Re: [PHP] Sorting db entries by Year-Month
Simply wonderful news:> But again, for design work, it isn't worth the trouble. I'm using SESSION variables $_POST, $_SESSION, and as long as they don't change, there's little point upgrading until the site is on-line. However, I will inform my IP to use all the latest versions. I'm running Linux-Mandrake 8.2 and the distro's Apache, PHP, and PostgeSQL. I've rolled my own, but the distro's added features persuaded to use them. When the site is finished, I will 'roll-my-own' and upgrade. Unfortunately, PostgreSQL and PHP tend to like spreding themselves all over my hardrive. It took me quite a bit of time to get my first versions working together. So, as long as they haven't changed the functions, the vulnerablities are a moot point at this time. Good to be aware of them, however. Thanks for your concern. Regards, Andre On Tuesday 23 July 2002 10:42 pm, you wrote: > Yeah. Apache is vulneralbe to a buffer overflow in the chunked-encoding, > and PHP has (i think) a buffer overflow in the multipart/form-data POST > form handling. It might be a format string though... that just came out > this week. yesterday, i think. > > For dev you might want to consider using the CVS version- that's what I do. > And if you set up a script for the cron-tab or something you could get the > latest version overnight... Unfortunatly, Apache CVS is not open to the > public. > > On Tuesday 23 July 2002 17:58 pm, you wrote: > > Well, that would be nice! Sort of 'completes-my-day' :> > > So, both are vulnerable, eh? Great. > > > > Thanks for the warning -- but I'm using them for design only. Once the > > site is on-line, I'll be sure to use the upgraded versions. From what I > > read on-list, however, the current 'upgrades' have their problems too. > > Luckily, I'll be on-line later in the fall, so enough time might pass for > > the new PHP to stabilize. > > > > Regards, Andre > > > > On Tuesday 23 July 2002 08:47 pm, you wrote: > > > What do you guys think? Should we tell him he's running a vulnerable > > > version of PHP _and_ of Apache??? > > > > > > On Tuesday 23 July 2002 16:26 pm, Andre Dubuc wrote: > > > > Apache 1.3.23 + PHP 4.1.2 + PostgreSQl 7.2 > > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sorting db entries by Year-Month
Yeah. Apache is vulneralbe to a buffer overflow in the chunked-encoding, and PHP has (i think) a buffer overflow in the multipart/form-data POST form handling. It might be a format string though... that just came out this week. yesterday, i think. For dev you might want to consider using the CVS version- that's what I do. And if you set up a script for the cron-tab or something you could get the latest version overnight... Unfortunatly, Apache CVS is not open to the public. On Tuesday 23 July 2002 17:58 pm, you wrote: > Well, that would be nice! Sort of 'completes-my-day' :> > So, both are vulnerable, eh? Great. > > Thanks for the warning -- but I'm using them for design only. Once the site > is on-line, I'll be sure to use the upgraded versions. From what I read > on-list, however, the current 'upgrades' have their problems too. Luckily, > I'll be on-line later in the fall, so enough time might pass for the new > PHP to stabilize. > > Regards, Andre > > On Tuesday 23 July 2002 08:47 pm, you wrote: > > What do you guys think? Should we tell him he's running a vulnerable > > version of PHP _and_ of Apache??? > > > > On Tuesday 23 July 2002 16:26 pm, Andre Dubuc wrote: > > > Apache 1.3.23 + PHP 4.1.2 + PostgreSQl 7.2 > > -- He who learns must suffer. Aeschylus -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sorting db entries by Year-Month
> further research indicates that for PG I could trysomething like:
>
> SELECT EXTRACT(MONTH FROM TIMESTAMP)
I'm sure there is a NOW() or TIME() function in PG that returns the
current date/time. Then you could do this:
SELECT * FROM your_table WHERE EXTRACT(MONTH FROM your_column) =
EXTRACT(MONTH FROM PG_CURRENT_TIME_FUNCTION());
> $today = getdate();
> $start = $today['year'] . '-' . $today['mon'] . '-' . '01';
> $end = $today['year'] . '-' . $today['mon'] . '-' . '31';
>
> "SELECT * FROM guest WHERE pdate BETWEEN {$start} AND {$end}";
>
> but PG doesn't like my format of $pdate as type date, since the result
for
> $start and $end seems to result in type integer. Sigh.
I think PG uses the unix timestamp format, the number of seconds since
Jan 1, 1970 or something. You could use a combination of date() and
mktime() and maybe even strtotime() to figure the unix timestamp of the
current month's start and end, then use the BETWEEN SQL given above...
---John Holmes...
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sorting db entries by Year-Month
Hi John,
further research indicates that for PG I could trysomething like:
SELECT EXTRACT(MONTH FROM TIMESTAMP)
Big John has offered some advice using:
$today = getdate();
$start = $today['year'] . '-' . $today['mon'] . '-' . '01';
$end = $today['year'] . '-' . $today['mon'] . '-' . '31';
"SELECT * FROM guest WHERE pdate BETWEEN {$start} AND {$end}";
but PG doesn't like my format of $pdate as type date, since the result for
$start and $end seems to result in type integer. Sigh.
What a pain. Such a simple task, and . . .
Thanks for your advice. I'll keep hacking away at it, and maybe I'll get it
to work.
Regards,
Andre
On Tuesday 23 July 2002 09:52 pm, you wrote:
> Isn't there a MONTH function in PG?
>
> SELECT * FROM your_table WHERE MONTH(NOW()) = MONTH(your_column) ??
>
> Or if PG stores dates in the Unix timestamp format, is the an equivalent
> to date() that you can extract the month from the column and compare
> them??
>
> ---John Holmes...
>
> > -Original Message-
> > From: Andre Dubuc [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, July 23, 2002 7:26 PM
> > To: [EMAIL PROTECTED]
> > Subject: [PHP] Sorting db entries by Year-Month
> >
> > Apache 1.3.23 + PHP 4.1.2 + PostgreSQl 7.2
> >
> > I have a guestbook that I would like to display the current month's
> > entries.
> > I can display all the entries before the current month, but i can't
>
> seem
>
> > to
> > figure out how to extract the currrent month's.
> >
> > Although the code below is a db issue, I don't know whether I should
>
> write
>
> > code to extract the info before or after the db connection. Should I:
> >
> > 1. Set up the parameters beforehand in PHP, and then do a
>
> query;
>
> > 2. Within the query itself (as the code I tried [and didn't
>
> work]
>
> > below);
> > 3. Or, somehow in PHP, after I get all the results [obviously
> > without the
> > db WHERE clause].
> >
> > > // lots of code
> >
> > $db = pg_connect("dbname=rap user=postgres");
> > $query = "SELECT * FROM guest WHERE pdate = "{$_SESSION['pdate'] ==
> > date('Y-m')"; // pdate is formatted ('Y-m-d')
> >
> > // etc, etc. . .
> > ?>
> >
> > I know this is a simple question -- but my mind's totally blotto after
>
> a
>
> > day's coding.
> >
> > Any help, pointers of where to look, or admonitions will be gratefully
> > accepted.
> >
> > Tia,
> > Andre
> >
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sorting db entries by Year-Month
Isn't there a MONTH function in PG?
SELECT * FROM your_table WHERE MONTH(NOW()) = MONTH(your_column) ??
Or if PG stores dates in the Unix timestamp format, is the an equivalent
to date() that you can extract the month from the column and compare
them??
---John Holmes...
> -Original Message-
> From: Andre Dubuc [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, July 23, 2002 7:26 PM
> To: [EMAIL PROTECTED]
> Subject: [PHP] Sorting db entries by Year-Month
>
> Apache 1.3.23 + PHP 4.1.2 + PostgreSQl 7.2
>
> I have a guestbook that I would like to display the current month's
> entries.
> I can display all the entries before the current month, but i can't
seem
> to
> figure out how to extract the currrent month's.
>
> Although the code below is a db issue, I don't know whether I should
write
> code to extract the info before or after the db connection. Should I:
>
> 1. Set up the parameters beforehand in PHP, and then do a
query;
> 2. Within the query itself (as the code I tried [and didn't
work]
> below);
> 3. Or, somehow in PHP, after I get all the results [obviously
> without the
> db WHERE clause].
>
> // lots of code
>
> $db = pg_connect("dbname=rap user=postgres");
> $query = "SELECT * FROM guest WHERE pdate = "{$_SESSION['pdate'] ==
> date('Y-m')"; // pdate is formatted ('Y-m-d')
>
> // etc, etc. . .
> ?>
>
> I know this is a simple question -- but my mind's totally blotto after
a
> day's coding.
>
> Any help, pointers of where to look, or admonitions will be gratefully
> accepted.
>
> Tia,
> Andre
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sorting db entries by Year-Month
Well, that would be nice! Sort of 'completes-my-day' :> So, both are vulnerable, eh? Great. Thanks for the warning -- but I'm using them for design only. Once the site is on-line, I'll be sure to use the upgraded versions. From what I read on-list, however, the current 'upgrades' have their problems too. Luckily, I'll be on-line later in the fall, so enough time might pass for the new PHP to stabilize. Regards, Andre On Tuesday 23 July 2002 08:47 pm, you wrote: > What do you guys think? Should we tell him he's running a vulnerable > version of PHP _and_ of Apache??? > > On Tuesday 23 July 2002 16:26 pm, Andre Dubuc wrote: > > Apache 1.3.23 + PHP 4.1.2 + PostgreSQl 7.2 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sorting db entries by Year-Month
What do you guys think? Should we tell him he's running a vulnerable version
of PHP _and_ of Apache???
On Tuesday 23 July 2002 16:26 pm, Andre Dubuc wrote:
> Apache 1.3.23 + PHP 4.1.2 + PostgreSQl 7.2
>
> I have a guestbook that I would like to display the current month's
> entries. I can display all the entries before the current month, but i
> can't seem to figure out how to extract the currrent month's.
>
> Although the code below is a db issue, I don't know whether I should write
> code to extract the info before or after the db connection. Should I:
>
> 1. Set up the parameters beforehand in PHP, and then do a query;
> 2. Within the query itself (as the code I tried [and didn't work] below);
> 3. Or, somehow in PHP, after I get all the results [obviously without the
> db WHERE clause].
>
> // lots of code
>
> $db = pg_connect("dbname=rap user=postgres");
> $query = "SELECT * FROM guest WHERE pdate = "{$_SESSION['pdate'] ==
> date('Y-m')"; // pdate is formatted ('Y-m-d')
>
> // etc, etc. . .
> ?>
>
> I know this is a simple question -- but my mind's totally blotto after a
> day's coding.
>
> Any help, pointers of where to look, or admonitions will be gratefully
> accepted.
>
> Tia,
> Andre
--
If you pick up a starving dog and make him prosperous, he will not bite you;
that is the principal difference between a dog and a man.
Samuel Clemens
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
