience you could share?
>>
>> Thanks,
>> Sebastian
>>
>
>
> How about looking into using a framework like CodeIgniter? I know I plug
> it a little bit on this list, but of all the frameworks I've used, I've
> found it the easiest to get running from scratch, and can be the
> quickest to get working for someone new to frameworks.
>
> Basically, it handles the way bothersome stuff with pulling in various
> models etc for a controller, and lets you get on with actually building
> the code that makes the website work.
>
> Thanks,
> Ash
> http://www.ashleysheridan.co.uk
>
>
>
One MVC framework I have used recently is Kohana:
http://docs.kohanaphp.com/
See links on models, views etc.. It has a OOP flavor, and considered
fairly lightweight. I have written my own simplistic MVC framework
which is more efficient but definitely not as feature rich as Kohana.
There are good hooks for db handling (which will do input validation,
escaping etc..).
Ravi
--- End Message ---
--- Begin Message ---
Hi, folks,
I'm wondering how to checking existence of a given
mail address like f...@bar.com .
At 1st I tried:
if f (filter_var ($maddr, FILTER_VALIDATE_EMAIL) === false) {
/* some sort of error handling code here */
}
where $maddr is the address to be checked.
But this checks only syntax.. :-(
Is there any other function which checks whether this
address really exists?
And, of course, I want to avoid sending a test mail just
for checking :-)
Many THX in advance for suggestions, pointers...
Rolf
--
Dipl.phys. Rudolf Otto Blättner,
D 91074 Herzogenaurach, Germany.
--- End Message ---
--- Begin Message ---
On Mon, Oct 25, 2010 at 18:38, <web...@blaettner.com> wrote:
>
> Is there any other function which checks whether this
> address really exists?
Of course not! Can you imagine the implications, insecurities,
and privacy concerns that would be associated with that? Some
mailservers will confirm or deny if a local address exists, but not
most --- thankfully.
--
</Daniel P. Brown>
Dedicated Servers, Cloud and Cloud Hybrid Solutions, VPS, Hosting
(866-) 725-4321
http://www.parasane.net/
--- End Message ---
--- Begin Message ---
You can use this class:
http://www.webdigi.co.uk/blog/wp-content/uploads/2009/01/smtpvalidateclassphp.txt
It may not work for some SMTPs.
It uses the concepts explained here:
http://www.webdigi.co.uk/blog/2009/how-to-check-if-an-email-address-exists-without-sending-an-email/
On Mon, Oct 25, 2010 at 7:38 PM, <web...@blaettner.com> wrote:
> Hi, folks,
>
> I'm wondering how to checking existence of a given
> mail address like f...@bar.com .
>
> At 1st I tried:
>
> if f (filter_var ($maddr, FILTER_VALIDATE_EMAIL) === false) {
> /* some sort of error handling code here */
> }
>
> where $maddr is the address to be checked.
> But this checks only syntax.. :-(
>
> Is there any other function which checks whether this
> address really exists?
>
> And, of course, I want to avoid sending a test mail just
> for checking :-)
>
> Many THX in advance for suggestions, pointers...
>
> Rolf
> --
> Dipl.phys. Rudolf Otto Blättner,
> D 91074 Herzogenaurach, Germany.
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
--- Begin Message ---
Hi Daniel, hi Jonathan, hi folks,
many THX for Your quick replies!
On Mon, 25 Oct 2010 18:46:02 -0400, "Daniel P. Brown"
<daniel.br...@parasane.net> wrote:
> On Mon, Oct 25, 2010 at 18:38, <web...@blaettner.com> wrote:
> >
> > Is there any other function which checks whether this
> > address really exists?
>
> Of course not! Can you imagine the implications, insecurities,
> and privacy concerns that would be associated with that? Some
> mailservers will confirm or deny if a local address exists, but not
> most --- thankfully.
Yeah, You're right! After 2 seconds of thinking I got it!
And, on Mon, 25 Oct 2010 19:48:55 -0300, Jonathan Tapicer
<tapi...@gmail.com> wrote:
> You can use this class:
> http://www.webdigi.co.uk/blog/wp-content/uploads/2009/01
> /smtpvalidateclassphp.txt
>
> It may not work for some SMTPs.
Many THX !! I'll give it a try ...
> It uses the concepts explained here:
> http://www.webdigi.co.uk/blog/2009/how-to-check-if-an-email
> -address-exists-without-sending-an-email/
... after reading this concept :-)
THX, bye,
greetings to Canada and USA from (now pitch dark) Ol'Germany!
Your Rolf
APPENDIX: My original posting was:
--snip----snip----snip----snip----snip----snip----snip----snip----snip--
> Date: Tue, 26 Oct 2010 00:38:56 +0200, From: web...@blaettner.com
>
> Hi, folks,
>
> I'm wondering how to checking existence of a given
> mail address like f...@bar.com .
>
> At 1st I tried:
>
> if f (filter_var ($maddr, FILTER_VALIDATE_EMAIL) === false) {
> /* some sort of error handling code here */
> }
>
> where $maddr is the address to be checked.
> But this checks only syntax.. :-(
>
> Is there any other function which checks whether this
> address really exists?
>
> And, of course, I want to avoid sending a test mail just
> for checking :-)
>
> Many THX in advance for suggestions, pointers...
>
> Rolf
--snap----snap----snap----snap----snap----snap----snap----snap----snap--
--
Dipl.phys. Rudolf Otto Blättner,
D 91074 Herzogenaurach, Germany.
--- End Message ---
--- Begin Message ---
You can try the smtpvalidate class provided by Jonathan Tapicer,But
maybe it is impossible in my opinion.
PS:send test mail and check the fail-report by MTA server may be a
idea,but no good :)
Best regards,
Sharl.Jimh.Tsin (From China)
2010/10/26 <web...@blaettner.com>:
> Hi Daniel, hi Jonathan, hi folks,
>
> many THX for Your quick replies!
>
> On Mon, 25 Oct 2010 18:46:02 -0400, "Daniel P. Brown"
> <daniel.br...@parasane.net> wrote:
>
>> On Mon, Oct 25, 2010 at 18:38, <web...@blaettner.com> wrote:
>> >
>> > Is there any other function which checks whether this
>> > address really exists?
>>
>> Of course not! Can you imagine the implications, insecurities,
>> and privacy concerns that would be associated with that? Some
>> mailservers will confirm or deny if a local address exists, but not
>> most --- thankfully.
>
> Yeah, You're right! After 2 seconds of thinking I got it!
>
>
> And, on Mon, 25 Oct 2010 19:48:55 -0300, Jonathan Tapicer
> <tapi...@gmail.com> wrote:
>
>> You can use this class:
>> http://www.webdigi.co.uk/blog/wp-content/uploads/2009/01
>> /smtpvalidateclassphp.txt
>>
>> It may not work for some SMTPs.
>
> Many THX !! I'll give it a try ...
>
>> It uses the concepts explained here:
>> http://www.webdigi.co.uk/blog/2009/how-to-check-if-an-email
>> -address-exists-without-sending-an-email/
>
> ... after reading this concept :-)
>
> THX, bye,
> greetings to Canada and USA from (now pitch dark) Ol'Germany!
>
> Your Rolf
>
>
> APPENDIX: My original posting was:
>
> --snip----snip----snip----snip----snip----snip----snip----snip----snip--
>> Date: Tue, 26 Oct 2010 00:38:56 +0200, From: web...@blaettner.com
>>
>> Hi, folks,
>>
>> I'm wondering how to checking existence of a given
>> mail address like f...@bar.com .
>>
>> At 1st I tried:
>>
>> if f (filter_var ($maddr, FILTER_VALIDATE_EMAIL) === false) {
>> /* some sort of error handling code here */
>> }
>>
>> where $maddr is the address to be checked.
>> But this checks only syntax.. :-(
>>
>> Is there any other function which checks whether this
>> address really exists?
>>
>> And, of course, I want to avoid sending a test mail just
>> for checking :-)
>>
>> Many THX in advance for suggestions, pointers...
>>
>> Rolf
> --snap----snap----snap----snap----snap----snap----snap----snap----snap--
> --
> Dipl.phys. Rudolf Otto Blättner,
> D 91074 Herzogenaurach, Germany.
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
