php-general Digest 6 Mar 2005 16:26:48 -0000 Issue 3322
Topics (messages 210079 through 210097):
unexplainable - page generation time class
210079 by: James Williams
210082 by: Ian Firla
warning & question about mysql sessions & concurrency
210080 by: Josh Whiting
210095 by: Chris Smith
210097 by: Josh Whiting
Re: php 4 & php 5
210081 by: Rasmus Lerdorf
Passwords?
210083 by: rory walsh
210084 by: YaronKh.clalit.org.il
210085 by: AdamT
210086 by: Jochem Maas
210089 by: rory walsh
210090 by: Jason Wong
check to see if a string contains sudden elements
210087 by: Reinhart Viane
210088 by: M. Sokolewicz
210092 by: Reinhart Viane
Re: How can i calculate total process time?
210091 by: Eli
'Insulate' db connection
210093 by: Andre Dubuc
Help with dates
210094 by: Kevin
Re: cache engine
210096 by: Chris Smith
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
php-general@lists.php.net
----------------------------------------------------------------------
--- Begin Message ---
Howdy! I've made a class which simply determines the page generation
time of a php script... After pretty much an hour of straight examining
the code and trying tons of different things, no good has come of it,
however I can't find an error... anywhere.
<?php
class page_gen {
//
// PRIVATE - DO NOT MODIFY
//
var $cls_start_time;
var $cls_stop_time;
var $cls_gen_time;
//
// FIGURE OUT THE TIME AT THE BEGINNING OF THE PAGE
//
function start() {
$microstart = explode(' ',microtime());
$this->cls_start_time = $microstart[0] + $microstart[1];
}
//
// FIGURE OUT THE TIME AT THE END OF THE PAGE
//
function stop() {
$microstop = explode(' ',microtime());
$this->cls_stop_time = $microstop[0] + $microstop[1];
}
//
// CALCULATE THE DIFFERENCE BETWEEN THE BEGINNNG AND THE END AND
COLOR CODE THE RESULT
//
function gen() {
$this->cls_gen_time = $this->cls_stop_time -
$this->cls_start_time;
return $this->cls_gen_time;
}
}
?>
What happens is it simply returns the $this->cls_start_time variable.
Both the start() and stop() functions work fine because to test them I
put print commands at the end and they both returned proper results, the
error appears to be in the line where I minus the start time from the
end time. It simply returns a negative start time instead of minusing
the two.
I tried changing the minus to a plus for testing sake and it just took
out the negative. Does anybody have any idea what is going on here?
Thanks-you
--- End Message ---
--- Begin Message ---
I think the problem is how, when and where you're calling things.
Basically, your code is fine. I modified it slightly and get the correct
output. This could still be cleaned up and optimised significantly;
however, I think you can take it from here:
Your Class:
<?php
class page_gen {
//
// PRIVATE - DO NOT MODIFY
//
var $cls_start_time;
var $cls_stop_time;
var $cls_gen_time;
//
// FIGURE OUT THE TIME AT THE BEGINNING OF THE PAGE
//
function start() {
$microstart = explode(' ',microtime());
$this->cls_start_time = $microstart[0] + $microstart[1];
return $this->cls_start_time;
}
//
// FIGURE OUT THE TIME AT THE END OF THE PAGE
//
function stop() {
$microstop = explode(' ',microtime());
$this->cls_stop_time = $microstop[0] + $microstop[1];
return $this->cls_stop_time;
}
//
// CALCULATE THE DIFFERENCE BETWEEN THE BEGINNNG AND THE END AND
COLOR CODE THE RESULT
//
function gen($start, $stop) {
$this->cls_gen_time = $stop - $start;
return $this->cls_gen_time;
}
}
?>
index php that calls it:
<?PHP
require_once("timer.php");
$page_gen = new page_gen;
$start=$page_gen->start();
sleep(2);
$stop=$page_gen->stop();
echo("start/stop: $start $stop<br><br>");
$gentime=$page_gen->gen($start, $stop);
echo "generation time: ". $gentime;
?>
Output:
start/stop: 1110096261.12 1110096263.13
generation time: 2.00168681145
All the best,
Ian
---
Ian Firla Consulting
http://ianfirla.com
On Sat, 2005-03-05 at 22:04 -0700, James Williams wrote:
> Howdy! I've made a class which simply determines the page generation
> time of a php script... After pretty much an hour of straight examining
> the code and trying tons of different things, no good has come of it,
> however I can't find an error... anywhere.
>
> <?php
> class page_gen {
> //
> // PRIVATE - DO NOT MODIFY
> //
> var $cls_start_time;
> var $cls_stop_time;
> var $cls_gen_time;
>
> //
> // FIGURE OUT THE TIME AT THE BEGINNING OF THE PAGE
> //
> function start() {
> $microstart = explode(' ',microtime());
> $this->cls_start_time = $microstart[0] + $microstart[1];
> }
>
> //
> // FIGURE OUT THE TIME AT THE END OF THE PAGE
> //
> function stop() {
> $microstop = explode(' ',microtime());
> $this->cls_stop_time = $microstop[0] + $microstop[1];
> }
>
> //
> // CALCULATE THE DIFFERENCE BETWEEN THE BEGINNNG AND THE END AND
> COLOR CODE THE RESULT
> //
> function gen() {
> $this->cls_gen_time = $this->cls_stop_time -
> $this->cls_start_time;
> return $this->cls_gen_time;
> }
> }
> ?>
>
> What happens is it simply returns the $this->cls_start_time variable.
>
> Both the start() and stop() functions work fine because to test them I
> put print commands at the end and they both returned proper results, the
> error appears to be in the line where I minus the start time from the
> end time. It simply returns a negative start time instead of minusing
> the two.
>
> I tried changing the minus to a plus for testing sake and it just took
> out the negative. Does anybody have any idea what is going on here?
> Thanks-you
>
--- End Message ---
--- Begin Message ---
I've been trying to switch to MySQL-based session storage instead of the
native PHP session storage. In doing so, I've run into a lot of code on
the web that exhibits a serious flaw regarding concurrent requests from
the same client. All the code I've seen has glossed over the need to
lock the session for the duration of the request, e.g. not allow
concurrent requests to use it until it has finished. PHP's native
session handler correctly does this, but lots of MySQL-driven session
code does not.
Example timeline:
1. client sends a request
2. session data is loaded from the db
3. same client sends a request before the first one is finished (e.g.
frames, tabbed browsing, slow server response times, etc)
4. session data is again loaded from the db
5. the first request changes some values in $_SESSION
6. the second request changes some values in $_SESSION
7. the first request writes the data to the db and exits
8. the second request writes it's data (over that written by the first
request) and exits
PHP's native handler solves this problem by forcing concurrent requests
to wait for each other. The same thing needs to happen in a
database-driven session handler.
SO, does anyone have some code that uses MySQL to replace PHP's native
session storage that also correctly handles this concurrency problem?
Ideally I'd like to see just a set of functions that can be used with
sessions_set_save_handler() to transparently shift PHP's sessions to a
database, but I'm not going to use the stuff I've found on the web or
even in books (appendix D of O'Reilly's Web Database Applications with
PHP & MySQL publishes code with this problem).
Folks using database sessions who do not deal with this scenario be
warned! I'm surprised so much bad code is going around for this task...
Many thanks in advance,
Josh Whiting
--- End Message ---
--- Begin Message ---
Josh Whiting wrote:
I've been trying to switch to MySQL-based session storage instead of the
native PHP session storage. In doing so, I've run into a lot of code on
the web that exhibits a serious flaw regarding concurrent requests from
the same client. All the code I've seen has glossed over the need to
lock the session for the duration of the request, e.g. not allow
concurrent requests to use it until it has finished. PHP's native
session handler correctly does this, but lots of MySQL-driven session
code does not.
Neither do.
Example timeline:
1. client sends a request
2. session data is loaded from the db
3. same client sends a request before the first one is finished (e.g.
frames, tabbed browsing, slow server response times, etc)
4. session data is again loaded from the db
5. the first request changes some values in $_SESSION
6. the second request changes some values in $_SESSION
7. the first request writes the data to the db and exits
8. the second request writes it's data (over that written by the first
request) and exits
PHP's native handler solves this problem by forcing concurrent requests
to wait for each other. The same thing needs to happen in a
database-driven session handler.
No request should be blocking (i.e. wait for concurrent processes to
execute). This implies a poor understanding of transactional processing
from both yourself and PHP!
SO, does anyone have some code that uses MySQL to replace PHP's native
session storage that also correctly handles this concurrency problem?
Ideally I'd like to see just a set of functions that can be used with
sessions_set_save_handler() to transparently shift PHP's sessions to a
database, but I'm not going to use the stuff I've found on the web or
even in books (appendix D of O'Reilly's Web Database Applications with
PHP & MySQL publishes code with this problem).
Forget it - rethink how your application is architected.
Folks using database sessions who do not deal with this scenario be
warned! I'm surprised so much bad code is going around for this task...
Agree.
Some guidelines, from my experience of developing time-critical
transactional systems in .Net (100 transactions/second type load).
- You usually only store some kind of identification for a user in the
session - no other data. doing otherwise is dangerous as there are
multiple copies of data floating around uncontrolled. A session-id is
enough information to store. Don't use the session for storing data
willy nilly - it is for identifying the session only - nothing else.
Can't say that enough. Don't use it for shortcutting code.
- If you want a proper transactional system, there are two ways to
handle concurrency:
1. Block until the transaction is committed - no good for performance
and scalability as you spend more time waiting than doing.
2. Fail commit on change. A sample solution: For each row, add an INT
which is incremented every time the data is updated (or use TIMESTAMP in
MySQL if you have to use it). Read the value with the data and send it
every time the data is saved. If the value is the same when it is
recieved, then consistency can be guaranteed so update the row, else
rollback the transaction (and tell the user someone else changed it
before them - reload the view and give them an opportunity to update it
again). This requires a good understanding of the DBMS you are using
and the principles around ACID compliant databases.
I'd personally recomment PostgreSQL over MySQL as MySQL is not truly
atomic and can't do transactions database-side (no server-side
programming) which makes it about as scalable as a brick. Small
updates/reads yeah but nothing much more complicated.
Personally, no-one in the PHP/MySQL arena tends to understand these
concepts as the two technologies are rarely used for pushing data around
on big systems (this is generally Java/Postgres' domain).
I ONLY use PHP/MySQL for knocking up quick web apps to fart out content
- nothing serious because it's simply not suited.
Cheers,
Chris Smith
Ninja Labs
http://www.ninjalabs.co.uk/
--- End Message ---
--- Begin Message ---
On Sun, Mar 06, 2005 at 02:27:53PM +0000, Chris Smith wrote:
> Josh Whiting wrote:
> >I've been trying to switch to MySQL-based session storage instead of the
> >native PHP session storage. In doing so, I've run into a lot of code on
> >the web that exhibits a serious flaw regarding concurrent requests from
> >the same client. All the code I've seen has glossed over the need to
> >lock the session for the duration of the request, e.g. not allow
> >concurrent requests to use it until it has finished. PHP's native
> >session handler correctly does this, but lots of MySQL-driven session
> >code does not.
>
> Neither do.
PHP absolutely does. Take the following code:
<?
session_start();
if (!isset($_SESSION['count'])) $_SESSION['count'] = 0;
$_SESSION['count'] = $_SESSION['count'] + 1;
sleep(5);
echo "<html><body><h1>Current count:";
echo $_SESSION['count'];
echo "</h1></body></html>";
?>
Open up two browser windows/tabs and load this page in both, try to make
both pages load at the same time. Notice the second request takes 10
seconds while the first takes 5. That's because the second one is
really, actually, indeed WAITING for the first one to finish. (You may
have to do a first initial request before trying this to get the cookie
set.) This also is not a side effect of web server processes,
threading, etc., it's really waiting until the session lock is released.
> No request should be blocking (i.e. wait for concurrent processes to
> execute). This implies a poor understanding of transactional processing
> from both yourself and PHP!
On the contrary, when dealing with a session store (in PHP, which AFAIK
always writes the session and the end of the request), it's very
important for serial access instead of concurrent.
Take the following sql from two MySQL clients:
client 1: start transaction;
client 2: start transaction;
client 1: select * from mytable where id=1 FOR UPDATE;
# i.e. "give me the data from the row with a write lock"
client 2: select * from mytable where id=1 FOR UPDATE;
...
client 2 is going to have to sit there and wait until client 1 commits
or rolls back. that's how it should work with the session store. each
PHP request should acquire a "write lock" on the session so no other
request can even *read* the data until the original request is done.
> - You usually only store some kind of identification for a user in the
> session - no other data. doing otherwise is dangerous as there are
> multiple copies of data floating around uncontrolled. A session-id is
> enough information to store. Don't use the session for storing data
> willy nilly - it is for identifying the session only - nothing else.
> Can't say that enough. Don't use it for shortcutting code.
there is no point to storing only a session id in a session store. the
session id is already in the cookie or querystring. what's the point of
a session, then? tell me how you store a user's login status, a user's
shopping cart contents, etc. - that is the place i call the "session
store" and that is the thing that needs to block concurrent
(write) requests, whatever you want to call it...
> - If you want a proper transactional system, there are two ways to
> handle concurrency:
[snip]
> Personally, no-one in the PHP/MySQL arena tends to understand these
> concepts as the two technologies are rarely used for pushing data around
> on big systems (this is generally Java/Postgres' domain).
i understand your explanations. in the case of session concurrency, if
you're using a fail commit on change and are also using frames with
PHP's session design, you're site just isn't going to work.
one frame will appear and the rest will say "sorry, some other process
got to the data first". instead, each frame request has to wait for
each other to finish, which is how PHP's native session handler does it.
> I ONLY use PHP/MySQL for knocking up quick web apps to fart out content
> - nothing serious because it's simply not suited.
Have you checked out InnoDB? Row level locking, transactions, etc etc.
Not as fully featured, agreed, but all the critical stuff is there.
MySQL isn't the same as it was a few years ago.
/jw
--- End Message ---
--- Begin Message ---
Richard Lynch wrote:
timothy johnson wrote:
Is there a way to install two version of php on the same machine, and
use them for two different users?
Option 1:
Install two copies of Apache, with different httpd.conf files, on two
different ports.
Somebody gets stuck using http://example.com:81 (or any port but 80) but
this gives everything you asked for.
Option 2:
Use --enable-versioning while compiling PHP. This definitely allowed for
PHP3 and PHP4 and *might* allow for 4&5... Or not. RTFM
But you won't get different Users.
Option 3:
Install at least one of the two as CGI (fastCGI, whatever), and use a
different extension (.php4 or .php5) or use other means (ForceType,
AddHandler, AddType, etc) to change which is used on a per directory
basis. Use suexec, if you UNDERSTAND THE RAMIFICATIONS to alter the user
of the CGI process. Mis-use of suexec is incredibly dangerous. YMMV
NAIAA IANAL
The CGI usage will lose some minimal functionality. HTTP Authentication
springs to mind, but there are 3 or 4 functions/features that just plain
won't work in CGI. RTFM
Option 4:
In terms of expenses/headaches, you will probably be better off just
buying a second machine. Problem solved.
Running 2 Apache instances is by far the easiest solution. And to make
it invisible to the end user you can ProxyPass connections from your
port 80 server to your port 81 or whatever port you put it on. For
example, I have a test app giving PHP 5.1 and the Yahoo Web Services a
workout on a server that also has a bunch of PHP4 stuff.
The URL is: http://buzz.progphp.com
This is actually being served off of a port 81 server. The port 80 conf
file has this entry in the buzz vhost:
ProxyPass / http://buzz.progphp.com:81/
Then in the port 81 server I just have a standard vhost config for buzz
listening on port 81.
If you go to the HTTP Headers block of:
http://buzz.progphp.com/info.php
You can see that you end up with:
Host: buzz.progphp.com:81
Via: 1.1 buzz.progphp.com (Apache/1.3.33)
X-Forwarded-For: 24.6.1.160
X-Forwarded-Host: buzz.progphp.com
X-Forwarded-Server: buzz.progphp.com
So the only thing you may need to change in an application running
behind ProxyPass is if you have $_SERVER["REMOTE_ADDR"] somewhere.
Change that to use $_SERVER["HTTP_X_FORWARDED_FOR"] instead.
-Rasmus
--- End Message ---
--- Begin Message ---
I want to create a simple as possible password script, how secure is it
to have the password actually appear in the script? I only need one
password so I thought that this would be more straightforward than
having a file which contains the password. I am not using any database.
Actually this leads me to another question, is there anyway people can
view your script without having access to your server that is? Cheers,
Rory.
--- End Message ---
--- Begin Message ---
Hi Rory
You can use crypt to encode a password, let say you want the password to be
"my password", create a new php file :
echo crypt("my password");
then you get a unique encoded string something like 'ABC12Fdfi654sdfkfpr67UPL'
copy it and delete the php file
in your password validation file write :
$enc_pass = 'ABC12Fdfi654sdfkfpr67UPL';
if (@crypt($_POST['pass'], $enc_pass) == $enc_pass)
/* password is o.k. */
Now even if someone will see the php script he won't knew your password
Hope I've helped
yaron
-----Original Message-----
From: rory walsh [mailto:[EMAIL PROTECTED]
Sent: Sunday, March 06, 2005 1:35 PM
To: php-general@lists.php.net
Subject: [PHP] Passwords?
I want to create a simple as possible password script, how secure is it
to have the password actually appear in the script? I only need one
password so I thought that this would be more straightforward than
having a file which contains the password. I am not using any database.
Actually this leads me to another question, is there anyway people can
view your script without having access to your server that is? Cheers,
Rory.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
On Sun, 06 Mar 2005 11:34:39 +0000, rory walsh <[EMAIL PROTECTED]> wrote:
> I want to create a simple as possible password script, how secure is it
> to have the password actually appear in the script? I only need one
> password so I thought that this would be more straightforward than
> having a file which contains the password. I am not using any database.
> Actually this leads me to another question, is there anyway people can
> view your script without having access to your server that is? Cheers,
> Rory.
>
If the password is stored in between the <? and ?> tags, then it
shouldn't get sent to the browser unless you specifically send it
there. However, there are sometimes security problems in web servers,
which would mean that attackers were able to see the source of your
script, and therefore the password. For example: files called .php
might get processed properly, but if the attacker requests
filename.PHP, it might just send him the file in plain text.
Best thing is to use 'include' or 'require' to get the password from
another file which doesn't sit on a part of the filesystem that's
accessible over the web. Or, you could password-protect the script
you're including with .htpasswd / .htaccess protection.
--
AdamT
"Justify my text? I'm sorry, but it has no excuse."
--- End Message ---
--- Begin Message ---
[EMAIL PROTECTED] wrote:
Hi Rory
You can use crypt to encode a password, let say you want the password to be "my
password", create a new php file :
echo crypt("my password");
then you get a unique encoded string something like 'ABC12Fdfi654sdfkfpr67UPL'
copy it and delete the php file
in your password validation file write :
$enc_pass = 'ABC12Fdfi654sdfkfpr67UPL';
if (@crypt($_POST['pass'], $enc_pass) == $enc_pass)
/* password is o.k. */
I use the same technique to provide a 'superuser' login to intranets/cms -
a login which nobody can change/break (+ it works even if lots of stuff is
broken because it
only relies on a hardcoded string).
personally I use sha1() iso of crypt() - no idea which is better.
that said you still don't want this file or this string to get into the hands
of evilhaxors
- best to keep this file (one with the encrypted pwd in it) outside of the
docroot.
Now even if someone will see the php script he won't knew your password
Hope I've helped
yaron
-----Original Message-----
From: rory walsh [mailto:[EMAIL PROTECTED]
Sent: Sunday, March 06, 2005 1:35 PM
To: php-general@lists.php.net
Subject: [PHP] Passwords?
I want to create a simple as possible password script, how secure is it
to have the password actually appear in the script? I only need one
password so I thought that this would be more straightforward than
having a file which contains the password. I am not using any database.
Actually this leads me to another question, is there anyway people can
view your script without having access to your server that is? Cheers,
Rory.
--- End Message ---
--- Begin Message ---
Cheers, I'll give your suggestions a go.
Jochem Maas wrote:
[EMAIL PROTECTED] wrote:
Hi Rory
You can use crypt to encode a password, let say you want the
password to be "my password", create a new php file :
echo crypt("my password");
then you get a unique encoded string something like
'ABC12Fdfi654sdfkfpr67UPL'
copy it and delete the php file
in your password validation file write :
$enc_pass = 'ABC12Fdfi654sdfkfpr67UPL';
if (@crypt($_POST['pass'], $enc_pass) == $enc_pass)
/* password is o.k. */
I use the same technique to provide a 'superuser' login to intranets/cms -
a login which nobody can change/break (+ it works even if lots of stuff
is broken because it
only relies on a hardcoded string).
personally I use sha1() iso of crypt() - no idea which is better.
that said you still don't want this file or this string to get into the
hands of evilhaxors
- best to keep this file (one with the encrypted pwd in it) outside of
the docroot.
Now even if someone will see the php script he won't knew your password
Hope I've helped
yaron
-----Original Message-----
From: rory walsh [mailto:[EMAIL PROTECTED] Sent: Sunday, March 06,
2005 1:35 PM
To: php-general@lists.php.net
Subject: [PHP] Passwords?
I want to create a simple as possible password script, how secure is
it to have the password actually appear in the script? I only need one
password so I thought that this would be more straightforward than
having a file which contains the password. I am not using any
database. Actually this leads me to another question, is there anyway
people can view your script without having access to your server that
is? Cheers,
Rory.
--- End Message ---
--- Begin Message ---
On Sunday 06 March 2005 21:03, AdamT wrote:
> If the password is stored in between the <? and ?> tags, then it
> shouldn't get sent to the browser unless you specifically send it
> there.
For *any* php code it is best to use <?php ?> tags. These tags will work
on *all* php enabled webservers. The short tags <? ?> is an optional
setting on the webserver and hence may not be enabled in which case your
code *will* be displayed as-is.
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
------------------------------------------
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
------------------------------------------
New Year Resolution: Ignore top posted posts
--- End Message ---
--- Begin Message ---
I have a page which gets the id of a user from the url.
$_GET[id]
Now this id can have two forms:
Normal: page.php?id=1
Not so normal: page.php?id=whatever|1
I can explode the second string so I only have the number (1). Explode ("|",
$_GET(id))
But this command fails my query in case we have a normal value
Is there a way to check the $_GET(id) to see if there is a | in it and in
that case explode it?
Thx in advance.
Reinhart
--- End Message ---
--- Begin Message ---
Reinhart Viane wrote:
I have a page which gets the id of a user from the url.
$_GET[id]
Now this id can have two forms:
Normal: page.php?id=1
Not so normal: page.php?id=whatever|1
I can explode the second string so I only have the number (1). Explode ("|",
$_GET(id))
But this command fails my query in case we have a normal value
Is there a way to check the $_GET(id) to see if there is a | in it and in
that case explode it?
Thx in advance.
Reinhart
$ret = explode('|', $_GET['id']);
if(count($ret) > 1) {
$id = $ret[1];
} else {
$id = $ret[0];
}
--- End Message ---
--- Begin Message ---
$ret = explode('|', $_GET['id']);
if(count($ret) > 1) {
$id = $ret[1];
} else {
$id = $ret[0];
}
Suberb,
This indeed did the trick. Aargh I hate when things are this simple and I
just can't seem to find them...
Thx!
--- End Message ---
--- Begin Message ---
M. Sokolewicz wrote:
fetch the microtime() at the top of the script, and at the bottom of the
script you fetch it again. Subtract the first from the later, and you're
left with the time it took. Then change it to a human-readable form, and
you're done. You can't get closer without hacking the ZE
On top use this:
<?php
$mtime = explode(" ",microtime());
$starttime = $mtime[1] + $mtime[0];
?>
On the end use this:
<?php
$mtime = explode(" ",microtime());
$endtime = $mtime[1] + $mtime[0];
echo "\n\n\n<hr><b>".round($endtime-$starttime,3)." sec</b>";
?>
--- End Message ---
--- Begin Message ---
Hi,
I am trying to 'insulate' my database connection from prying eyes by moving
the db connection code to a directory above docroot and then calling it by an
include. However, my IP has an open_basedir restriction in effect that
defeats what I'm trying to do.
Perhaps I'm unclear what what the open_basedir does, and perhaps IP is
protecting me from an even worse security risk. However, I can call, using
fopen, many counter code pages that reside in the directory above docroot -
so I'm confused here. Perhaps it's the use of include - is there another way
to do this?
*******************************************************************************************
The code so far:
On any page that needs a db connection (in docroot path):
<?php
....
include("db-conn.php");
...
?>
Db code page (located in directory above docroot):
<?php
$db = pg_connect("dbname=site user=confused password=toughone");
?>
Tia,
Andre
--- End Message ---
--- Begin Message ---
Hi there,
I seem to be in a bit of a pickle.
Right now I'm working on a script that would calculate dates from one
calendar to another. The normal calendar we use and a newly invented one.
In order to do that I need to find the exact days since the year 0 BC/AD.
However, the functions php provides only allow up to the unix epoch.
Could you guys give me some pointers on how to accomplish this, accurately?
Thanks a million!
Kevin
--- End Message ---
--- Begin Message ---
Evert - Rooftop Solutions wrote:
Mark Charette wrote:
Evert - Rooftop Solutions wrote:
I heard that shared memory is actually slower than writing and
reading a file and it is not available on windows systems.
Hmmm ... that's an interesting thing you heard concerning shared
memory. Care to share _who_ told you that?
I'd like to make sure I don't hire him/her in the future.
http://www.onlamp.com/pub/a/php/2001/10/11/pearcache.html
Check it out, is in old article, but it says "|shm| -- The |shm|
container stores the cached data in the shared memory. Benchmarks
indicate that the current implementation of this container is much
slower than the |file| container."
It is a bit outdated, but I haven't seen any recent benchmarks.
They both scale differently - shm linearly considering it's IO bandwidth
and latency is considerably higher and lower respectively. The shm
doesn't require a disk head to move around to get and save data to cache
(majority writes if it's caching to disk as reads get done from kernel
cache) which takes time.
shm will hold out a lot longer than files (I know from experience with
SVR4 many eons ago).
Cheers,
Chris Smith
Ninja Labs
http://www.ninjalabs.co.uk/
--- End Message ---