php-general Digest 18 Jun 2008 07:35:20 -0000 Issue 5520
php-general Digest 18 Jun 2008 07:35:20 - Issue 5520 Topics (messages 275493 through 275509): Re: mkdir() Cannot Create Directories 275493 by: Daniel Brown 275494 by: David Giragosian 275495 by: Wei, Alice J. 275496 by: Nitsan Bin-Nun CAD file decoding 275497 by: Lester Caine Re: How to prevent DoS on PHP script? 275498 by: Stut Re: substr? 275499 by: Jim Lucas Re: Search like php.net's URL thingy 275500 by: Jon Drukman 275501 by: Jon Drukman 275502 by: Richard Heyes 275504 by: Ryan S 275509 by: Iv Ray Re: Kindla 0T, but here goes... 275503 by: Ryan S Password Protecting a page and email notification 275505 by: R.C. 275506 by: Jon Drukman 275507 by: Philip Thompson 275508 by: Philip Thompson Administrivia: To subscribe to the digest, e-mail: [EMAIL PROTECTED] To unsubscribe from the digest, e-mail: [EMAIL PROTECTED] To post to the list, e-mail: [EMAIL PROTECTED] -- ---BeginMessage--- On Tue, Jun 17, 2008 at 2:43 PM, Wei, Alice J. [EMAIL PROTECTED] wrote: Hi, [snip!] This is my PHP code: mkdir(C:/Inetpub/wwwroot/TPU/test/$id, 0755) or die (pCannot create directory C:/Inetpub/wwwroot/TPU/test/$id/p); What is strange is that I don't get permission denied errors, but I still cannot create the directories. Can anyone provide me some tips on why I am getting these errors? Does 'C:\Inetpub\wwwroot\TPU\test\' exist on the server, and is it writable? Maybe you're just missing a directory up to that point (such as 'test'), or maybe it's not on your C:\ drive. -- /Daniel P. Brown Dedicated Servers - Intel 2.4GHz w/2TB bandwidth/mo. starting at just $59.99/mo. with no contract! Dedicated servers, VPS, and hosting from $2.50/mo. ---End Message--- ---BeginMessage--- On 6/17/08, Daniel Brown [EMAIL PROTECTED] wrote: On Tue, Jun 17, 2008 at 2:43 PM, Wei, Alice J. [EMAIL PROTECTED] wrote: Hi, [snip!] This is my PHP code: mkdir(C:/Inetpub/wwwroot/TPU/test/$id, 0755) or die (pCannot create directory C:/Inetpub/wwwroot/TPU/test/$id/p); What is strange is that I don't get permission denied errors, but I still cannot create the directories. Can anyone provide me some tips on why I am getting these errors? Does 'C:\Inetpub\wwwroot\TPU\test\' exist on the server, and is it writable? Maybe you're just missing a directory up to that point (such as 'test'), or maybe it's not on your C:\ drive. Alice, that's a default IIS path to the web root, so I assume you _might_ be using IIS. Maybe the IIS manager is locking you out somehow. --David. ---End Message--- ---BeginMessage--- Hi, Daniel: Thanks, I didn't realize that is the only problem. It sure is working pretty good now. One question, why didn't I get Permission Denied when I tried to do it before the execution permissions were set properly? Alice == Alice Wei MIS 2009 School of Library and Information Science Indiana University Bloomington [EMAIL PROTECTED] From: Daniel Brown [EMAIL PROTECTED] Sent: Tuesday, June 17, 2008 2:54 PM To: Wei, Alice J. Cc: [EMAIL PROTECTED] Subject: Re: [PHP] mkdir() Cannot Create Directories On Tue, Jun 17, 2008 at 2:43 PM, Wei, Alice J. [EMAIL PROTECTED] wrote: Hi, [snip!] This is my PHP code: mkdir(C:/Inetpub/wwwroot/TPU/test/$id, 0755) or die (pCannot create directory C:/Inetpub/wwwroot/TPU/test/$id/p); What is strange is that I don't get permission denied errors, but I still cannot create the directories. Can anyone provide me some tips on why I am getting these errors? Does 'C:\Inetpub\wwwroot\TPU\test\' exist on the server, and is it writable? Maybe you're just missing a directory up to that point (such as 'test'), or maybe it's not on your C:\ drive. -- /Daniel P. Brown Dedicated Servers - Intel 2.4GHz w/2TB bandwidth/mo. starting at just $59.99/mo. with no contract! Dedicated servers, VPS, and hosting from $2.50/mo. ---End Message--- ---BeginMessage--- As far as I remember, when I was on shared windows I had something similar (no access to upload/create folders), the tech guy at the company i was hosting at changed something in my privileges and it solved it. You may have no creating privileges. On 17/06/2008, Wei, Alice J. [EMAIL PROTECTED] wrote: Hi, I have a code here that I am intending to create new directories by creating a parent and then proceed on to create the children one by one. I am trying to create directories in the server I am running my script from as shown in the snippet below. My problem is that although the code seems to be accurate, it keeps telling me that I cannot create the directories with the following error message: Cannot create directory C:/Inetpub/wwwroot/TPU/test/2 This
php-general Digest 18 Jun 2008 20:35:30 -0000 Issue 5521
php-general Digest 18 Jun 2008 20:35:30 - Issue 5521
Topics (messages 275510 through 275537):
Re: substr?
275510 by: Frank Arensmeier
275515 by: Peter Ford
275523 by: Jim Lucas
phpinfo shows wrong value of post_max_size
275511 by: Yi Wang
275513 by: Pavel
Re: Search like php.net's URL thingy
275512 by: Philip Olson
275529 by: Nate Tallman
275536 by: Jon Drukman
Re: CAD file decoding
275514 by: Iv Ray
275537 by: Lester Caine
climb up the path
275516 by: Iv Ray
275517 by: James Dempster
275518 by: Iv Ray
275519 by: Stut
275524 by: Jim Lucas
275530 by: Iv Ray
275531 by: Iv Ray
275534 by: Jim Lucas
275535 by: Richard Heyes
Re: conversion of unicode characters into utf-8
275520 by: tedd
Re: How to prevent DoS on PHP script?
275521 by: Philip Thompson
275525 by: Michelle Konzack
275526 by: Michelle Konzack
275532 by: Jim Lucas
275533 by: Daniel Brown
Online Job Available
275522 by: Brock Diegel
Re: Boa Webserver and PHP5
275527 by: Michelle Konzack
Re: Strategy to protect images
275528 by: Michelle Konzack
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
--
---BeginMessage---
17 jun 2008 kl. 22.14 skrev Jim Lucas:
Jason Pruim wrote:
Hi everyone,
I am attempting to adopt some code to work more reliably then how
it is now...
What I am doing is coding a upload form where people could be
uploading .zip files in excess of 200 MB... Yes I know that is
large, but it's for a print shop and they get HUGE files to print
from.
The code I'm having issues with is this:
$filename = $_FILES['userfile']['name']; // Get the name of
the file (including file extension).
$ext = substr($filename, strpos($filename,'.'), strlen
($filename)-1); // Get the extension from the filename.
All I want to do is grab the file extension and verify that it is
a .zip or a .pdf etc. file. This is working for small files (under
a few megs) but for some reason it fails when I get bigger. I have
increased the allowed memory size to 50 MB's I'm testing with a 44
MB file right now.
When it fails, it says the file type is not allowed even though it
is listed in the file type array.
Hopefully I have given you enough to go on to at least ask me some
questions :)
--
Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424-9337
www.raoset.com
[EMAIL PROTECTED]
Looking at what I think you are trying to do, how about this?
?php
if ( isset( $_FILES ) ) {
foreach ( $_FILES AS $file )
$filename = $file['name'];
list($ext) = array_reverse(explode('.', $filename));
$allowed_ext = array('zip', 'pdf');
if ( in_array($ext, $allowed_ext) ) {
// Correct extension; do what ever
} else {
// Incorrect extension; do nothing
}
}
}
?
I am somewhat surprised that all code suggestions are rather
complicated in my opinion. What is wrong with 'pathinfo'?
if ( !isset( $_FILES['userfile']['name'] ) ) {
echo No file has been uploaded;
} else {
$allowed_extensions = array( zip, pdf, ai, html );
$file_info = pathinfo( $_FILES['userfile']['name'] );
if ( in_array( strtolower( $file_info['extension'] ),
$allowed_extensions ) ) {
echo File has a valid extension;
} else {
// do something else
}
}
// frank
--
Jim Lucas
Some men are born to greatness, some achieve greatness,
and some have greatness thrust upon them.
Twelfth Night, Act II, Scene V
by William Shakespeare
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
---End Message---
---BeginMessage---
Frank Arensmeier wrote:
17 jun 2008 kl. 22.14 skrev Jim Lucas:
Jason Pruim wrote:
Hi everyone,
I am attempting to adopt some code to work more reliably then how it
is now...
What I am doing is coding a upload form where people could be
uploading .zip files in excess of 200 MB... Yes I know that is large,
but it's for a print shop and they get HUGE files to print from.
The code I'm having issues with is this:
$filename = $_FILES['userfile']['name']; // Get the name of the
file (including file extension).
$ext = substr($filename, strpos($filename,'.'),
strlen($filename)-1); // Get the extension from the filename.
All I want to do is grab the file extension and verify that it is a
.zip or a .pdf etc. file. This is working for small files (under a
few megs) but for some reason it fails when I get bigger. I have
increased the allowed memory size to 50 MB's I'm testing with a 44 MB
file
Re: [PHP] Re: Search like php.net's URL thingy
Ryan S wrote: Thanks for replying m8, but if you check the rest of the thread you will see this has alraedy been solved and the result is http://ezee.se/ezeeurl.php?do=1 Cheers! Ryan How do you protect this thing from being spammed? I do not know why somebody would spam it, but I have had all kind of forms being spammed - it seem there are people out there who find immense pleasure in spamming forms, regardless of the result. Iv -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] substr?
17 jun 2008 kl. 22.14 skrev Jim Lucas:
Jason Pruim wrote:
Hi everyone,
I am attempting to adopt some code to work more reliably then how
it is now...
What I am doing is coding a upload form where people could be
uploading .zip files in excess of 200 MB... Yes I know that is
large, but it's for a print shop and they get HUGE files to print
from.
The code I'm having issues with is this:
$filename = $_FILES['userfile']['name']; // Get the name of
the file (including file extension).
$ext = substr($filename, strpos($filename,'.'), strlen
($filename)-1); // Get the extension from the filename.
All I want to do is grab the file extension and verify that it is
a .zip or a .pdf etc. file. This is working for small files (under
a few megs) but for some reason it fails when I get bigger. I have
increased the allowed memory size to 50 MB's I'm testing with a 44
MB file right now.
When it fails, it says the file type is not allowed even though it
is listed in the file type array.
Hopefully I have given you enough to go on to at least ask me some
questions :)
--
Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424-9337
www.raoset.com
[EMAIL PROTECTED]
Looking at what I think you are trying to do, how about this?
?php
if ( isset( $_FILES ) ) {
foreach ( $_FILES AS $file )
$filename = $file['name'];
list($ext) = array_reverse(explode('.', $filename));
$allowed_ext = array('zip', 'pdf');
if ( in_array($ext, $allowed_ext) ) {
// Correct extension; do what ever
} else {
// Incorrect extension; do nothing
}
}
}
?
I am somewhat surprised that all code suggestions are rather
complicated in my opinion. What is wrong with 'pathinfo'?
if ( !isset( $_FILES['userfile']['name'] ) ) {
echo No file has been uploaded;
} else {
$allowed_extensions = array( zip, pdf, ai, html );
$file_info = pathinfo( $_FILES['userfile']['name'] );
if ( in_array( strtolower( $file_info['extension'] ),
$allowed_extensions ) ) {
echo File has a valid extension;
} else {
// do something else
}
}
// frank
--
Jim Lucas
Some men are born to greatness, some achieve greatness,
and some have greatness thrust upon them.
Twelfth Night, Act II, Scene V
by William Shakespeare
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] phpinfo shows wrong value of post_max_size
Hi, These day I'm working around large file uploading. php runs on the windows server 2003. I changed the post_max_size value in the registry. Then phpinfo reports the value changed from 8M to 200M (local value. Master value stayed still 8M.). I think phpinfo should report that value as 8M, not 200M. So does ini_get. -- Regards, Wang Yi -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Search like php.net's URL thingy
Why is an ErrorDocument insufficient or not the elegant way?
It accomplishes the goal in a clean way, no?
It's *WRONG*. ErrorDocument still preserves the 404 error code, it just
gives it a prettier face. If the page really is there, returning a 404 for
it is not correct. Search engines will not index it. You probably don't
want that.
You may set it... so for example:
header('HTTP/1.1 200 OK');
Regards,
Philip
Re: [PHP] phpinfo shows wrong value of post_max_size
В сообщении от Wednesday 18 June 2008 14:25:35 Yi Wang написал(а): Hi, These day I'm working around large file uploading. php runs on the windows server 2003. I changed the post_max_size value in the registry. Then phpinfo reports the value changed from 8M to 200M (local value. Master value stayed still 8M.). I think phpinfo should report that value as 8M, not 200M. So does ini_get. -- Regards, Wang Yi restart your IIS server :) -- === С уважением, Манылов Павел aka [R-k] icq: 949-388-0 mailto:[EMAIL PROTECTED] === А ещё говорят так: В результате упорных тренировок гимнаст Петров стал в совершенстве владеть своим телом. И теперь другие тела ему до лампочки. [fortune]
Re: [PHP] CAD file decoding
Lester Caine wrote: Has anybody seen any software that could be used with PHP to extract the preview pictures from CAD files such as DXF and the like. I'm looking to keep thumbnails of the drawings in much the same was as we generate thumbnails of images. So I can display a list of previews before downloading the whole file. It seems DXF files can be accessed with JavaScript. This sounds a bit peculiar to me, how big are these files? Iv -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] substr?
Frank Arensmeier wrote:
17 jun 2008 kl. 22.14 skrev Jim Lucas:
Jason Pruim wrote:
Hi everyone,
I am attempting to adopt some code to work more reliably then how it
is now...
What I am doing is coding a upload form where people could be
uploading .zip files in excess of 200 MB... Yes I know that is large,
but it's for a print shop and they get HUGE files to print from.
The code I'm having issues with is this:
$filename = $_FILES['userfile']['name']; // Get the name of the
file (including file extension).
$ext = substr($filename, strpos($filename,'.'),
strlen($filename)-1); // Get the extension from the filename.
All I want to do is grab the file extension and verify that it is a
.zip or a .pdf etc. file. This is working for small files (under a
few megs) but for some reason it fails when I get bigger. I have
increased the allowed memory size to 50 MB's I'm testing with a 44 MB
file right now.
When it fails, it says the file type is not allowed even though it is
listed in the file type array.
Hopefully I have given you enough to go on to at least ask me some
questions :)
--
Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424-9337
www.raoset.com
[EMAIL PROTECTED]
Looking at what I think you are trying to do, how about this?
?php
if ( isset( $_FILES ) ) {
foreach ( $_FILES AS $file )
$filename = $file['name'];
list($ext) = array_reverse(explode('.', $filename));
$allowed_ext = array('zip', 'pdf');
if ( in_array($ext, $allowed_ext) ) {
// Correct extension; do what ever
} else {
// Incorrect extension; do nothing
}
}
}
?
I am somewhat surprised that all code suggestions are rather complicated
in my opinion. What is wrong with 'pathinfo'?
if ( !isset( $_FILES['userfile']['name'] ) ) {
echo No file has been uploaded;
} else {
$allowed_extensions = array( zip, pdf, ai, html );
$file_info = pathinfo( $_FILES['userfile']['name'] );
if ( in_array( strtolower( $file_info['extension'] ),
$allowed_extensions ) ) {
echo File has a valid extension;
} else {
// do something else
}
}
// frank
Two points here:
Firstyl, as someone has already indicated, the file will be uploaded before the
PHP script runs, so the end user will have to wait for his junk to get through
the internet before (s)he is told it is junk. Is that what you want?
Secondly, using the file extension to determine file type is a very poor idea
and open to abuse. If you have the file (which you do, 'cos it's been uploaded
before your script runs) then you should do a bit more checking before accepting
it. The Unix/Linux file command can help here. Not perfect, but still...
You could also Virus-scan the file before accepting it. All depends on whether
your customer is prepared to wait while you clear his upload.
Cheers
Pete
--
Peter Ford phone: 01580 89
Developer fax: 01580 893399
Justcroft International Ltd., Staplehurst, Kent
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] climb up the path
hi all, i need a way to get the path to the parent folder of the folder i am in. one dirty way i found is this - require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . .. . DIRECTORY_SEPARATOR . config.php); i can also explode() and reassemble all folders except the last, but this looks also dirty... is there a direct way? iv -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] climb up the path
Personally I use. ?php require_once(dirname(dirname(__FILE__)).'/config.php'); I think it's what most people do. /James Dempster On Wed, Jun 18, 2008 at 1:31 PM, Iv Ray [EMAIL PROTECTED] wrote: hi all, i need a way to get the path to the parent folder of the folder i am in. one dirty way i found is this - require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . .. . DIRECTORY_SEPARATOR . config.php); i can also explode() and reassemble all folders except the last, but this looks also dirty... is there a direct way? iv -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] climb up the path
James Dempster wrote: Personally I use. ?php require_once(dirname(dirname(__FILE__)).'/config.php'); I think it's what most people do. A... very interesting, thanks. To get the path only I did this - $path = dirname(__FILE__); $parts= explode(DIRECTORY_SEPARATOR, $path); array_pop($parts); $INSTALL_PATH = implode(DIRECTORY_SEPARATOR, $parts); It's kind of long... If somebody has a better idea, I would be glad to hear. Iv -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] climb up the path
On 18 Jun 2008, at 13:57, Iv Ray wrote: James Dempster wrote: Personally I use. ?php require_once(dirname(dirname(__FILE__)).'/config.php'); I think it's what most people do. A... very interesting, thanks. To get the path only I did this - $path = dirname(__FILE__); $parts= explode(DIRECTORY_SEPARATOR, $path); array_pop($parts); $INSTALL_PATH = implode(DIRECTORY_SEPARATOR, $parts); It's kind of long... If somebody has a better idea, I would be glad to hear. $path = dirname(dirname(__FILE__)); That will get you the parent directory. -Stut -- http://stut.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] conversion of unicode characters into utf-8
At 10:26 PM -0700 6/16/08, valsaraj wrote: Hi, I am using code $val = htmlentities($val, ENT_QUOTES, UTF-8); but it's not working in version 5.2.0. Is there any additional configuration needed for this. it's working well in 5.2.2. Could you please help me??? -- Here's a good article on the subject, with code! http://randomchaos.com/documents/?source=php_and_unicode Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: How to prevent DoS on PHP script?
On Jun 17, 2008, at 9:22 AM, Michelle Konzack wrote: Am 2008-06-16 12:02:27, schrieb Per Jessen: Check client IP-addresses? And then? I am DoS'ed from several 1000 IPs and since legitim uploaders are mostly on dynamic IPs I can not block by IP. OK, last Saturday I have installed a COOKIE which worked for the weekend but today morning the DoS'er have solved this problem too. This mean, there are one or more crackers targeting my system directly. OK, even if I use heavyly PHP, my system was never hacked since it is up (Juni 2000) but now I am ongoing to be militant if I catch one of those pigs... They're attacking you b/c they've read your previous posts to this list about blocking javascript, so they're just testing you. If I were you, I'd consider it to be a privilege that you're getting DoS'd. =P /\/\y t00 s1nce, ~Phil Thanks, Greetings and nice Day/Evening Michelle Konzack Systemadministrator 24V Electronic Engineer Tamay Dogan Network Debian GNU/Linux Consultant -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ # Debian GNU/Linux Consultant # Michelle Konzack Apt. 917 ICQ #328449886 +49/177/935194750, rue de Soultz MSN LinuxMichi +33/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com) Personally, most of my web applications do not have to factor 13.7 billion years of space drift in to the calculations, so PHP's rand function has been great for me... ~S. Johnson -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] substr?
Peter Ford wrote:
Frank Arensmeier wrote:
17 jun 2008 kl. 22.14 skrev Jim Lucas:
Jason Pruim wrote:
Hi everyone,
I am attempting to adopt some code to work more reliably then how it
is now...
What I am doing is coding a upload form where people could be
uploading .zip files in excess of 200 MB... Yes I know that is
large, but it's for a print shop and they get HUGE files to print from.
The code I'm having issues with is this:
$filename = $_FILES['userfile']['name']; // Get the name of the
file (including file extension).
$ext = substr($filename, strpos($filename,'.'),
strlen($filename)-1); // Get the extension from the filename.
All I want to do is grab the file extension and verify that it is a
.zip or a .pdf etc. file. This is working for small files (under a
few megs) but for some reason it fails when I get bigger. I have
increased the allowed memory size to 50 MB's I'm testing with a 44
MB file right now.
When it fails, it says the file type is not allowed even though it
is listed in the file type array.
Hopefully I have given you enough to go on to at least ask me some
questions :)
--
Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424-9337
www.raoset.com
[EMAIL PROTECTED]
Looking at what I think you are trying to do, how about this?
?php
if ( isset( $_FILES ) ) {
foreach ( $_FILES AS $file )
$filename = $file['name'];
list($ext) = array_reverse(explode('.', $filename));
$allowed_ext = array('zip', 'pdf');
if ( in_array($ext, $allowed_ext) ) {
// Correct extension; do what ever
} else {
// Incorrect extension; do nothing
}
}
}
?
I am somewhat surprised that all code suggestions are rather
complicated in my opinion. What is wrong with 'pathinfo'?
if ( !isset( $_FILES['userfile']['name'] ) ) {
echo No file has been uploaded;
} else {
$allowed_extensions = array( zip, pdf, ai, html );
$file_info = pathinfo( $_FILES['userfile']['name'] );
if ( in_array( strtolower( $file_info['extension'] ),
$allowed_extensions ) ) {
echo File has a valid extension;
} else {
// do something else
}
}
// frank
Two points here:
Firstyl, as someone has already indicated, the file will be uploaded
before the PHP script runs, so the end user will have to wait for his
junk to get through the internet before (s)he is told it is junk. Is
that what you want?
Secondly, using the file extension to determine file type is a very poor
idea and open to abuse. If you have the file (which you do, 'cos it's
been uploaded before your script runs) then you should do a bit more
checking before accepting it. The Unix/Linux file command can help
here. Not perfect, but still...
You could also Virus-scan the file before accepting it. All depends on
whether your customer is prepared to wait while you clear his upload.
Cheers
Pete
I think that you have the wrong person here. That was a different thread/person
talking about preventing DoS'ing attacks. Not Jason.
--
Jim Lucas
Some men are born to greatness, some achieve greatness,
and some have greatness thrust upon them.
Twelfth Night, Act II, Scene V
by William Shakespeare
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] climb up the path
Stut wrote: On 18 Jun 2008, at 13:57, Iv Ray wrote: James Dempster wrote: Personally I use. ?php require_once(dirname(dirname(__FILE__)).'/config.php'); I think it's what most people do. A... very interesting, thanks. To get the path only I did this - $path = dirname(__FILE__); $parts= explode(DIRECTORY_SEPARATOR, $path); array_pop($parts); $INSTALL_PATH = implode(DIRECTORY_SEPARATOR, $parts); It's kind of long... If somebody has a better idea, I would be glad to hear. $path = dirname(dirname(__FILE__)); That will get you the parent directory. -Stut Iv, tell me why you are wanting to do this? If it is the reason I think it is, I can give you a better way to accomplish this. -- Jim Lucas Some men are born to greatness, some achieve greatness, and some have greatness thrust upon them. Twelfth Night, Act II, Scene V by William Shakespeare -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: How to prevent DoS on PHP script?
Hello Nitsan and Andrew, Am 2008-06-16 13:20:14, schrieb Andrew Ballard: On Mon, Jun 16, 2008 at 1:01 PM, Nitsan Bin-Nun [EMAIL PROTECTED] wrote: I think you can handle this with 2 pages, the first is checking whether the user is permitted to upload or not and if so passing him to the upload form with a simple (bool) $_SESSION variable which indicates his permissions. If you will try to access the second page and the $_SESS variable won't exist it will throw you back to page 1 to validate your permissions. Am I missing something? (its pretty simple..) HTH Yes, it's missing something. There is nothing in this approach to prevent the remote client from attempting to access the second page directly. Even if they do not have the valid $_SESSION variable set, the server will still receive the entire uploaded content before passing control to the PHP script to validate permissions. In a DoS attack, the attacker doesn't care whether the request is actually allowed; only that resources were consumed in handling the request. It's still the chicken and egg problem already described in this thread. OK I was thinking about it but IF a $UPLOADER go to http://domain/index.php and then click the link http://domain/mirror_admin.php which set a cookie and then the $UPLOADER must click a link where he/she get the page http://domain/mirror_upload.php before the page is displayed, PHP could check the cookie right? If the cookie is valid, it show the Form, if not the potential Uploader get a long nose. Thanks, Greetings and nice Day/Evening Michelle Konzack Systemadministrator 24V Electronic Engineer Tamay Dogan Network Debian GNU/Linux Consultant -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ # Debian GNU/Linux Consultant # Michelle Konzack Apt. 917 ICQ #328449886 +49/177/935194750, rue de Soultz MSN LinuxMichi +33/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com) signature.pgp Description: Digital signature
[PHP] Re: How to prevent DoS on PHP script?
Am 2008-06-16 19:24:25, schrieb Wolf:
There's a number of things you can try, depending on what EXACTLY they
are doing.
If they are uploading things to your server which they then reference,
it is a simple apache configuration that you could do. For instance,
you can upload fine to my server, but once it is there, the system knows
nothing about it. You can see the file all day long, but nothing is
going to allow it to get served back to you.
Since the script allow only files like
PACKAGE_NAME_X.Y.Z.orig.tar.gz
plus
PACKAGE_NAME_X.Y.Z-N.diff.gz
PACKAGE_NAME_X.Y.Z-N.desc
PACKAGE_NAME_X.Y.Z-N.changes
and then many
PACKAGE_NAME_X.Y.Z-N_ARCH.deb
So, you can see, it is an upload script for a private Debian mirror. So
the thing with the fileupload is AFTER the upload solved, since ANY non
Debian Source/Binary Packages are droped AFTER download. But as someone
has already mentioned, PHP can only check this AFTER the upload where
the DoS already happened..
If they are continuing to load the page, implement a simple login and
page check for that specific page. Sure, apache loads the page, but
For now, I will go the way over two/three pages like
index.php - mirror_admin.php - mirror_upload.php
set a check the
session cookie session cookie
OK, on my server those three scripts are the same since I have ONLY a
index.php on my server and the rest is done by PHP but this should be
no problem.
that's done PDQ instead of letting them upload a file first. If the
login works, great, give them the upload form, otherwise error them out.
You could snag the IP address, browser type, other information and
store it all in a DB, then do a quick check to see if the IP matches,
followed by a browser and whatnot. It's overkill, but you should also
see HOW they are doing it as well, and you could implement the block to
work on a number of factors.
If they are uploading to just stall you out, talk to the ISP and let
them know you are getting DDOS and get their network admins involved.
Currently I have gotten arround 3000 uploads in the last 3 weeks and my
ISP allow me only 100 GByte traffic which mean, if the Uploads increase
I will run into troubles.
You could change the filename, but maybe that's too simple a suggestion?
If it is for your personal use, rename the upload page to
Michelles_dumb_upload_script.php or even have a cron job that randomly
changes the name of the file and emails you the new name when it is done.
Using a simple md5sum name which is generated by foo${date}bar would
do it nicely... and screw up crackers and script kiddies...
OH, and check your email sending server for dates and such. According
to the headers, you sent the email this morning. But according to the
dates on the sent email, you sent it on the 13th at 4:21 PM which is
about 2 days and 15 hours and 32 minutes before you actually did.
Where I live, I have NO phone line and NO internet connection so I am
forced to write Off-Line and then in the afternooon/evening I go into
the Internet Cafee and send my stuff...
Note: I have problems, geting my Nokia 6120 classic and my
Merlin U630 runing, which would solv my E-Mail problem.
Thanks, Greetings and nice Day/Evening
Michelle Konzack
Systemadministrator
24V Electronic Engineer
Tamay Dogan Network
Debian GNU/Linux Consultant
--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
# Debian GNU/Linux Consultant #
Michelle Konzack Apt. 917 ICQ #328449886
+49/177/935194750, rue de Soultz MSN LinuxMichi
+33/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com)
signature.pgp
Description: Digital signature
[PHP] Re: Strategy to protect images
Am 2008-06-15 14:07:14, schrieb tedd: At 4:11 PM +0100 6/15/08, Richard Heyes wrote: But, a sophisticated user will find a way around that. A less sophisticated one will use the PrintScr key... :-) Must be a windozes thing. :-) It works on ny Debian GNU/Linux Sarge with Fvwm too. [ '~/.fvwm/PROF_default/keys' ]- Key Print A A Exec /bin/bash -c 'xwd -root |xwdtopnm |pnmtojpeg --quality 100 ~/dumps/`date +%Y%m%d%H%M%S`.jpg' Thanks, Greetings and nice Day/Evening Michelle Konzack Systemadministrator 24V Electronic Engineer Tamay Dogan Network Debian GNU/Linux Consultant -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ # Debian GNU/Linux Consultant # Michelle Konzack Apt. 917 ICQ #328449886 +49/177/935194750, rue de Soultz MSN LinuxMichi +33/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com) signature.pgp Description: Digital signature
[PHP] Re: Boa Webserver and PHP5
Am 2008-06-16 10:05:00, schrieb Daniel Brown: On Sat, Jun 14, 2008 at 11:12 AM, Michelle Konzack [EMAIL PROTECTED] wrote: * Do not Cc: me, because I READ THIS LIST, if I write here * *Keine Cc: am mich, ich LESE DIESE LISTE wenn ich hier schreibe* Keep in mind two things: 1.) Reply-all automatically includes you, where a simple Reply does not include the list. 2.) Not every person to write to the list is a subscriber, so Reply-all is the best option. If you're getting overloaded, check your email client settings and filters. The problem is NOT there, but peoples like to put me into the Bcc: and those messages show up in my mailfolders long time before the List- Message comes back since it is faster. Now getting such messages mean to me I get a PM and reply with PM, but this message was qribinaly indeed to go to the list, which mean I have to write the message twice or lost contents. And of course, HOW can a NON-SUBSCRIBER post to THIS list? for 5 weeks I have changed my E-Mail from my ancien ISP domain freenet.de to my own NEW domain tamay-dogan.net and tried to post while not subscribed with the NEW E-Mail and my post was immediatly rejected as submission by non subscriber. It seems, this is the reson WHY this list is spamfree and I can download my PHP folder without pipeing each message through spamassassin, clamav, checking with zen.spamhaus.org and 4.000 lines of procmail scripts... Same for postgresql.org. OK, the Debian Mailinglists have heavy filters now, but however, I get per day arround 100-400 spams over it which are catched to 99% by my filters... Such actions are eating resources! (CPU and maintain time) since my small Laptop (TP570) can not handel the Dino of apache2, I am running the light webserver boa und Debian/Sarge. Question: Can anyone tell me HOW to get PHP5 running with it? RTFM: http://www.boa.org/documentation/boa-2.html#ss2.3 I have done this and I get every time a ---[ STDIN ] The file index.php is of type application/x-httpd-php, and Mozilla does not know how to handle this file type. This file is located at: http://tp570.private.tamay-dogan.net Just like Apache's httpd.conf, you add an AddType directive. Compile PHP into a static, standalone (non-modular, non-ASPX) binary and add the binary as an extension. I have read it, but can it be, that there is a problem with PHP in the Debian GNU/Linux Distribution? (Etch and Sarge) Thanks, Greetings and nice Day/Evening Michelle Konzack Systemadministrator 24V Electronic Engineer Tamay Dogan Network Debian GNU/Linux Consultant -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ # Debian GNU/Linux Consultant # Michelle Konzack Apt. 917 ICQ #328449886 +49/177/935194750, rue de Soultz MSN LinuxMichi +33/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com) signature.pgp Description: Digital signature
Re: [PHP] Re: Search like php.net's URL thingy
On Tue, Jun 17, 2008 at 3:22 PM, Jon Drukman [EMAIL PROTECTED] wrote: Nate Tallman wrote: Why is an ErrorDocument insufficient or not the elegant way? It accomplishes the goal in a clean way, no? It's *WRONG*. ErrorDocument still preserves the 404 error code, it just gives it a prettier face. If the page really is there, returning a 404 for it is not correct. Search engines will not index it. You probably don't want that. Not to beat a dead horse, but why would you *not* want to preserve the 404? If it's a bad url anyways, you probably *want* to return a 404 (albeit prettier) and you probably *don't* want search engines indexing it.
Re: [PHP] climb up the path
Stut wrote: $path = dirname(dirname(__FILE__)); That will get you the parent directory. -Stut A,... right! - me and my limited thinking... - dirname() gives the parent of a file AND of a directory, right. Thanks, Iv -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] climb up the path
Jim Lucas wrote: Iv, tell me why you are wanting to do this? If it is the reason I think it is, I can give you a better way to accomplish this. I have the source and a configuration file, which I want outside the source - it is different from server to server. The easiest is to have the configuration file one folder up. In the same time I want the source to work wherever it is placed. So the source sees where it is, and climbs one directory up to read the configuration specific for this installation. I do not want to use ignore in the repository, in order to prevent the configuration file from being overwritten. Iv -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: How to prevent DoS on PHP script?
Michelle Konzack wrote: Hello Nitsan and Andrew, Am 2008-06-16 13:20:14, schrieb Andrew Ballard: On Mon, Jun 16, 2008 at 1:01 PM, Nitsan Bin-Nun [EMAIL PROTECTED] wrote: I think you can handle this with 2 pages, the first is checking whether the user is permitted to upload or not and if so passing him to the upload form with a simple (bool) $_SESSION variable which indicates his permissions. If you will try to access the second page and the $_SESS variable won't exist it will throw you back to page 1 to validate your permissions. Am I missing something? (its pretty simple..) HTH Yes, it's missing something. There is nothing in this approach to prevent the remote client from attempting to access the second page directly. Even if they do not have the valid $_SESSION variable set, the server will still receive the entire uploaded content before passing control to the PHP script to validate permissions. In a DoS attack, the attacker doesn't care whether the request is actually allowed; only that resources were consumed in handling the request. It's still the chicken and egg problem already described in this thread. OK I was thinking about it but IF a $UPLOADER go to http://domain/index.php and then click the link http://domain/mirror_admin.php which set a cookie and then the $UPLOADER must click a link where he/she get the page http://domain/mirror_upload.php before the page is displayed, PHP could check the cookie right? If the cookie is valid, it show the Form, if not the potential Uploader get a long nose. Thanks, Greetings and nice Day/Evening Michelle Konzack Systemadministrator 24V Electronic Engineer Tamay Dogan Network Debian GNU/Linux Consultant That is fine, but I can upload a file to any php script. I don't need to use your form to do so, I an just use my own form and post data directly to the script. If anybody remembers, this was an exploit that was found in the 4.0.6 code back in the day. -- Jim Lucas Some men are born to greatness, some achieve greatness, and some have greatness thrust upon them. Twelfth Night, Act II, Scene V by William Shakespeare -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: How to prevent DoS on PHP script?
On Wed, Jun 18, 2008 at 1:00 PM, Jim Lucas [EMAIL PROTECTED] wrote: That is fine, but I can upload a file to any php script. I don't need to use your form to do so, I an just use my own form and post data directly to the script. If anybody remembers, this was an exploit that was found in the 4.0.6 code back in the day. That's correct. Theoretically, you can place a form anywhere in the world, and upload a file to any server in the world. This is, unfortunately, a potentially serious issue. Consider the following: I'm in competition with Company A, and I decide to perform a DoS attack on them. I could distribute the attack, PING flood or teardrop the server, et cetera but instead, I decide to try something more sinister. I concoct a very, very simple HTML form like so: form method=post enctype=multipart/form-data action=http://www.example.com/; File: input type=file name=huge_file input type=submit value=Crash! /form I select the largest file I can find (or generate one myself - including a VFS block file of several gigabytes), and upload it to Company A's server via my form. I can even use cURL or POST from the command line of several servers to expedite the process. Any similar method will work, and the end result would be the same: exceeding disk space on the server, causing file corruption, unavailability, missed database transactions, corrupted backups, undeliverable mail, and even catastrophic data loss. On a LAMP system, Apache should automatically remove the file from the /tmp (or wherever it's configured to write) directory as soon as the upload completes and the child process dies. However, with a large file - or several simultaneous large files - you can easily fill the disk space of a poorly-configured, poorly-secured server. Not to mention the bandwidth-bogging and RAM-hogging you can do. Plus, keep in mind that this is completely independent of PHP, so your timeouts and max_file_upload/max_post_size flags won't save you here. It's a flaw in HTTP servers themselves. but fear not, young warrior: you are not alone. Almost every server out there - including those run by people on their desktop PC's out of their homes - is vulnerable. Even Microsoft's website. ;-P -- /Daniel P. Brown Dedicated Servers - Intel 2.4GHz w/2TB bandwidth/mo. starting at just $59.99/mo. with no contract! Dedicated servers, VPS, and hosting from $2.50/mo. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] climb up the path
Iv Ray wrote:
Jim Lucas wrote:
Iv,
tell me why you are wanting to do this?
If it is the reason I think it is, I can give you a better way to
accomplish this.
I have the source and a configuration file, which I want outside the
source - it is different from server to server.
The easiest is to have the configuration file one folder up.
In the same time I want the source to work wherever it is placed.
So the source sees where it is, and climbs one directory up to read the
configuration specific for this installation.
I do not want to use ignore in the repository, in order to prevent the
configuration file from being overwritten.
Iv
So, saying that it is outside the source does not tell me if it is outside the
document root.
So, I guess my option might still work in this case.
Use your include_path php_ini setting
if you have a main file that you include, like I have one that is called
handy.php that is included at the top of every script.
In this main file, you could modify your include_path
#main_included_file.php
?php
#if you are trying to go to the parent folder, then just ../
#but if you want to go to the parent/parent folder use ../../
ini_set('include_path', '../../;../;'.ini_get('include_path'));
#the rest of your stuff goes here.
?
Then...
#yourscript.php
?php
include_once 'main_include_file.php';
include 'config.php';
...
?
This should work for any host.
--
Jim Lucas
Some men are born to greatness, some achieve greatness,
and some have greatness thrust upon them.
Twelfth Night, Act II, Scene V
by William Shakespeare
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] climb up the path
i need a way to get the path to the parent folder of the folder i am in. one dirty way i found is this - require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . .. . DIRECTORY_SEPARATOR . config.php); i can also explode() and reassemble all folders except the last, but this looks also dirty... is there a direct way? There's nothing dirty about dirname(), and for your issue, just call it twice: dirname(dirname(__FILE__)); -- Richard Heyes Employ me: http://www.phpguru.org/cv ++ | Access SSH with a Windows mapped drive | |http://www.phpguru.org/sftpdrive| ++ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Search like php.net's URL thingy
On Wed, Jun 18, 2008 at 9:19 AM, Nate Tallman [EMAIL PROTECTED] wrote: Not to beat a dead horse, but why would you *not* want to preserve the 404? If it's a bad url anyways, you probably *want* to return a 404 (albeit prettier) and you probably *don't* want search engines indexing it. the original question was not how to serve fancy 404's, it was how to serve urls like http://php.net/strtolower you definitely want those indexed. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] CAD file decoding
Iv Ray wrote: Lester Caine wrote: Has anybody seen any software that could be used with PHP to extract the preview pictures from CAD files such as DXF and the like. I'm looking to keep thumbnails of the drawings in much the same was as we generate thumbnails of images. So I can display a list of previews before downloading the whole file. It seems DXF files can be accessed with JavaScript. This sounds a bit peculiar to me, how big are these files? Can be very big http://medw.co.uk/fisheye/view.php?gallery_id=36 will give you the idea. I'm dumping the images to jpg from Turbocad, so I have separate thumbnails to drawing files, but ideally if people are uploading drawing fiels we will need to automatically produce thumbnails for them. server end rather than client -- Lester Caine - G8HFL - Contact - http://lsces.co.uk/lsces/wiki/?page=contact L.S.Caine Electronic Services - http://lsces.co.uk EnquirySolve - http://enquirysolve.com/ Model Engineers Digital Workshop - http://medw.co.uk// Firebird - http://www.firebirdsql.org/index.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Boa Webserver and PHP5
Nope, i'm running PHP on my machines just fine and there are no issues. This is a user configuration issue. First: add the lines to apache Second: restart apache Third: empty the browser cache Fourth: reload the web page Then post back what happens. Top posting from my Q otherwise I'd have bottom posted. -Original Message- From: Michelle Konzack [EMAIL PROTECTED] Sent: Wednesday, June 18, 2008 7:21 AM To: php-general@lists.php.net Subject: [PHP] Re: Boa Webserver and PHP5 Am 2008-06-16 10:05:00, schrieb Daniel Brown: On Sat, Jun 14, 2008 at 11:12 AM, Michelle Konzack [EMAIL PROTECTED] wrote: * Do not Cc: me, because I READ THIS LIST, if I write here * *Keine Cc: am mich, ich LESE DIESE LISTE wenn ich hier schreibe* Keep in mind two things: 1.) Reply-all automatically includes you, where a simple Reply does not include the list. 2.) Not every person to write to the list is a subscriber, so Reply-all is the best option. If you're getting overloaded, check your email client settings and filters. The problem is NOT there, but peoples like to put me into the Bcc: and those messages show up in my mailfolders long time before the List- Message comes back since it is faster. Now getting such messages mean to me I get a PM and reply with PM, but this message was qribinaly indeed to go to the list, which mean I have to write the message twice or lost contents. And of course, HOW can a NON-SUBSCRIBER post to THIS list? for 5 weeks I have changed my E-Mail from my ancien ISP domain freenet.de to my own NEW domain tamay-dogan.net and tried to post while not subscribed with the NEW E-Mail and my post was immediatly rejected as submission by non subscriber. It seems, this is the reson WHY this list is spamfree and I can download my PHP folder without pipeing each message through spamassassin, clamav, checking with zen.spamhaus.org and 4.000 lines of procmail scripts... Same for postgresql.org. OK, the Debian Mailinglists have heavy filters now, but however, I get per day arround 100-400 spams over it which are catched to 99% by my filters... Such actions are eating resources! (CPU and maintain time) since my small Laptop (TP570) can not handel the Dino of apache2, I am running the light webserver boa und Debian/Sarge. Question: Can anyone tell me HOW to get PHP5 running with it? RTFM: http://www.boa.org/documentation/boa-2.html#ss2.3 I have done this and I get every time a ---[ STDIN ] The file index.php is of type application/x-httpd-php, and Mozilla does not know how to handle this file type. This file is located at: http://tp570.private.tamay-dogan.net Just like Apache's httpd.conf, you add an AddType directive. Compile PHP into a static, standalone (non-modular, non-ASPX) binary and add the binary as an extension. I have read it, but can it be, that there is a problem with PHP in the Debian GNU/Linux Distribution? (Etch and Sarge) Thanks, Greetings and nice Day/Evening Michelle Konzack Systemadministrator 24V Electronic Engineer Tamay Dogan Network Debian GNU/Linux Consultant -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ # Debian GNU/Linux Consultant # Michelle Konzack Apt. 917 ICQ #328449886 +49/177/935194750, rue de Soultz MSN LinuxMichi +33/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] losing mysql connection during cron job
I've got a simple script running as a cron job that's getting
intermittent Lost connection to MySQL server during query errors.
The script sends out listserve messages, 50 BCCs each minute,
sleep()ing for 60 seconds between sends and updating a data table
after each send. The whole BCC list varies from one message to the
next, but messages typically take 10 or more sends in batches of 50 recipients.
Inconsistently, the script aborts with the lost connection error
after a varying number of sends. Rarely it bombs not at all and
performs all 10 or 12 updates without error.
The script cycle is, symbolically:
foreach (recipients as batch)
{
mail() using batch of recipients;
mysql_query() update table;
sleep(60);
}
final mysql_query() update table as complete;
In an attempt to cure the problem I'm re-establishing the $conn
before each query and doing a mysql_close() after each query, but the
error still occurs.
The hosting is Media Temple's gridserver. I've never encountered
this error in any of the many PHP/mysql scripts I run on Media Temple
accounts, but this is different as it's a cron job.
Can you suggest aspects of the process that might lead to this error
that I should look at more carefully? I can understand that sleep()
might lose the connection between PHP the MySQL server, but why
would the script be unable to reconnect after sleeping? Would that
be a server-dependent issue or is there something I can do in PHP to
nail down the connectivity?
I'm hoping to get assistance on this issue without having to clean up
the script enough to invite in guests, but I'll do so if required.
Thanks,
Paul
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Exporting to Excel
Hello all,
I am trying to query an INFORMIX database, and then take the results and
export them into a CSV or Excel file. I saw TONS of examples on how to do
this using MySQL and tried to adpt them for ifx, but I can't get the darn
thing working. My code below sets variables for values passed from my form.
I then connect to my database and run a query that gets results based on the
variable values. After that I want to count the number of fields(columns)
and begin to build the export file.
Well, when I execute the page I get the popup to save/open the output as an
Excel file. When I open it, instead of getting data, it returns an error
message of: PHP Warning: Wrong parameter count for ifx_fieldtypes()
I am trying to use ifx_fieldtypes() to replace the mysql function of
mysql_field_name()
Any ideas?
?php
$name_code = $_POST['name'];
// echo $name_code;
$case_age = $_POST['case_age'];
// echo $case_age;
$case_cat = $_POST['case_cat'];
// echo $case_cat;
$case_status = $_POST['case_status'];
// echo $case_status;
include 'Conn/prpr_ifx.php';
if (!$connect_id = ifx_connect([EMAIL PROTECTED], $user, $pass)) { // THE
ACTUAL CONNECTION
echo Unable to connect to Informix Database\n; // DISPLAY IF
CONNECTION FAILS
exit();
}
function parseCSVComments($comments) {
$comments = str_replace('', '', $comments); // First off escape all
and make them
if(eregi(,, $comments) or eregi(\n, $comments)) { // Check if I have
any commas or new lines
return ''.$comments.''; // If I have new lines or commas escape them
} else {
return $comments; // If no new lines or commas just return the value
}
}
$sql = SELECT * FROM pending_summary_detail WHERE name = '$name_code';
if (!empty($case_age)) {
$sql.= AND case_age_group = '$case_age';
}
if (!empty($case_cat)) {
$sql.= AND case_category = '$case_cat';
}
if (!empty($case_status)) {
$sql.= AND case_status = '$case_status';
} // Start our query of the database
$query = ifx_query ($sql, $connect_id);
$numberFields = ifx_num_fields($query); // Find out how many fields we are
fetching
if($numberFields) { // Check if we need to output anything
for($i=0; $i$numberFields; $i++) {
$head[] = ifx_fieldtypes($query, $i); // Create the headers for each
column, this is the field name in the database
}
$headers = join(',', $head).\n; // Make our first row in the CSV
while($info = ifx_fetch_row($query)) {
foreach($head as $fieldName) { // Loop through the array of headers as we
fetch the data
$row[] = parseCSVComments($info-$fieldName);
} // End loop
$data .= join(',', $row).\n; // Create a new row of data and append it
to the last row
$row = ''; // Clear the contents of the $row variable to start a new row
}
// Start our output of the CSV
header(Content-type: application/x-msdownload);
header(Content-Disposition: attachment; filename=data.csv);
header(Pragma: no-cache);
header(Expires: 0);
echo $headers.$data;
} else {
// Nothing needed to be output. Put an error message here or something.
echo 'No data available for this CSV.';
}
?
Re: [PHP] Exporting to Excel
On Wed, Jun 18, 2008 at 5:53 PM, Dan Shirah [EMAIL PROTECTED] wrote: Hello all, [snip!] Well, when I execute the page I get the popup to save/open the output as an Excel file. When I open it, instead of getting data, it returns an error message of: PHP Warning: Wrong parameter count for ifx_fieldtypes() Come on, Shirah. GOYA and RTFM! ;-P http://php.net/ifx_fieldtypes Drop the $i parameter below: [snip!] $query = ifx_query ($sql, $connect_id); [snip!] $head[] = ifx_fieldtypes($query, $i); [snip!] -- /Daniel P. Brown Dedicated Servers - Intel 2.4GHz w/2TB bandwidth/mo. starting at just $59.99/mo. with no contract! Dedicated servers, VPS, and hosting from $2.50/mo. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Exporting to Excel
Come on, Shirah. GOYA and RTFM! ;-P http://php.net/ifx_fieldtypes Drop the $i parameter below: [snip!] $query = ifx_query ($sql, $connect_id); [snip!] $head[] = ifx_fieldtypes($query, $i); [snip!] Son of a Bisquick! I'll chalk that up to looking at the Manual for like 4 hours today! I removed the $i, but instead of the column headers it just says: Array Array Array Array Array Arrayinstead of the column titles...and none of the column data displays. Okay, Dan...now I have to GOMA and go home before my wife KMA! Thanks again for poiting that out.
Re: [PHP] Re: Search like php.net's URL thingy
clip Thanks for replying m8, but if you check the rest of the thread you will see this has alraedy been solved and the result is http://ezee.se/ezeeurl.php?do=1 Cheers! Ryan How do you protect this thing from being spammed? I do not know why somebody would spam it, but I have had all kind of forms being spammed - it seem there are people out there who find immense pleasure in spamming forms, regardless of the result. /clip I really dont see what anybody could gain by spamming this form but anyway it does check to make sure the person submits something that starts with http via strstr (after bringing it down to lowercase, thats why i didnt use stristr, and because it checks just http, https too is allowed, i really dont think people will have much use for FTP or other protocols here so didnt bother, it also safeguards my server from people trying to serve up my local files).. If i do see spam, will throw in a captcha... there are many other there that are decent, i might not go for enter the below characters one but most probably click the elephant/cat/dog/mouse in the picture one. If that does not work, will either have to ask for their credit card numbers or ask them to mail me their birth certificates... :o) J/K of course! Cheers! R -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] mail problem (newlines becomes =0A)
Hi, When a member register in my site, I send him a mail with activation link. This is the string I send: $mailContent = Thank you for your interest in XYZ !\n\n . In order to activate your account, please click the link below.\n\n . (If the link . I tested on my gmail address, and the message appears well. However recently I had a member alerting me that the message was broken: Thank you for your interest in XYZ!=0A=0AIn order= to activate your account, please click the link below.=0A=0A(If the link Instead of new lines he gets =0A characters Message is hard to read and activation URL is broken. Anyone has an idea on how to solve this problem ? Thank you very much !! -- View this message in context: http://www.nabble.com/mail-problem-%28newlines-becomes-%3D0A%29-tp17993688p17993688.html Sent from the PHP - General mailing list archive at Nabble.com. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Search like php.net's URL thingy
On 18 Jun 2008, at 23:40, Ryan S wrote: clip Thanks for replying m8, but if you check the rest of the thread you will see this has alraedy been solved and the result is http://ezee.se/ezeeurl.php?do=1 Cheers! Ryan How do you protect this thing from being spammed? I do not know why somebody would spam it, but I have had all kind of forms being spammed - it seem there are people out there who find immense pleasure in spamming forms, regardless of the result. /clip I really dont see what anybody could gain by spamming this form but anyway it does check to make sure the person submits something that starts with http via strstr (after bringing it down to lowercase, thats why i didnt use stristr, and because it checks just http, https too is allowed, i really dont think people will have much use for FTP or other protocols here so didnt bother, it also safeguards my server from people trying to serve up my local files).. Yeah, that's not so great: http://ezee.se/d If i do see spam, will throw in a captcha... there are many other there that are decent, i might not go for enter the below characters one but most probably click the elephant/cat/dog/mouse in the picture one. If that does not work, will either have to ask for their credit card numbers or ask them to mail me their birth certificates... :o) J/K of course! The only spam you're likely to see here is spammers using the service to mask URLs they send out via other channels. Not much you can do about that but it's likely to get your main domain name banned by some spam filters. You could probably stop a lot of that by checking URLs against http://www.surbl.org/ before allowing them. -Stut -- http://stut.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mail problem (newlines becomes =0A)
debussy007 wrote: Hi, When a member register in my site, I send him a mail with activation link. This is the string I send: $mailContent = Thank you for your interest in XYZ !\n\n . In order to activate your account, please click the link below.\n\n . (If the link . I tested on my gmail address, and the message appears well. However recently I had a member alerting me that the message was broken: Thank you for your interest in XYZ!=0A=0AIn order= to activate your account, please click the link below.=0A=0A(If the link Instead of new lines he gets =0A characters Message is hard to read and activation URL is broken. Anyone has an idea on how to solve this problem ? Thank you very much !! Change it to: $mailContent = Thank you for your interest in XYZ! In order to activate your account, please click the link below. (If the link . ; I've always used this and never had a problem with it. Wolf -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mail problem (newlines becomes =0A)
On Wed, Jun 18, 2008 at 7:14 PM, Wolf [EMAIL PROTECTED] wrote: Change it to: $mailContent = Thank you for your interest in XYZ! In order to activate your account, please click the link below. (If the link . ; I've always used this and never had a problem with it. If you want to do it that way, I'd recommend HEREDOC syntax. ?php $mailContent =EOM Thank you for your interest in XYZ! In order to activate your account, please click the link below. (If the link EOM; -- /Daniel P. Brown Dedicated Servers - Intel 2.4GHz w/2TB bandwidth/mo. starting at just $59.99/mo. with no contract! Dedicated servers, VPS, and hosting from $2.50/mo. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Adding a page with FPDF
Anyone use FPDF?
I'm trying to create a new document in memory, starting with a
template document - I'm going to add some stuff to it. The template
document might be any size and dimensions. Here is the code I'm using,
and my problem is that the resulting document is always an 8.5x11
page. How do I get my new document to be the same dimensions as the
template doc?
$pdf= new fpdi();
$pagecount = $pdf-setSourceFile(templates/.$pdf_template_name);
$tplidx = $pdf-ImportPage(1);
$pdf-addPage('P');
$pdf-useTemplate($tplidx);
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Online Job Available
Yes, I'm sure it's legit, thus your obviously real 2 names and 3 email addresses. :-) On Jun 18, 2008, at 7:33 AM, Brock Diegel wrote: Hi, Our online market research organization starts recruiting self- motivated and reliable individuals willing to take part in well-paying research conducted by leading international businesses. Your opinion as a consumer is important for the success and profitability of many business ventures. That is why they are ready to pay for what you think. Our members are paid for participating in online surveys, focus group discussions, and product/service evaluations. What's best, all you need to work with us is a computer, an Internet connection, and will to voice your honest opinion. We'd like to hear from you soon if you want to become one of our highly valued survey takers. Please excuse us if this email is unwanted for you and we have disturbed you in some way, but this is a serious and sincere enquiry. Please reply to [EMAIL PROTECTED] Best regards, Stephanie Cunningham -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] losing mysql connection during cron job
The script cycle is, symbolically:
foreach (recipients as batch)
{
mail() using batch of recipients;
mysql_query() update table;
sleep(60);
}
final mysql_query() update table as complete;
why don't you edit your code?
foreach (recipients as batch)
{
mail() using batch of recipients;
mysql_query() update table;
if(mysql_errno()==ERROR_CODE_YOU_GET){
mysql_connect();
mysql_select_db();
}
sleep(60);
}
[PHP] GD - Print Animated GIF
Hey All, I'm new to the list, but hopefully it's a nice one :) Anyway, my problem is fairly straightforward, but there doesn't seem to be anything on it anywhere. When I read an animated GIF with imagecreatefromgif(), then print it out with imagegif(), the result is just the first frame of the animation. I've googled this to death, and found plenty on how to build your own animated GIFs, but no answers to this issue. Thanks in advance, Stephen
Re: [PHP] Adding a page with FPDF
Brian Dunning wrote:
Anyone use FPDF?
I'm trying to create a new document in memory, starting with a template
document - I'm going to add some stuff to it. The template document
might be any size and dimensions. Here is the code I'm using, and my
problem is that the resulting document is always an 8.5x11 page. How do
I get my new document to be the same dimensions as the template doc?
$pdf= new fpdi();
$pagecount = $pdf-setSourceFile(templates/.$pdf_template_name);
$tplidx = $pdf-ImportPage(1);
$pdf-addPage('P');
$pdf-useTemplate($tplidx);
I think you have to specify the page size when you create the $pdf
variable. Here's how I've been using it:
$pdf = new fpdi('P','pt','letter');
You might be able to use the FPDF_TPL::getTemplateSize() method to
figure it out dynamically somehow though:
http://www.setasign.de/support/manuals/fpdf-tpl/fpdf-tpl/fpdf-tpl-gettempaltesize/
It also looks like the useTemplate method might do some legwork for you,
but I'd have to test...
http://www.setasign.de/support/manuals/fpdf-tpl/fpdf-tpl/fpdf-tpl-usetemplate/
HTH
--
Ray Hauge
www.primateapplications.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Setting session to not expire
Hey,
I'm reading up about the session functions looking
for the proper way to set a session to never
expire, but I'm a little confused.
is calling
session_cache_limiter('private_no_expire');
...before before session_start() the proper way to
set a session to never expire? Or least until the
browser is closed?
It looks like it to me, but I'm not exactly sure.
--
Skip Evans
Big Sky Penguin, LLC
503 S Baldwin St, #1
Madison, WI 53703
608-250-2720
http://bigskypenguin.com
=-=-=-=-=-=-=-=-=-=
Check out PHPenguin, a lightweight and versatile
PHP/MySQL, AJAX DHTML development framework.
http://phpenguin.bigskypenguin.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Capitalization of variable
How do I make the first letter of a variable be a capital? I am using this with names. If the user types ron I want to save it as Ron. Thanks for your help. Ron -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Capitalization of variable
$var = RON; echo ucfirst(strtolower($var)); -Original Message- From: Ron Piggott Sent: 19 June 2008 13:41 To: PHP General Subject: [PHP] Capitalization of variable How do I make the first letter of a variable be a capital? I am using this with names. If the user types ron I want to save it as Ron. Thanks for your help. Ron -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Variables
Hi
I was wondering if this is the correct way to reference a variable from a
file that has been included inside of a function. Also just general
static/global variable usage.
For example:
Myqsql_functions.php
?php
require(config.php)
function ach_mysqlCon()
{
static $con = mysql_connect(global
$mysql_host,$mysql_user,$mysql_pass);
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
}
function ach_mysqlCloseCon()
{
if($con)
{
mysql_close($con)
}
}
?
And the variables are defined in config.php
--
config.php
--
?php
//Mysql vars
$mysql_host = localhost;
$mysql_user = [EMAIL PROTECTED];
$mysql_pass = ;
?
--
So my questions are will ach_mysqlCloseCon() recognise the $con variable
in ach_mysqlCon() as it is declared as static? will ach_mysqlCon() recognise
the variables included from config.php as they are declared global? is this
all syntax'd properly?
Also, how would I, for example, change $mysql_host from a form?
Cheers and thanks for any and all assistance.
Re: [PHP] Capitalization of variable
On Wed, Jun 18, 2008 at 11:41 PM, Ron Piggott [EMAIL PROTECTED] wrote: How do I make the first letter of a variable be a capital? Press SHIFT on your keyboard. ;-P -- /Daniel P. Brown Dedicated Servers - Intel 2.4GHz w/2TB bandwidth/mo. starting at just $59.99/mo. with no contract! Dedicated servers, VPS, and hosting from $2.50/mo. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Capitalization of variable
How would I do this for a street address? If the user gave me their address as 12 george street I would like the results to be 12 George Street. Ron -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Variables
On Thu, 2008-06-19 at 15:54 +1200, Byron wrote:
Hi
I was wondering if this is the correct way to reference a variable from a
file that has been included inside of a function. Also just general
static/global variable usage.
For example:
Myqsql_functions.php
?php
require(config.php)
function ach_mysqlCon()
{
static $con = mysql_connect(global
$mysql_host,$mysql_user,$mysql_pass);
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
}
function ach_mysqlCloseCon()
{
if($con)
{
mysql_close($con)
}
}
?
And the variables are defined in config.php
--
config.php
--
?php
//Mysql vars
$mysql_host = localhost;
$mysql_user = [EMAIL PROTECTED];
$mysql_pass = ;
?
--
So my questions are will ach_mysqlCloseCon() recognise the $con
variable
in ach_mysqlCon() as it is declared as static? will ach_mysqlCon()
recognise
the variables included from config.php as they are declared global? is
this
all syntax'd properly?
It's all wrong looking :/
Myqsql_functions.php
?php
require(config.php)
function ach_mysqlCon( $init=true )
{
static $con = null;
if( $init $con === null )
{
$con =
mysql_connect
(
$GLOBALS['mysql_host'],
$GLOBALS['mysql_user'],
$GLOBALS['mysql_pass']
);
if( !$con )
{
die( 'Could not connect: '.mysql_error() );
}
}
}
function ach_mysqlCloseCon()
{
if( ($con = ach_mysqlCon( false )) )
{
mysql_close( $con )
}
}
?
And the variables are defined in config.php
--
config.php
--
?php
//Mysql vars
$GLOBALS['mysql_host'] = localhost;
$GLOBALS['mysql_user'] = [EMAIL PROTECTED];
$GLOBALS['mysql_pass'] = ;
?
--
Also, how would I, for example, change $mysql_host from a form?
Cheers and thanks for any and all assistance.
You're creating a global database connection... considering you've gone
for static var within the function, you'll only ever create one... so
the host would need to be set before you ever call the connection
function... but to address the question:
?php
$GLOBALS['mysql_host'] = $_REQUEST['host'];
?
I've intentionally used request since I don't know if you would do it
via $_POST or $_GET. Additionally, one would hope you'd
check/filter/process the submitted value before being so careless as to
assign it as I've done above.
Cheers,
Rob.
--
http://www.interjinn.com
Application and Templating Framework for PHP
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Capitalization of variable
2008/6/19 Ron Piggott [EMAIL PROTECTED]: How would I do this for a street address? If the user gave me their address as 12 george street I would like the results to be 12 George Street. For web I use CSS: text-transform:capitalize; -- WBR, Dmitrii +375 29 60-LINUX +375 29 40-LINUX icq: 193-74-771 www.varvashenia.ru -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Capitalization of variable
you could explode the string by the space, then use the ucword function walking through the array, then implode http://www.php.net/manual/en/function.explode.php http://www.php.net/manual/en/function.ucwords.php http://www.php.net/manual/en/function.array-walk.php http://www.php.net/manual/en/function.implode.php others: http://www.php.net/manual/en/function.ucfirst.php http://www.php.net/manual/en/ref.strings.php Dmitrii Varvashenia wrote: 2008/6/19 Ron Piggott [EMAIL PROTECTED]: How would I do this for a street address? If the user gave me their address as 12 george street I would like the results to be 12 George Street. For web I use CSS: text-transform:capitalize;
Re: [PHP] Capitalization of variable
On Wed, Jun 18, 2008 at 10:03 PM, Ron Piggott [EMAIL PROTECTED] wrote: How would I do this for a street address? If the user gave me their address as 12 george street I would like the results to be 12 George Street. ucwords(). had you gone to the manual, for ucfirst() from the first reply to your question, youd have seen a link to it as a related function. -nathan
[PHP] Case sensitive password
I have coded a php page that accepts a password. What is the code to make sure the password entered is NOT case-sensitive? Thanks much R.C. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Capitalization of variable
On Wed, Jun 18, 2008 at 10:32 PM, Daniel Kolbo [EMAIL PROTECTED] wrote: you could explode the string by the space, then use the ucword function walking through the array, then implode no, theres no need to use explode here. ucwords() operates over an entire string by itself. if however, you want to ensure that *only* the first letter of each word is capitalized, you would first call strtolower(), as so: $streetAddr = 817 17th ST, DENVER COLORADO; echo ucwords(strtolower($streetAddr)); // 817 17th St, Denver Colorado -nathan
Re: [PHP] Case sensitive password
R.C. wrote: I have coded a php page that accepts a password. What is the code to make sure the password entered is NOT case-sensitive? Before you store the password, make it all lowercase (or uppercase, whatever you prefer). $password = strtolower($password); When you compare the passwords, turn it all to lower (or upper) case before you compare it. -- Postgresql php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Case sensitive password
i hate posting the same answer to a given question thats already been posted, but i had this all typed in when chris submitted his answer, so here it is again.. On Wed, Jun 18, 2008 at 10:36 PM, R.C. [EMAIL PROTECTED] wrote: I have coded a php page that accepts a password. What is the code to make sure the password entered is NOT case-sensitive? when you store the password, you can store it as all upper or all lowercase, then when comparing against the stored value, do the same operation to the value supplied from the user, and compare those. and you dont have to modify the original value if you dont want to, when you store it. just remember to alter both the stored value and the user-supplied value when doing comparisons. /// here is an example comparison // get password value from db for user, put it in $storedPassword // suppose the value the user supplied in a form is in variable $userSuppliedPassword // now for the case insensitive comparison if(strtolower($storedPassword) == strtolower($userSuppliedPassword)) // passwords are the same else // passwords are different also note in the above example, there is no encryption of the password, which you almost certainly want to have ;) -nathan
[PHP] Newbie Question: How to pass URL info to .php script ?
Not sure how to achieve this. How can I grab a portion of a URl to send to a .php script in this fashion? www.test.com/article/3435 - Grab the 3435 to process in a script? Thanks in advance! Ethan
Re: [PHP] Newbie Question: How to pass URL info to .php script ?
On Wed, Jun 18, 2008 at 10:45 PM, Ethan Whitt [EMAIL PROTECTED] wrote: Not sure how to achieve this. How can I grab a portion of a URl to send to a .php script in this fashion? www.test.com/article/3435 - Grab the 3435 to process in a script? take a look at the $_SERVER superglobal array, http://www.php.net/manual/en/reserved.variables.server.php most likely you are looking for, $_SERVER['PATH_TRANSLATED'], but it really depends on what you want out of the url, so make sure to read through the options, and their explanations. those values are just strings, so its quite easy to extract portions of the string using a variety of techniques. for example, give the url in your question (suppose we find it in $_SERVER['PATH_TRANSLATED']) $lastPath = substr($_SERVER['PATH_TRANSLATED'], strrpos($_SERVER['PATH_TRANSLATED']), '/') + 1); // $lastPath = '3435' -nathan
Re: [PHP] Case sensitive password
Thank you for your reply. The password is not stored, actually, like in a databse. We're only dealing with one password. When the user inputs the password, he/she should be able to input either in lower or upper case or both abd they should have access to the protected file in this case. Is this what you are recommending below? Best R.C. Chris [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] R.C. wrote: I have coded a php page that accepts a password. What is the code to make sure the password entered is NOT case-sensitive? Before you store the password, make it all lowercase (or uppercase, whatever you prefer). $password = strtolower($password); When you compare the passwords, turn it all to lower (or upper) case before you compare it. -- Postgresql php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Case sensitive password
R.C. wrote:
Thank you for your reply. The password is not stored, actually, like in a
databse. We're only dealing with one password. When the user inputs the
password, he/she should be able to input either in lower or upper case or
both abd they should have access to the protected file in this case.
As Nathan mentioned, just compare them in the same way.
$stored_password = strtolower($stored_password);
$user_password = strtolower($user_password);
if ($stored_password == $user_password) {
echo Yay!;
} else {
echo No :(;
}
--
Postgresql php tutorials
http://www.designmagick.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] losing mysql connection during cron job
At 6/18/2008 04:49 PM, Shiplu wrote:
why don't you edit your code?
foreach (recipients as batch)
{
mail() using batch of recipients;
mysql_query() update table;
if(mysql_errno()==ERROR_CODE_YOU_GET){
mysql_connect();
mysql_select_db();
}
sleep(60);
}
Thanks for the suggestion. I am currently successfully working
around this error by another method, although your suggestion is
probably better.
The reason I posted this problem, though, is that I want to
understand *why* I'm getting the Lost connection to MySQL server
during query error.
If anyone has had a similar experience using cron jobs or sleep() I'd
love to hear from you.
Thanks,
Paul
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] losing mysql connection during cron job
Thanks for the suggestion. I am currently successfully working around this error by another method, although your suggestion is probably better. The reason I posted this problem, though, is that I want to understand *why* I'm getting the Lost connection to MySQL server during query error. If anyone has had a similar experience using cron jobs or sleep() I'd love to hear from you. - database is restarted for whatever reason (log rotation, dba does an upgrade etc etc). - mysql has a 'wait_timeout' setting which could trigger it http://dev.mysql.com/doc/refman/5.0/en/server-system-variables.html#option_mysqld_wait_timeout You need to do a mysql_close(); mysql_connect(...) before mysql_query works again - otherwise mysql_connect will just return the same resource id (or I guess just use the 'new_connection' flag for mysql_connect and skip the mysql_close()). -- Postgresql php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
