RE: [PHP] Displaying Results
I used this workaround - if you see something inherently wrong with it, let me know: printf(a href='http://www.mydomain.net/index.asp?type=%s%s=%s'b%s/b (%s)/abr,$by,$by,$$by,$$by,$total) So that the output goes like a href=http://www.mydomain.net/index.asp?type=type1type1=value;type 1 (total#)/a And that gets passed to this: $type = $HTTP_GET_VARS[type]; $value = $HTTP_GET_VARS[$type]; $result = mysql_query(SELECT * FROM cars WHERE $type ='$value'); Little more work, but is this safe to use? It's been working great! -Original Message- From: Jason Wong [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 16, 2002 9:58 PM To: [EMAIL PROTECTED] Subject: Re: [PHP] Displaying Results On Wednesday 17 April 2002 08:21, Jason Soza wrote: Sorry, I just noticed that the count() function will do at least the first part of my question, i.e. SELECT year, COUNT(*) FROM cars GROUP BY year But the second part still has me a bit stumped. I know that you can pass a variable using something like script.php?year=1991, but doesn't that assume that in your script you have something like: $query = (SELECT * FROM mytable WHERE year=$year) So the $year is the only variable that gets replaced by the script.php? year=1991 you called it with. How could I make it so that the entire 'year=$year' part of the query gets replaced by what comes after the ? in script.php?year=1991 ? You can do something like: script.php?qry=year%3D1991 %3D is the url encoding for '='. Then in your script: $query = (SELECT * FROM mytable WHERE $qry) -- Jason Wong - Gremlins Associates - www.gremlins.com.hk Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * /* The chief danger in life is that you may take too many precautions. -- Alfred Adler */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Passing Variable
I know that people have asked about this before, so let me appologize ahead of time but I need quick help. I have a url which looks like http://www.domain.com/remove/index.php?id=test. I use the echo function ? echo $id; ? to show the word test. What I want to do is send this variable along with other information that a user inputs via a form to the next page so it can be e-mailed via the mail() function. Can someone please advice how to do so. Thanks, Ben -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] email attachments
use PEAR::Mail(); it has all you need. James E. Hicks III [EMAIL PROTECTED] schrieb im Newsbeitrag [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... You need a Content-Disposition in yer $mime variable. I'll leave it up to you to figure out where, because I've forgotten where it goes exactly. James -Original Message- From: ROBERT MCPEAK [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 16, 2002 8:46 AM To: [EMAIL PROTECTED] Subject: [PHP] email attachments This nifty code (taken from PHP Cookbook) sends an email with a file attached in-line. The text from the attached file appears within the body of the email. I need to send attached files that are not in-line, but, rather, come as attached files that the user views outside of their email browser. Can somebody help me with this. Maybe tweak the code I've got? Thanks! //attachment $to = $the_email; $subject = 'dump'; $message = 'this is the dump'; $email = '[EMAIL PROTECTED]'; $boundary =b . md5(uniqid(time())); $mime = Content-type: multipart/mixed; ; $mime .= boundary = $boundary\r\n\r\n; $mime .= This is a MIME encoded message.\r\n\r\n; //first reg message $mime_message .=--$boundary\r\n; $mime .=Content-type: text/plain\r\n; $mime .=Content-Transfer-Encoding: base64; $mime .=\r\n\r\n . chunk_split(base64_encode($message)) . \r\n; //now attach $filename = mysqldump/surveydump.txt; $attach = chunk_split(base64_encode(implode(, file($filename; $mime .=--$boundary\r\n; $mime .=Content-type: text/plain\r\n; $mime .=Content-Transfer-Encoding: base64; $mime .=\r\n\r\n$attach\r\n; mail($to, $subject, , $mime); //attachment -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] importing .dat SQL Data into mySQL
Dear Wizard of Menlo Park Jr.; Similar to what you want but not exactly the same. Use the bits that you can use. I recently took an excel spreadsheet converted it to a tab delimited text file and then stored the records into a mysql table using the following code: Hope this helps, Hugh html body ?php $db=some_database; $pass=some_password; $link=mysql_connect(localhost,,$pass); if (! $link) die(Can't log in at this time); mysql_select_db($db,$link) or die (Can't log in at this time); print table align=center cellpadding=7 cellspacing=0 border=1 bgcolor=silver; $fp=fopen(excel_file.txt,r) or die (Couldn't open file); while (!feof ($fp)) { $record=fgets($fp,100); list($last,$first,$title,$rating,$year,$city)= split (\t, $record, 6); print tr td$firstnbsp;/td td$lastnbsp;/td td$titlenbsp;/td td$ratingnbsp;/td td$yearnbsp;/td td$citynbsp;/td /tr; $query=insert into chess_players (first_name, last_name, title, rating, year, city) values ('.addslashes($first).', '.addslashes($last).', '.addslashes($title).', '.addslashes($rating).', '.addslashes($year).', '.addslashes($city).' ); $result=mysql_query($query); if (!$result) die (couldn't update chess_players.mysql_error()); } fclose($fp); mysql_close($link); print /table; ? /body /html - Original Message - From: Thomas Edison Jr. [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, April 16, 2002 11:16 PM Subject: [PHP] importing .dat SQL Data into mySQL Hi, I have a .dat file.. with some data like this : 02001IN00100213200207120020412200204122002041710002002041720020417 02002IN00100213200207220020415200204152002041810002002041820020418 02003IN00100213200207320020416200204162002041910002002041920020419 This data was exported via SQL Server.. using Oracle. I need to use this data in my mySQL Database and work on it through PHP. Can i use phpMyAdmin for this.. or some other method? Thanks, T. Edison Jr. __ Do You Yahoo!? Yahoo! Tax Center - online filing with TurboTax http://taxes.yahoo.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Centralized logs
Hi list! I've read about a debugging connection feature of PHP3, dropped in version 4; it allowed (I argue) centralized logging through the function error_log with dest value 3; one could enable it by putting --enable-debugging in the build options. Now, if I set up more than one server for my website, how can I get system error logging coming from all the webservers on a single server only? I've considered syslogd and databases, but I'd like something like Apache's error_log, i.e. a single file I can follow with tail -f :-) Thank you Bye -- Rudy Ramirez http://members.xoom.it/rudy_ramirez -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Passing Variable
Hello, store value in hidden field in form, like this: input type=hidden name=id value=?php echo $_GET['id']; ? when form is submitted field id contains required value. or use cookie (but here is test if cookie enabled) Regards Michal Dvoracek [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: unlink security problem
If you care about this problem, upgrade to 4.2.0 when it's available. -- Yasuo Ohgaki Patrick Cossette wrote: I'm running PHP 4.1.2 as an Apache module (Apache 1.3.24) under AIX 4.3.3. My problem has been covered in Bug #13447 but I still have it and the bug was under Windows 2000 but I'm running AIX. It's a security problem with unlink. My site runs as the user web but different parts of my site are modified by different developpers. Since all files are owned by web, I set up an open_basedir so each developper is limited to make file operations on his directory-tree. My problem is that this setup does not prevent unlinking, which means that one can delete files that are not under his directory-tree, and I do not want that. With the following setup, fopen and include are restricted by openbasedir, which is good. But one can unlink a file even if it's not under his directory-tree. I have the following in httpd.conf: Directory /u/uq/web/www.uqtr.ca/ Options Indexes Includes FollowSymLinks AllowOverride None Order allow,deny Allow from all IfModule mod_php4.c AddType application/x-httpd-php .php php_flag engine on php_admin_value safe_mode 1 php_admin_value safe_mode_exec_dir /u/uq/web/www.uqtr.ca/ php_admin_value doc_root /u/uq/web/www.uqtr.ca/ php_admin_value open_basedir /u/uq/web/www.uqtr.ca/ php_admin_value user_dir /u/uq/web/www.uqtr.ca/ /IfModule /Directory The file testerase.php is in /u/uq/web/www.uqtr.ca and contains this: ?php include ('/u/uq/web/entete.uqtr.ca/file_to_include'); // THE INCLUDE DOES NOT WORK: IT'S RESTRICTED BY OPEN_BASEDIR AND I'M GLAD unlink ('/u/uq/web/entete.uqtr.ca/file_to_delete'); // THE UNLINK WORKS: NO RESTRICTION AT ALL AND I'M UNHAPPY ? I need help. Is it possible to bypass file deletion permission and restrict the directories in which to unlink? Thanks, Patrick [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Maths Problem
Hi, I have a maths question. I'm trying to create a html form where a user can enter formula in an input box (e.g. '$a + $b - 10') and posts it to PHP. The variables $a and $b are known but the formula can be changed on the form (e.g. '$a / $b * 2'). I want PHP to take the text input, the formula and calculate the result and display the results. How ? Thanks Richard -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Forms in PHP
Hello I hope u can help me with this problem. I dont know if it is possible to do it. I'm using PHP and XML to generate the folowing HTML: ... form method=post action=cart.php input type=hidden name=itemid value=11/input ... input type=hidden name=itemid value=22/input ... input type=hidden name=itemid value=33/input ... ... I want to use PHP to count the number of $itemid in this file. Is it possible? And how? Thx a lot -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Maths Problem
Hello, Richard Meredith-Wilks [EMAIL PROTECTED] wrote in message B1CFE9307BACD211B071D11C344102A4E8E0@UKSTONTSRV3">news:B1CFE9307BACD211B071D11C344102A4E8E0@UKSTONTSRV3... Hi, I have a maths question. I'm trying to create a html form where a user can enter formula in an input box (e.g. '$a + $b - 10') and posts it to PHP. The variables $a and $b are known but the formula can be changed on the form (e.g. '$a / $b * 2'). I want PHP to take the text input, the formula and calculate the result and display the results. form name=maths action=? echo $PHP_SELF; ? method=Post input type=text name=a size=4 maxlength=8 select name=operator option value=++/option option value=--/option option value=**/option option value=///option /select input type=text name=b size=4 maxlength=8 input type=hidden name=action value=Go input type=submit name=Submit value=Calculate /form ?php if($action) { function CalculateValues($a, $operator, $b) { if ($operator == +) { $result = $a + $b; } else if ($operator == -) { $result = $a - $b; } else if ($operator == *) { $result = $a * $b; } else { // Can't divide by 0 if ($a == 0) { $result = 0; } else { $result = $a / $b; } } return $result; } $operator = stripslashes($operator); // May not need this. $operator_array = array(+, -, *, /); if ($a == ) { echo No value given for a; } else if (!in_array($operator, $operator_array)) { echo No operator chosen.; } else if ($b == ) { echo No value given for b; } else { $result = $a . $operator . $b; echo $a $operator $b= . CalculateValues($a, $operator, $b); } } ? If the values are known, just hard code them. If not, you'll want to pay closer attention to the user input. It's not fully what you're after, but it's enough to get you started anyway. James -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Images and MySQL - please help
Hi, I am trying to do this: - I have an image stored in database 'A' - a php script should load this image, and stamp it with a watermark - then the php script should save the new image (with the watermark) in database 'B' ... How can I do this? I guess somehow I have to buffer the output, manipulate the buffer by adding the watermark, and then insert the image into the database. Is this possible? Any ideas? Thanks! DrTebi -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Cross DB application
Manuel, Prepared queries in practice are the same as what John Lim calls in this document http://php.weblogs.com/portable_sql as binding, except that he doesn't seem to be aware that it is the same thing, so he says that only some database can use it! :-) Metabase handles prepared queries with ALL supported databases. Some databases such as MS Access/MySQL do not support binding. So even if you support MySQL, you only get emulated binding in MySQL, and not the performance increase you might have expected. I hope that is clearer. Last but not least, PHP ADODB is an attempt of John Lim to develop something of his own copying ideas and names from everywhere and cash on it by selling PHPLens. He copied Microsoft ADODB to appeal better to Windows users. But since ADODB was not meant specifically for portable Web development, he still needed to copy features of Metabase like auto-incremented integer sequence values and limiting the range of rows returned in select queries result sets. Some of these things that were copied had their names changes to not look so obvious but they are still copies of Metabase features because only Metabase provided them before. Manuel, you have a habit of saying nasty things, and you set a bad example by doing so, because you are a good programmer who should be a leader in the community. I wish i were smart enough to have copied from you, but unfortunately I am too old and stupid. Most of the techniques you mention i learnt before i even knew PHP, let alone before had the pleasure of knowing you :-) Instead I learnt from people who have built some of the finest database technology around- the MySQL people who developed the limiting range of rows with SELECT LIMIT (that is why the function is called SelectLimit in honor of them), and auto-incrementing stuff from the Sybase/MS SQL Server designers. I cannot resist mentioning a forgotten database abstraction system which I learnt a lot from, developed by Apple, called DAL. A fantastic product that is sadly gone, but not forgotten. I have no problems saying that I developed ADOdb because I needed a database class library to implement phpLens. The reason is simple, there is no other database class library for php that had sufficient functionality to meet the sophisticated data requirements that I had. Frankly I would have used Metabase or PEAR DB or something similar if it was mature enough. As to the deficiencies of Metabase and PEAR DB, i don't think a mud-slinging match is appropriate, but I believe in my work, and think it stands very well compared to other libraries. Yours sincerely, John ps: ADOdb is released under a BSD-style license, there are no restrictions to its use. http://php.weblogs.com/ADOdb -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Images and MySQL - please help
It should be possible to do exactly what you want using the image functions in php. You can get an image add text and then save the image in a directory (or database I guess). Because adding a stamp takes milliseconds, why not just do the operation when it's needed and erase it when you're done. this way, you need only one database. The bare bones of it would look something like this: ?php header(content-type: image/png); $image=imagecreatefrompng(./images/xymap.png); $font=fonts/arial.ttf; $x=100; $y=100; $red=imagecolorallocate($image,255,100,100); imagettftext($image, 8, 0,$x, $y, $red, $font, text); imagepng($image,./images2/xvmap.png); ImageDestroy($image); header(location: map.htm); ? Hope this helps, Hugh - Original Message - From: DrTebi [EMAIL PROTECTED] To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Tuesday, April 16, 2002 11:11 PM Subject: [PHP] Images and MySQL - please help Hi, I am trying to do this: - I have an image stored in database 'A' - a php script should load this image, and stamp it with a watermark - then the php script should save the new image (with the watermark) in database 'B' ... How can I do this? I guess somehow I have to buffer the output, manipulate the buffer by adding the watermark, and then insert the image into the database. Is this possible? Any ideas? Thanks! DrTebi -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] db2 connect speed problem
Hello. I connected a php linux server with db2 connect personal edititon with an as400 v4r4. The connexion works ok, but all the querys have a delay. I think is the cost of a new connexion on the a400. - Somebody nows a solution ? - Somebody have a similar situacion and works faster ? Thanks Josep R. Raurell -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Need row number from database select
Thanks for everyone who helped. I was trying to keep track of the row number from a database select and everyone who said to pass the row number variable through the function was correct. I finally got it to work by passing the variable by reference. -Original Message- From: Kevin Bucknum [mailto:[EMAIL PROTECTED]] Sent: April 15, 2002 10:29 AM To: '[EMAIL PROTECTED]' Subject: RE: [PHP] Re: Need row number from database select Keep track of it outside of the function in a global variable. -Original Message- From: SP [mailto:[EMAIL PROTECTED]] Sent: Sunday, April 14, 2002 8:28 PM To: David Robley; [EMAIL PROTECTED] Subject: RE: [PHP] Re: Need row number from database select I see what you are trying to do David but that was what I tried first but it doesn't work because the function calls itself depending if it's not a parent so the alternating colors become all messed up depending on the structure of my folders. That's why I was hoping to get the number for each of the result returned so I could change the color depending if it was odd or even. Any other suggestions? -Original Message- From: David Robley [mailto:[EMAIL PROTECTED]] Sent: April 14, 2002 6:50 PM To: [EMAIL PROTECTED] Subject: RE: [PHP] Re: Need row number from database select Well, you don't need to know what row number is. Something like: function build_folder_tree($output, $parent=1, $indent=) { $color = red; // Set var to first option $qid = mysql_query(SELECT id, name FROM folders WHERE parent_id = $parent); while ($cat = mysql_fetch_object($qid)) { $output .= $cat-name + $indent; // here is where I want to assign diff. colors $color == red ? $color = blue: $color = red; // Cycle color for each iteration if ($cat-id != $parent) build_folder_tree($output, $cat-id, $indent.nbsp;nbsp;); } } -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: smarter way to write config file?
Thanks heaps Scott -- exactly what I was hoping for :) Justin French on 16/04/02 5:26 PM, Scott Houseman ([EMAIL PROTECTED]) wrote: what about something like this: $cfgAdminEmail = ( $local ) ? [EMAIL PROTECTED] : [EMAIL PROTECTED]; $cfgReportErrors = ( $local ) ? 1 : 0; $cfgSendMail = ( $local ) ? 0 : 1; Hope this helps --Scott - Original Message - From: Justin French [EMAIL PROTECTED] To: php [EMAIL PROTECTED] Sent: Tuesday, April 16, 2002 6:58 AM Subject: [PHP] smarter way to write config file? Hi all, Currently i've got a config file for each website, and I split it into essentially two config files, based on the server name, so that I can have 1 file for both my local server and the live server. something like: ? if($local) { $cfgAdminEmail = [EMAIL PROTECTED]; $cfgReportErrors = 1; $cfgSendMail = 0; } else { $cfgAdminEmail = [EMAIL PROTECTED]; $cfgReportErrors = 0; $cfgSendMail = 1; } ? But of course, there's more like 20 config elements. The small problem I'm having is making sure that I keep both halves (live and local) the same (but with different settings). What i was hoping was that there may be a way of writing the config once, and having it work in both situations, perhaps with a switch, or with some other language construct I have no idea about: I know this isn't the answer, but I was hoping for something like: ? $cfgAdminEmail = [EMAIL PROTECTED]|[EMAIL PROTECTED]; $cfgReportErrors = 1|0; $cfgSendMail = 0|1; ? Where both the options local|live were declared in one hit. Whatever solution there is (arrays? switches?) it has to be easy to maintain, otherwise it's a step backwards I guess. Any suggestions appreciated, or pointers to stuff in the manual i've never heard of!!! Justin French -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Cross DB application
Hi Manuel, Manuel Lemos [EMAIL PROTECTED] wrote Most of the popular database abstraction packages support prepared queries, except for your PHP ADODb. So, think about this before you keep throwing sand to the eyes of the users that do not know better, may be you understand the point of catching up on what everybody else is doing for a long time. If you read the ADOdb source, you would know it is untrue. We support prepared queries, and emulate them if the database does not support it. The reason for this is that you had the dumb idea to spam all the lists you could remember with the forged claim that ADODB was faster than every other database abstraction because your convinient benchmarks showed that. Tomas Cox rewrote PEAR DB after the benchmarks were published to speed it up. We even worked together to improve bits of PEAR DB. You just moan about how unfair the benchmarks are. Since your database abstraction could not beat others on real abstraction features you used that to drag users to your package to push them the commercial tool that you sell and requires ADODB to run. Visit http://php.weblogs.com/adodb-cool-applications for a long list of applications using adodb with multiple databases. None of the apps except the first link use our commercial product, phpLens. I think that pretty much refutes your statement. That was the lowest Microsoft-like marketing trick - trap them into your Windows clone database abstraction OS to sell them your tool for which you have no competitor because nobody else is doing anything like that for your own abstraction later. I interviewed to work at microsoft in 1989, but as a techie, i would have made microsoft bankrupt if they had let me run their marketing for them :-) Of course you may claim ADODB is faster than any other abstraction package, but that's because it does not abstract data type conversion to make user applications portable. Actually it does, but only for dates, because I find that most other types can be easily handled because PHP is a very good language. Char and varchar and numbers map easily to string and float/integer, and so forth. I have told you this before. It is the same as stating that driving a motocycle naked and without helmet you will drive faster than clothed with the helmet on. It is not the same thing, but unfortunately for the victim users that have fallen for your argument they did not notice that your abstraction can only be faster by doing less, meaning providing less portability support. Of course. Unneeded portability that is not used by most users is of no interest to me. You disagree. That is fine. The code is there for people to read. Let them judge for themselves. John, as a marketeer you still have a lot to learn before you realize that you can't fool everybody! Next you will release ADODB XP the one that makes hidden connections to your site to track what the users are doing! hehehe :-) Don't worry, nobody will sue you for the abusing the monopoly of applications for your PHP ADO DB! :-) Manuel Lemos Manuel, you might not believe me, but what you are saying will make people shy away from working with you in the future. Treating people with respect is more productive. I don't really want to spend my time defending myself when I can be doing something else. So I leave this thread to you and to you alone. The floor is yours. Keep it clean. John -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Using one submit button
On Thursday 18 April 2002 00:11, Jennifer Downey wrote: I have no takers on this one? Just to let you know I have been working on this to here is some new code. What I need this to do is update the price in the db table. if I have on item it is fine. If I have two items it won't update the first items price but will the second. if I try to enter a price in the first items textbox it doesn't update and then deletes the second item's price. If I have 15 items and using one submit button how do I get this to update all items that are listed? $query = SELECT uid, id, name, image, type, quantity, price FROM {$config[prefix]}_shop WHERE uid = {$session[uid]}; $ret = mysql_query($query); while($row = mysql_fetch_array($ret)) { $uid = $row['uid']; $id = $row['id']; $name = $row['name']; $image = $row['image']; $iquantity = $row['quantity']; $itype = $row['type']; $iprice = $row['price']; if($update) { $eprice = '$price[]'; I don't know what else is wrong with your code, but this is *definitely* going to cause problems. I assume you mean: $eprice = $price[]; But even this is wrong. You should probably be keeping a counter, eg $i, then use: $eprice = $price[$i]; [snip] value=\\ name=\price[]\ size='8' value=\\ name=\price[$i]\ size='8' -- Jason Wong - Gremlins Associates - www.gremlins.com.hk Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * /* We have a equal opportunity Calculus class -- it's fully integrated. */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] system() + $vars
Hi i was wondering how to get $var as an argument for a command using system() call..?? I tried something like: ? system('echo $REMOTE_ADDR bla'); ? bla is created on the system but nothing is in it, i thought it was some security measure preventing builtin $vars from entering the system but no $var at all will work Must be me, or is the only option in php to store stuff in dbases ? thnxz -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Fw: [PHP] Re: Using one submit button
- I picked up your question soon after you submited it then my internet went down so I wasn't able to send it. Looks like it's been answered by someone else since then but here you go anyway. I didn't want to feel as though I'd wasted my time. :D -kevin - Looks like you want to extract the values from the $price array in the same order as you extracted the associated rows from the database. At first glance I can say you aren't passing enough information to be able to determine an order for updating. You'll need to send the product ids along with the prices and then create a counter to loop through the ids array and test each case. I would sugget you build an $id[] list the same way as the $price[] list but generate them as hidden fields. Then within the if(isset($update)) statement loop through all $id values for each itteration of the while loop... for ($i=0; $icount($id); $i++) { if ($id[$i] == $row[id]) { // we know that there are the same number of ids as there are prices so we can use $i for the $price index as well. $query = UPDATE $table SET price = $price[$i] WHERE id = $id[$i]; // do update.. } } -Kevin - Original Message - From: Jennifer Downey [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, April 17, 2002 10:11 AM Subject: [PHP] Re: Using one submit button I have no takers on this one? Just to let you know I have been working on this to here is some new code. What I need this to do is update the price in the db table. if I have on item it is fine. If I have two items it won't update the first items price but will the second. if I try to enter a price in the first items textbox it doesn't update and then deletes the second item's price. If I have 15 items and using one submit button how do I get this to update all items that are listed? $query = SELECT uid, id, name, image, type, quantity, price FROM {$config[prefix]}_shop WHERE uid = {$session[uid]}; $ret = mysql_query($query); while($row = mysql_fetch_array($ret)) { $uid = $row['uid']; $id = $row['id']; $name = $row['name']; $image = $row['image']; $iquantity = $row['quantity']; $itype = $row['type']; $iprice = $row['price']; if($update) { $eprice = '$price[]'; $query = UPDATE {$config[prefix]}_shop SET price = '$eprice' where uid = {$session[uid]} AND id = '$id'; $ret = mysql_query($query) or die(mysql_error()); } else { echo TABLE BORDER='0' WIDTH='95%' CELLPADDING='0' CELLSPACING='0'TR; echo TD width=20%img src='$image'/TD; echo TD width=30%font size=2$name/font/TD; echo TD width=20%font size=2CENTER$iquantity/CENTER/font/TD; echo TD width=30%font size=2CENTERa href='$PHP_SELF?id=$idremove=yes'X/a/CENTER/font/TD; echo TD width=30%font size=2CENTERinput type=\text\ value=\\ name=\price[]\ size='8' MAXLENGTH='8'BR/a/CENTER/font/TD; echo /TD/TR/TABLE; echo input=\hidden\ name=\remove\ value=\yes\; } } echo CENTERINPUT TYPE=\submit\ NAME=\update\ VALUE=\Updat Prices\; echo /form; Jennifer Downey [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi all, I thought I was going to give php a break today but I can't it's too adicting. I am having a little problem with a submit button in which it is suppose to update records from a form. Here is the code -- -- echo BRBRa href=\locker.php\My Locker/a | a href=\myshop.php\My Shop/a | a href=\items.php\My Items/aBRBR; echo TABLE BORDER='0' WIDTH='95%' CELLPADDING='0' CELLSPACING='0'TRTD width=20%Bfont size=2Image/font/B/TDTD width=30%Bfont size=2Name/font/B/TDTD width=20%Bfont size=2CENTERQuantity/CENTER/font/B/TDTD width=30%Bfont size=2CENTERRemove Item/CENTER/font/B/TDTD width=30%Bfont size=2CENTERPrice/CENTER/font/B/TD/TR/table; echo FORM action='$PHP_SELF' METHOD='post'; $query = SELECT uid, id, name, image, type, quantity FROM {$config[prefix]}_shop WHERE uid = {$session[uid]}; $ret = mysql_query($query); while($row = mysql_fetch_array($ret)) { $uid = $row['uid']; $id = $row['id']; $name = $row['name']; $image = $row['image']; $iquantity = $row['quantity']; $itype = $row['type']; echo TABLE BORDER='0' WIDTH='95%' CELLPADDING='0' CELLSPACING='0'TR; echo TD width=20%img src='$image'/TD; echo TD width=30%font size=2$name/font/TD; echo TD width=20%font size=2CENTER$iquantity/CENTER/font/TD; echo TD width=30%font size=2CENTERa href='$PHP_SELF?id=$idremove=yes'X/a/CENTER/font/TD; echo TD width=30%font size=2CENTERinput type=\text\ value=\\ name=\price\
Re: [PHP] system() + $vars
On Wednesday 17 April 2002 02:23, Mark wrote: ? system('echo $REMOTE_ADDR bla'); ? You've got $REMOTE_ADDR inside a single-quoted string thus no variable expansion takes place. Instead what happens with your code is that you're echoing the *shell* environmental variable $REMOTE_ADDR into bla. Just replace your single-quotes with double-quotes. -- Jason Wong - Gremlins Associates - www.gremlins.com.hk Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * /* Q: What is purple and commutes? A: An Abelian grape. */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Screen Scraping using PHP
I read this post a few days ago and didn't know what is Screen Scrap. I thought someone would know and would reply to you. Well, a long time has passed and none replied. So I make my question, what are you trying to accomplish in simpler terms? :-) -- Julio Nobrega. Um dia eu chego lá: http://sourceforge.net/projects/toca Ajudei? Salvei? Que tal um presentinho? http://www.submarino.com.br/wishlistclient.asp?wlid=664176742884 Phil Powell [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I am having to do a remote URL screen scrape using PHP in safe-mode. What do you recommend I do? Thanx Phil -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Screen Scraping using PHP
Julio Nobrega Trabalhando wrote: I read this post a few days ago and didn't know what is Screen Scrap. I thought someone would know and would reply to you. Well, a long time has passed and none replied. So I make my question, what are you trying to accomplish in simpler terms? :-) I second that request *heh*! Cheers Rob. -- .-. | Robert Cummings | :-`. | Webdeployer - Chief PHP and Java Programmer | :--: | Mail : mailto:[EMAIL PROTECTED] | | Phone : (613) 731-4046 x.109 | :--: | Website : http://www.webmotion.com | | Fax : (613) 260-9545 | `--' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] subscripting an expression possible?
Is it possible in php4 to retrieve an array value from an expression that returns an array without first storing the resultant array in a temporary variable? For example, I would like to do something like this: echo (posix_uname())[nodename]; Instead of: $tmp = posix_uname(); echo $tmp[nodename]; Thanks, Bob -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Screen Scraping using PHP
I bet he means when you open up an URL and capture part of the page or the entire page and post it onto your own site. I've done that with weather.com where you capture just part of their webpage.. So basically if I wanted to know what the weather was like in Egypt, I would go to weather.com and find the URL that tells me, copy that, write a script that grabs that information from weather.com and then posts it on my site. Thus screen scraping... If that's not what he meant then I am in the dark also :) If so.. Then there you go! Rick I will permit no man to narrow and degrade my soul by making me hate him. - Booker T. Washington From: Robert Cummings [EMAIL PROTECTED] Organization: Webmotion Inc. Date: Wed, 17 Apr 2002 13:58:25 -0400 To: Julio Nobrega Trabalhando [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: [PHP] Re: Screen Scraping using PHP Julio Nobrega Trabalhando wrote: I read this post a few days ago and didn't know what is Screen Scrap. I thought someone would know and would reply to you. Well, a long time has passed and none replied. So I make my question, what are you trying to accomplish in simpler terms? :-) I second that request *heh*! Cheers Rob. -- .-. | Robert Cummings | :-`. | Webdeployer - Chief PHP and Java Programmer | :--: | Mail : mailto:[EMAIL PROTECTED] | | Phone : (613) 731-4046 x.109 | :--: | Website : http://www.webmotion.com | | Fax : (613) 260-9545 | `--' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Using one submit button
Thank you Jason and Kevin for your time and help. Does this look like what I should have? if(isset($update)) for ($i=0; $icount($id); $i++) { if ($id[$i] == $row[id]) { $query = UPDATE {$config[prefix]}_shop SET price = $price[$i] where uid = {$session[uid]} AND id = $id[$i]; $ret = mysql_query($query) or die(mysql_error()); } else { echo TD width=30%font size=2CENTERinput=\hidden\ name=\id[$i]\ value=\$id\input type=\text\ value=\\ name=\price[$i]\ size='8' MAXLENGTH='8'BR/a/CENTER/font/TD; Jennifer Kevin Stone [EMAIL PROTECTED] wrote in message 004301c1e633$e1e20090$6601a8c0@kevin">news:004301c1e633$e1e20090$6601a8c0@kevin... - I picked up your question soon after you submited it then my internet went down so I wasn't able to send it. Looks like it's been answered by someone else since then but here you go anyway. I didn't want to feel as though I'd wasted my time. :D -kevin - Looks like you want to extract the values from the $price array in the same order as you extracted the associated rows from the database. At first glance I can say you aren't passing enough information to be able to determine an order for updating. You'll need to send the product ids along with the prices and then create a counter to loop through the ids array and test each case. I would sugget you build an $id[] list the same way as the $price[] list but generate them as hidden fields. Then within the if(isset($update)) statement loop through all $id values for each itteration of the while loop... for ($i=0; $icount($id); $i++) { if ($id[$i] == $row[id]) { // we know that there are the same number of ids as there are prices so we can use $i for the $price index as well. $query = UPDATE $table SET price = $price[$i] WHERE id = $id[$i]; // do update.. } } -Kevin - Original Message - From: Jennifer Downey [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, April 17, 2002 10:11 AM Subject: [PHP] Re: Using one submit button I have no takers on this one? Just to let you know I have been working on this to here is some new code. What I need this to do is update the price in the db table. if I have on item it is fine. If I have two items it won't update the first items price but will the second. if I try to enter a price in the first items textbox it doesn't update and then deletes the second item's price. If I have 15 items and using one submit button how do I get this to update all items that are listed? $query = SELECT uid, id, name, image, type, quantity, price FROM {$config[prefix]}_shop WHERE uid = {$session[uid]}; $ret = mysql_query($query); while($row = mysql_fetch_array($ret)) { $uid = $row['uid']; $id = $row['id']; $name = $row['name']; $image = $row['image']; $iquantity = $row['quantity']; $itype = $row['type']; $iprice = $row['price']; if($update) { $eprice = '$price[]'; $query = UPDATE {$config[prefix]}_shop SET price = '$eprice' where uid = {$session[uid]} AND id = '$id'; $ret = mysql_query($query) or die(mysql_error()); } else { echo TABLE BORDER='0' WIDTH='95%' CELLPADDING='0' CELLSPACING='0'TR; echo TD width=20%img src='$image'/TD; echo TD width=30%font size=2$name/font/TD; echo TD width=20%font size=2CENTER$iquantity/CENTER/font/TD; echo TD width=30%font size=2CENTERa href='$PHP_SELF?id=$idremove=yes'X/a/CENTER/font/TD; echo TD width=30%font size=2CENTERinput type=\text\ value=\\ name=\price[]\ size='8' MAXLENGTH='8'BR/a/CENTER/font/TD; echo /TD/TR/TABLE; echo input=\hidden\ name=\remove\ value=\yes\; } } echo CENTERINPUT TYPE=\submit\ NAME=\update\ VALUE=\Updat Prices\; echo /form; Jennifer Downey [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi all, I thought I was going to give php a break today but I can't it's too adicting. I am having a little problem with a submit button in which it is suppose to update records from a form. Here is the code -- -- echo BRBRa href=\locker.php\My Locker/a | a href=\myshop.php\My Shop/a | a href=\items.php\My Items/aBRBR; echo TABLE BORDER='0' WIDTH='95%' CELLPADDING='0' CELLSPACING='0'TRTD width=20%Bfont size=2Image/font/B/TDTD width=30%Bfont size=2Name/font/B/TDTD width=20%Bfont size=2CENTERQuantity/CENTER/font/B/TDTD width=30%Bfont size=2CENTERRemove Item/CENTER/font/B/TDTD width=30%Bfont size=2CENTERPrice/CENTER/font/B/TD/TR/table; echo FORM action='$PHP_SELF' METHOD='post'; $query = SELECT uid, id, name, image, type, quantity FROM {$config[prefix]}_shop
Re: [PHP] Re: Using one submit button
Thank you Jason and Kevin for your time and help. Does this look like what I should have? if(isset($update)) for ($i=0; $icount($id); $i++) { if ($id[$i] == $row[id]) { $query = UPDATE {$config[prefix]}_shop SET price = $price[$i] where uid = {$session[uid]} AND id = $id[$i]; $ret = mysql_query($query) or die(mysql_error()); } else { echo TD width=30%font size=2CENTERinput=\hidden\ name=\id[$i]\ value=\$id\input type=\text\ value=\\ name=\price[$i]\ size='8' MAXLENGTH='8'BR/a/CENTER/font/TD; Jennifer Jason Wong [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... On Thursday 18 April 2002 00:11, Jennifer Downey wrote: I have no takers on this one? Just to let you know I have been working on this to here is some new code. What I need this to do is update the price in the db table. if I have on item it is fine. If I have two items it won't update the first items price but will the second. if I try to enter a price in the first items textbox it doesn't update and then deletes the second item's price. If I have 15 items and using one submit button how do I get this to update all items that are listed? $query = SELECT uid, id, name, image, type, quantity, price FROM {$config[prefix]}_shop WHERE uid = {$session[uid]}; $ret = mysql_query($query); while($row = mysql_fetch_array($ret)) { $uid = $row['uid']; $id = $row['id']; $name = $row['name']; $image = $row['image']; $iquantity = $row['quantity']; $itype = $row['type']; $iprice = $row['price']; if($update) { $eprice = '$price[]'; I don't know what else is wrong with your code, but this is *definitely* going to cause problems. I assume you mean: $eprice = $price[]; But even this is wrong. You should probably be keeping a counter, eg $i, then use: $eprice = $price[$i]; [snip] value=\\ name=\price[]\ size='8' value=\\ name=\price[$i]\ size='8' -- Jason Wong - Gremlins Associates - www.gremlins.com.hk Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * /* We have a equal opportunity Calculus class -- it's fully integrated. */ --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.344 / Virus Database: 191 - Release Date: 4/2/2002 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Screen Scraping using PHP
Richard Baskett wrote: I bet he means when you open up an URL and capture part of the page or the entire page and post it onto your own site. I've done that with weather.com where you capture just part of their webpage.. So basically if I wanted to know what the weather was like in Egypt, I would go to weather.com and find the URL that tells me, copy that, write a script that grabs that information from weather.com and then posts it on my site. Thus screen scraping... If that's not what he meant then I am in the dark also :) If so.. Then there you go! Ah... Page Pillaging ;) Cheers, Rob. -- .-. | Robert Cummings | :-`. | Webdeployer - Chief PHP and Java Programmer | :--: | Mail : mailto:[EMAIL PROTECTED] | | Phone : (613) 731-4046 x.109 | :--: | Website : http://www.webmotion.com | | Fax : (613) 260-9545 | `--' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] mysql quickie..
Hi folks, I need to get the next auto_increment value of a mysql table thru php. Looking at my mysql manual, it makes reference to a last_insert_id() function? How would I use this via php, or is there some other way to do it? Thanks Kelly -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql quickie..
Kelly- My way may not be perfect, but this is what I do. $sql_temp = select last_insert_id() as mainid from transfers; $sql_result_temp = mysql_query($sql_temp,$connection); $row_temp = mysql_fetch_array($sql_result_temp); $file_temp_id = $row_temp[mainid]; -Scott On Wed, 17 Apr 2002, Kelly Meeks wrote: Hi folks, I need to get the next auto_increment value of a mysql table thru php. Looking at my mysql manual, it makes reference to a last_insert_id() function? How would I use this via php, or is there some other way to do it? Thanks Kelly -- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql quickie..
Kelly Meeks wrote: Hi folks, I need to get the next auto_increment value of a mysql table thru php. Looking at my mysql manual, it makes reference to a last_insert_id() function? How would I use this via php, or is there some other way to do it? Quickly and hardly accurately... but good enough for useful purposes: mysql_query( 'SELECT last_insert_id()' ); if( ($row = mysql_fetch_assoc()) ) { $id = $row['last_insert_id()']; } Cheers, Rob. -- .-. | Robert Cummings | :-`. | Webdeployer - Chief PHP and Java Programmer | :--: | Mail : mailto:[EMAIL PROTECTED] | | Phone : (613) 731-4046 x.109 | :--: | Website : http://www.webmotion.com | | Fax : (613) 260-9545 | `--' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Sessions / Serialized Data
If i have a session going with PHP4 and I want to basically pull the entire serialized data and then insert it into the database is there a variable that contains the serialized data or would I have to just basically read the /tmp/sess_sessid file and then save that into the database? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions / Serialized Data
That would be easier. fopen the session file and store the information on a database. Later you just fwrite the contents to a new file. -- Julio Nobrega. Um dia eu chego lá: http://sourceforge.net/projects/toca Ajudei? Salvei? Que tal um presentinho? http://www.submarino.com.br/wishlistclient.asp?wlid=664176742884 Devin Atencio [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... If i have a session going with PHP4 and I want to basically pull the entire serialized data and then insert it into the database is there a variable that contains the serialized data or would I have to just basically read the /tmp/sess_sessid file and then save that into the database? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] SafeExtract() ... extract securily
Hi, For security reasons ... Global Variables is to be turned off ... But the global variables was an hassle free way to get the variables into the global scope. Here is an alternate to it and do it securily ... A simple example would be ... Just use the following function on top of the code ... SafeExtract( array( 'any' = array( 'name', 'userid' ), 'post' = array( 'password', 'credit_card_number' ) 'get' = array( 'url', 'key' ), 'cookie' = array( 'last_visit', 'last_activity' ) ); Above code means ... Variables 'name' and 'userid' would be made global if present in GET, POST, COOKIE variables Variables 'password' and 'credit_card_number' would be made global if present ONLY in POST vars else would be unset Variables 'url' and 'key' would be made global if present ONLY in GET vars else would be unset Variables 'last_visit' and 'last_activity' would be made global if present ONLY in COOKIE vars else would be unset that is if you try to pass 'password' from GET variables, it would not be made global, and in fact if there is a variable in global scope as 'password' it would be unset the function also takes care of striping slashes from the variables ... Any comments, suggestion or error reports would be helpful ... Amit Arora (http://www.digitalamit.com/) Earn Money by reading short emails ... http://hits4pay.com/members/index.cgi?digitalamit --- --- // Copyright Amit Arora (c) 2002 // Following code is part of phpObjects // Permission given to use the code as is in whole. // http://www.digitalamit.com/ // Create variables for PHP3 and pre PHP 4.1 if (isset($HTTP_GET_VARS)) { $_GET = $HTTP_GET_VARS; } if (isset($HTTP_POST_VARS)) { $_POST = $HTTP_POST_VARS; } if (isset($HTTP_COOKIE_VARS)) { $_COOKIE = $HTTP_COOKIE_VARS; } /* Function SafeExtract() Safely extract the Parameter: array1, array2, ... */ function SafeExtract() { global $_GET, $_POST, $_COOKIE; foreach( func_get_args() as $v ) { if( is_array( $v ) ) while( list( $key, $value ) = each( $v ) ) { switch ( $key ) { case 'any': if ( is_array( $value ) ) foreach ( $value as $e ) { if ( isset($_COOKIE[$e]) ) $GLOBALS[$e] = $_COOKIE[$e]; if ( isset($_POST[$e]) ) $GLOBALS[$e] = (get_magic_quotes_gpc() ? stripslashes($_POST[$e]) : $_POST[$e]); if ( isset($_GET[$e]) ) $GLOBALS[$e] = (get_magic_quotes_gpc() ? stripslashes($_GET[$e]): $_GET[$e]); } break; case 'get': if ( is_array( $value ) ) foreach ( $value as $e ) { if ( isset($_GET[$e]) ) { $GLOBALS[$e] = (get_magic_quotes_gpc() ? stripslashes($_GET[$e]): $_GET[$e]); } else { unset( $GLOBALS[$e] ); } } break; case 'post': if ( is_array( $value ) ) foreach ( $value as $e ) { if ( isset($_POST[$e]) ) { $GLOBALS[$e] = (get_magic_quotes_gpc() ? stripslashes($_POST[$e]) : $_POST[$e]); } else { unset( $GLOBALS[$e] ); } } break; case 'cookie': if ( is_array( $value ) ) foreach ( $value as $e ) { if ( isset($_COOKIE[$e]) ) { $GLOBALS[$e] = $_COOKIE[$e]; } else { unset( $GLOBALS[$e] ); } } break; } } } } -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions / Serialized Data
Julio Nobrega Trabalhando wrote: That would be easier. fopen the session file and store the information on a database. Later you just fwrite the contents to a new file. I don't use PHP4 sessions since I cook my own, but I think the above won't work. My guess is that if you read the file, then save to DB that part will work fine. However, when you try to restore the session, the session has already loaded, you grab your data from the DB, and write over the file, your page finishes and writes the current session over what you think you just made the current session. Strikes me you'd need to unserialize into the current session structure... which I think can be found somewhere in the GLOBALS hash. Cheers Rob. -- .-. | Robert Cummings | :-`. | Webdeployer - Chief PHP and Java Programmer | :--: | Mail : mailto:[EMAIL PROTECTED] | | Phone : (613) 731-4046 x.109 | :--: | Website : http://www.webmotion.com | | Fax : (613) 260-9545 | `--' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] FreeBSD + GD + PHP-4.1.2
I have some problems with GD and php4.1.2. I have FreeBSD and i have gd zlib freetype jpeg and all that is required installed. My line is like this, /configure --with-pgsql --with-apxs=/usr/local/apache/bin/apxs --with-gd-dir =/usr/local/lib/gd --with-zlib --with-png-dir=/usr/local/lib --with-jpeg-dir =/usr/local/lib --with-freetype-dir=/usr/local/lib I have also tried /configure --with-pgsql --with-apxs=/usr/local/apache/bin/apxs --with-gd --w ith-zlib --with-png --with-jpeg --with-freetype And the error i get is this one, In file included from internal_functions.c:33: /home/miffo/php/ext/gd/php_gd.h:33: gd.h: No such file or directory *** Error code 1 Stop in /home/miffo/php/main. *** Error code 1 Stop in /home/miffo/php/main. *** Error code 1 Stop in /home/miffo/php. And when configuring php says, checking whether to include GD support... yes checking whether to enable truetype string function in gd... no checking for the location of libjpeg... yes checking for jpeg_read_header in -ljpeg... (cached) yes checking for the location of libpng... yes checking for png_info_init in -lpng... (cached) yes checking for the location of libXpm... no If configure fails try --with-xpm-dir=DIR checking for freetype(2)... yes checking whether to include include FreeType 1.x support... no checking whether to include T1lib support... no checking for gdImageString16 in -lgd... (cached) yes checking for gdImagePaletteCopy in -lgd... (cached) yes checking for gdImageCreateFromPng in -lgd... (cached) yes checking for gdImageCreateFromGif in -lgd... (cached) yes checking for gdImageGif in -lgd... (cached) no checking for gdImageWBMP in -lgd... (cached) yes checking for gdImageCreateFromJpeg in -lgd... (cached) yes checking for gdImageCreateFromXpm in -lgd... (cached) yes checking for gdImageCreateFromGd2 in -lgd... (cached) yes checking for gdImageCreateTrueColor in -lgd... (cached) no checking for gdImageSetTile in -lgd... (cached) yes checking for gdImageSetBrush in -lgd... (cached) yes checking for gdImageStringTTF in -lgd... (cached) yes checking for gdImageStringFT in -lgd... (cached) yes checking for gdImageStringFTEx in -lgd... (cached) no checking for gdImageColorClosestHWB in -lgd... (cached) yes checking for gdImageColorResolve in -lgd... (cached) yes checking for gdImageGifCtx in -lgd... (cached) no Whats wrong ?? /K -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql quickie..
I've seen other responses to your request answer with some VERY UGLY methods to get the last id. Instead, use mysql_insert_id() which was created specifically for the info you need. - Original Message - From: Kelly Meeks [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, April 17, 2002 1:15 PM Subject: [PHP] mysql quickie.. Hi folks, I need to get the next auto_increment value of a mysql table thru php. Looking at my mysql manual, it makes reference to a last_insert_id() function? How would I use this via php, or is there some other way to do it? Thanks Kelly -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql quickie..
Richard Emery wrote: I've seen other responses to your request answer with some VERY UGLY methods to get the last id. Hey my method wasn't ugly, perhaps not optimal, but definately not ugly! So *ptht* ;) Instead, use mysql_insert_id() which was created specifically for the info you need. Ummm yeah... I was gonna say that too, BUT FORGOT! Cheers, Rob. -- .-. | Robert Cummings | :-`. | Webdeployer - Chief PHP and Java Programmer | :--: | Mail : mailto:[EMAIL PROTECTED] | | Phone : (613) 731-4046 x.109 | :--: | Website : http://www.webmotion.com | | Fax : (613) 260-9545 | `--' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] form posting to a fake page
I am having a problem with posted variables showing up on a redirected page... When someone access the page www.mydomain.com/mypage.html - it does not actually exist so my 404 errordocument is called (which is the root index.php file) - the index.php file knows what to do and creates an appropriate page - my entire network works in this fashion. Unfortunately, if someone completes a form, the posted variables do not seem to show up. I'm not sure what I can do about this. I cannot redesign my entire network because of this one problem - does any one have any suggestions? -rsw _ Send and receive Hotmail on your mobile device: http://mobile.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Using one submit button
Looks good except the names in your HTML input fields are going to be id[] and price[].. no $i in there. Keep in mind there's probably a more efficient way of doing this. But sometimes programming is just about making things work.. you can worry about the details later. :D -Kevin - Original Message - From: Jennifer Downey [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, April 17, 2002 12:07 PM Subject: Re: [PHP] Re: Using one submit button Thank you Jason and Kevin for your time and help. Does this look like what I should have? if(isset($update)) for ($i=0; $icount($id); $i++) { if ($id[$i] == $row[id]) { $query = UPDATE {$config[prefix]}_shop SET price = $price[$i] where uid = {$session[uid]} AND id = $id[$i]; $ret = mysql_query($query) or die(mysql_error()); } else { echo TD width=30%font size=2CENTERinput=\hidden\ name=\id[$i]\ value=\$id\input type=\text\ value=\\ name=\price[$i]\ size='8' MAXLENGTH='8'BR/a/CENTER/font/TD; Jennifer Kevin Stone [EMAIL PROTECTED] wrote in message 004301c1e633$e1e20090$6601a8c0@kevin">news:004301c1e633$e1e20090$6601a8c0@kevin... - I picked up your question soon after you submited it then my internet went down so I wasn't able to send it. Looks like it's been answered by someone else since then but here you go anyway. I didn't want to feel as though I'd wasted my time. :D -kevin - Looks like you want to extract the values from the $price array in the same order as you extracted the associated rows from the database. At first glance I can say you aren't passing enough information to be able to determine an order for updating. You'll need to send the product ids along with the prices and then create a counter to loop through the ids array and test each case. I would sugget you build an $id[] list the same way as the $price[] list but generate them as hidden fields. Then within the if(isset($update)) statement loop through all $id values for each itteration of the while loop... for ($i=0; $icount($id); $i++) { if ($id[$i] == $row[id]) { // we know that there are the same number of ids as there are prices so we can use $i for the $price index as well. $query = UPDATE $table SET price = $price[$i] WHERE id = $id[$i]; // do update.. } } -Kevin - Original Message - From: Jennifer Downey [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, April 17, 2002 10:11 AM Subject: [PHP] Re: Using one submit button I have no takers on this one? Just to let you know I have been working on this to here is some new code. What I need this to do is update the price in the db table. if I have on item it is fine. If I have two items it won't update the first items price but will the second. if I try to enter a price in the first items textbox it doesn't update and then deletes the second item's price. If I have 15 items and using one submit button how do I get this to update all items that are listed? $query = SELECT uid, id, name, image, type, quantity, price FROM {$config[prefix]}_shop WHERE uid = {$session[uid]}; $ret = mysql_query($query); while($row = mysql_fetch_array($ret)) { $uid = $row['uid']; $id = $row['id']; $name = $row['name']; $image = $row['image']; $iquantity = $row['quantity']; $itype = $row['type']; $iprice = $row['price']; if($update) { $eprice = '$price[]'; $query = UPDATE {$config[prefix]}_shop SET price = '$eprice' where uid = {$session[uid]} AND id = '$id'; $ret = mysql_query($query) or die(mysql_error()); } else { echo TABLE BORDER='0' WIDTH='95%' CELLPADDING='0' CELLSPACING='0'TR; echo TD width=20%img src='$image'/TD; echo TD width=30%font size=2$name/font/TD; echo TD width=20%font size=2CENTER$iquantity/CENTER/font/TD; echo TD width=30%font size=2CENTERa href='$PHP_SELF?id=$idremove=yes'X/a/CENTER/font/TD; echo TD width=30%font size=2CENTERinput type=\text\ value=\\ name=\price[]\ size='8' MAXLENGTH='8'BR/a/CENTER/font/TD; echo /TD/TR/TABLE; echo input=\hidden\ name=\remove\ value=\yes\; } } echo CENTERINPUT TYPE=\submit\ NAME=\update\ VALUE=\Updat Prices\; echo /form; Jennifer Downey [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi all, I thought I was going to give php a break today but I can't it's too adicting. I am having a little problem with a submit button in which it is suppose to update records from a form. Here is the code -- --
[PHP] RE: [PHP-DB] Re: [PHP] Re: Cross DB application
There must be people on this list that have ported their web apps from different databases and could share their experiences. mysql - postesql mysql - ms sql server ms sql server - oracle -Original Message- From: John Lim [mailto:[EMAIL PROTECTED]] Sent: April 17, 2002 12:38 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: [PHP-DB] Re: [PHP] Re: Cross DB application Hi Manuel, Manuel Lemos [EMAIL PROTECTED] wrote Most of the popular database abstraction packages support prepared queries, except for your PHP ADODb. So, think about this before you keep throwing sand to the eyes of the users that do not know better, may be you understand the point of catching up on what everybody else is doing for a long time. If you read the ADOdb source, you would know it is untrue. We support prepared queries, and emulate them if the database does not support it. The reason for this is that you had the dumb idea to spam all the lists you could remember with the forged claim that ADODB was faster than every other database abstraction because your convinient benchmarks showed that. Tomas Cox rewrote PEAR DB after the benchmarks were published to speed it up. We even worked together to improve bits of PEAR DB. You just moan about how unfair the benchmarks are. Since your database abstraction could not beat others on real abstraction features you used that to drag users to your package to push them the commercial tool that you sell and requires ADODB to run. Visit http://php.weblogs.com/adodb-cool-applications for a long list of applications using adodb with multiple databases. None of the apps except the first link use our commercial product, phpLens. I think that pretty much refutes your statement. That was the lowest Microsoft-like marketing trick - trap them into your Windows clone database abstraction OS to sell them your tool for which you have no competitor because nobody else is doing anything like that for your own abstraction later. I interviewed to work at microsoft in 1989, but as a techie, i would have made microsoft bankrupt if they had let me run their marketing for them :-) Of course you may claim ADODB is faster than any other abstraction package, but that's because it does not abstract data type conversion to make user applications portable. Actually it does, but only for dates, because I find that most other types can be easily handled because PHP is a very good language. Char and varchar and numbers map easily to string and float/integer, and so forth. I have told you this before. It is the same as stating that driving a motocycle naked and without helmet you will drive faster than clothed with the helmet on. It is not the same thing, but unfortunately for the victim users that have fallen for your argument they did not notice that your abstraction can only be faster by doing less, meaning providing less portability support. Of course. Unneeded portability that is not used by most users is of no interest to me. You disagree. That is fine. The code is there for people to read. Let them judge for themselves. John, as a marketeer you still have a lot to learn before you realize that you can't fool everybody! Next you will release ADODB XP the one that makes hidden connections to your site to track what the users are doing! hehehe :-) Don't worry, nobody will sue you for the abusing the monopoly of applications for your PHP ADO DB! :-) Manuel Lemos Manuel, you might not believe me, but what you are saying will make people shy away from working with you in the future. Treating people with respect is more productive. I don't really want to spend my time defending myself when I can be doing something else. So I leave this thread to you and to you alone. The floor is yours. Keep it clean. John -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] form posting to a fake page
I assume form works correctly if you go directly to your index page. You need to show us the html code for your form. Make sure your action= is set properly. If you are using PHP you need to show relevant code. Please be more specific about your domain, www.mydomain.com/mypage.html does not allow anyone to go to the site and view the behavior or view your html to make sure everything is ok. Jason -Original Message- From: [ rswfire ] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 17, 2002 1:04 PM To: [EMAIL PROTECTED] Subject: [PHP] form posting to a fake page I am having a problem with posted variables showing up on a redirected page... When someone access the page www.mydomain.com/mypage.html - it does not actually exist so my 404 errordocument is called (which is the root index.php file) - the index.php file knows what to do and creates an appropriate page - my entire network works in this fashion. Unfortunately, if someone completes a form, the posted variables do not seem to show up. I'm not sure what I can do about this. I cannot redesign my entire network because of this one problem - does any one have any suggestions? -rsw _ Send and receive Hotmail on your mobile device: http://mobile.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] form posting to a fake page
Yes it works fine if I access it directly from index.php. The action property is set appropriately. I believe the problem lies in the fact that it is redirected in the background because the page is not real, so I'm assuming it is an Apache behaviour as opposed to a PHP limitation. Original Message Follows From: SHEETS,JASON (Non-HP-Boise,ex1) [EMAIL PROTECTED] To: '[ rswfire ]' [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: RE: [PHP] form posting to a fake page Date: Wed, 17 Apr 2002 15:29:56 -0400 I assume form works correctly if you go directly to your index page. You need to show us the html code for your form. Make sure your action= is set properly. If you are using PHP you need to show relevant code. Please be more specific about your domain, www.mydomain.com/mypage.html does not allow anyone to go to the site and view the behavior or view your html to make sure everything is ok. Jason -Original Message- From: [ rswfire ] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 17, 2002 1:04 PM To: [EMAIL PROTECTED] Subject: [PHP] form posting to a fake page I am having a problem with posted variables showing up on a redirected page... When someone access the page www.mydomain.com/mypage.html - it does not actually exist so my 404 errordocument is called (which is the root index.php file) - the index.php file knows what to do and creates an appropriate page - my entire network works in this fashion. Unfortunately, if someone completes a form, the posted variables do not seem to show up. I'm not sure what I can do about this. I cannot redesign my entire network because of this one problem - does any one have any suggestions? -rsw _ Send and receive Hotmail on your mobile device: http://mobile.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ Send and receive Hotmail on your mobile device: http://mobile.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] form posting to a fake page
Actually, I believe this is a browser problem. The browser does not resubmit POST data after a redirect (302 returned), so your final page never sees the data. I had a similar problem where I was redirecting in certain cases and could never get the POST data to come up on the final page. (Testing this with both IE and Netscape) Jaime Bozza -Original Message- From: [ rswfire ] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 17, 2002 2:36 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: [PHP] form posting to a fake page Yes it works fine if I access it directly from index.php. The action property is set appropriately. I believe the problem lies in the fact that it is redirected in the background because the page is not real, so I'm assuming it is an Apache behaviour as opposed to a PHP limitation. Original Message Follows From: SHEETS,JASON (Non-HP-Boise,ex1) [EMAIL PROTECTED] To: '[ rswfire ]' [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: RE: [PHP] form posting to a fake page Date: Wed, 17 Apr 2002 15:29:56 -0400 I assume form works correctly if you go directly to your index page. You need to show us the html code for your form. Make sure your action= is set properly. If you are using PHP you need to show relevant code. Please be more specific about your domain, www.mydomain.com/mypage.html does not allow anyone to go to the site and view the behavior or view your html to make sure everything is ok. Jason -Original Message- From: [ rswfire ] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 17, 2002 1:04 PM To: [EMAIL PROTECTED] Subject: [PHP] form posting to a fake page I am having a problem with posted variables showing up on a redirected page... When someone access the page www.mydomain.com/mypage.html - it does not actually exist so my 404 errordocument is called (which is the root index.php file) - the index.php file knows what to do and creates an appropriate page - my entire network works in this fashion. Unfortunately, if someone completes a form, the posted variables do not seem to show up. I'm not sure what I can do about this. I cannot redesign my entire network because of this one problem - does any one have any suggestions? -rsw _ Send and receive Hotmail on your mobile device: http://mobile.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ Send and receive Hotmail on your mobile device: http://mobile.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] form posting to a fake page
See, now that makes sense. So it sounds like there's really nothing that can be done except to have it post directly to the index.php file along with an environment variable indicating what page is posting the data. This is what I have been doing as a workaround already, it's just not the ideal solution. Thank you. Original Message Follows From: Jaime Bozza [EMAIL PROTECTED] To: '[ rswfire ]' [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: RE: [PHP] form posting to a fake page Date: Wed, 17 Apr 2002 14:46:23 -0500 Actually, I believe this is a browser problem. The browser does not resubmit POST data after a redirect (302 returned), so your final page never sees the data. I had a similar problem where I was redirecting in certain cases and could never get the POST data to come up on the final page. (Testing this with both IE and Netscape) Jaime Bozza -Original Message- From: [ rswfire ] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 17, 2002 2:36 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: [PHP] form posting to a fake page Yes it works fine if I access it directly from index.php. The action property is set appropriately. I believe the problem lies in the fact that it is redirected in the background because the page is not real, so I'm assuming it is an Apache behaviour as opposed to a PHP limitation. Original Message Follows From: SHEETS,JASON (Non-HP-Boise,ex1) [EMAIL PROTECTED] To: '[ rswfire ]' [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: RE: [PHP] form posting to a fake page Date: Wed, 17 Apr 2002 15:29:56 -0400 I assume form works correctly if you go directly to your index page. You need to show us the html code for your form. Make sure your action= is set properly. If you are using PHP you need to show relevant code. Please be more specific about your domain, www.mydomain.com/mypage.html does not allow anyone to go to the site and view the behavior or view your html to make sure everything is ok. Jason -Original Message- From: [ rswfire ] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 17, 2002 1:04 PM To: [EMAIL PROTECTED] Subject: [PHP] form posting to a fake page I am having a problem with posted variables showing up on a redirected page... When someone access the page www.mydomain.com/mypage.html - it does not actually exist so my 404 errordocument is called (which is the root index.php file) - the index.php file knows what to do and creates an appropriate page - my entire network works in this fashion. Unfortunately, if someone completes a form, the posted variables do not seem to show up. I'm not sure what I can do about this. I cannot redesign my entire network because of this one problem - does any one have any suggestions? -rsw _ Send and receive Hotmail on your mobile device: http://mobile.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ Send and receive Hotmail on your mobile device: http://mobile.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form posting to a fake page
On Wednesday, April 17, 2002, at 03:36 PM, [ rswfire ] wrote: Yes it works fine if I access it directly from index.php. The action property is set appropriately. I believe the problem lies in the fact that it is redirected in the background because the page is not real, so I'm assuming it is an Apache behaviour as opposed to a PHP limitation. I could be completely wrong here, but any posted data would be lost since you have redirected. For all intents and purposes, this is like a new HTTP request, and without state maintenance somehow (ie session variables), you will need to come up with a way to pass this data along to the redirected-to page. Again, I could be completely off-base in this assumption, I'm just working off of logic here and not any knowledge of how Apache's redirect actually works. Erik Erik Price Web Developer Temp Media Lab, H.H. Brown [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form posting to a fake page
On Wednesday, April 17, 2002, at 03:49 PM, [ rswfire ] wrote: See, now that makes sense. So it sounds like there's really nothing that can be done except to have it post directly to the index.php file along with an environment variable indicating what page is posting the data. This is what I have been doing as a workaround already, it's just not the ideal solution. Thank you. You could pass the data along the querystring, maybe. I'm not sure how the redirect works exactly, but if you are using PHP or Perl then you should be able to grab the GET and POST data and throw it onto the querystring. Erik Erik Price Web Developer Temp Media Lab, H.H. Brown [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] unsetting object references
Hey, sorry to bother you all but I have another obscure question about objects in PHP (yes I really do care about the answer)... I'm simply wondering if I unset() a reference to an object, whether or not it destroys that object, if there are other references to it that still exist. $_SESSION['object'] = serialize($object); (in another script:) $object = unserialize($_SESSION['object']); // do some stuff with $object unset($object); What's going on with my $_SESSION['object'] ? Erik Erik Price Web Developer Temp Media Lab, H.H. Brown [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form posting to a fake page
That's the way apache works - it's not specific to PHP. The same happens under mod_perl, for example. Redirects ALWAYS lose any posted information. You have to save the form data a different way, such as in a session variable. -- Barry Hoggard Tristan Media LLC e: [EMAIL PROTECTED] p: 212-627-1596 aim: hoggardb -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] unsetting object references
Erik Price wrote: Hey, sorry to bother you all but I have another obscure question about objects in PHP (yes I really do care about the answer)... I'm simply wondering if I unset() a reference to an object, whether or not it destroys that object, if there are other references to it that still exist. $_SESSION['object'] = serialize($object); (in another script:) $object = unserialize($_SESSION['object']); // do some stuff with $object unset($object); What's going on with my $_SESSION['object'] ? In the example you are providing $object and $_SESSION['object'] aren't even the same thing and unless something else is referencing $object then $object will be deleted. Now if what you meant was the following: $objectFoo = new MyObject(); $objectFee = $objectFoo; unset( $objectFoo ); Then the object shouldn't be deleted since $objectFee is still referencing it. You will just break the reference. Correct me if I'm wrong *chuckle* Cheers, Rob. -- .-. | Robert Cummings | :-`. | Webdeployer - Chief PHP and Java Programmer | :--: | Mail : mailto:[EMAIL PROTECTED] | | Phone : (613) 731-4046 x.109 | :--: | Website : http://www.webmotion.com | | Fax : (613) 260-9545 | `--' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form posting to a fake page
It would still require some knowledge of the posted data. If someone clicks a submit button, and it is posting to a page that doesn't really exist, then when the index.php file gets called as a 404 errordocument, the posted variables are already lost, so it wouldn't be possible to access the posted variables in any fashion. The only possibility might be if Apache had some way of dealing with this scenario and I am not that familiar with how Apache works. And so, that leaves me with the only workaround I do know, post to a page that does exist! It's just not the ideal solution, but it works. Original Message Follows From: Erik Price [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: [PHP] form posting to a fake page Date: Wed, 17 Apr 2002 15:53:55 -0400 On Wednesday, April 17, 2002, at 03:49 PM, [ rswfire ] wrote: See, now that makes sense. So it sounds like there's really nothing that can be done except to have it post directly to the index.php file along with an environment variable indicating what page is posting the data. This is what I have been doing as a workaround already, it's just not the ideal solution. Thank you. You could pass the data along the querystring, maybe. I'm not sure how the redirect works exactly, but if you are using PHP or Perl then you should be able to grab the GET and POST data and throw it onto the querystring. Erik Erik Price Web Developer Temp Media Lab, H.H. Brown [EMAIL PROTECTED] _ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] (MySql) INSERTing into MULTIPLE tables
Hi, I was wondering if the way I am inserting into multiple tables is safe as far as when there are many simultaneous insertions at a given time. Basically, there are two tables, first I insert into main table where there's username and password (and first/last name, email) and then I get the auto_number from that table for the record and insert that auto_number along with more info into secondary table with more info about the user. $query4accounts=insert into accounts (username, password, fname, lname, email) values ('$username', password('$password'), '$fname_eng', '$lname_eng', '$email'); $result=mysql_query($query4accounts) or die (ERROR); $getid=mysql_query(select * from accounts where username='$username'); $tmp=mysql_fetch_array($getid); $userid=$tmp['userid']; $query4gallery=insert into talkroom_gallery (userid, talkroom_active, sex, about_eng, livenow_eng, photograph, emailnopublic, homepage, icq, msn, aim, yahoo) values ('$userid', '$talkroom_active_variable', '$sex', '$about_eng', '$livenow_eng', '$photograph', '$nopublic', '$homepage', '$icq', '$msn', '$aim', '$yahoo'); mysql_query($query4gallery) or die (ERROR); Thanks in advance for feedback and possible alternatives. Vlad http://vladik.tripod.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] file delete...
How can I delete a file in php? thanks in advance, Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] SafeExtract() ... extract securily
Sounds really good to be! Now if they would code this into PHP, it would be perfect. This would solve several security issues. Matthew Walker Senior Software Engineer ePliant Marketing -Original Message- From: Amit Arora [mailto:[EMAIL PROTECTED] (nospam)] Sent: Wednesday, April 17, 2002 11:13 AM To: [EMAIL PROTECTED] Subject: [PHP] SafeExtract() ... extract securily Hi, For security reasons ... Global Variables is to be turned off ... But the global variables was an hassle free way to get the variables into the global scope. Here is an alternate to it and do it securily ... A simple example would be ... Just use the following function on top of the code ... SafeExtract( array( 'any' = array( 'name', 'userid' ), 'post' = array( 'password', 'credit_card_number' ) 'get' = array( 'url', 'key' ), 'cookie' = array( 'last_visit', 'last_activity' ) ); Above code means ... Variables 'name' and 'userid' would be made global if present in GET, POST, COOKIE variables Variables 'password' and 'credit_card_number' would be made global if present ONLY in POST vars else would be unset Variables 'url' and 'key' would be made global if present ONLY in GET vars else would be unset Variables 'last_visit' and 'last_activity' would be made global if present ONLY in COOKIE vars else would be unset that is if you try to pass 'password' from GET variables, it would not be made global, and in fact if there is a variable in global scope as 'password' it would be unset the function also takes care of striping slashes from the variables ... Any comments, suggestion or error reports would be helpful ... Amit Arora (http://www.digitalamit.com/) Earn Money by reading short emails ... http://hits4pay.com/members/index.cgi?digitalamit --- --- // Copyright Amit Arora (c) 2002 // Following code is part of phpObjects // Permission given to use the code as is in whole. // http://www.digitalamit.com/ // Create variables for PHP3 and pre PHP 4.1 if (isset($HTTP_GET_VARS)) { $_GET = $HTTP_GET_VARS; } if (isset($HTTP_POST_VARS)) { $_POST = $HTTP_POST_VARS; } if (isset($HTTP_COOKIE_VARS)) { $_COOKIE = $HTTP_COOKIE_VARS; } /* Function SafeExtract() Safely extract the Parameter: array1, array2, ... */ function SafeExtract() { global $_GET, $_POST, $_COOKIE; foreach( func_get_args() as $v ) { if( is_array( $v ) ) while( list( $key, $value ) = each( $v ) ) { switch ( $key ) { case 'any': if ( is_array( $value ) ) foreach ( $value as $e ) { if ( isset($_COOKIE[$e]) ) $GLOBALS[$e] = $_COOKIE[$e]; if ( isset($_POST[$e]) ) $GLOBALS[$e] = (get_magic_quotes_gpc() ? stripslashes($_POST[$e]) : $_POST[$e]); if ( isset($_GET[$e]) ) $GLOBALS[$e] = (get_magic_quotes_gpc() ? stripslashes($_GET[$e]): $_GET[$e]); } break; case 'get': if ( is_array( $value ) ) foreach ( $value as $e ) { if ( isset($_GET[$e]) ) { $GLOBALS[$e] = (get_magic_quotes_gpc() ? stripslashes($_GET[$e]): $_GET[$e]); } else { unset( $GLOBALS[$e] ); } } break; case 'post': if ( is_array( $value ) ) foreach ( $value as $e ) { if ( isset($_POST[$e]) ) { $GLOBALS[$e] = (get_magic_quotes_gpc() ? stripslashes($_POST[$e]) : $_POST[$e]); } else { unset( $GLOBALS[$e] ); } } break; case 'cookie': if ( is_array( $value ) ) foreach ( $value as $e ) { if ( isset($_COOKIE[$e]) ) { $GLOBALS[$e] = $_COOKIE[$e]; } else { unset( $GLOBALS[$e] ); } } break; } } } } -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.345 / Virus
Re: [PHP] unsetting object references
On Wednesday, April 17, 2002, at 03:59 PM, Robert Cummings wrote: Now if what you meant was the following: $objectFoo = new MyObject(); $objectFee = $objectFoo; unset( $objectFoo ); Then the object shouldn't be deleted since $objectFee is still referencing it. You will just break the reference. Correct me if I'm wrong *chuckle* What if I did $objectFoo = new MyObject; $objectFee = $objectFoo; unset($objectFoo); essentially, does PHP make a (deep|shallow) copy of an object in this reassignment, or is it just creating a new reference? Erik Erik Price Web Developer Temp Media Lab, H.H. Brown [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] file delete...
According to this, you should actually use unlink, but delete is available. http://www.php.net/manual/en/function.delete.php -Natalie -Original Message- From: jas [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 17, 2002 4:08 AM To: [EMAIL PROTECTED] Subject: [PHP] file delete... How can I delete a file in php? thanks in advance, Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] unsetting object references
Erik Price wrote: On Wednesday, April 17, 2002, at 03:59 PM, Robert Cummings wrote: Now if what you meant was the following: $objectFoo = new MyObject(); $objectFee = $objectFoo; unset( $objectFoo ); Then the object shouldn't be deleted since $objectFee is still referencing it. You will just break the reference. Correct me if I'm wrong *chuckle* What if I did $objectFoo = new MyObject; $objectFee = $objectFoo; unset($objectFoo); essentially, does PHP make a (deep|shallow) copy of an object in this reassignment, or is it just creating a new reference? Should be a copy, and it should be safe... though I recall a discussion last week that displayed an interesting bug (feature?). Cheers, Rob. -- .-. | Robert Cummings | :-`. | Webdeployer - Chief PHP and Java Programmer | :--: | Mail : mailto:[EMAIL PROTECTED] | | Phone : (613) 731-4046 x.109 | :--: | Website : http://www.webmotion.com | | Fax : (613) 260-9545 | `--' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Global variable
I have developed a simple login script. Right now it will check a submitted username and password and verify it against a database. This part works fairly well, however I want to know how to assign a variable that will pass through to the next page(s) to do something like: if verified == 1 then {display the page} else {display error message} My apoligies on the syntax of the above, but hopefully you will get the idea. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql quickie..
- Original Message - From: Robert Cummings [EMAIL PROTECTED] To: Richard Emery [EMAIL PROTECTED] Cc: Kelly Meeks [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Wednesday, April 17, 2002 1:49 PM Subject: Re: [PHP] mysql quickie.. Richard Emery wrote: I've seen other responses to your request answer with some VERY UGLY methods to get the last id. Hey my method wasn't ugly, perhaps not optimal, but definately not ugly! So *ptht* ;) ROFL... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Global variable
The best way for this is to use sessions. What you do is you check the identity and if it's valid you create a session with name 'validuser' or whatever the name you want. Then any secure operations/actions along the script you'll check for this session name if it exists. I can demonstrate how I did this on my application. Vlad -Original Message- From: Erich Kolb [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 17, 2002 4:07 PM To: [EMAIL PROTECTED] Subject: [PHP] Global variable I have developed a simple login script. Right now it will check a submitted username and password and verify it against a database. This part works fairly well, however I want to know how to assign a variable that will pass through to the next page(s) to do something like: if verified == 1 then {display the page} else {display error message} My apoligies on the syntax of the above, but hopefully you will get the idea. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] sessions protection
Hi, can anyone advise about another issue that occurred to me. Basically, let's say the cracker know that in my application I create a session variable named auth_user for valid users. Is there a way to hack into it if he knows this session variable name? Example: if($action==edit_personalinformation_update) { if(!session_is_registered(auth_user)) { stop_unauthorized(); // defined function that prints an error message return; } //SECURE OPERATIONS } -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form posting to a fake page
On Wed, 17 Apr 2002, [ rswfire ] wrote: It would still require some knowledge of the posted data. If someone clicks a submit button, and it is posting to a page that doesn't really exist, then when the index.php file gets called as a 404 errordocument, the posted variables are already lost, so it wouldn't be possible to access the posted variables in any fashion. The only possibility might be if Apache had some way of dealing with this scenario and I am not that familiar with how Apache works. And so, that leaves me with the only workaround I do know, post to a page that does exist! It's just not the ideal solution, but it works. Well, depending on the quantity of posted data, you could go through $_POST[] and turn them into GET args and pass them along to the appropriate page (not that I really understand what you're trying to do). miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form posting to a fake page
$_POST[] variables do not exist on a redirected page; that's the problem! Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] form posting to a fake page Date: Wed, 17 Apr 2002 15:56:32 -0500 (CDT) On Wed, 17 Apr 2002, [ rswfire ] wrote: It would still require some knowledge of the posted data. If someone clicks a submit button, and it is posting to a page that doesn't really exist, then when the index.php file gets called as a 404 errordocument, the posted variables are already lost, so it wouldn't be possible to access the posted variables in any fashion. The only possibility might be if Apache had some way of dealing with this scenario and I am not that familiar with how Apache works. And so, that leaves me with the only workaround I do know, post to a page that does exist! It's just not the ideal solution, but it works. Well, depending on the quantity of posted data, you could go through $_POST[] and turn them into GET args and pass them along to the appropriate page (not that I really understand what you're trying to do). miguel _ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form posting to a fake page
Your error handler would read them and then construct a redirect containing the form data in querystring format. miguel On Wed, 17 Apr 2002, [ rswfire ] wrote: $_POST[] variables do not exist on a redirected page; that's the problem! Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] form posting to a fake page Date: Wed, 17 Apr 2002 15:56:32 -0500 (CDT) On Wed, 17 Apr 2002, [ rswfire ] wrote: It would still require some knowledge of the posted data. If someone clicks a submit button, and it is posting to a page that doesn't really exist, then when the index.php file gets called as a 404 errordocument, the posted variables are already lost, so it wouldn't be possible to access the posted variables in any fashion. The only possibility might be if Apache had some way of dealing with this scenario and I am not that familiar with how Apache works. And so, that leaves me with the only workaround I do know, post to a page that does exist! It's just not the ideal solution, but it works. Well, depending on the quantity of posted data, you could go through $_POST[] and turn them into GET args and pass them along to the appropriate page (not that I really understand what you're trying to do). miguel _ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form posting to a fake page
No, the error handler does not have access to the posted data. The problem in a nutshell: 1. Person fills out form; clicks submit 2. Form action property is called; server notices the page is not real (Data is lost here) 3. Error handler is called Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] form posting to a fake page Date: Wed, 17 Apr 2002 16:00:17 -0500 (CDT) Your error handler would read them and then construct a redirect containing the form data in querystring format. miguel On Wed, 17 Apr 2002, [ rswfire ] wrote: $_POST[] variables do not exist on a redirected page; that's the problem! Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] form posting to a fake page Date: Wed, 17 Apr 2002 15:56:32 -0500 (CDT) On Wed, 17 Apr 2002, [ rswfire ] wrote: It would still require some knowledge of the posted data. If someone clicks a submit button, and it is posting to a page that doesn't really exist, then when the index.php file gets called as a 404 errordocument, the posted variables are already lost, so it wouldn't be possible to access the posted variables in any fashion. The only possibility might be if Apache had some way of dealing with this scenario and I am not that familiar with how Apache works. And so, that leaves me with the only workaround I do know, post to a page that does exist! It's just not the ideal solution, but it works. Well, depending on the quantity of posted data, you could go through $_POST[] and turn them into GET args and pass them along to the appropriate page (not that I really understand what you're trying to do). miguel _ Chat with friends online, try MSN Messenger: http://messenger.msn.com _ Send and receive Hotmail on your mobile device: http://mobile.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] file delete...
On Wed, 2002-04-17 at 13:12, Leotta, Natalie (NCI/IMS) wrote: According to this, you should actually use unlink, but delete is available. http://www.php.net/manual/en/function.delete.php -Natalie That's not actually what the page says...;) -Original Message- From: jas [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 17, 2002 4:08 AM To: [EMAIL PROTECTED] Subject: [PHP] file delete... How can I delete a file in php? thanks in advance, Jas -- Torben Wilson [EMAIL PROTECTED] http://www.thebuttlesschaps.com http://www.hybrid17.com http://www.inflatableeye.com +1.604.709.0506 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form posting to a fake page
You could try the following but I don't know if it would work on your set up. 1. have the form go to a php page that has no output to the screen. 2. store the input info in a database or file. 3. use a header(location: index.php) to go to your website index page. 4. use php on your index.php page to pick up the data from the database and display it. Hope this helps, Hugh - Original Message - From: [ rswfire ] [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Wednesday, April 17, 2002 2:03 PM Subject: Re: [PHP] form posting to a fake page No, the error handler does not have access to the posted data. The problem in a nutshell: 1. Person fills out form; clicks submit 2. Form action property is called; server notices the page is not real (Data is lost here) 3. Error handler is called Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] form posting to a fake page Date: Wed, 17 Apr 2002 16:00:17 -0500 (CDT) Your error handler would read them and then construct a redirect containing the form data in querystring format. miguel On Wed, 17 Apr 2002, [ rswfire ] wrote: $_POST[] variables do not exist on a redirected page; that's the problem! Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] form posting to a fake page Date: Wed, 17 Apr 2002 15:56:32 -0500 (CDT) On Wed, 17 Apr 2002, [ rswfire ] wrote: It would still require some knowledge of the posted data. If someone clicks a submit button, and it is posting to a page that doesn't really exist, then when the index.php file gets called as a 404 errordocument, the posted variables are already lost, so it wouldn't be possible to access the posted variables in any fashion. The only possibility might be if Apache had some way of dealing with this scenario and I am not that familiar with how Apache works. And so, that leaves me with the only workaround I do know, post to a page that does exist! It's just not the ideal solution, but it works. Well, depending on the quantity of posted data, you could go through $_POST[] and turn them into GET args and pass them along to the appropriate page (not that I really understand what you're trying to do). miguel _ Chat with friends online, try MSN Messenger: http://messenger.msn.com _ Send and receive Hotmail on your mobile device: http://mobile.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] file delete...
Did you check the manual? Like php.net/delete perhaps which tells you the PHP function that does this is actually called unlink(). -Rasmus On Wed, 17 Apr 2002, jas wrote: How can I delete a file in php? thanks in advance, Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form posting to a fake page (another idea)
I'm not trying to make the page redirect anywhere. I'm trying to create the illusion of there being many pages when there is only one doing all the work. For example: http://hsdnetwork.swifte.net/technicians.html The page, technicians.html, does not really exist. The server knows this and so calls(redirects) the root index.php file. Why must it redirect? Why can't Apache just substitute the index.php file without doing anything else?? That's the real problem! If it did that, the posted variables would be available. If you click the submit button on this page, you will see what I have had to do to get around this. The action property is set to index.php?login=attemptpage=/technicians.html when I would like the action property to be ?login=attempt. This really shouldn't be so complicated! :-) Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] form posting to a fake page Date: Wed, 17 Apr 2002 16:00:17 -0500 (CDT) Your error handler would read them and then construct a redirect containing the form data in querystring format. miguel On Wed, 17 Apr 2002, [ rswfire ] wrote: $_POST[] variables do not exist on a redirected page; that's the problem! Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] form posting to a fake page Date: Wed, 17 Apr 2002 15:56:32 -0500 (CDT) On Wed, 17 Apr 2002, [ rswfire ] wrote: It would still require some knowledge of the posted data. If someone clicks a submit button, and it is posting to a page that doesn't really exist, then when the index.php file gets called as a 404 errordocument, the posted variables are already lost, so it wouldn't be possible to access the posted variables in any fashion. The only possibility might be if Apache had some way of dealing with this scenario and I am not that familiar with how Apache works. And so, that leaves me with the only workaround I do know, post to a page that does exist! It's just not the ideal solution, but it works. Well, depending on the quantity of posted data, you could go through $_POST[] and turn them into GET args and pass them along to the appropriate page (not that I really understand what you're trying to do). miguel _ Chat with friends online, try MSN Messenger: http://messenger.msn.com _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form posting to a fake page
Gotcha. My bad. Sounds like you're in for a long night's adventure with mod_rewrite. miguel On Wed, 17 Apr 2002, [ rswfire ] wrote: No, the error handler does not have access to the posted data. The problem in a nutshell: 1. Person fills out form; clicks submit 2. Form action property is called; server notices the page is not real (Data is lost here) 3. Error handler is called Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] form posting to a fake page Date: Wed, 17 Apr 2002 16:00:17 -0500 (CDT) Your error handler would read them and then construct a redirect containing the form data in querystring format. miguel On Wed, 17 Apr 2002, [ rswfire ] wrote: $_POST[] variables do not exist on a redirected page; that's the problem! Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] form posting to a fake page Date: Wed, 17 Apr 2002 15:56:32 -0500 (CDT) On Wed, 17 Apr 2002, [ rswfire ] wrote: It would still require some knowledge of the posted data. If someone clicks a submit button, and it is posting to a page that doesn't really exist, then when the index.php file gets called as a 404 errordocument, the posted variables are already lost, so it wouldn't be possible to access the posted variables in any fashion. The only possibility might be if Apache had some way of dealing with this scenario and I am not that familiar with how Apache works. And so, that leaves me with the only workaround I do know, post to a page that does exist! It's just not the ideal solution, but it works. Well, depending on the quantity of posted data, you could go through $_POST[] and turn them into GET args and pass them along to the appropriate page (not that I really understand what you're trying to do). miguel _ Chat with friends online, try MSN Messenger: http://messenger.msn.com _ Send and receive Hotmail on your mobile device: http://mobile.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] (MySql) INSERTing into MULTIPLE tables
That's fine, but you don't need the intermediate select step. Just use mysql_insert_id() to get the value of userid. auto_increment values are guaranteed to be unique no matter how quickly you are inserting. miguel On Wed, 17 Apr 2002, Vladislav Kulchitski wrote: Hi, I was wondering if the way I am inserting into multiple tables is safe as far as when there are many simultaneous insertions at a given time. Basically, there are two tables, first I insert into main table where there's username and password (and first/last name, email) and then I get the auto_number from that table for the record and insert that auto_number along with more info into secondary table with more info about the user. $query4accounts=insert into accounts (username, password, fname, lname, email) values ('$username', password('$password'), '$fname_eng', '$lname_eng', '$email'); $result=mysql_query($query4accounts) or die (ERROR); $getid=mysql_query(select * from accounts where username='$username'); $tmp=mysql_fetch_array($getid); $userid=$tmp['userid']; $query4gallery=insert into talkroom_gallery (userid, talkroom_active, sex, about_eng, livenow_eng, photograph, emailnopublic, homepage, icq, msn, aim, yahoo) values ('$userid', '$talkroom_active_variable', '$sex', '$about_eng', '$livenow_eng', '$photograph', '$nopublic', '$homepage', '$icq', '$msn', '$aim', '$yahoo'); mysql_query($query4gallery) or die (ERROR); Thanks in advance for feedback and possible alternatives. Vlad http://vladik.tripod.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] sessions protection
On Wednesday, April 17, 2002, at 04:40 PM, Vladislav Kulchitski wrote: Basically, let's say the cracker know that in my application I create a session variable named auth_user for valid users. Is there a way to hack into it if he knows this session variable name? Example: if($action==edit_personalinformation_update) { if(!session_is_registered(auth_user)) { stop_unauthorized(); // defined function that prints an error message return; } //SECURE OPERATIONS } Technically, your scheme should work fine. Since you are not simply testing for the presence of that variable, but whether or not it is actually a session variable, the person must have a session ID that says that this session variable is in fact a session variable of theirs. This is difficult (not impossible) to achieve without having properly logged in, so you should be okay. But, consider turning register_globals off. You get a lot more security, and it works in this same fashion -- checks to make sure that the variable doesn't just exist, but is coming from the right source (superglobal array, actually). BTW if you are using PHP 4.1.x, the manual suggests that you use isset($_SESSION['auth_user']) rather than session_is_registered(). Erik Erik Price Web Developer Temp Media Lab, H.H. Brown [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form posting to a fake page (another idea)
Have a look at http://httpd.apache.org/docs/misc/rewriteguide.html which gives countless examples of using mod_rewrite rules for this sort of thing. You can direct all requests to a single page and then let that page sort things out as it pleases. These are processed internal to the server without redirects (unless you want to use a redirect) and POST data is preserved. miguel On Wed, 17 Apr 2002, [ rswfire ] wrote: I'm not trying to make the page redirect anywhere. I'm trying to create the illusion of there being many pages when there is only one doing all the work. For example: http://hsdnetwork.swifte.net/technicians.html The page, technicians.html, does not really exist. The server knows this and so calls(redirects) the root index.php file. Why must it redirect? Why can't Apache just substitute the index.php file without doing anything else?? That's the real problem! If it did that, the posted variables would be available. If you click the submit button on this page, you will see what I have had to do to get around this. The action property is set to index.php?login=attemptpage=/technicians.html when I would like the action property to be ?login=attempt. This really shouldn't be so complicated! :-) Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] form posting to a fake page Date: Wed, 17 Apr 2002 16:00:17 -0500 (CDT) Your error handler would read them and then construct a redirect containing the form data in querystring format. miguel On Wed, 17 Apr 2002, [ rswfire ] wrote: $_POST[] variables do not exist on a redirected page; that's the problem! Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] form posting to a fake page Date: Wed, 17 Apr 2002 15:56:32 -0500 (CDT) On Wed, 17 Apr 2002, [ rswfire ] wrote: It would still require some knowledge of the posted data. If someone clicks a submit button, and it is posting to a page that doesn't really exist, then when the index.php file gets called as a 404 errordocument, the posted variables are already lost, so it wouldn't be possible to access the posted variables in any fashion. The only possibility might be if Apache had some way of dealing with this scenario and I am not that familiar with how Apache works. And so, that leaves me with the only workaround I do know, post to a page that does exist! It's just not the ideal solution, but it works. Well, depending on the quantity of posted data, you could go through $_POST[] and turn them into GET args and pass them along to the appropriate page (not that I really understand what you're trying to do). miguel _ Chat with friends online, try MSN Messenger: http://messenger.msn.com _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form posting to a fake page
On Wednesday, April 17, 2002, at 04:57 PM, [ rswfire ] wrote: $_POST[] variables do not exist on a redirected page; that's the problem! They would exist if you were using a PHP script with header() to do your redirect rather than an Apache feature. I think this is what Miguel, and myself earlier, was suggesting. Erik Erik Price Web Developer Temp Media Lab, H.H. Brown [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form posting to a fake page (another idea)
I'm really not good with the ereg stuff; I wouldn't even know where to start. It's really quite simple what I need to have happen. *.DOMAIN.COM/*.* needs to access /index.php My network handles multiple domains/subdomains; so it's important it can work with them all. Any ideas? Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] form posting to a fake page (another idea) Date: Wed, 17 Apr 2002 16:29:40 -0500 (CDT) Have a look at http://httpd.apache.org/docs/misc/rewriteguide.html which gives countless examples of using mod_rewrite rules for this sort of thing. You can direct all requests to a single page and then let that page sort things out as it pleases. These are processed internal to the server without redirects (unless you want to use a redirect) and POST data is preserved. miguel On Wed, 17 Apr 2002, [ rswfire ] wrote: I'm not trying to make the page redirect anywhere. I'm trying to create the illusion of there being many pages when there is only one doing all the work. For example: http://hsdnetwork.swifte.net/technicians.html The page, technicians.html, does not really exist. The server knows this and so calls(redirects) the root index.php file. Why must it redirect? Why can't Apache just substitute the index.php file without doing anything else?? That's the real problem! If it did that, the posted variables would be available. If you click the submit button on this page, you will see what I have had to do to get around this. The action property is set to index.php?login=attemptpage=/technicians.html when I would like the action property to be ?login=attempt. This really shouldn't be so complicated! :-) Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] form posting to a fake page Date: Wed, 17 Apr 2002 16:00:17 -0500 (CDT) Your error handler would read them and then construct a redirect containing the form data in querystring format. miguel On Wed, 17 Apr 2002, [ rswfire ] wrote: $_POST[] variables do not exist on a redirected page; that's the problem! Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] form posting to a fake page Date: Wed, 17 Apr 2002 15:56:32 -0500 (CDT) On Wed, 17 Apr 2002, [ rswfire ] wrote: It would still require some knowledge of the posted data. If someone clicks a submit button, and it is posting to a page that doesn't really exist, then when the index.php file gets called as a 404 errordocument, the posted variables are already lost, so it wouldn't be possible to access the posted variables in any fashion. The only possibility might be if Apache had some way of dealing with this scenario and I am not that familiar with how Apache works. And so, that leaves me with the only workaround I do know, post to a page that does exist! It's just not the ideal solution, but it works. Well, depending on the quantity of posted data, you could go through $_POST[] and turn them into GET args and pass them along to the appropriate page (not that I really understand what you're trying to do). miguel _ Chat with friends online, try MSN Messenger: http://messenger.msn.com _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] verify file types when uploading to server...
I am wondering if any one has a good idea on how to do checking based on a files extension, what I am trying to accomplish is to be able to upload files to a webserver however I only want to have .jpg files uploaded. If anyone has a good way to do this please share. Thanks in advance, Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Would this work? (mod_rewrite)
Assume I want *.domain.*/*.* to automatically call index.php (without the user knowing and without any redirecting at all): RewriteEngine on RewriteBase/ RewriteRule*.* index.php [R] I don't know what in the world the [R] is, but it's in almost all of the mod_rewrite examples... :-) _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] sorry i forgot something
*.domain.*/*.* AUTOMATICALLY goes to the root of my web (my isp set this up for me) _ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Would this work? (mod_rewrite)
On Wed, 17 Apr 2002, [ rswfire ] wrote: Assume I want *.domain.*/*.* to automatically call index.php (without the user knowing and without any redirecting at all): RewriteEngine on RewriteBase/ RewriteRule*.* index.php [R] I don't know what in the world the [R] is, but it's in almost all of the mod_rewrite examples... :-) RewriteRule * index.php Don't use the [R] - that tells it to create an external redirect. It's used in many of the examples because in many real-world cases people are using rewrite rules to coax invalid URLs into valid ones, and this way there's at least some chance that the bad ones will get updated. miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] form posting to a fake page
I've done some testing, and it seems that Apache messes with the server variables when it sends the error document. Basically, Apache does *NOT* send an HTTP 302 response. It sends an HTTP 404 response, but outputs the full code from the ErrorDocument. Unfortunately, it changes the REQUEST_METHOD from POST to GET. Also, it creates the following: REDIRECT_ERROR_NOTES REDIRECT_REQUEST_METHOD REDIRECT_STATUS REDIRECT_URL (See http://httpd.apache.org/docs/custom-error.html for more information on the variables) REDIRECT_REQUEST_METHOD contains POST. Also, CONTENT_TYPE is *still* application/x-www-form-urlencoded and CONTENT_LENGTH still equals the size of the POST data, so the data *IS* still being sent, though PHP is most likely ignoring the data since the method does not equal POST. Can anyone from the development team verify this? (CC'ing to php-dev in a separate email so additional comments don't get CC'd as well) If this is the case, this may be a good one for a feature request. If not, using the RewriteEngine may be your only choice. (Looking in /main/main.c, it seems that POST data *is* only parsed when REQUEST_METHOD=POST, so it may end up only being a single line patch) Let us know if you plan on requesting a new feature. Jaime Bozza -Original Message- From: [ rswfire ] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 17, 2002 4:04 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: [PHP] form posting to a fake page No, the error handler does not have access to the posted data. The problem in a nutshell: 1. Person fills out form; clicks submit 2. Form action property is called; server notices the page is not real (Data is lost here) 3. Error handler is called Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] form posting to a fake page Date: Wed, 17 Apr 2002 16:00:17 -0500 (CDT) Your error handler would read them and then construct a redirect containing the form data in querystring format. miguel On Wed, 17 Apr 2002, [ rswfire ] wrote: $_POST[] variables do not exist on a redirected page; that's the problem! Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] form posting to a fake page Date: Wed, 17 Apr 2002 15:56:32 -0500 (CDT) On Wed, 17 Apr 2002, [ rswfire ] wrote: It would still require some knowledge of the posted data. If someone clicks a submit button, and it is posting to a page that doesn't really exist, then when the index.php file gets called as a 404 errordocument, the posted variables are already lost, so it wouldn't be possible to access the posted variables in any fashion. The only possibility might be if Apache had some way of dealing with this scenario and I am not that familiar with how Apache works. And so, that leaves me with the only workaround I do know, post to a page that does exist! It's just not the ideal solution, but it works. Well, depending on the quantity of posted data, you could go through $_POST[] and turn them into GET args and pass them along to the appropriate page (not that I really understand what you're trying to do). miguel _ Chat with friends online, try MSN Messenger: http://messenger.msn.com _ Send and receive Hotmail on your mobile device: http://mobile.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Would this work? (mod_rewrite)
Miguel, if I get this working I am going to be so happy :-) I just tried putting the following in an .htaccess file in my root: RewriteEngine on RewriteBase/ RewriteRule* index.php And it came back with a server misconfiguration. So, did I do something wrong? Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] Would this work? (mod_rewrite) Date: Wed, 17 Apr 2002 16:55:33 -0500 (CDT) On Wed, 17 Apr 2002, [ rswfire ] wrote: Assume I want *.domain.*/*.* to automatically call index.php (without the user knowing and without any redirecting at all): RewriteEngine on RewriteBase/ RewriteRule*.* index.php [R] I don't know what in the world the [R] is, but it's in almost all of the mod_rewrite examples... :-) RewriteRule * index.php Don't use the [R] - that tells it to create an external redirect. It's used in many of the examples because in many real-world cases people are using rewrite rules to coax invalid URLs into valid ones, and this way there's at least some chance that the bad ones will get updated. miguel _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Would this work? (mod_rewrite)
Are you sure your server has mod_rewrite installed? miguel On Wed, 17 Apr 2002, [ rswfire ] wrote: Miguel, if I get this working I am going to be so happy :-) I just tried putting the following in an .htaccess file in my root: RewriteEngine on RewriteBase/ RewriteRule* index.php And it came back with a server misconfiguration. So, did I do something wrong? Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] Would this work? (mod_rewrite) Date: Wed, 17 Apr 2002 16:55:33 -0500 (CDT) On Wed, 17 Apr 2002, [ rswfire ] wrote: Assume I want *.domain.*/*.* to automatically call index.php (without the user knowing and without any redirecting at all): RewriteEngine on RewriteBase/ RewriteRule*.* index.php [R] I don't know what in the world the [R] is, but it's in almost all of the mod_rewrite examples... :-) RewriteRule * index.php Don't use the [R] - that tells it to create an external redirect. It's used in many of the examples because in many real-world cases people are using rewrite rules to coax invalid URLs into valid ones, and this way there's at least some chance that the bad ones will get updated. miguel _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Would this work? (mod_rewrite)
mod_bwlimited, mod_php4, mod_log_bytes, mod_frontpage, mod_ssl, mod_setenvif, mod_so, mod_auth, mod_access, mod_rewrite, mod_alias, mod_userdir, mod_actions, mod_imap, mod_asis, mod_cgi, mod_dir, mod_autoindex, mod_include, mod_status, mod_negotiation, mod_mime, mod_log_config, mod_env, http_core Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] Would this work? (mod_rewrite) Date: Wed, 17 Apr 2002 16:55:33 -0500 (CDT) On Wed, 17 Apr 2002, [ rswfire ] wrote: Assume I want *.domain.*/*.* to automatically call index.php (without the user knowing and without any redirecting at all): RewriteEngine on RewriteBase/ RewriteRule*.* index.php [R] I don't know what in the world the [R] is, but it's in almost all of the mod_rewrite examples... :-) RewriteRule * index.php Don't use the [R] - that tells it to create an external redirect. It's used in many of the examples because in many real-world cases people are using rewrite rules to coax invalid URLs into valid ones, and this way there's at least some chance that the bad ones will get updated. miguel _ Send and receive Hotmail on your mobile device: http://mobile.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] mod_rewrite
.htaccess (returns 500 misconfiguration error message) { RewriteEngine on RewriteBase/ RewriteRule* index.php } http://swifte.net/phpinfo.php (i did not use braces in the .htaccess file) _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Would this work? (mod_rewrite)
[Wed Apr 17 18:04:19 2002] [alert] [client 172.131.190.148] /home/swiften/public_html/.htaccess: RewriteRule: cannot compile regular expression '*' Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] Would this work? (mod_rewrite) Date: Wed, 17 Apr 2002 17:14:13 -0500 (CDT) Do you have access to your server's error_log file? With any luck there'll be a more informative message there (something like Miguel was too lazy to pay sufficient attention to the following Rewrite caveat: xxx). miguel On Wed, 17 Apr 2002, [ rswfire ] wrote: mod_bwlimited, mod_php4, mod_log_bytes, mod_frontpage, mod_ssl, mod_setenvif, mod_so, mod_auth, mod_access, mod_rewrite, mod_alias, mod_userdir, mod_actions, mod_imap, mod_asis, mod_cgi, mod_dir, mod_autoindex, mod_include, mod_status, mod_negotiation, mod_mime, mod_log_config, mod_env, http_core Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] Would this work? (mod_rewrite) Date: Wed, 17 Apr 2002 16:55:33 -0500 (CDT) On Wed, 17 Apr 2002, [ rswfire ] wrote: Assume I want *.domain.*/*.* to automatically call index.php (without the user knowing and without any redirecting at all): RewriteEngine on RewriteBase/ RewriteRule*.* index.php [R] I don't know what in the world the [R] is, but it's in almost all of the mod_rewrite examples... :-) RewriteRule * index.php Don't use the [R] - that tells it to create an external redirect. It's used in many of the examples because in many real-world cases people are using rewrite rules to coax invalid URLs into valid ones, and this way there's at least some chance that the bad ones will get updated. miguel _ Send and receive Hotmail on your mobile device: http://mobile.msn.com _ Send and receive Hotmail on your mobile device: http://mobile.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Would this work? (mod_rewrite)
This rewrite thing will actually be very good for me; my error log file will stop having a million file not found errors :-) I have to tell you guys, I love JTL Networks. They are the best host I have ever had ever! Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] Would this work? (mod_rewrite) Date: Wed, 17 Apr 2002 17:14:13 -0500 (CDT) Do you have access to your server's error_log file? With any luck there'll be a more informative message there (something like Miguel was too lazy to pay sufficient attention to the following Rewrite caveat: xxx). miguel On Wed, 17 Apr 2002, [ rswfire ] wrote: mod_bwlimited, mod_php4, mod_log_bytes, mod_frontpage, mod_ssl, mod_setenvif, mod_so, mod_auth, mod_access, mod_rewrite, mod_alias, mod_userdir, mod_actions, mod_imap, mod_asis, mod_cgi, mod_dir, mod_autoindex, mod_include, mod_status, mod_negotiation, mod_mime, mod_log_config, mod_env, http_core Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] Would this work? (mod_rewrite) Date: Wed, 17 Apr 2002 16:55:33 -0500 (CDT) On Wed, 17 Apr 2002, [ rswfire ] wrote: Assume I want *.domain.*/*.* to automatically call index.php (without the user knowing and without any redirecting at all): RewriteEngine on RewriteBase/ RewriteRule*.* index.php [R] I don't know what in the world the [R] is, but it's in almost all of the mod_rewrite examples... :-) RewriteRule * index.php Don't use the [R] - that tells it to create an external redirect. It's used in many of the examples because in many real-world cases people are using rewrite rules to coax invalid URLs into valid ones, and this way there's at least some chance that the bad ones will get updated. miguel _ Send and receive Hotmail on your mobile device: http://mobile.msn.com _ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Would this work? (mod_rewrite)
You actually want RewriteEngine on RewriteBase / RewriteRule *$ index.php Jason -Original Message- From: [ rswfire ] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 17, 2002 4:20 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: [PHP] Would this work? (mod_rewrite) This rewrite thing will actually be very good for me; my error log file will stop having a million file not found errors :-) I have to tell you guys, I love JTL Networks. They are the best host I have ever had ever! Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] Would this work? (mod_rewrite) Date: Wed, 17 Apr 2002 17:14:13 -0500 (CDT) Do you have access to your server's error_log file? With any luck there'll be a more informative message there (something like Miguel was too lazy to pay sufficient attention to the following Rewrite caveat: xxx). miguel On Wed, 17 Apr 2002, [ rswfire ] wrote: mod_bwlimited, mod_php4, mod_log_bytes, mod_frontpage, mod_ssl, mod_setenvif, mod_so, mod_auth, mod_access, mod_rewrite, mod_alias, mod_userdir, mod_actions, mod_imap, mod_asis, mod_cgi, mod_dir, mod_autoindex, mod_include, mod_status, mod_negotiation, mod_mime, mod_log_config, mod_env, http_core Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] Would this work? (mod_rewrite) Date: Wed, 17 Apr 2002 16:55:33 -0500 (CDT) On Wed, 17 Apr 2002, [ rswfire ] wrote: Assume I want *.domain.*/*.* to automatically call index.php (without the user knowing and without any redirecting at all): RewriteEngine on RewriteBase/ RewriteRule*.* index.php [R] I don't know what in the world the [R] is, but it's in almost all of the mod_rewrite examples... :-) RewriteRule * index.php Don't use the [R] - that tells it to create an external redirect. It's used in many of the examples because in many real-world cases people are using rewrite rules to coax invalid URLs into valid ones, and this way there's at least some chance that the bad ones will get updated. miguel _ Send and receive Hotmail on your mobile device: http://mobile.msn.com _ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Would this work? (mod_rewrite)
And I fall victim to my own stupidity/cache again. You actually want RewriteEngine on RewriteBase / RewriteRule ^$ index.php This works for me on my domain, you can check it out by going to http://demo.shadotechdesigns.com and http://bug.shadonet.com Jason -Original Message- From: [ rswfire ] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 17, 2002 4:20 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: [PHP] Would this work? (mod_rewrite) This rewrite thing will actually be very good for me; my error log file will stop having a million file not found errors :-) I have to tell you guys, I love JTL Networks. They are the best host I have ever had ever! Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] Would this work? (mod_rewrite) Date: Wed, 17 Apr 2002 17:14:13 -0500 (CDT) Do you have access to your server's error_log file? With any luck there'll be a more informative message there (something like Miguel was too lazy to pay sufficient attention to the following Rewrite caveat: xxx). miguel On Wed, 17 Apr 2002, [ rswfire ] wrote: mod_bwlimited, mod_php4, mod_log_bytes, mod_frontpage, mod_ssl, mod_setenvif, mod_so, mod_auth, mod_access, mod_rewrite, mod_alias, mod_userdir, mod_actions, mod_imap, mod_asis, mod_cgi, mod_dir, mod_autoindex, mod_include, mod_status, mod_negotiation, mod_mime, mod_log_config, mod_env, http_core Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] Would this work? (mod_rewrite) Date: Wed, 17 Apr 2002 16:55:33 -0500 (CDT) On Wed, 17 Apr 2002, [ rswfire ] wrote: Assume I want *.domain.*/*.* to automatically call index.php (without the user knowing and without any redirecting at all): RewriteEngine on RewriteBase/ RewriteRule*.* index.php [R] I don't know what in the world the [R] is, but it's in almost all of the mod_rewrite examples... :-) RewriteRule * index.php Don't use the [R] - that tells it to create an external redirect. It's used in many of the examples because in many real-world cases people are using rewrite rules to coax invalid URLs into valid ones, and this way there's at least some chance that the bad ones will get updated. miguel _ Send and receive Hotmail on your mobile device: http://mobile.msn.com _ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Would this work? (mod_rewrite)
Well, it's half working :-( But now I am receiving a 404 error message and the following message in my error log: [Wed Apr 17 18:31:26 2002] [error] [client 172.131.190.148] File does not exist: /home/swiften/public_html/404.shtml [Wed Apr 17 18:31:26 2002] [error] [client 172.131.190.148] File does not exist: /home/swiften/public_html/technicians.html The 404.shtml thing has to do with my ISP. I think that one's out of my control; so is there a work around so it does not try to find that file?? Original Message Follows From: SHEETS,JASON (Non-HP-Boise,ex1) [EMAIL PROTECTED] To: '[ rswfire ]' [EMAIL PROTECTED], [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: RE: [PHP] Would this work? (mod_rewrite) Date: Wed, 17 Apr 2002 18:29:25 -0400 And I fall victim to my own stupidity/cache again. You actually want RewriteEngine on RewriteBase / RewriteRule ^$ index.php This works for me on my domain, you can check it out by going to http://demo.shadotechdesigns.com and http://bug.shadonet.com Jason -Original Message- From: [ rswfire ] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 17, 2002 4:20 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: [PHP] Would this work? (mod_rewrite) This rewrite thing will actually be very good for me; my error log file will stop having a million file not found errors :-) I have to tell you guys, I love JTL Networks. They are the best host I have ever had ever! Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] Would this work? (mod_rewrite) Date: Wed, 17 Apr 2002 17:14:13 -0500 (CDT) Do you have access to your server's error_log file? With any luck there'll be a more informative message there (something like Miguel was too lazy to pay sufficient attention to the following Rewrite caveat: xxx). miguel On Wed, 17 Apr 2002, [ rswfire ] wrote: mod_bwlimited, mod_php4, mod_log_bytes, mod_frontpage, mod_ssl, mod_setenvif, mod_so, mod_auth, mod_access, mod_rewrite, mod_alias, mod_userdir, mod_actions, mod_imap, mod_asis, mod_cgi, mod_dir, mod_autoindex, mod_include, mod_status, mod_negotiation, mod_mime, mod_log_config, mod_env, http_core Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] Would this work? (mod_rewrite) Date: Wed, 17 Apr 2002 16:55:33 -0500 (CDT) On Wed, 17 Apr 2002, [ rswfire ] wrote: Assume I want *.domain.*/*.* to automatically call index.php (without the user knowing and without any redirecting at all): RewriteEngine on RewriteBase/ RewriteRule*.* index.php [R] I don't know what in the world the [R] is, but it's in almost all of the mod_rewrite examples... :-) RewriteRule * index.php Don't use the [R] - that tells it to create an external redirect. It's used in many of the examples because in many real-world cases people are using rewrite rules to coax invalid URLs into valid ones, and this way there's at least some chance that the bad ones will get updated. miguel _ Send and receive Hotmail on your mobile device: http://mobile.msn.com _ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] save html created by loop in variable
I have a WHILE loop that I am interested in storing the html that is generated based on its results to a variable. This variable would then be echoed later on. Basically the html that is generated from the while loop is a bunch of table cell definitions and some data from the database - this data is manipulated with some IF statements in the loop. So I'd want to store something like this: while ($row=mysql_fetch_array($result)) { ? tr if ($variable==1) { //store on td?=$variable;?/td //store off } if ($variable==2) { //store on td?=$variable;?/td //store off and so on. } /tr ?php } I tried to use something like $store.=td$variable/td; for each time something needs to be displayed but it didn't display anything. Any ideas how I could create such a thing? thanks in advance! :) __ Jason Dulberg -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Using one submit button (long, rambling, near-total rewrite)
Jennifer Downey [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... I have no takers on this one? You would have more help if you didn't glumph a whole whack of code in... it takes five minutes just to sort out what's what. if I have on item it is fine. If I have two items it won't update the first items price but will the second. if I try to enter a price in the first items textbox it doesn't update and then deletes the second item's price. It sounds like you are trying to return multiple values to a single variable - ie, you need to return an array, then iterate through the array to process it. $uid = $row['uid']; $id = $row['id']; $name = $row['name']; $image = $row['image']; $iquantity = $row['quantity']; $itype = $row['type']; $iprice = $row['price']; Look up the documentation on extract() if($update) { $eprice = '$price[]'; $query = UPDATE {$config[prefix]}_shop SET price = '$eprice' where uid = {$session[uid]} AND id = '$id'; $ret = mysql_query($query) or die(mysql_error()); if(isset($update) and is_array($price)) foreach($price as $id = $newval) if ($newval != ) { $query = UPDATE {$config['prefix']}_shop .SET price='$newval' .WHERE uid='{$session['uid']}' AND id='$id' ; mysql_query($query) or die(mysql_error()); } echo TABLE BORDER='0' WIDTH='95%' CELLPADDING='0' CELLSPACING='0'TR; echo TD width=20%img src='$image'/TD; echo TD width=30%font size=2$name/font/TD; echo TD width=20%font size=2CENTER$iquantity/CENTER/font/TD; echo TD width=30%font size=2CENTERa href='$PHP_SELF?id=$idremove=yes'X/a/CENTER/font/TD; echo TD width=30%font size=2CENTERinput type=\text\ value=\\ name=\price[]\ size='8' MAXLENGTH='8'BR/a/CENTER/font/TD; echo /TD/TR/TABLE; echo input=\hidden\ name=\remove\ value=\yes\; } (grin) you realize your column widths add to 130% ? This is not necessarily a problem; rather, I point it out as a symptom of poorly formatted and hard-to-follow code. I often find it useful to write simple table-making functions just so it's easier to follow what's going on... something like // adjustable indentation for prettyprinting define(BEGINTABLE, \n\t); define(ENDTABLE, \n\t); define(BEGINROW, \n\t\t); define(ENDROW, \n\t\t); define(BEGINCELL, \n\t\t\t); define(ENDCELL, ); define(BEGINCONTENTS, ); function makeTable($content, $width=, $border=0) { return BEGINTABLE.table .( $width != ? width='$width' : ) . border='$border' cellspacing='0' cellpadding='0' .$content .ENDTABLE.\table; } function makeRow($content) { return BEGINROW.tr .$content .ENDROW.\tr; } function makeCell($content=, $width=) { return BEGINCELL.td.($width != ? width='$width' : ). .($content != ? $content : nbsp;) .ENDCELL./td; } Then your code turns into // separate out the recurrent formatting $s = div style='font-size: larger; align=center;'; $e = /div; $content = makeRow( makeCell($s.Image.$e,20%) .makeCell($s.Name.$e,30%) .makeCell($s.Quantity.$e,20%) .makeCell($s.Remove Item.$e, 30%) .makeCell($s.Price.$e, 30%) ); // Wow, the odd total here is a lot more obvious! $query = SELECT uid, id, name, image, type, quantity .FROM {$config[prefix]}_shop .WHERE uid = {$session[uid]}; $res = mysql_query($query) or die(mysql_error()); while($row = mysql_fetch_array($res)) { extract($row); $content .= makeRow( makeCell(img src='$image') .makeCell($s.$name.$e) .makeCell($s.$quantity.$e) .makeCell($s.input type='checkbox' .name='rem[$id]' value='true'.$e) .makeCell($s.input type='text' value='' .name='price[$id]' size='8' maxlength='8'.$e) ); } echo \nform .makeTable($content, 95%) .$s .input type='reset' value='Clear form' .input type='submit' name='update' .value='Update And Remove' .$e .\n/form; ... I have changed a few things; for one, instead of removing items singly, I have refit a set of checkboxes, returning an array of selected items for removal. Also, note my use of single-quotes inside the double-quoted strings... I find this much easier to follow, instead of umpteen dozen escaped double-slashes. I hope this is of some use to you. Hugh. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Nasty DoS in PHP
Hello. I have found something interesting that can kill the server. I'm not sure if this is because of Apache or PHP. If you use PHP to send a header() inside of a while loop, the httpd process will begin to use massive CPU and Memory until it is killed, or the server is killed. Here is what I used: ? while(01) { header(A); } ? We have tested this on apache 1.3.22, and apache 2.0.35, using php 4.1.2 and 4.2.0RC4. It was able to completly kill our servers (not apache, the entire server). The loads of the server will reach 50+. I have contacted apache about this and they said that it is PHP related. Dustin E. Childers Security Administrator. CEO, Digitux Security, Inc. http://www.digitux.net/
Re: [PHP] Nasty DoS in PHP
Turn on the memory-limit option On Wed, 17 Apr 2002, Dustin E. Childers wrote: Hello. I have found something interesting that can kill the server. I'm not sure if this is because of Apache or PHP. If you use PHP to send a header() inside of a while loop, the httpd process will begin to use massive CPU and Memory until it is killed, or the server is killed. Here is what I used: ? while(01) { header(A); } ? We have tested this on apache 1.3.22, and apache 2.0.35, using php 4.1.2 and 4.2.0RC4. It was able to completly kill our servers (not apache, the entire server). The loads of the server will reach 50+. I have contacted apache about this and they said that it is PHP related. Dustin E. Childers Security Administrator. CEO, Digitux Security, Inc. http://www.digitux.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] document root
What is the best way, to find out the directory, where web documents stored, on a .nix web server? I need that, because I want to install my application files on customers web server directly and automatically from my web server using ftp. Better to explain; If for example header(Location:www.someweb.com) would be possible, I could do it with getenv(DOCUMENT_ROOT); Thanks in advance, Senih
[PHP] Arranging Data
How would I have a script display results in a table, but make it so that once 3 or 4 results are displayed in one table row, a new table row would be started? Right now I have something like: printf(img src='%s'br,$pic1); And all the records for $pic1 come out into a single column which, if I had many records, could get unwieldy. I'm looking to do something like: print(table); print(tr); printf(tdimg src='%s'/td,$pic1 Where instead of one table row being created with endless td's, the printf() function would print just 3 records, then another 'tr' tag would be printed to start a new row, where printf() could print the next 3 records, and so on. Is this possible? Thanks in advance, Jason -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Registration Form
Hi, I am using registration form with a number of different steps. And if, for instance, the user wants to come back to correct something, I am using the back img button with the link: javascript:history.back(1) I am wondering how many people are actually using the way I do, and if it's reliable at all or not, I mean whether there are browsers wouldn't support returning back and keep the information in the fields. Advice would be greatly appreciated, Thanks, Vlad p.s. probably the best way is to use sessions(?), but I am carrying values through the steps via input type=hidden name=name value=value -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Nasty DoS in PHP
Dustin E. Childers wrote: Hello. I have found something interesting that can kill the server. I'm not sure if this is because of Apache or PHP. If you use PHP to send a header() inside of a while loop, the httpd process will begin to use massive CPU and Memory until it is killed, or the server is killed. Here is what I used: ? while(01) { header(A); } ? We have tested this on apache 1.3.22, and apache 2.0.35, using php 4.1.2 and 4.2.0RC4. It was able to completly kill our servers (not apache, the entire server). The loads of the server will reach 50+. I have contacted apache about this and they said that it is PHP related. Did you have output buffering on or off? It seems that it would be somewhat dependant on the browser as well, but maybe I'm offbase here. If you just kept letting while(01) { echo w; } run as well, wouldn't that also lock things up? Aren't infinite loops in general a bad thing? Or is there something particular about the header() that you're thinking is going on? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] mod_rewrite (the solution)
RewriteEngine on RewriteBase/ RewriteRule$.* index.php Original Message Follows From: SHEETS,JASON (Non-HP-Boise,ex1) [EMAIL PROTECTED] To: '[ rswfire ]' [EMAIL PROTECTED], [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: RE: [PHP] Would this work? (mod_rewrite) Date: Wed, 17 Apr 2002 18:29:25 -0400 And I fall victim to my own stupidity/cache again. You actually want RewriteEngine on RewriteBase / RewriteRule ^$ index.php This works for me on my domain, you can check it out by going to http://demo.shadotechdesigns.com and http://bug.shadonet.com Jason -Original Message- From: [ rswfire ] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 17, 2002 4:20 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: [PHP] Would this work? (mod_rewrite) This rewrite thing will actually be very good for me; my error log file will stop having a million file not found errors :-) I have to tell you guys, I love JTL Networks. They are the best host I have ever had ever! Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] Would this work? (mod_rewrite) Date: Wed, 17 Apr 2002 17:14:13 -0500 (CDT) Do you have access to your server's error_log file? With any luck there'll be a more informative message there (something like Miguel was too lazy to pay sufficient attention to the following Rewrite caveat: xxx). miguel On Wed, 17 Apr 2002, [ rswfire ] wrote: mod_bwlimited, mod_php4, mod_log_bytes, mod_frontpage, mod_ssl, mod_setenvif, mod_so, mod_auth, mod_access, mod_rewrite, mod_alias, mod_userdir, mod_actions, mod_imap, mod_asis, mod_cgi, mod_dir, mod_autoindex, mod_include, mod_status, mod_negotiation, mod_mime, mod_log_config, mod_env, http_core Original Message Follows From: Miguel Cruz [EMAIL PROTECTED] To: [ rswfire ] [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] Would this work? (mod_rewrite) Date: Wed, 17 Apr 2002 16:55:33 -0500 (CDT) On Wed, 17 Apr 2002, [ rswfire ] wrote: Assume I want *.domain.*/*.* to automatically call index.php (without the user knowing and without any redirecting at all): RewriteEngine on RewriteBase/ RewriteRule*.* index.php [R] I don't know what in the world the [R] is, but it's in almost all of the mod_rewrite examples... :-) RewriteRule * index.php Don't use the [R] - that tells it to create an external redirect. It's used in many of the examples because in many real-world cases people are using rewrite rules to coax invalid URLs into valid ones, and this way there's at least some chance that the bad ones will get updated. miguel _ Send and receive Hotmail on your mobile device: http://mobile.msn.com _ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ Send and receive Hotmail on your mobile device: http://mobile.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Would this work? (mod_rewrite)
In article [EMAIL PROTECTED], [EMAIL PROTECTED] wrote: But now I am receiving a 404 error message and the following message in my error log: [Wed Apr 17 18:31:26 2002] [error] [client 172.131.190.148] File does not exist: /home/swiften/public_html/404.shtml [Wed Apr 17 18:31:26 2002] [error] [client 172.131.190.148] File does not exist: /home/swiften/public_html/technicians.html The 404.shtml thing has to do with my ISP. I think that one's out of my control; so is there a work around so it does not try to find that file?? ErrorDocument directive http://httpd.apache.org/docs/mod/core.html#errordocument. -- CC -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: mod_rewrite (the solution)
In article [EMAIL PROTECTED], [EMAIL PROTECTED] wrote: RewriteEngine on RewriteBase/ RewriteRule$.* index.php RewriteRule takes a regular expression as its first parameter http://httpd.apache.org/docs/mod/mod_rewrite.html#RewriteRule. The $ regex meta-character is an end-of-line marker. It has no special meaning at the beginning of a pattern. If you want a pattern that matches anything including nothing, use: RewriteRule ^.*$ index.php -- CC -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php