Re: [PHP] Sorting db entries by Year-Month
What do you guys think? Should we tell him he's running a vulnerable version of PHP _and_ of Apache??? On Tuesday 23 July 2002 16:26 pm, Andre Dubuc wrote: Apache 1.3.23 + PHP 4.1.2 + PostgreSQl 7.2 I have a guestbook that I would like to display the current month's entries. I can display all the entries before the current month, but i can't seem to figure out how to extract the currrent month's. Although the code below is a db issue, I don't know whether I should write code to extract the info before or after the db connection. Should I: 1. Set up the parameters beforehand in PHP, and then do a query; 2. Within the query itself (as the code I tried [and didn't work] below); 3. Or, somehow in PHP, after I get all the results [obviously without the db WHERE clause]. ?php // lots of code $db = pg_connect(dbname=rap user=postgres); $query = SELECT * FROM guest WHERE pdate = {$_SESSION['pdate'] == date('Y-m'); // pdate is formatted ('Y-m-d') // etc, etc. . . ? I know this is a simple question -- but my mind's totally blotto after a day's coding. Any help, pointers of where to look, or admonitions will be gratefully accepted. Tia, Andre -- If you pick up a starving dog and make him prosperous, he will not bite you; that is the principal difference between a dog and a man. Samuel Clemens -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sorting db entries by Year-Month
Well, that would be nice! Sort of 'completes-my-day' : So, both are vulnerable, eh? Great. Thanks for the warning -- but I'm using them for design only. Once the site is on-line, I'll be sure to use the upgraded versions. From what I read on-list, however, the current 'upgrades' have their problems too. Luckily, I'll be on-line later in the fall, so enough time might pass for the new PHP to stabilize. Regards, Andre On Tuesday 23 July 2002 08:47 pm, you wrote: What do you guys think? Should we tell him he's running a vulnerable version of PHP _and_ of Apache??? On Tuesday 23 July 2002 16:26 pm, Andre Dubuc wrote: Apache 1.3.23 + PHP 4.1.2 + PostgreSQl 7.2 snipped -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sorting db entries by Year-Month
Isn't there a MONTH function in PG? SELECT * FROM your_table WHERE MONTH(NOW()) = MONTH(your_column) ?? Or if PG stores dates in the Unix timestamp format, is the an equivalent to date() that you can extract the month from the column and compare them?? ---John Holmes... -Original Message- From: Andre Dubuc [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 23, 2002 7:26 PM To: [EMAIL PROTECTED] Subject: [PHP] Sorting db entries by Year-Month Apache 1.3.23 + PHP 4.1.2 + PostgreSQl 7.2 I have a guestbook that I would like to display the current month's entries. I can display all the entries before the current month, but i can't seem to figure out how to extract the currrent month's. Although the code below is a db issue, I don't know whether I should write code to extract the info before or after the db connection. Should I: 1. Set up the parameters beforehand in PHP, and then do a query; 2. Within the query itself (as the code I tried [and didn't work] below); 3. Or, somehow in PHP, after I get all the results [obviously without the db WHERE clause]. ?php // lots of code $db = pg_connect(dbname=rap user=postgres); $query = SELECT * FROM guest WHERE pdate = {$_SESSION['pdate'] == date('Y-m'); // pdate is formatted ('Y-m-d') // etc, etc. . . ? I know this is a simple question -- but my mind's totally blotto after a day's coding. Any help, pointers of where to look, or admonitions will be gratefully accepted. Tia, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sorting db entries by Year-Month
Hi John, further research indicates that for PG I could trysomething like: SELECT EXTRACT(MONTH FROM TIMESTAMP) Big John has offered some advice using: $today = getdate(); $start = $today['year'] . '-' . $today['mon'] . '-' . '01'; $end = $today['year'] . '-' . $today['mon'] . '-' . '31'; SELECT * FROM guest WHERE pdate BETWEEN {$start} AND {$end}; but PG doesn't like my format of $pdate as type date, since the result for $start and $end seems to result in type integer. Sigh. What a pain. Such a simple task, and . . . Thanks for your advice. I'll keep hacking away at it, and maybe I'll get it to work. Regards, Andre On Tuesday 23 July 2002 09:52 pm, you wrote: Isn't there a MONTH function in PG? SELECT * FROM your_table WHERE MONTH(NOW()) = MONTH(your_column) ?? Or if PG stores dates in the Unix timestamp format, is the an equivalent to date() that you can extract the month from the column and compare them?? ---John Holmes... -Original Message- From: Andre Dubuc [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 23, 2002 7:26 PM To: [EMAIL PROTECTED] Subject: [PHP] Sorting db entries by Year-Month Apache 1.3.23 + PHP 4.1.2 + PostgreSQl 7.2 I have a guestbook that I would like to display the current month's entries. I can display all the entries before the current month, but i can't seem to figure out how to extract the currrent month's. Although the code below is a db issue, I don't know whether I should write code to extract the info before or after the db connection. Should I: 1. Set up the parameters beforehand in PHP, and then do a query; 2. Within the query itself (as the code I tried [and didn't work] below); 3. Or, somehow in PHP, after I get all the results [obviously without the db WHERE clause]. ?php // lots of code $db = pg_connect(dbname=rap user=postgres); $query = SELECT * FROM guest WHERE pdate = {$_SESSION['pdate'] == date('Y-m'); // pdate is formatted ('Y-m-d') // etc, etc. . . ? I know this is a simple question -- but my mind's totally blotto after a day's coding. Any help, pointers of where to look, or admonitions will be gratefully accepted. Tia, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sorting db entries by Year-Month
further research indicates that for PG I could trysomething like: SELECT EXTRACT(MONTH FROM TIMESTAMP) I'm sure there is a NOW() or TIME() function in PG that returns the current date/time. Then you could do this: SELECT * FROM your_table WHERE EXTRACT(MONTH FROM your_column) = EXTRACT(MONTH FROM PG_CURRENT_TIME_FUNCTION()); $today = getdate(); $start = $today['year'] . '-' . $today['mon'] . '-' . '01'; $end = $today['year'] . '-' . $today['mon'] . '-' . '31'; SELECT * FROM guest WHERE pdate BETWEEN {$start} AND {$end}; but PG doesn't like my format of $pdate as type date, since the result for $start and $end seems to result in type integer. Sigh. I think PG uses the unix timestamp format, the number of seconds since Jan 1, 1970 or something. You could use a combination of date() and mktime() and maybe even strtotime() to figure the unix timestamp of the current month's start and end, then use the BETWEEN SQL given above... ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sorting db entries by Year-Month
Yeah. Apache is vulneralbe to a buffer overflow in the chunked-encoding, and PHP has (i think) a buffer overflow in the multipart/form-data POST form handling. It might be a format string though... that just came out this week. yesterday, i think. For dev you might want to consider using the CVS version- that's what I do. And if you set up a script for the cron-tab or something you could get the latest version overnight... Unfortunatly, Apache CVS is not open to the public. On Tuesday 23 July 2002 17:58 pm, you wrote: Well, that would be nice! Sort of 'completes-my-day' : So, both are vulnerable, eh? Great. Thanks for the warning -- but I'm using them for design only. Once the site is on-line, I'll be sure to use the upgraded versions. From what I read on-list, however, the current 'upgrades' have their problems too. Luckily, I'll be on-line later in the fall, so enough time might pass for the new PHP to stabilize. Regards, Andre On Tuesday 23 July 2002 08:47 pm, you wrote: What do you guys think? Should we tell him he's running a vulnerable version of PHP _and_ of Apache??? On Tuesday 23 July 2002 16:26 pm, Andre Dubuc wrote: Apache 1.3.23 + PHP 4.1.2 + PostgreSQl 7.2 snipped -- He who learns must suffer. Aeschylus -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sorting db entries by Year-Month
Simply wonderful news: But again, for design work, it isn't worth the trouble. I'm using SESSION variables $_POST, $_SESSION, and as long as they don't change, there's little point upgrading until the site is on-line. However, I will inform my IP to use all the latest versions. I'm running Linux-Mandrake 8.2 and the distro's Apache, PHP, and PostgeSQL. I've rolled my own, but the distro's added features persuaded to use them. When the site is finished, I will 'roll-my-own' and upgrade. Unfortunately, PostgreSQL and PHP tend to like spreding themselves all over my hardrive. It took me quite a bit of time to get my first versions working together. So, as long as they haven't changed the functions, the vulnerablities are a moot point at this time. Good to be aware of them, however. Thanks for your concern. Regards, Andre On Tuesday 23 July 2002 10:42 pm, you wrote: Yeah. Apache is vulneralbe to a buffer overflow in the chunked-encoding, and PHP has (i think) a buffer overflow in the multipart/form-data POST form handling. It might be a format string though... that just came out this week. yesterday, i think. For dev you might want to consider using the CVS version- that's what I do. And if you set up a script for the cron-tab or something you could get the latest version overnight... Unfortunatly, Apache CVS is not open to the public. On Tuesday 23 July 2002 17:58 pm, you wrote: Well, that would be nice! Sort of 'completes-my-day' : So, both are vulnerable, eh? Great. Thanks for the warning -- but I'm using them for design only. Once the site is on-line, I'll be sure to use the upgraded versions. From what I read on-list, however, the current 'upgrades' have their problems too. Luckily, I'll be on-line later in the fall, so enough time might pass for the new PHP to stabilize. Regards, Andre On Tuesday 23 July 2002 08:47 pm, you wrote: What do you guys think? Should we tell him he's running a vulnerable version of PHP _and_ of Apache??? On Tuesday 23 July 2002 16:26 pm, Andre Dubuc wrote: Apache 1.3.23 + PHP 4.1.2 + PostgreSQl 7.2 snipped -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php