Re: [PHP] Question about session_id() and session_start()

thank you. I read the source code and it helps a lot, now I know the behavior of the code is consistent with the NOTE. I think the reason is that If the 'new' session_id we want to set already exists on the server, but does not exist on the client's cookie, the server must send a set-cookie header

Re: [PHP] Question about session_id() and session_start()

On 20/05/2013, Maciek Sokolewicz wrote: > On 20-5-2013 22:14, Tim Schofield wrote: >> Matijn >> >> There are well over half a million lines of source code in PHP. It seems >> a >> little unhelpful to tell someone to go and read half a million lines of C >> when you could just tell them the answer?

Re: [PHP] Question about session_id() and session_start()

Op 21 mei 2013 03:59 schreef "David OBrien" het volgende: > > > On May 20, 2013 8:45 PM, "Matijn Woudt" wrote: > > > > > > On Mon, May 20, 2013 at 10:46 PM, David OBrien wrote: > >> > >> On Mon, May 20, 2013 at 4:14 PM, Tim Schofield wrote: > >> > >> > Matijn > >> > > >> > There are well over h

Re: [PHP] Question about session_id() and session_start()

On May 20, 2013 8:45 PM, "Matijn Woudt" wrote: > > > On Mon, May 20, 2013 at 10:46 PM, David OBrien wrote: >> >> On Mon, May 20, 2013 at 4:14 PM, Tim Schofield wrote: >> >> > Matijn >> > >> > There are well over half a million lines of source code in PHP. It seems a >> > little unhelpful to tell

Re: [PHP] Question about session_id() and session_start()

On Mon, May 20, 2013 at 10:46 PM, David OBrien wrote: > On Mon, May 20, 2013 at 4:14 PM, Tim Schofield > wrote: > > > Matijn > > > > There are well over half a million lines of source code in PHP. It seems > a > > little unhelpful to tell someone to go and read half a million lines of C > > when

Re: [PHP] Question about session_id() and session_start()

On 20-5-2013 22:14, Tim Schofield wrote: Matijn There are well over half a million lines of source code in PHP. It seems a little unhelpful to tell someone to go and read half a million lines of C when you could just tell them the answer? Thanks Tim Course View Towers, Plot 21 Yusuf Lule Road,

Re: [PHP] Question about session_id() and session_start()

On Mon, May 20, 2013 at 4:14 PM, Tim Schofield wrote: > Matijn > > There are well over half a million lines of source code in PHP. It seems a > little unhelpful to tell someone to go and read half a million lines of C > when you could just tell them the answer? > > Thanks > Tim > > Course View To

Re: [PHP] Question about session_id() and session_start()

Matijn There are well over half a million lines of source code in PHP. It seems a little unhelpful to tell someone to go and read half a million lines of C when you could just tell them the answer? Thanks Tim Course View Towers, Plot 21 Yusuf Lule Road, Kampala T +256 (0) 312 314 418 M +256 (0)

Re: [PHP] Question about session_id() and session_start()

On Mon, May 20, 2013 at 5:33 AM, 孟远涛 wrote: > I find the Note in PHP document. > http://www.php.net/manual/en/function.session-id.php > > "Note: When using session cookies, specifying an id for session_id() will > always send a new cookie when session_start() is called, regardless if the > curren

Re: [PHP] Question

Am 03.11.12 01:30, schrieb Silvio Siefke: > Hello, > > i have compile PHP 5.4.8 on my Debian System. I have before Version 5.4.7. > I delete before all old Files from PHP and then run the commands: > > ./configure --sysconfdir=/usr/local/etc --with-pear --enable-bcmath > --with-bz2=/usr --disable

Re: [PHP] Question about date calculations

On Fri, Dec 30, 2011 at 5:33 PM, Eric Lommatsch wrote: > > When I try this method: > > > > $interval = $dteStartDate[$intCnt]->diff($dteEndDate[$intCnt]); I get the > following error when I run the page: > > " Fatal error : Call to undefined method DateTime::diff() in > /var/www/evalHomeLime.php

RE: Re: [PHP] Question about date calculations

m > > > > > er...@pivotaldata.com > > > > > > -Original message- > From: Fatih P. > Sent: Thu 29-12-2011 16:16 > To: ad...@buskirkgraphics.com; > CC: 'Frank Arensmeier' ; 'Eric Lommatsch' > ; p

Re: [PHP] Question about date calculations

On 12/29/2011 01:22 PM, Eric Lommatsch wrote: Hello List, I am using PHP version 5.2.6. I am using PHP V5.3.3 In my setup, the following lines give me errors stating that PHP cannot convert the DateTime object to a string. I was able to get around the error by changing your code to the fol

RE: Re: [PHP] Question about date calculations

mmatsch' ; php-general@lists.php.net; Subject: Re: [PHP] Question about date calculations On 12/30/2011 12:19 AM, ad...@buskirkgraphics.com wrote: -Original Message- From: Fatih P. [ mailto:fatihpirist...@gmail.com ] Sent: Thursday, December 29, 2011 5:10 PM To: Frank Arensmeier Cc:

RE: [PHP] Question about date calculations

x27;Frank Arensmeier' ; CC: 'Eric Lommatsch' ; php-general@lists.php.net; Subject: RE: [PHP] Question about date calculations > -Original Message- > From: Fatih P. [mailto:fatihpirist...@gmail.com] > Sent: Thursday, December 29, 2011 5:10 PM > To: Frank Are

RE: Re: [PHP] Question about date calculations

Ext 23 Fax 888-282-9927   www.pivotaldata.com   er...@pivotaldata.com       -Original message- From: Frank Arensmeier Sent: Thu 29-12-2011 15:25 To: Eric Lommatsch ; CC: php-general@lists.php.net; Subject: Re: [PHP] Question about date calculations 29 dec 2011 kl. 22.22 skrev

Re: [PHP] Question about date calculations

Fatih P. wrote: well then look deeper in the question: "I have a page I am trying to create where I am comparing the values of two MySQL date fields with the current date. One of the *MySQL Date fields *is a class start date,*the other* is the class end date." all needs to do is modify his quer

Re: [PHP] Question about date calculations

On 12/30/2011 12:19 AM, ad...@buskirkgraphics.com wrote: -Original Message- From: Fatih P. [mailto:fatihpirist...@gmail.com] Sent: Thursday, December 29, 2011 5:10 PM To: Frank Arensmeier Cc: Eric Lommatsch; php-general@lists.php.net Subject: Re: [PHP] Question about date calculations

RE: [PHP] Question about date calculations

> -Original Message- > From: Fatih P. [mailto:fatihpirist...@gmail.com] > Sent: Thursday, December 29, 2011 5:10 PM > To: Frank Arensmeier > Cc: Eric Lommatsch; php-general@lists.php.net > Subject: Re: [PHP] Question about date calculations > > On Thu, Dec 29,

Re: [PHP] Question about date calculations

On Thu, Dec 29, 2011 at 11:40 PM, Frank Arensmeier wrote: > 29 dec 2011 kl. 22.22 skrev Eric Lommatsch: > > > So far in looking at the functions that are available at > > http://www.php.net/manual/en/ref.datetime.php I have not been able to > figure > > out how to do what I need to do. Below is a

Re: [PHP] Question about date calculations

29 dec 2011 kl. 22.22 skrev Eric Lommatsch: > So far in looking at the functions that are available at > http://www.php.net/manual/en/ref.datetime.php I have not been able to figure > out how to do what I need to do. Below is a snippet showing approximately > what I am trying to do. On the same

Re: [PHP] Question about socket_select

On Wed, Dec 14, 2011 at 1:25 AM, Matijn Woudt wrote: > On Wed, Dec 14, 2011 at 12:11 AM, Mihai Anghel > wrote: >> Hello, >> >> It appears to me that something is strange with the socket_select function. >> From what I understand the value of the fourth parameter, tv_sec, >> should block the exec

Re: [PHP] Question about socket_select

On Wed, Dec 14, 2011 at 12:11 AM, Mihai Anghel wrote: > Hello, > > It appears to me that something is strange with the socket_select function. > From what I understand the value of the fourth parameter, tv_sec, > should block the execution of the script for that number of seconds. > I tried this c

Re: [PHP] Question about performance between for iteration and extension function

On Fri, Dec 9, 2011 at 5:04 PM, Lin Yo-An wrote: > Hi folks, > > I am in doubt of this, I thought pure php iteration is slower than calling > join or other extension functions. > > but the result shows:  https://gist.github.com/b2a94c94ca66a55814d4 > > Using Pure PHP for iteration is faster than u

Re: [PHP] Question about PHP FPM and shared memory

On 11/23/2011 08:25 PM, Daniel Betz wrote: > Hello list, > > I am trying to start PHP FPM with 2600 worker pools with "ondemand" > processmanager. Each for one domain. > The problem is now, that the php-fpm quits with: > ERROR: pid 10937, fpm_shm_alloc(), line 28: unable to allocate 1040 bytes in

Re: [PHP] question about best practice for coding sql statements

On Sat, Nov 12, 2011 at 7:01 AM, Stephen wrote: > While I am not a big fan of OOP, I do like PDO, and recommend its use. Right -- I wasn't actually inquiring about how to access a data base, merely the pactice of using a variable for the SQL -- In your example, you are doing this as well, which f

Re: [PHP] question about best practice for coding sql statements

On Sat, 12 Nov 2011, tamouse mailing lists wrote: I'm curious how others feel about this. When I'm creating an SQL string, either for a non-prepared or prepared execution, I build it in a variable and then pass the variable to the query or prepare function. This lets me easily add something to v

Re: [PHP] question about best practice for coding sql statements

On 11-11-12 06:30 AM, tamouse mailing lists wrote: I'm curious how others feel about this. When I'm creating an SQL string, either for a non-prepared or prepared execution, I build it in a variable and then pass the variable to the query or prepare function. This lets me easily add something to v

Re: [PHP] Question reading a file

On Oct 27, 2011, at 5:14 PM, Daniel Brown wrote: > On Thu, Oct 27, 2011 at 15:25, Tedd Sperling wrote: >> -snip my confusion - > >No need to review the code. The first hunch I had proved correct. > PHP opens with a less-than (left carat, or 'less-than') symbol, as do > HTML tags. As a resul

Re: [PHP] Question reading a file

On Thu, Oct 27, 2011 at 15:25, Tedd Sperling wrote: > Hi gang: > > I have a few questions -- this is my first one. > > Please review this link: > > http://webbytedd.com//perms/ > > This page simply reads the contents of a file of the user's choice and > displays the file's data. > > My first

Re: [PHP] Question reading a file

On Thu, 2011-10-27 at 15:25 -0400, Tedd Sperling wrote: > Hi gang: > > I have a few questions -- this is my first one. > > Please review this link: > > http://webbytedd.com//perms/ > > This page simply reads the contents of a file of the user's choice and > displays the file's data. > >

Re: [PHP] Question about losing port number

On 26 Sep 2011 at 23:45, vince chan wrote: > I have a general question about PHP: > So basically I have a link, and I want the href to be absolute., so I > do 'https://' . $_SERVER['HTTP_HOST'] . '/login' ; this gives me > https://127.0.0.1/login on my local; however, what i really want is > ht

Re: [PHP] Question about directory permissions

Al wrote: > I understand dir perms pretty well; but, have a question I can't readily > find > the answer to. > > Under a Linux system, scripts can't write, copy, etc. to other dirs unless > the > perms are set for writable for the script e.g., nobody. > > But, is there a way a script can write

Re: [PHP] Question about directory permissions

Sure. The script runs with the permissions of whoever is running it. In general, a PHP script that's a web page in linux will run by a user called something like apache, apache2, www-user, or something similar. If you give that user permissions -- either directly or through their group, often of

Re: [PHP] question about preventing polling for more than once

Hello ??, Try to clean up your cookies. Maybe they set a cookie on your computer. -- With best regards from Ukraine, Andre Skype: Francophile Twitter: http://twitter.com/m_elensule Facebook: http://facebook.com/menelion - Original message - From: ?? To: php-general@lists.php.net Date:

Re: [PHP] question about preventing polling for more than once

Have you checked for any cookies left by that website? Thanks, Ash http://www.ashleysheridan.co.uk - Reply message - From: "肖晗" Date: Fri, Nov 12, 2010 15:14 Subject: [PHP] question about preventing polling for more than once To: I noticed that some websites such as polldaddy

Re: [PHP] Question about news.php.net

Daniel Brown wrote: On Mon, Sep 13, 2010 at 19:51, MikeB wrote: As part of the bug report I included a link to an image of my nntp config. I saw that, thanks. I'll look into creating a mirror of the news server, as well, for NNTP-only access. I won't lie and say that it's a priority,

Re: [PHP] Question about news.php.net

Good to know there's a workaround. I am thinking of using one (or more) of the old VOOM boxes to mirror the news server for NNTP-only access. Sent from my DROID. Apologies if formatting is off or I'm top-posting on a list. On Sep 14, 2010 8:59 PM, "Nathan Rixham" wrote: > Daniel Brown wrote: >>

Re: [PHP] Question about news.php.net

Daniel Brown wrote: On Mon, Sep 13, 2010 at 18:09, MikeB wrote: However, getting access seems to be hit-and-miss, since I more often than not get a message that the connection to news.php.net timed out. Is this an indication that the server is just very busy? I don't get this on any other news

Re: [PHP] Question about news.php.net

Daniel Brown wrote: On Mon, Sep 13, 2010 at 19:51, MikeB wrote: As part of the bug report I included a link to an image of my nntp config. I saw that, thanks. I'll look into creating a mirror of the news server, as well, for NNTP-only access. I won't lie and say that it's a priority,

Re: [PHP] Question about news.php.net

On 09/13/2010 06:51 PM, MikeB wrote: > Daniel Brown wrote: >> >> I don't believe that we've been having any issues with the server, >> no. Are you using NNTP to connect? > > yes, NNTP. > >> You may want to consider using >> the HTTP-based RSS and/or RDF feeds if it continues to be an issue.

Re: [PHP] Question about news.php.net

On Mon, Sep 13, 2010 at 19:51, MikeB wrote: > > As part of the bug report I included a link to an image of my nntp config. I saw that, thanks. I'll look into creating a mirror of the news server, as well, for NNTP-only access. I won't lie and say that it's a priority, but I'll try to get to

Re: [PHP] Question about news.php.net

Daniel Brown wrote: I don't believe that we've been having any issues with the server, no. Are you using NNTP to connect? yes, NNTP. You may want to consider using the HTTP-based RSS and/or RDF feeds if it continues to be an issue. If this persists, I'll look into the alternatives yo

Re: [PHP] Question about news.php.net

On Mon, Sep 13, 2010 at 18:09, MikeB wrote: > > However, getting access seems to be hit-and-miss, since I more often than > not get a message that the connection to news.php.net timed out. > > Is this an indication that the server is just very busy? I don't get this on > any other news server I'm

Re: [PHP] Question about translating assoc. arrays to C

Jim- Yes, that was a typo. The issues was I didn't cut / paste and instead retyped it. Should be foreach($array as $key1 => $list) { foreach($list as $key2 => $value) I will check those links out, I had the first one not the second. Regards, -Josh

Re: [PHP] Question about translating assoc. arrays to C

Joshua Kehn wrote: I'm working on creating a compiled extension for some code I've written. Mostly it's manipulating a very large multi-demensional array of values. This is some pseudo code for the array. // Imagine this but much much bigger $big_ass_array = array('5' => array('0' => 4, '3' =>

RE: [PHP] question about compiling a portable web server for linux

From: Ashley Sheridan > On Sat, 2010-08-07 at 10:43 +0800, lainme wrote: > >> thanks for the reply. I know it is not a PHP problem. And I want to know >> whether it is possible to make it architecture independent. >> >> On Sat, Aug 7, 2010 at 10:38 AM, Ashley Sheridan >> wrote: >> >> > On Sat

Re: [PHP] question about compiling a portable web server for linux

On Sat, 2010-08-07 at 10:43 +0800, lainme wrote: > thanks for the reply. I know it is not a PHP problem. And I want to know > whether it is possible to make it architecture independent. > > On Sat, Aug 7, 2010 at 10:38 AM, Ashley Sheridan > wrote: > > > On Sat, 2010-08-07 at 10:22 +0800, lainm

Re: [PHP] question about compiling a portable web server for linux

thanks for the reply. I know it is not a PHP problem. And I want to know whether it is possible to make it architecture independent. On Sat, Aug 7, 2010 at 10:38 AM, Ashley Sheridan wrote: > On Sat, 2010-08-07 at 10:22 +0800, lainme wrote: > > Hi, I recently compiled a portable portable web ser

Re: [PHP] question about compiling a portable web server for linux

On Sat, 2010-08-07 at 10:22 +0800, lainme wrote: > Hi, I recently compiled a portable portable web server for linux, using > lighttpd and php. > > But it seems that php can only run on machine with the same glibc version > compiled it. How can I solve the problem? It's not a PHP problem. If yo

RE: [PHP] Question about SQL and Graph nodel trees

> -Original Message- > From: Tim Gallagher [mailto:tgallag...@danati.com] > Sent: Wednesday, July 21, 2010 12:49 PM > To: Andrew Ballard > Cc: php-general@lists.php.net > Subject: RE: [PHP] Question about SQL and Graph nodel trees > > Thank you for the informait

RE: [PHP] Question about SQL and Graph nodel trees

-general@lists.php.net Subject: Re: [PHP] Question about SQL and Graph nodel trees On Wed, Jul 21, 2010 at 11:04 AM, Tim Gallagher wrote: > I cannot be the only one that is having this problem, what are you using for > DAG (Direct Acrylic Graph)? I need to have a mesh node edge graph

Re: [PHP] Question about SQL and Graph nodel trees

On Wed, Jul 21, 2010 at 11:04 AM, Tim Gallagher wrote: > I cannot be the only one that is having this problem, what are you using for > DAG (Direct Acrylic Graph)?  I need to have a mesh node edge graph and am > having trouble with this?  I see that Neo4j has a rest server and I can do > this i

[PHP] Re: PHP question

On 13 July 2010 15:46, Joey Hendricks wrote: > Hi Mr. Quadling, >  Thank you for the reply. I still don't understand how to get all the emails > into the function. Before I put in the function I had something like this- > for($i=0; $i<=9; $i++) > { > if(!empty($_GET[email.$i])) > { > mail($_GET[em

Re: [PHP] Question about the Board

On 7/6/10, Ashley Sheridan wrote: > I have had a couple such emails, requesting me to log in somewhere in > order to have my address 'validated' as non-spam, but I ignored it and > nothing bad has happened to me yet! Not yet. *hides cattle prod behind back* -- PHP General Mailing List (http://w

Re: [PHP] Question about the Board

On Tue, 2010-07-06 at 11:00 +0200, Gary . wrote: > On 7/5/10, Gary[1] wrote: > > The last few times I have posted to the board, I recieved an email, which > > has the subject line of ??? ??? and is written in what appears to > > be greek > > Ukrainian or Russian I would guess, looking at

Re: [PHP] Question about the Board

On 7/5/10, Gary[1] wrote: > The last few times I have posted to the board, I recieved an email, which > has the subject line of ??? ??? and is written in what appears to > be greek Ukrainian or Russian I would guess, looking at the headers. > Anyone else have this happen? Yes. Either so

Re: [PHP] Question about logins and locking

On 23 June 2010 07:44, Tommy Pham wrote: >> -Original Message- >> From: James Colannino [mailto:ja...@colannino.org] >> Sent: Tuesday, June 22, 2010 10:06 PM >> To: PHP-General List >> Subject: Re: [PHP] Question about logins and locking >> >> Tom

RE: [PHP] Question about logins and locking

> -Original Message- > From: James Colannino [mailto:ja...@colannino.org] > Sent: Tuesday, June 22, 2010 10:06 PM > To: PHP-General List > Subject: Re: [PHP] Question about logins and locking > > Tommy Pham wrote: > > > 1) Set an encrypted (to prevent hijac

Re: [PHP] Question about logins and locking

Tommy Pham wrote: > 1) Set an encrypted (to prevent hijacking and eavesdropping) cookie to > expire when browser closes > 2) Have a table in the DB backend to keep track if the user is logged in or > not and when was the last time the validated user access your site (this > gets updated when the u

RE: [PHP] Question about logins and locking

> -Original Message- > From: James Colannino [mailto:ja...@colannino.org] > Sent: Tuesday, June 22, 2010 2:29 PM > To: php-general@lists.php.net > Subject: [PHP] Question about logins and locking > > Hey everyone, > > I have a question about logins. Let's say that I want to allow each us

Re: [PHP] Question - foreach.

At 3:46 PM -0400 6/10/10, Paul M Foster wrote: On Thu, Jun 10, 2010 at 11:16:08AM -0400, tedd wrote: > I spend much of my time thinking "Did I do that before?" I know the feeling. I will say this, though. I have yet to figure out, from your URLs, how your site(s) is/are organized. Maybe a reo

Re: [PHP] Question - foreach.

On Thursday 10 June 2010 11:16:08 tedd wrote: > At 9:32 AM -0400 6/10/10, Paul M Foster wrote: > >On Thu, Jun 10, 2010 at 07:03:28AM -0400, tedd wrote: > > > This is one of those questions that you can test very easily, just > >> > >> initialize an array and try it. > > > >+1 > > > >This is Ted

RE: [PHP] Question - foreach.

From: Paul M Foster > On Thu, Jun 10, 2010 at 11:16:08AM -0400, tedd wrote: > >> At 9:32 AM -0400 6/10/10, Paul M Foster wrote: >>> On Thu, Jun 10, 2010 at 07:03:28AM -0400, tedd wrote: >>> >> >> Paul: >> >> Now, if I could get the old memory to "lock in" and remember it, it >> would be great! >>

Re: [PHP] Question - foreach.

On Thu, Jun 10, 2010 at 11:16:08AM -0400, tedd wrote: > At 9:32 AM -0400 6/10/10, Paul M Foster wrote: >> On Thu, Jun 10, 2010 at 07:03:28AM -0400, tedd wrote: >> >> > This is one of those questions that you can test very easily, just >>> initialize an array and try it. >> >> +1 >> >> This is Te

Re: [PHP] Question - foreach.

At 9:32 AM -0400 6/10/10, Paul M Foster wrote: On Thu, Jun 10, 2010 at 07:03:28AM -0400, tedd wrote: > This is one of those questions that you can test very easily, just initialize an array and try it. +1 This is Tedd's modus operandi. His website(s) are full of exactly this type of thing.

Re: [PHP] Question - foreach.

All, I tried and tested it but wanted a solid confirmation on it. I felt foreach usage is better than manual way of next(), prev() et al. Thanks for the comments. I consider the thread answered and solved unless someone has anything more to add. Regards, Shreyas On Thu, Jun 10, 2010 at 7:02 PM,

Re: [PHP] Question - foreach.

On Thu, Jun 10, 2010 at 07:03:28AM -0400, tedd wrote: > At 7:19 AM +0530 6/10/10, Shreyas wrote: >> PHP'ers, >> >> I am reading a PHP book which explains foreach and at the end says : *'When >> foreach starts walking through an array, it moves the pointer to >> the beginning of the array. You don'

Re: [PHP] Question - foreach.

At 7:19 AM +0530 6/10/10, Shreyas wrote: PHP'ers, I am reading a PHP book which explains foreach and at the end says : *'When foreach starts walking through an array, it moves the pointer to the beginning of the array. You don't need to reset an array before walking through it with foreach.'* *

Re: [PHP] Question - foreach.

On Wed, Jun 9, 2010 at 21:49, Shreyas wrote: > PHP'ers, > > I am reading a PHP book which explains foreach and at the end says : *'When > foreach starts walking through an array, it moves the pointer to > the beginning of the array. You don’t need to reset an array before > walking through it with

Re: [PHP] Question - foreach.

Shreyas wrote: PHP'ers, I am reading a PHP book which explains foreach and at the end says : *'When foreach starts walking through an array, it moves the pointer to the beginning of the array. You don’t need to reset an array before walking through it with foreach.'* * * *Does this mean - * *1)

Re: [PHP] Question - foreach.

On Wed, Jun 9, 2010 at 9:49 PM, Shreyas wrote: > PHP'ers, > > I am reading a PHP book which explains foreach and at the end says : *'When > foreach starts walking through an array, it moves the pointer to > the beginning of the array. You don’t need to reset an array before > walking through it w

Re: [PHP] Question about a security function

On 5/21/2010 10:36 AM, Jim Lucas wrote: Al wrote: On 5/21/2010 9:24 AM, David Otton wrote: On 20 May 2010 16:51, Al wrote: I'm not being clear. First pass is thru the blacklist, which effectually tells hacker to not bother and totally deletes the entry. If the raw entry gets past the b

Re: [PHP] Question about a security function

Al wrote: > > > On 5/21/2010 9:24 AM, David Otton wrote: >> On 20 May 2010 16:51, Al wrote: >> >>> I'm not being clear. First pass is thru the blacklist, which effectually >>> tells hacker to not bother and totally deletes the entry. >>> >>> If the raw entry gets past the blacklist, it must then

Re: [PHP] Question about a security function

On 5/21/2010 9:21 AM, Ashley Sheridan wrote: On Fri, 2010-05-21 at 14:24 +0100, David Otton wrote: On 20 May 2010 16:51, Al wrote: I'm not being clear. First pass is thru the blacklist, which effectually tells hacker to not bother and totally deletes the entry. If the raw entry gets past

Re: [PHP] Question about a security function

On 21 May 2010 14:21, Ashley Sheridan wrote: > I still think you might be better off using BBCode, which is used on > websites just for this very purpose. When any input comes back, you can > remove all the HTML completely and replace the BBCode tags that you > allow. This should guarantee that t

Re: [PHP] Question about a security function

On 5/21/2010 9:24 AM, David Otton wrote: On 20 May 2010 16:51, Al wrote: I'm not being clear. First pass is thru the blacklist, which effectually tells hacker to not bother and totally deletes the entry. If the raw entry gets past the blacklist, it must then only contain my whitelist tags.

Re: [PHP] Question about a security function

On Fri, 2010-05-21 at 14:24 +0100, David Otton wrote: > On 20 May 2010 16:51, Al wrote: > > > I'm not being clear. First pass is thru the blacklist, which effectually > > tells hacker to not bother and totally deletes the entry. > > > > If the raw entry gets past the blacklist, it must then only

Re: [PHP] Question about a security function

On 20 May 2010 16:51, Al wrote: > I'm not being clear. First pass is thru the blacklist, which effectually > tells hacker to not bother and totally deletes the entry. > > If the raw entry gets past the blacklist, it must then only contain my > whitelist tags. e.g., the two examples you cited were

Re: [PHP] Question about a security function

On 5/20/2010 12:43 PM, Ashley Sheridan wrote: On Thu, 2010-05-20 at 12:40 -0400, Al wrote: On 5/20/2010 12:02 PM, Jim Lucas wrote: Al wrote: On 5/20/2010 11:23 AM, David Otton wrote: On 20 May 2010 15:52, Alwrote: I agree blacklisting is a flawed approach in general. My approach i

Re: [PHP] Question about a security function

On Thu, 2010-05-20 at 12:40 -0400, Al wrote: > > On 5/20/2010 12:02 PM, Jim Lucas wrote: > > Al wrote: > >> > >> > >> On 5/20/2010 11:23 AM, David Otton wrote: > >>> On 20 May 2010 15:52, Al wrote: > >>> > I agree blacklisting is a flawed approach in general. My approach is to > stric

Re: [PHP] Question about a security function

On 5/20/2010 12:02 PM, Jim Lucas wrote: Al wrote: On 5/20/2010 11:23 AM, David Otton wrote: On 20 May 2010 15:52, Al wrote: I agree blacklisting is a flawed approach in general. My approach is to strictly confine entry text to a whitelist of benign, acceptable tags. The But that's not

Re: [PHP] Question about a security function

Al wrote: > > > On 5/20/2010 11:23 AM, David Otton wrote: >> On 20 May 2010 15:52, Al wrote: >> >>> I agree blacklisting is a flawed approach in general. My approach is to >>> strictly confine entry text to a whitelist of benign, acceptable >>> tags. The >> >> But that's not what you've done. Yo

Re: [PHP] Question about a security function

On Thu, 2010-05-20 at 11:51 -0400, Al wrote: > > On 5/20/2010 11:23 AM, David Otton wrote: > > On 20 May 2010 15:52, Al wrote: > > > >> I agree blacklisting is a flawed approach in general. My approach is to > >> strictly confine entry text to a whitelist of benign, acceptable tags. The > > > >

Re: [PHP] Question about a security function

On 5/20/2010 11:23 AM, David Otton wrote: On 20 May 2010 15:52, Al wrote: I agree blacklisting is a flawed approach in general. My approach is to strictly confine entry text to a whitelist of benign, acceptable tags. The But that's not what you've done. You've blacklisted the following pat

Re: [PHP] Question about a security function

On 20 May 2010 15:52, Al wrote: > I agree blacklisting is a flawed approach in general. My approach is to > strictly confine entry text to a whitelist of benign, acceptable tags. The But that's not what you've done. You've blacklisted the following patterns: "\ would sail straight through tha

Re: [PHP] Question about a security function

On 5/20/2010 10:07 AM, Ashley Sheridan wrote: On Thu, 2010-05-20 at 14:27 +0100, David Otton wrote: On 20 May 2010 13:53, Al wrote: I have a password-protected, user, on-line editor that I'm hardening against hackers just in case a user's pw is stolen or local PC is infected. The user can

Re: [PHP] Question about a security function

On Thu, 2010-05-20 at 14:27 +0100, David Otton wrote: > On 20 May 2010 13:53, Al wrote: > > > > I have a password-protected, user, on-line editor that I'm hardening against > > hackers just in case a user's pw is stolen or local PC is infected. > > > > The user can enter html tags; but, I restric

Re: [PHP] Question about a security function

On 20 May 2010 13:53, Al wrote: > > I have a password-protected, user, on-line editor that I'm hardening against > hackers just in case a user's pw is stolen or local PC is infected. > > The user can enter html tags; but, I restrict the acceptable tags to benign > ones. e.g., , , , etc.  e.g., no

Re: [PHP] Question about a security function

On 20 May 2010 14:53, Al wrote: > I have a password-protected, user, on-line editor that I'm hardening against > hackers just in case a user's pw is stolen or local PC is infected. > > The user can enter html tags; but, I restrict the acceptable tags to benign > ones. e.g., , , , etc.  e.g., no >

RE: [PHP] Question about creating php files from a form

Kevin wrote: >>> I am having some issues with connecting to a SQLite database right now >>> ... I'm getting the following error "Fatal Error: 'sqlite_open' is an >>> unknown function" >>> But I'm putting that on the side right now. >> >> I think the docs are still screwed up. Try sqlite3_open() ins

Re: [PHP] Question about creating php files from a form

Kevin wrote: I am having some issues with connecting to a SQLite database right now ... I'm getting the following error "Fatal Error: 'sqlite_open' is an unknown function" But I'm putting that on the side right now. I think the docs are still screwed up. Try sqlite3_open() instead and see if th

Re: [PHP] Question about creating php files from a form

Paul M Foster wrote: On Thu, May 13, 2010 at 11:53:54PM -0400, Kevin wrote: /On a side note: I am having some issues with connecting to a SQLite database right now ... I'm getting the following error "Fatal Error: 'sqlite_open' is an unknown function" But I'm putting that on the side right

Re: [PHP] Question about creating php files from a form

At 11:07 PM -0400 5/13/10, Kevin wrote: Hello All, I am trying to figure out how to create files when a user submits a form ... I have seen something about '*fopen*' , is that the direction I should be going? Here is what I am trying to accomplish: I am creating a program to keep track of re

RE: [PHP] Question about creating php files from a form

From: Kevin > I am trying to figure out how to create files when a user submits a form ... > I have seen something about '*fopen*' , is that the direction I should > be going? > > Here is what I am trying to accomplish: > > I am creating a program to keep track of recipes for my wife. I have >

Re: [PHP] Question about creating php files from a form

On 14 May 2010 04:07, Kevin wrote: > Hello All, > > I am trying to figure out how to create files when a user submits a form ... > I have seen something about '*fopen*' , is that the direction I should be > going? > > Here is what I am trying to accomplish: > > I am creating a program to keep trac

Re: [PHP] Question about creating php files from a form

On Thu, 2010-05-13 at 23:53 -0400, Kevin wrote: > Ashley Sheridan wrote: > > On Thu, 2010-05-13 at 23:07 -0400, Kevin wrote: > >> Hello All, > >> > >> I am trying to figure out how to create files when a user submits a form > >> ... > >> I have seen something about '*fopen*' , is that the directi

Re: [PHP] Question about creating php files from a form

On Thu, May 13, 2010 at 11:53:54PM -0400, Kevin wrote: > /On a side note: > I am having some issues with connecting to a SQLite database right now > ... I'm getting the following error "Fatal Error: 'sqlite_open' is an > unknown function" > But I'm putting that on the side right now. I think th

Re: [PHP] Question about creating php files from a form

Ashley Sheridan wrote: On Thu, 2010-05-13 at 23:07 -0400, Kevin wrote: Hello All, I am trying to figure out how to create files when a user submits a form ... I have seen something about '*fopen*' , is that the direction I should be going? Here is what I am trying to accomplish: I am creati

Re: [PHP] Question about creating php files from a form

On Thu, 2010-05-13 at 23:07 -0400, Kevin wrote: > Hello All, > > I am trying to figure out how to create files when a user submits a form ... > I have seen something about '*fopen*' , is that the direction I should > be going? > > Here is what I am trying to accomplish: > > I am creating a pro

  1   2   3   4   5   6   7   8   9   10   >