php-general Digest 12 Oct 2004 06:32:28 -0000 Issue 3048
Topics (messages 199221 through 199250):
Program that does registration, rsvp, reminders, etc??
199221 by: John Holmes
Re: PHP gurus...how are they doing this?
199222 by: John Holmes
Re: 1000+ character POSTed strings get mangled
199223 by: Jonny Roller
Re: sending SMS messages to mobile phones from PHP
199224 by: Andrew Cowles
Re: Meaningful Subject
199225 by: php-list.xenonsolutions.com
Re: Is there any way of knowing User Currently Logged On?
199226 by: John Holmes
199232 by: Gryffyn, Trevor
199246 by: Mulley, Nikhil
199247 by: Mulley, Nikhil
199248 by: Mulley, Nikhil
Re: config.php
199227 by: Michal Migurski
Re: Best practise for resolving potential conflicts when editing db content?
199228 by: Michal Migurski
199233 by: Andrew Kreps
Re: Quick file_get_contents() questions...your opinion needed
199229 by: Curt Zirzow
199230 by: Curt Zirzow
199250 by: Aidan Lister
Re: Problem of varible
199231 by: Curt Zirzow
Re: Working out the image path...
199234 by: Curt Zirzow
Re: [PHP-INSTALL] Impossibility
199235 by: Andrew Kreps
Working out the image path...partly solved, please have a look at my code
199236 by: Mag
199237 by: Matt M.
199238 by: Mag
OOP -- passing messages between objects
199239 by: Sandy Keathley
199244 by: Matthew Weier O'Phinney
ezmlm-sub or alternative
199240 by: Mark Hubert
199241 by: Jason Wong
199242 by: James McGlinn
199243 by: Manuel Lemos
Re: Lost in PHP (part 1) ---- Sequle to Lost in Query
199245 by: GH
199249 by: Minuk Choi
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
--- Begin Message ---
Does anyone know of a program that does event and user registration,
sends RSVPs, reminders, etc?? I'm basically looking for a _simple_
evite.com clone I can use on a site.
The only one I've found in a quick search is iVITE at
http://www.hotscripts.com/Detailed/31859.html. Does anyone have any
recommendations on that script or any other ideas?
Thanks.
--
---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
--- End Message ---
--- Begin Message ---
Mag wrote:
1.showing the number of "outgoing links"
Middle man. You have them click on a link containing
an ID, increment
the counter for that ID, then forward them to the
requested link.
I'm not sure I understand what you mean here.
Actually, I misunderstood what you meant by outgoing links. You're
looking for the number of links on the supplied page that go to another
site, right (not tracking clicks through to the site)? And you're
looking for the number of links going to a jpg or mpg?
The only way I can imagine they are doing this is just loading the file
into a string, like you are already doing, and parsing it with regular
expressions. You'll just have to play around with your patterns until
they work and realize you'll probably never be able to get it 100%
correct with the variety of ways people code HTML out there.
If you read the manual notes for the preg_* functions, there are a lot
of examples given there on how to match/replace things like this.
--
---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
--- End Message ---
--- Begin Message ---
Thanks for the info! Based on the "Apache2" reference and dug into the
problem a little more. Bug 18648 (http://bugs.php.net/bug.php?id=18648)
contains a long thread from folks with similar problems. It seems that
the Apache2 setup creates a conf.d/php.conf file with this in it:
<Files *.php>
SetOutputFilter PHP
SetInputFilter PHP
LimitRequestBody 524288
</Files>
I got rid of that code, restarted Apache and now all is well!
John Holmes wrote:
Jonny Roller wrote:
If I POST a string greater than 1000 character through a form, the
resulting string gets mangled. What I get back is the first 1000
characters of the string, then the name of the form variable, an equal
sign (=) and then the entire string again. If I change the form to a
GET, this problem does not occur.
[snip]
I'm running PHP 4.3.8 with Apache 2.0.50 on Linux but it also occurred
with PHP 4.3.9 on Apache 2.0.52. However, a similarly configured (but
not identical) server running the same versions of PHP and Apache does
not exhibit this behavior.
I remember an Apache2/PHP bug that caused issues like this with any
request variables, but I couldn't find it on bugs.php.net. Have you
reported this there, yet?
--- End Message ---
--- Begin Message ---
Hi Jordi,
What's wrong with British Pounds? It's a good currency - been around for a
long time.
We have customers all over the world and can send SMS messages to over 500
networks in 200+ countries.
We have MANY clients in the USA, across Europe, Australia & Africa.
However we are based in the UK; which means our prices are in pounds... but
you can pay using most major credit cards, so it shouldn't be a big problem.
There is a good currency converter at http://www.xe.com/ if you need it, or
I'm sure our Sales staff will happily give you the current rates.
Best regards,
Andy
Andrew Cowles
====================================
KAPOW! SMS Communication Solutions
WEB: http://www.kapow.co.uk/
EMAIL: [EMAIL PROTECTED]
TEL: 0870 757 1610 or FAX: 0870 757 1615
====================================
Cygnet Internet Services Ltd ( http://www.cygnet.co.uk/ )
====================================
> Unfoturnately your price list is only in pounds: No Euros, No Dollars
> :( It Looks like you only accept British Customers.
>
> Regards,
> Jordi.
--- End Message ---
--- Begin Message ---
-----Original Message-----
From: Jason Wong [mailto:[EMAIL PROTECTED]
Sent: Monday, October 11, 2004 8:09 AM
To: [EMAIL PROTECTED]
Subject: Re: [PHP]
On Monday 11 October 2004 19:41, [EMAIL PROTECTED] wrote:
> Never mind guys, I figured it out. I appreciate your help. Thanks for
> everything!
Next time you start a thread please give it a meaningful subject.
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
------------------------------------------
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
------------------------------------------
/*
The three best things about going to school are June, July, and August.
*/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
Mulley, Nikhil wrote:
Is there any way of finding the current user logged on the remote system
You can try $_SERVER['LOGON_USER'], but I think the "remote" computer
has to be in the same domain as the server...
--
---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
--- End Message ---
--- Begin Message ---
It does and Windows Integrated Authentication has to be turned on (and
Anonymous access turned off).
I just got my company to configure that so my PHP scripts could grab the
authenticated user for logging purposes.
-TG
> -----Original Message-----
> From: John Holmes [mailto:[EMAIL PROTECTED]
> Sent: Monday, October 11, 2004 2:49 PM
> To: Mulley, Nikhil
> Cc: [EMAIL PROTECTED]
> Subject: Re: [PHP] Is there any way of knowing User Currently
> Logged On?
>
>
> Mulley, Nikhil wrote:
>
> > Is there any way of finding the current user logged on the
> remote system
>
> You can try $_SERVER['LOGON_USER'], but I think the "remote" computer
> has to be in the same domain as the server...
>
> --
>
> ---John Holmes...
>
> Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
>
> php|architect: The Magazine for PHP Professionals - www.phparch.com
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
--- Begin Message ---
No Holmes ,Its not working , is there any other way ...
And My specific would be something that by Giving an IP or a hostname ,the script
should fetch the user logged in currently,,
like when we use the nbtstat command on a Windows Domain with the argument as the
hostname , it would fetch the details something like this.
P:\nikhil\userloggedon> nbtstat -an hydws00014
Local Area Connection:
Node IpAddress: [10.103.6.22] Scope Id: []
NetBIOS Remote Machine Name Table
Name Type Status
---------------------------------------------
HYDWS00014 <00> UNIQUE Registered
JUNOHYD <00> GROUP Registered
HYDWS00014 <03> UNIQUE Registered
HYDWS00014$ <03> UNIQUE Registered
HYDWS00014 <20> UNIQUE Registered
JUNOHYD <1E> GROUP Registered
MSASI <03> UNIQUE Registered =>=> He is the actual user
currenly logged on.
HYDWS00014 <01> UNIQUE Registered
MAC Address = 00-B0-D0-2D-DF-6F
Regards,
Nikhil.
-----Original Message-----
From: John Holmes [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 12, 2004 12:19 AM
To: Mulley, Nikhil
Cc: [EMAIL PROTECTED]
Subject: Re: [PHP] Is there any way of knowing User Currently Logged On?
Mulley, Nikhil wrote:
> Is there any way of finding the current user logged on the remote system
You can try $_SERVER['LOGON_USER'], but I think the "remote" computer
has to be in the same domain as the server...
--
---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
--- End Message ---
--- Begin Message ---
Hi Vail,
My Worry is that If a remote OS is not Windows, then this would throw out garbage,
Where as this Perl Script would work well at a Windows Side ,Bcoz I am using the
'Win32' Module ,is there any other module such that .....
We cannot even predict ( or I believe there is no exact way ) what the remote OS could
be :(
Nikhil.
-----Original Message-----
From: Vail, Warren [mailto:[EMAIL PROTECTED]
Sent: Monday, October 11, 2004 11:33 PM
To: 'Mulley, Nikhil'; [EMAIL PROTECTED]
Subject: RE: [PHP] Is there any way of knowing User Currently Logged On?
If you code in php something like the following, you just might be able to
use the perl script;
$ok = exec("path/to/Perl myperscriptname.pl server", $result); // you may
have to straighten out syntax
Foreach($result as $line) {
echo $line; // or you could process the results
}
Hope this helps,
Warren Vail
-----Original Message-----
From: Mulley, Nikhil [mailto:[EMAIL PROTECTED]
Sent: Monday, October 11, 2004 9:52 AM
To: [EMAIL PROTECTED]
Subject: [PHP] Is there any way of knowing User Currently Logged On?
Hi Guys,
Is there any way of finding the current user logged on the remote system
I have a perl script which gets the user name who is currently logged on a
remote Windows Machine
#LoggedOnUsers(server, userRef).pl
use Win32::NetAdmin;
use strict;
use vars qw($server @users_list);
if(@ARGV>0){
$server=$ARGV[0];
}
else{
print "\n\nEnter a valid Hostname or IP Address : ";
chomp($server=<STDIN>); }
Win32::NetAdmin::LoggedOnUsers($server,[EMAIL PROTECTED]);
foreach(@users_list) {
print "\n$server -- $_";
}
This one gets the users logged in on a remote Windows machine , Is there a
similar way of finding / doing the same regardless of an OS, Can it be done
through a Web Browser ????
Any Clues ??
--Nikhil.
--- End Message ---
--- Begin Message ---
How do I turn on the Integrated Authentication turned on.
Ours is a mixed heterogenous network which has Windows,Linux,Solaris,BSD
Lindows,Linspire and many other OS all together,So How Do I?
-----Original Message-----
From: Gryffyn, Trevor [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 12, 2004 1:07 AM
To: [EMAIL PROTECTED]
Cc: John Holmes; Mulley, Nikhil
Subject: RE: [PHP] Is there any way of knowing User Currently Logged On?
It does and Windows Integrated Authentication has to be turned on (and
Anonymous access turned off).
I just got my company to configure that so my PHP scripts could grab the
authenticated user for logging purposes.
-TG
> -----Original Message-----
> From: John Holmes [mailto:[EMAIL PROTECTED]
> Sent: Monday, October 11, 2004 2:49 PM
> To: Mulley, Nikhil
> Cc: [EMAIL PROTECTED]
> Subject: Re: [PHP] Is there any way of knowing User Currently
> Logged On?
>
>
> Mulley, Nikhil wrote:
>
> > Is there any way of finding the current user logged on the
> remote system
>
> You can try $_SERVER['LOGON_USER'], but I think the "remote" computer
> has to be in the same domain as the server...
>
> --
>
> ---John Holmes...
>
> Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
>
> php|architect: The Magazine for PHP Professionals - www.phparch.com
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
--- Begin Message ---
Is there anyway of creating a config.php file on the fly using a form.
To obtain verbose output, include the keyword "how" at the beginning of
your query.
------------------------------------------------------
michal migurski- contact info, blog, and pgp key:
sf/ca http://mike.teczno.com/contact.html
--- End Message ---
--- Begin Message ---
I'm not sure table locking is the answer. I'm not talking about
concurrency
in the sense of 'simultaneous' updates and selects, but in the sense
of an
'open record edit session' that predictably will overwrite the value
of a
record that may have been changed, after the edit session began, but
before
the edit session is committed.
Martin Fowler's book, "Patterns of Enterprise Application Architecture"
(dull name, I know) has an excellent chapter which describes various
kinds of locks. The main applicable distinction in your case is whether
you want your lock to be Optimistic or Pessimistic, in other words - do
you expect that such conflicts will happen frequently, or no?
If you expect conflicts often, make your lock pessimistic: when user A
opens ups a record to edit, a flag gets set on the server which
prevents user B from modifying the same record. This form of locking is
also good when the change process is coarse, and losing edits would be
a major inconvenience. In the case of editing a wiki page, you don't
want user B to spend 20 minutes modifying a page, only to be told that
there's a conflict and they should try again later, wasting all that
work. You want them to know ahead of time. Your "beingedited" field in
the DB is an example of a pessimistic lock.
If you don't expect conflicts often, or the cost of a conflict is low,
make your lock optimistic: when user A and user B both have a record
open, the first one to commit wins, and the second one gets an error
message. This is an easy one to implement if you version your changes
in some way, perhaps by indicating which version a user started with at
commit time. CVS works this way, as does my wiki software of choice,
Tavi Wiki. For these applications, the cost of a conflict is high
(which would indicate that a pessimistic lock might be better), but
there is a clean method provided to resolve them when they come up.
------------------------------------------------------
michal migurski- contact info, blog, and pgp key:
sf/ca http://mike.teczno.com/contact.html
--- End Message ---
--- Begin Message ---
On Tue, 12 Oct 2004 02:41:10 +1000, Murray @ PlanetThoughtful
<[EMAIL PROTECTED]> wrote:
> User A finishes his or her page edit and commits the changes, but the
> underlying record was already changed by User B's page rename. User A's edit
> changes overwrite this update in the record in question, and now that record
> still shows 'old val' instead of 'new val', since that was what was in the
> content when User A began editing the page.
>
This is a bit of a quandary, but I've run into it before with multiple
developers working on the same source tree. I'm going to try to
translate my knowledge of that scenario to a web application.
I would have a timestamp in the database that contains the last time
the row was edited , which would be stored in a hidden field on the
edit page. On submit, compare the timestamp to the row you're editing
(find it by using the primary key, rather than content). If the
timestamp in the DB is newer than the edited content, you'll need to
force a content merge.
As for the merge: Display User A's content next to what is now in the
database (User B's edits). You'll also want the new timestamp in a
hidden field at this point. Allow User A to make changes to the final
content, trusting that they'll do the right thing. Then once you hit
save, compare the (new) timestamp to the one in the DB. If the
database has been edited yet again, do another merge. If not, save,
update the timestamp, and you're good to go.
That should handle the 'unfinished edit' problem. If the user takes a
day off, and wanted to continue with the same edit, they'll be
presented with the updated content at the end of the process, which
they can then work into their version.
How does that sound?
--- End Message ---
--- Begin Message ---
* Thus wrote lists:
> I"m kinda bummed, I tried to us it last night and discovered I could
> not use it because Pair Networks disables the ability, can't include
> either.
>
> from their newsletter:
>
> "Lately, the most common method of exploit has been to pass a variable
> to a PHP script which does not sufficiently check the variable's value.
> The variable is then used in a "require" or "include" statement, and
> the variable contents cause malicious code to be fetched from a remote
> location instead of from a local file, as the author intended. This
> type of exploit is easily blocked by setting the allow_fopen_url
> configuration value to "Off." We have recently adopted this change
> globally; if you have a script that requires the ability to open remote
> URLs, you can re-enable this functionality. Before doing so, please
> make sure you are checking all user-supplied data carefully."
Pair is only turning this off by default so users are aware of the
security implications. It looks like you still have the power to
turn it on if you wish.
Curt
--
Quoth the Raven, "Nevermore."
--- End Message ---
--- Begin Message ---
* Thus wrote Mag:
> I did look at the fopen option...but it just seemed a
> little longer and more complicated to do that plus
> according to this benchmark
> (http://force-elite.com/~chip/projects/php/benchmarks/file-vs-fgets/)
> using file_get_contents is upto 6 times faster (?) in
> some cases..
You certaintly dont want to do a file() on a 20MB file. There are
times when you'll want to use fopen vs file/file_get_contents.
file_get_contents will be much faster for a couple of reasons. for
one, getting the same results as file_get_contents you have to do
something like:
$string = implode("\n", file($file));
Another reson file_get_contents() will be faster is because it uses
(when available on the OS) a special memory allocation that is much
more efficiant, than other file reading tools.
Curt
--
Quoth the Raven, "Nevermore."
--- End Message ---
--- Begin Message ---
If you want to use older functions without upgrading your version of PHP,
try PHP_Compat.
Here's file_get_contents which is comparable in speed to the native version:
http://cvs.php.net/co.php/pear/PHP_Compat/Compat/Function/file_get_contents.php?r=1.19
Most information can be found at http://pear.php.net/php_compat
"Mag" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
>
> Hey,
>
>> On Mon, 11 Oct 2004 07:24:03 -0700 (PDT), Mag
>> <[EMAIL PROTECTED]> wrote:
>> > $url=file_get_contents("http://www.yahoo.com/";);
>> >
>> > The thing is, it takes quite some time (2-5 secs)
>> > before the contents are in my program (I am using
>> my
>> > local webserver on my desktop for testing...not a
>> > webserver)
>> >
>> > My questions are for you more experienced guys...
>> > is there anyway to 'quicken' the process or is
>> this
>> > normal?
>> > do you recommend anything other than
>> > file_get_contents() ?
>> > and lastly, is this a resource intensive hog?
>
>
>
>> The 2-5 seconds is most likely a DNS lookup. You
>> can speed it up by
>> using a local caching DNS server or the IP address,
>> or possibly a DNS
>> server under less load.
>
>
> Thats kind of what I thought, but wanted to confirm.
>
>
>> file_get_contents() is fairly new and and therefore
>> not very backwards
>> compatible with older PHP installs as a result.
>> It's handy and all,
>> but I found our production servers were running a
>> PHP too old to use
>> it one day last week when I tried.
>
> Interesting, so what is more backwards compatable? or
> to put it in another way, what did you change on your
> servers so that your app worked without
> file_get_contents?
>
> Thanks,
> Mag
>
> =====
> ------
> - The faulty interface lies between the chair and the keyboard.
> - Creativity is great, but plagiarism is faster!
> - Smile, everyone loves a moron. :-)
>
>
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Mail Address AutoComplete - You start. We finish.
> http://promotions.yahoo.com/new_mail
--- End Message ---
--- Begin Message ---
* Thus wrote [EMAIL PROTECTED]:
>
> <Form Action="getfile1.php" Method="POST" Enctype="multipart/form-data">
>
> <Input Type="File" Name="upfile" ><p>
> <Input Type="Submit" value="Send">
> </Form>
>
> getfile1.php
> ...
>
> copy($upfile, "/tmp/$upfile_name");
> ?>
Also use move_uploaded_file() instead.
http://php.net/move_uploaded_file
Curt
--
Quoth the Raven, "Nevermore."
--- End Message ---
--- Begin Message ---
* Thus wrote Mag:
> Hey!
> Am having a little problem working out the logic in
> this, basically I pass a graphics path to a function
> and it should give/retrun me the URL path.
>
> <?php
> $url='http://x.com/t1/t2/t3/blah.html';
>
> function ret_url($rel_path)
> { }
>
> ?>
>
> so I pass a relitive url like this
> $a=ret_url('/blah.jpg';)
>...
>
> /blah.jpg // should return http://x.com/blah.jpg
>
> /imgs/blah.jpg // return http://x.com/imgs/ blah.jpg
Basic concating a file:
return $base_url . $rel_path;
>
> imgs/blah.jpg //return
> http://x.com/t1/t2/t3/imgs/blah.jpg
ensure first char is absolute:
if ($rel_path{0} != '/') {
$rel_path = '/' . $rel_path;
}
>
> ../imgs/blah.jpg // etc
>
> /../imgs/blah.jpg //etc
I tend to use str_replace to remove this.
/* remove .. and translate // to / */
$rel_path = str_replace(array('..', '//', array('', '/'), $rel_path);
>
> http://some-site-blah.com/imgs/blah.jpg // return the
> same url
check for http://
if(substr($rel_path, 0, 6) == 'http://') )
return $rel_path;
Put those all together and you'll have your function.
Curt
--
Quoth the Raven, "Nevermore."
--- End Message ---
--- Begin Message ---
On Mon, 11 Oct 2004 15:20:11 -0400, Scott Hamm <[EMAIL PROTECTED]> wrote:
> I know it's impossible, but is there a way php can read something from excel
> file?
>
If you really believe it's impossible, why ask the question? :)
Start with the first link here, and work your way down. Thankfully,
you aren't the first person to try to do the impossible.
http://www.google.com/search?q=PHP+read+excel
--- End Message ---
--- Begin Message ---
Hi,
I wrote this to the list a little while back and have
been working on it...i have come 95% of the way but
for some reason cant work the other 5% out...can
somebody help please?
Basically I need to figure out the URL or a image from
a relitive path...something like this:
/blah.jpg // should return http://x.com/blah.jpg
/imgs/blah.jpg // return http://x.com/imgs/ blah.jpg
imgs/blah.jpg //return
http://x.com/t1/t2/t3/imgs/blah.jpg
../imgs/blah.jpg // etc
/../imgs/blah.jpg //etc
http://some-site-blah.com/imgs/blah.jpg // return the
same url
running the below code will show you how far i have
come and how only 2 examples are not working for some
damn reason.
********************* code start **************
<?php
$url='http://www.textx.com/t1/t2/t3/blah.html';
function ret_url($rel_path, $base = '')
{
$base_path = substr($base, 0, strpos($base, '/',7));
if(substr($rel_path,0,1)=='/' &&
!strpos($rel_path,'/../'))
{ return $base_path.$rel_path; }
elseif(strpos($rel_path,'://') > 0)
{ return $rel_path; }
else { return
collapse(dirname($base).'/'.$rel_path); }
return $rel_path;
}
/* this function removes the /../ parts */
function collapse($path)
{
while(strpos($path,'/../') !== false)
{$p2 = ereg_replace('/([^/]*)/\.\./','/',$path);
if($p2==$path)
break;
$path = $p2;
}
return $path;
}
$uris = array();
$uris[] = '/blah.jpg';
$uris[] ='/imgs/blah.jpg';
$uris[] ='imgs/blah.jpg';
$uris[] ='../imgs/blah.jpg';
$uris[] ='/../imgs/blah.jpg'; // ## not working ##
$uris[] ='/../../imgs/blah.jpg'; // ## not working ##
$uris[] ='http://some-site-blah.com/imgs/blah.jpg';
echo '<table border=1>';
foreach($uris as $uri)
{
echo '<tr><td>'.htmlspecialchars($uri).'</
td><td>'.htmlspecialchars(ret_url($uri,$url)).'</td></tr>';
}
echo '</table>';
?>
******************* code end ***************
Thanks,
Mag
=====
------
- The faulty interface lies between the chair and the keyboard.
- Creativity is great, but plagiarism is faster!
- Smile, everyone loves a moron. :-)
_______________________________
Do you Yahoo!?
Express yourself with Y! Messenger! Free. Download now.
http://messenger.yahoo.com
--- End Message ---
--- Begin Message ---
> <?php
>
> $url='http://www.textx.com/t1/t2/t3/blah.html';
>
> function ret_url($rel_path, $base = '')
> {
> $base_path = substr($base, 0, strpos($base, '/',7));
>
> if(substr($rel_path,0,1)=='/' &&
> !strpos($rel_path,'/../'))
> { return $base_path.$rel_path; }
>
> elseif(strpos($rel_path,'://') > 0)
> { return $rel_path; }
>
> else { return
> collapse(dirname($base).'/'.$rel_path); }
>
> return $rel_path;
> }
>
> /* this function removes the /../ parts */
> function collapse($path)
> {
>
> while(strpos($path,'/../') !== false)
> {$p2 = ereg_replace('/([^/]*)/\.\./','/',$path);
> if($p2==$path)
> break;
> $path = $p2;
> }
>
> return $path;
> }
>
> $uris = array();
> $uris[] = '/blah.jpg';
> $uris[] ='/imgs/blah.jpg';
> $uris[] ='imgs/blah.jpg';
> $uris[] ='../imgs/blah.jpg';
> $uris[] ='/../imgs/blah.jpg'; // ## not working ##
> $uris[] ='/../../imgs/blah.jpg'; // ## not working ##
> $uris[] ='http://some-site-blah.com/imgs/blah.jpg';
>
> echo '<table border=1>';
> foreach($uris as $uri)
> {
> echo '<tr><td>'.htmlspecialchars($uri).'</
> td><td>'.htmlspecialchars(ret_url($uri,$url)).'</td></tr>';
> }
> echo '</table>';
> ?>
try this:
function ret_url($rel_path, $base = '')
{
$base_path = substr($base, 0, strpos($base, '/',7));
if(substr($rel_path,0,1)=='/' && strpos($rel_path,'/../') === false)
{ return $base_path.$rel_path; }
elseif(strpos($rel_path,'://') > 0)
{ return $rel_path; }
else { return
collapse(dirname($base).'/'.$rel_path); }
return $rel_path;
}
--- End Message ---
--- Begin Message ---
Hey Matt,
Thanks for replying.
> > <?php
> >
> > $url='http://www.textx.com/t1/t2/t3/blah.html';
> >
> > function ret_url($rel_path, $base = '')
> > {
> > $base_path = substr($base, 0, strpos($base,
> '/',7));
> >
> > if(substr($rel_path,0,1)=='/' &&
> > !strpos($rel_path,'/../'))
> > { return $base_path.$rel_path; }
> >
> > elseif(strpos($rel_path,'://') > 0)
> > { return $rel_path; }
> >
> > else { return
> > collapse(dirname($base).'/'.$rel_path); }
> >
> > return $rel_path;
> > }
> >
> > /* this function removes the /../ parts */
> > function collapse($path)
> > {
> >
> > while(strpos($path,'/../') !== false)
> > {$p2 = ereg_replace('/([^/]*)/\.\./','/',$path);
> > if($p2==$path)
> > break;
> > $path = $p2;
> > }
> >
> > return $path;
> > }
> >
> > $uris = array();
> > $uris[] = '/blah.jpg';
> > $uris[] ='/imgs/blah.jpg';
> > $uris[] ='imgs/blah.jpg';
> > $uris[] ='../imgs/blah.jpg';
> > $uris[] ='/../imgs/blah.jpg'; // ## not working
> ##
> > $uris[] ='/../../imgs/blah.jpg'; // ## not working
> ##
> > $uris[]
> ='http://some-site-blah.com/imgs/blah.jpg';
> >
> > echo '<table border=1>';
> > foreach($uris as $uri)
> > {
> > echo '<tr><td>'.htmlspecialchars($uri).'</
> >
>
td><td>'.htmlspecialchars(ret_url($uri,$url)).'</td></tr>';
> > }
> > echo '</table>';
> > ?>
> try this:
>
> function ret_url($rel_path, $base = '')
> {
> $base_path = substr($base, 0, strpos($base, '/',7));
>
> if(substr($rel_path,0,1)=='/' &&
> strpos($rel_path,'/../') === false)
> { return $base_path.$rel_path; }
>
> elseif(strpos($rel_path,'://') > 0)
> { return $rel_path; }
>
> else { return
> collapse(dirname($base).'/'.$rel_path); }
>
> return $rel_path;
> }
Close, but its not giving the correct paths.
eg:
/../imgs/blah.jpg should return
http://www.textx.com/t1/t2/imgs/blah.jpg
but its returning:
http://www.textx.com/t1/t2/t3/imgs/blah.jpg
and this: /../../imgs/blah.jpg
should return: http://www.textx.com/t1/imgs/blah.jpg
but its returning:
http://www.textx.com/t1/t2/imgs/blah.jpg
in both cases one extra level directory :-(
Any ideas?
Thanks,
Mag
=====
------
- The faulty interface lies between the chair and the keyboard.
- Creativity is great, but plagiarism is faster!
- Smile, everyone loves a moron. :-)
_______________________________
Do you Yahoo!?
Declare Yourself - Register online to vote today!
http://vote.yahoo.com
--- End Message ---
--- Begin Message ---
Can someone tell me the proper syntax for accessing a method in
one class from another class?
I used this, where $obj and $page are instantiated objects:
(From the $page class)
obj::getData($id);
It worked in an application on one server, failed in another
application on another server.
Thanks,
Sandy Keathley
--- End Message ---
--- Begin Message ---
* Sandy Keathley <[EMAIL PROTECTED]>:
> Can someone tell me the proper syntax for accessing a method in
> one class from another class?
>
> I used this, where $obj and $page are instantiated objects:
>
> (From the $page class)
>
> obj::getData($id);
if $obj is instantiated, you'd call it like any other method:
$obj->getData($id);
if 'obj' is the NAME of a class, and getData is the name of a STATIC
METHOD, obj::getData($id) would work fine. If 'obj' is a PROPERTY of the
page class that happens to be an object, $page->obj->getData($id) would
likely work.
> It worked in an application on one server, failed in another
> application on another server.
Please give some more details of your code -- the context in which the
call is being made would be helpful.
--
Matthew Weier O'Phinney | mailto:[EMAIL PROTECTED]
Webmaster and IT Specialist | http://www.garden.org
National Gardening Association | http://www.kidsgardening.com
802-863-5251 x156 | http://nationalgardenmonth.org
--- End Message ---
--- Begin Message ---
I'm writing a little script (my 3rd) that takes name (first, last) and
email address
and writes it to txt file and submits the email address to an EZMLM
list server.
All is well but I'm not sure where to go for the submission.
The command line - ezmlm-sub works (from the shell)... if the user is
root or vpopmail.
Is there a safe way to run the shell command via a php script?
Or can someone suggest another way to submit an address to ezmlm.
Thanks!
Mark
--- End Message ---
--- Begin Message ---
On Tuesday 12 October 2004 08:29, Mark Hubert wrote:
> I'm writing a little script (my 3rd) that takes name (first, last) and
> email address
> and writes it to txt file and submits the email address to an EZMLM
> list server.
>
> All is well but I'm not sure where to go for the submission.
>
> The command line - ezmlm-sub works (from the shell)... if the user is
> root or vpopmail.
>
> Is there a safe way to run the shell command via a php script?
> Or can someone suggest another way to submit an address to ezmlm.
You can enable remote administration then have php send mail to:
[EMAIL PROTECTED]
This will subscribe [EMAIL PROTECTED] to the list
[EMAIL PROTECTED]
Make sure you use the 5th parameter in mail() to specify the remote
admin/moderators email address.
NB if you do not allow any other methods of subscribing to the list you may
want to disable subscription moderation so the remote admin don't have to
confirm each subscription request.
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
------------------------------------------
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
------------------------------------------
/*
The two things that can get you into trouble quicker than anything else
are fast women and slow horses.
*/
--- End Message ---
--- Begin Message ---
Hi Mark,
I'm writing a little script (my 3rd) that takes name (first, last)
and email address
and writes it to txt file and submits the email address to an EZMLM
list server.
All is well but I'm not sure where to go for the submission.
The command line - ezmlm-sub works (from the shell)... if the user is
root or vpopmail.
Is there a safe way to run the shell command via a php script?
Or can someone suggest another way to submit an address to ezmlm.
You can make use of the public interface to ezmlm-sub by sending an
email to <listname>[EMAIL PROTECTED]
You'll need to set the 'From:' header of your emails to the address of
your subscriber.
You can find information on the mail() function at
http://www.php.net/mail
James McGlinn
Project Manager
BCom, BSc, Zend Certified Engineer (PHP)
Servers.co.nz Ltd
68 Shortland St, Auckland PO Box 3688 Shortland St, Auckland, New
Zealand
Phone: 0800 4 SERVERS Fax: +64 9 358 5187
--- End Message ---
--- Begin Message ---
Hello,
On 10/11/2004 09:29 PM, Mark Hubert wrote:
> I'm writing a little script (my 3rd) that takes name (first, last) and
> email address
> and writes it to txt file and submits the email address to an EZMLM list
> server.
>
> All is well but I'm not sure where to go for the submission.
>
> The command line - ezmlm-sub works (from the shell)... if the user is
> root or vpopmail.
>
> Is there a safe way to run the shell command via a php script?
> Or can someone suggest another way to submit an address to ezmlm.
You may want to try this ezmlm management PHP class. It provides
functions for subscribing, unsubscribing, counting subscribers and
verify whether a subscriber is present in a list. It even provides a Web
user interface and SOAP interface for remote list manipulation, but I
guess you do not need that part.
http://www.phpclasses.org/ezmlmmanager
--
Regards,
Manuel Lemos
PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/
PHP Reviews - Reviews of PHP books and other products
http://www.phpclasses.org/reviews/
Metastorage - Data object relational mapping layer generator
http://www.meta-language.net/metastorage.html
--- End Message ---
--- Begin Message ---
Re: "Does it _really_ matter if only a number is passed? "
I would think so since if someone is trying to pass a string that is
not proper it should be treated as such and not as if they are just
take the first set of numbers and Throw away all the rest.
Maybe I am over thinking this or I am being paranoid....
I am trying to make this work good and hope to design it to be
secure since this is my first PHP endevor....
Thanks
G
On Mon, 11 Oct 2004 14:02:08 -0400, John Holmes
<[EMAIL PROTECTED]> wrote:
> GH wrote:
>
> > How can I convert it to an integer aslong as it is only a number in the string?
>
> Does it _really_ matter if only a number is passed? If someone passes
> "abcd" and it's converted to an integer, it'll be zero. Then your query
> will not return any rows (which you're already testing for, anyhow,
> right?) and be handled accordingly. Who cares if they pass "104abcd"?
> It'll just be converted to 104 and see if a matching record exists.
>
> I think you're getting caught up in too many tests. If you're expecting
> an integer, MAKE it an integer, then run your query. 99.9% of your
> values are going to come through correct if they are coming from your
> program, right? Just silently ignore the rest because it's someone
> screwing around.
>
> If, however, you _really_ want to ensure $_GET['api'] is _only_ numbers,
> then you can use
>
> if(!isset($_GET['api']) || preg_match('/[^0-9]/',$_GET['api']))
> { echo 'API is not all numbers'; }
>
> or
>
> if(isset($_GET['api']) && preg_match('/^[0-9]+$/',$_GET['api']))
> { echo 'API is a number only'; }
>
>
>
> --
>
> ---John Holmes...
>
> Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
>
> php|architect: The Magazine for PHP Professionals â www.phparch.com
>
>
--- End Message ---
--- Begin Message ---
As far as checking to see if it's a number, note that you can get the
following
"10" = string that contains 10
10 = integer that contains 10.
You can verify that a variable contains numbers or numeric data by using
if (is_numeric($variable))
{
$variable is either a number variable or a string containing only
numeric data
}
HTH
-Minuk
----- Original Message -----
From: "GH" <[EMAIL PROTECTED]>
To: "John Holmes" <[EMAIL PROTECTED]>
Cc: "GH" <[EMAIL PROTECTED]>; "PHP General" <[EMAIL PROTECTED]>
Sent: Tuesday, October 12, 2004 12:00 AM
Subject: Re: [PHP] Lost in PHP (part 1) ---- Sequle to Lost in Query
Re: "Does it _really_ matter if only a number is passed? "
I would think so since if someone is trying to pass a string that is
not proper it should be treated as such and not as if they are just
take the first set of numbers and Throw away all the rest.
Maybe I am over thinking this or I am being paranoid....
I am trying to make this work good and hope to design it to be
secure since this is my first PHP endevor....
Thanks
G
On Mon, 11 Oct 2004 14:02:08 -0400, John Holmes
<[EMAIL PROTECTED]> wrote:
GH wrote:
> How can I convert it to an integer aslong as it is only a number in the
> string?
Does it _really_ matter if only a number is passed? If someone passes
"abcd" and it's converted to an integer, it'll be zero. Then your query
will not return any rows (which you're already testing for, anyhow,
right?) and be handled accordingly. Who cares if they pass "104abcd"?
It'll just be converted to 104 and see if a matching record exists.
I think you're getting caught up in too many tests. If you're expecting
an integer, MAKE it an integer, then run your query. 99.9% of your
values are going to come through correct if they are coming from your
program, right? Just silently ignore the rest because it's someone
screwing around.
If, however, you _really_ want to ensure $_GET['api'] is _only_ numbers,
then you can use
if(!isset($_GET['api']) || preg_match('/[^0-9]/',$_GET['api']))
{ echo 'API is not all numbers'; }
or
if(isset($_GET['api']) && preg_match('/^[0-9]+$/',$_GET['api']))
{ echo 'API is a number only'; }
--
---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals â www.phparch.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
