subject:"RE\: \[PHP\] Sorting db entries by Year\-Month"

Re: [PHP] Sorting db entries by Year-Month

2002-07-23 Thread Evan Nemerson


What do you guys think? Should we tell him he's running a vulnerable version 
of PHP _and_ of Apache???



On Tuesday 23 July 2002 16:26 pm, Andre Dubuc wrote:
 Apache 1.3.23 + PHP 4.1.2 + PostgreSQl 7.2

 I have a guestbook that I would like to display the current month's
 entries. I can display all the entries before the current month, but i
 can't seem to figure out how to extract the currrent month's.

 Although the code below is a db issue, I don't know whether I should write
 code to extract the info before or after the db connection. Should I:

   1.  Set up the parameters beforehand in PHP, and then do a query;
   2.  Within the query itself (as the code I tried [and didn't work] below);
   3.  Or, somehow in PHP, after I get all the results [obviously without the
   db WHERE clause].

 ?php
 // lots of code

 $db = pg_connect(dbname=rap user=postgres);
 $query = SELECT * FROM guest WHERE pdate = {$_SESSION['pdate'] ==
 date('Y-m');  // pdate is formatted ('Y-m-d')

 // etc, etc. . .
 ?

 I know this is a simple question -- but my mind's totally blotto after a
 day's coding.

 Any help, pointers of where to look, or admonitions will be gratefully
 accepted.

 Tia,
 Andre

-- 
If you pick up a starving dog and make him prosperous, he will not bite you; 
that is the principal difference between a dog and a man.

Samuel Clemens


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Sorting db entries by Year-Month

2002-07-23 Thread Andre Dubuc


Well, that would be nice! Sort of 'completes-my-day' :
So, both are vulnerable, eh? Great.

Thanks for the warning -- but I'm using them for design only. Once the site 
is on-line, I'll be sure to use the upgraded versions. From what I read 
on-list, however, the current 'upgrades' have their problems too. Luckily, 
I'll be on-line later in the fall, so enough time might pass for the new PHP 
to stabilize.

Regards, Andre

On Tuesday 23 July 2002 08:47 pm, you wrote:
 What do you guys think? Should we tell him he's running a vulnerable
 version of PHP _and_ of Apache???

 On Tuesday 23 July 2002 16:26 pm, Andre Dubuc wrote:
  Apache 1.3.23 + PHP 4.1.2 + PostgreSQl 7.2
snipped

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Sorting db entries by Year-Month

2002-07-23 Thread John Holmes


Isn't there a MONTH function in PG?

SELECT * FROM your_table WHERE MONTH(NOW()) = MONTH(your_column) ??

Or if PG stores dates in the Unix timestamp format, is the an equivalent
to date() that you can extract the month from the column and compare
them??

---John Holmes...

 -Original Message-
 From: Andre Dubuc [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, July 23, 2002 7:26 PM
 To: [EMAIL PROTECTED]
 Subject: [PHP] Sorting db entries by Year-Month
 
 Apache 1.3.23 + PHP 4.1.2 + PostgreSQl 7.2
 
 I have a guestbook that I would like to display the current month's
 entries.
 I can display all the entries before the current month, but i can't
seem
 to
 figure out how to extract the currrent month's.
 
 Although the code below is a db issue, I don't know whether I should
write
 code to extract the info before or after the db connection. Should I:
 
   1.  Set up the parameters beforehand in PHP, and then do a
query;
   2.  Within the query itself (as the code I tried [and didn't
work]
 below);
   3.  Or, somehow in PHP, after I get all the results [obviously
 without the
   db WHERE clause].
 
 ?php
 // lots of code
 
 $db = pg_connect(dbname=rap user=postgres);
 $query = SELECT * FROM guest WHERE pdate = {$_SESSION['pdate'] ==
 date('Y-m');  // pdate is formatted ('Y-m-d')
 
 // etc, etc. . .
 ?
 
 I know this is a simple question -- but my mind's totally blotto after
a
 day's coding.
 
 Any help, pointers of where to look, or admonitions will be gratefully
 accepted.
 
 Tia,
 Andre
 
 
 
 --
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Sorting db entries by Year-Month

2002-07-23 Thread Andre Dubuc


Hi John,

further research indicates that for PG I could trysomething like:

SELECT EXTRACT(MONTH FROM TIMESTAMP) 

Big John has offered some advice using:

 $today = getdate();
 $start = $today['year'] . '-' . $today['mon'] . '-' . '01';
 $end  =  $today['year'] . '-' . $today['mon'] . '-' . '31';

SELECT * FROM guest WHERE pdate BETWEEN {$start} AND {$end};

but PG doesn't like my format of $pdate as type date, since the result for 
$start and $end seems to result in type integer. Sigh.

What a pain. Such a simple task, and  . . .

Thanks for your advice. I'll keep hacking away at it, and maybe I'll get it 
to work.

Regards,
Andre




On Tuesday 23 July 2002 09:52 pm, you wrote:
 Isn't there a MONTH function in PG?

 SELECT * FROM your_table WHERE MONTH(NOW()) = MONTH(your_column) ??

 Or if PG stores dates in the Unix timestamp format, is the an equivalent
 to date() that you can extract the month from the column and compare
 them??

 ---John Holmes...

  -Original Message-
  From: Andre Dubuc [mailto:[EMAIL PROTECTED]]
  Sent: Tuesday, July 23, 2002 7:26 PM
  To: [EMAIL PROTECTED]
  Subject: [PHP] Sorting db entries by Year-Month
 
  Apache 1.3.23 + PHP 4.1.2 + PostgreSQl 7.2
 
  I have a guestbook that I would like to display the current month's
  entries.
  I can display all the entries before the current month, but i can't

 seem

  to
  figure out how to extract the currrent month's.
 
  Although the code below is a db issue, I don't know whether I should

 write

  code to extract the info before or after the db connection. Should I:
 
  1.  Set up the parameters beforehand in PHP, and then do a

 query;

  2.  Within the query itself (as the code I tried [and didn't

 work]

  below);
  3.  Or, somehow in PHP, after I get all the results [obviously
  without the
  db WHERE clause].
 
  ?php
  // lots of code
 
  $db = pg_connect(dbname=rap user=postgres);
  $query = SELECT * FROM guest WHERE pdate = {$_SESSION['pdate'] ==
  date('Y-m');  // pdate is formatted ('Y-m-d')
 
  // etc, etc. . .
  ?
 
  I know this is a simple question -- but my mind's totally blotto after

 a

  day's coding.
 
  Any help, pointers of where to look, or admonitions will be gratefully
  accepted.
 
  Tia,
  Andre
 
 
 
  --
  PHP General Mailing List (http://www.php.net/)
  To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Sorting db entries by Year-Month

2002-07-23 Thread John Holmes


 further research indicates that for PG I could trysomething like:
 
 SELECT EXTRACT(MONTH FROM TIMESTAMP)

I'm sure there is a NOW() or TIME() function in PG that returns the
current date/time. Then you could do this:

SELECT * FROM your_table WHERE EXTRACT(MONTH FROM your_column) =
EXTRACT(MONTH FROM PG_CURRENT_TIME_FUNCTION());

  $today = getdate();
  $start = $today['year'] . '-' . $today['mon'] . '-' . '01';
  $end  =  $today['year'] . '-' . $today['mon'] . '-' . '31';
 
 SELECT * FROM guest WHERE pdate BETWEEN {$start} AND {$end};
 
 but PG doesn't like my format of $pdate as type date, since the result
for
 $start and $end seems to result in type integer. Sigh.

I think PG uses the unix timestamp format, the number of seconds since
Jan 1, 1970 or something. You could use a combination of date() and
mktime() and maybe even strtotime() to figure the unix timestamp of the
current month's start and end, then use the BETWEEN SQL given above...

---John Holmes...


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Sorting db entries by Year-Month

2002-07-23 Thread Evan Nemerson


Yeah. Apache is vulneralbe to a buffer overflow in the chunked-encoding, and 
PHP has (i think) a buffer overflow in the multipart/form-data POST form 
handling. It might be a format string though... that just came out this week. 
yesterday, i think.

For dev you might want to consider using the CVS version- that's what I do. 
And if you set up a script for the cron-tab or something you could get the 
latest version overnight... Unfortunatly, Apache CVS is not open to the 
public.



On Tuesday 23 July 2002 17:58 pm, you wrote:
 Well, that would be nice! Sort of 'completes-my-day' :
 So, both are vulnerable, eh? Great.

 Thanks for the warning -- but I'm using them for design only. Once the site
 is on-line, I'll be sure to use the upgraded versions. From what I read
 on-list, however, the current 'upgrades' have their problems too. Luckily,
 I'll be on-line later in the fall, so enough time might pass for the new
 PHP to stabilize.

 Regards, Andre

 On Tuesday 23 July 2002 08:47 pm, you wrote:
  What do you guys think? Should we tell him he's running a vulnerable
  version of PHP _and_ of Apache???
 
  On Tuesday 23 July 2002 16:26 pm, Andre Dubuc wrote:
   Apache 1.3.23 + PHP 4.1.2 + PostgreSQl 7.2

 snipped

-- 
He who learns must suffer.

Aeschylus


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Sorting db entries by Year-Month

2002-07-23 Thread Andre Dubuc


Simply wonderful news:

But again, for design work, it isn't worth the trouble. I'm using SESSION 
variables $_POST, $_SESSION, and as long as they don't change, there's 
little point upgrading until the site is on-line. However, I will inform my 
IP to use all the latest versions.

I'm running Linux-Mandrake 8.2 and the distro's Apache, PHP, and PostgeSQL. 
I've rolled my own, but the distro's added features persuaded to use them. 
When the site is finished, I will 'roll-my-own' and upgrade. Unfortunately, 
PostgreSQL and PHP tend to like spreding themselves all over my hardrive. It 
took me quite a bit of time to get my first versions working together.

So, as long as they haven't changed the functions, the vulnerablities are a 
moot point at this time. Good to be aware of them, however.

Thanks for your concern.

Regards,
Andre

On Tuesday 23 July 2002 10:42 pm, you wrote:
 Yeah. Apache is vulneralbe to a buffer overflow in the chunked-encoding,
 and PHP has (i think) a buffer overflow in the multipart/form-data POST
 form handling. It might be a format string though... that just came out
 this week. yesterday, i think.

 For dev you might want to consider using the CVS version- that's what I do.
 And if you set up a script for the cron-tab or something you could get the
 latest version overnight... Unfortunatly, Apache CVS is not open to the
 public.

 On Tuesday 23 July 2002 17:58 pm, you wrote:
  Well, that would be nice! Sort of 'completes-my-day' :
  So, both are vulnerable, eh? Great.
 
  Thanks for the warning -- but I'm using them for design only. Once the
  site is on-line, I'll be sure to use the upgraded versions. From what I
  read on-list, however, the current 'upgrades' have their problems too.
  Luckily, I'll be on-line later in the fall, so enough time might pass for
  the new PHP to stabilize.
 
  Regards, Andre
 
  On Tuesday 23 July 2002 08:47 pm, you wrote:
   What do you guys think? Should we tell him he's running a vulnerable
   version of PHP _and_ of Apache???
  
   On Tuesday 23 July 2002 16:26 pm, Andre Dubuc wrote:
Apache 1.3.23 + PHP 4.1.2 + PostgreSQl 7.2
 
  snipped

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Sorting db entries by Year-Month

Re: [PHP] Sorting db entries by Year-Month

RE: [PHP] Sorting db entries by Year-Month

Re: [PHP] Sorting db entries by Year-Month

RE: [PHP] Sorting db entries by Year-Month

Re: [PHP] Sorting db entries by Year-Month

Re: [PHP] Sorting db entries by Year-Month

7 matches

Site Navigation

Mail list logo

Footer information