php-general Digest 14 Apr 2005 03:39:52 -0000 Issue 3396

[php-general-digest-help]

php-general Digest 14 Apr 2005 03:39:52 -0000 Issue 3396

Topics (messages 213015 through 213048):

Re: trying to load mysql extensions
        213015 by: Richard Davey

phpmyadmin blank screen.
        213016 by: Ross
        213017 by: Joseph Connolly

Re: PHP 4 to PHP 5 Migration shortcut
        213018 by: Rasmus Lerdorf

Re: uploading files
        213019 by: Matthew Weier O'Phinney

uploading file
        213020 by: marc serra
        213021 by: Richard Davey
        213022 by: Joseph Connolly
        213023 by: Richard Davey
        213024 by: John Nichel
        213029 by: Joseph Connolly
        213030 by: Greg Donald

Hosting - NoMonthlyFees
        213025 by: Miles Thompson

Re: database querying form in php
        213026 by: Satyam
        213028 by: Marek Kilimajer

Re: php SMPP
        213027 by: Catalin Trifu

Re: User Management
        213031 by: Eugene Voznesensky

is fwrite atomic?
        213032 by: Cabbar Duzayak
        213034 by: Philip Hallstrom
        213038 by: Rasmus Lerdorf

enterprise patterns headache
        213033 by: Robert Janeczek
        213042 by: Richard Lynch

image calculation problem
        213035 by: Ryan A
        213036 by: Philip Hallstrom
        213037 by: Ryan A

app to create directories with a browser...
        213039 by: bruce

Creating intelligent forms
        213040 by: dan
        213041 by: Mike

Re: Storing password in cookie
        213043 by: Richard Lynch
        213045 by: Richard Lynch
        213047 by: Richard Lynch

Re: Finding records within 15 minutes from now?
        213044 by: Richard Lynch

Dedicated server                                                   (0T)
        213046 by: Ryan A

Re: dynamic image will not print properly
        213048 by: Richard Lynch

Administrivia:

To subscribe to the digest, e-mail:
        [EMAIL PROTECTED]

To unsubscribe from the digest, e-mail:
        [EMAIL PROTECTED]

To post to the list, e-mail:
        php-general@lists.php.net


----------------------------------------------------------------------

--- Begin Message ---

Hello Ross,

Wednesday, April 13, 2005, 4:16:07 PM, you wrote:

R> I get the following warning when trying to load this extension.
R> (php_mssql)

R> PHP Warning: PHP Startup: Unable to load dynamic library
R> 'c:\PHP\ext\php_msql.dll'

Well which of the two DLLs do you actually want to use? php_mssql.dll
is NOT the same as php_msql.dll

R> I am runnning php5 with IIS 5.1 and mysqlserver 4.1. The server
R> works fine and mysql server is running ok.

More to the point NEITHER of them are used for MySQL! They're for
Microsoft SQL Server. PHP5 + MySQL 4.1 should be using the
php_mysqli.dll ideally.

Best regards,

Richard Davey
-- 
 http://www.launchcode.co.uk - PHP Development Services
 "I do not fear computers. I fear the lack of them." - Isaac Asimov

--- End Message ---

--- Begin Message ---

Thanks for the replies to my php_mssql problem.

I have a problem that when I try and run phpmyadmin locally the screen is 
just blank. Any ideas?

R.

--- End Message ---

--- Begin Message --- 1- are you loading the mssql extensions or the mysql extensions....you keep interchanging the two and they ARE NOT the same
2- in addition you may have to load the mysqli extension if you want to run phpMyAdmin.
3- re read the php manual and the phpMyAdmin

If the screen is blank trying to read the source code to see if there is anything at all there. Then make sure php is running correctly and your databases are running correctly...i have a feeling one or both might not be. THEN, you have to make sure your extensions are compatible with the new password authenticaiton method begin used by phpMyAdmin. (this is where mysqli come into play).
Ross wrote:

Thanks for the replies to my php_mssql problem.

I have a problem that when I try and run phpmyadmin locally the screen is just blank. Any ideas?

R.

--- End Message ---

--- Begin Message --- Vishal Kashyap @ [SaiHertz] wrote:

Dear PHP enlightened ,

I was planning to move my PHP 4.3.x based product t PHP 5.x and for
this I was looking for some kinda shortcut scripts or utility to
migrate the 4.3.x file to PHP 5.x .
Any pointers would be appreaciated.

Chances are pretty good that you won't have to change anything. Step 1 would be to simply try running your existing code under PHP5 and see what breaks. Unless you have complicated OO code or you are using the domxml extension, you likely won't need to change anything.

For more info, read: http://php.net/migration5

-Rasmus
--- End Message ---

--- Begin Message ---

* Marc Serra <[EMAIL PROTECTED]>:
> Hi, i want to create a form to upload a file on a server. My problem is 
> that i want to check the filesize before sending it because if the 
> filesize is superior than 2 MB it failed and i don't want to wait for a 
> long time for uploading a file that will fail.
>
> Can you please give me a solution to check the filesize.

See:
http://php.net/features.file-upload

Basically, you need a MAX_FILE_SIZE hidden attribute in your form:
    <input type="hidden" name="MAX_FILE_SIZE" value="2000000" />

However, the manual goes on to say:

 The MAX_FILE_SIZE hidden field (measured in bytes) must precede the
 file input field, and its value is the maximum filesize accepted. This
 is an advisory to the browser, PHP also checks it. Fooling this setting
 on the browser side is quite easy, so never rely on files with a
 greater size being blocked by this feature. The PHP settings for
 maximum-size, however, cannot be fooled. This form element should
 always be used as it saves users the trouble of waiting for a big file
 being transferred only to find that it was too big and the transfer
 failed.

So, adding the above input field is a good first step, but it's not
foolproof; you may still get some too large files uploaded that PHP will
reject after the fact.

-- 
Matthew Weier O'Phinney           | WEBSITES:
Webmaster and IT Specialist       | http://www.garden.org
National Gardening Association    | http://www.kidsgardening.com
802-863-5251 x156                 | http://nationalgardenmonth.org
mailto:[EMAIL PROTECTED]         | http://vermontbotanical.org

--- End Message ---

--- Begin Message --- Hi, i want to create a form to upload a file on a server. My problem is that i want to check the filesize before sending it because if the filesize is superior than 2 MB it failed and i don't want to wait for a long time for uploading a file that will fail.

Can you please give me a solution to check the filesize.

Marc.
--- End Message ---

--- Begin Message ---

Hello Marc,

Wednesday, April 13, 2005, 3:08:06 PM, you wrote:

ms> Hi, i want to create a form to upload a file on a server. My
ms> problem is that i want to check the filesize before sending it
ms> because if the filesize is superior than 2 MB it failed and i
ms> don't want to wait for a long time for uploading a file that will
ms> fail.

This isn't possible with PHP alone. You could do it by using some kind
of client-side uploader (Java applet, maybe a JavaScript post-back,
etc), but not PHP by itself.

Best regards,

Richard Davey
-- 
 http://www.launchcode.co.uk - PHP Development Services
 "I do not fear computers. I fear the lack of them." - Isaac Asimov

--- End Message ---

--- Begin Message --- I though you could limit it in the php.ini file. OR, you can determine it's length through php and then discard it. I remember reading something about limiting file size and overidding that limit in the script. If i find it i will post it here.

Richard Davey wrote:

Hello Marc,

Wednesday, April 13, 2005, 3:08:06 PM, you wrote:

ms> Hi, i want to create a form to upload a file on a server. My
ms> problem is that i want to check the filesize before sending it
ms> because if the filesize is superior than 2 MB it failed and i
ms> don't want to wait for a long time for uploading a file that will
ms> fail.

This isn't possible with PHP alone. You could do it by using some kind
of client-side uploader (Java applet, maybe a JavaScript post-back,
etc), but not PHP by itself.

Best regards,

Richard Davey

--- End Message ---

--- Begin Message ---

Hello Joseph,

Wednesday, April 13, 2005, 5:42:42 PM, you wrote:

JC> I though you could limit it in the php.ini file. OR, you can
JC> determine it's length through php and then discard it. I remember
JC> reading something about limiting file size and overidding that
JC> limit in the script. If i find it i will post it here.

Sure, you can discard the file if it's over the file size limit - but
ONLY after it has been uploaded, which is what the original poster
wanted to avoid. PHP, being server-side in nature, doesn't make this
possible.

Best regards,

Richard Davey
-- 
 http://www.launchcode.co.uk - PHP Development Services
 "I do not fear computers. I fear the lack of them." - Isaac Asimov

--- End Message ---

--- Begin Message --- Joseph Connolly wrote:

I though you could limit it in the php.ini file. OR, you can determine it's length through php and then discard it. I remember reading something about limiting file size and overidding that limit in the script. If i find it i will post it here.

You can limit it with PHP. However, for php to determine the filesize and check it against the limit, the file has to be uploaded first, ie on the server. The OP wants to check the filesize while it's still on the client machine, and PHP can't do that.

--
John C. Nichel
ÜberGeek
KegWorks.com
716.856.9675
[EMAIL PROTECTED]

--- End Message ---

--- Begin Message ---

Thanks for the info. That makes sense.

John Nichel wrote:

Joseph Connolly wrote:

I though you could limit it in the php.ini file. OR, you can determine it's length through php and then discard it. I remember reading something about limiting file size and overidding that limit in the script. If i find it i will post it here.

You can limit it with PHP. However, for php to determine the filesize and check it against the limit, the file has to be uploaded first, ie on the server. The OP wants to check the filesize while it's still on the client machine, and PHP can't do that.

--- End Message ---

--- Begin Message ---

On 4/13/05, Joseph Connolly <[EMAIL PROTECTED]> wrote:
> I though you could limit it in the php.ini file.

You can.

> OR, you can determine
> it's length through php and then discard it.

You can.

> I remember reading
> something about limiting file size and overidding that limit in the
> script. If i find it i will post it here.

You can, but any settings you put in place will not take effect until
PHP gets the file.  PHP has no clue what is going on on the client
side so until the file is uploaded to the server it can't act on the
file one way or the other.  PHP is a server-side scripting language
not a client-side scripting language.


-- 
Greg Donald
Zend Certified Engineer
http://destiney.com/

--- End Message ---

--- Begin Message ---

NoMonthlyFees has been spoken of highly on this list in the past.

Do they still have a good reputation? How's speed?

Client will be fetching news stores for display through Flash; MySQL and PHP (of course) back end.
May be some streaming audio in future.

If you don't want to clog the list with traffic, reply privately and I'll post a summary.

Tks in advance - Miles Thompson
--- End Message ---

--- Begin Message ---

The following used to work, though I haven't used it for a while.  Please be 
carefull of who are you letting do what.  A little checking, for example, 
only 'select' statements with no semi-colons or any other trick to modify 
the database might be good.  Assumes there is a style sheet with a class 
'Listado' somewhere.

Satyam



$result = mysql_query($_REQUEST['Query']) or die("Query failed : " . 
mysql_error());
echo "<p>" . $_REQUEST['Query'] . "</p>";
/* Printing results in HTML */

echo "<div class=listado><table>\n";

echo "\t<tr>\n";

for ($i=0;$i < mysql_num_fields($result);$i++) {
        echo "\t\t<th>" . mysql_field_name($result,$i) . "</th>\n"  ;
}

echo "\t</tr>\n";

while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
   echo "\t<tr>\n";
   foreach ($line as $col_value) {
       echo "\t\t<td>$col_value</td>\n";
   }
   echo "\t</tr>\n";
}
echo "</table></div>\n";

/* Free resultset */
mysql_free_result($result);

"Babu" <[EMAIL PROTECTED]> wrote in message 
news:[EMAIL PROTECTED]
> HI,
>
> I ilke to create user interface for a group of people for entering the 
> queries and to see the results in a browser. The users have the knowledge 
> of database.
> for example: the users will have a login check, and if successful they 
> will see a window where they can enter the sql queries and can see the 
> results.I also want to implement a history of queries where the user can 
> use it when ever needed.
> i have done the user authentication part. But i do not get an idea how the 
> User interface can be?
> I have seen PhpMyadmin.its nice , but lillte bit complex for me as i also 
> need some code to know how it implemented.
> can some one please point to some examples or so.
>
> Thanks
> babu
>
>
> Send instant messages to your online friends http://uk.messenger.yahoo.com 

--- End Message ---

--- Begin Message --- babu wrote:

HI,

I ilke to create user interface for a group of people for entering the queries and to see the results in a browser. The users have the knowledge of database. for example: the users will have a login check, and if successful they will see a window where they can enter the sql queries and can see the results.I also want to implement a history of queries where the user can use it when ever needed.
i have done the user authentication part. But i do not get an idea how the User interface can be?
I have seen PhpMyadmin.its nice , but lillte bit complex for me as i also need some code to know how it implemented.
can some one please point to some examples or so.

There are plenty of classes that can show results of queries in html table, just go to www.phpclasses.org

You should create a database user for each user and restrict the access for each user individualy to insert, select, delete etc.
--- End Message ---

--- Begin Message ---

        Hi,

   If you are into C programming try kannel (www.kannel.org); they fully 
implement
SMPP protocol into their gateway, so you could take a look at their code.

Catalin


Kyriacos Sakkas wrote:
> Hi all,
>       Just wondering if anybody has had experience using SMPP with php. I
> have used the one available class that has limited functionality for
> sending simple messages, but would like to do a little bit more
> (concatenated messages over 170 chars.).
>       Ipworks has some libraries, but I have not been able to compile the php
> side of them (keep getting compilation errors for on file), so now I am
> stuck.
>       Any pointers to existing scripts, or advice on how to create SMPP pdu's
> manually will be very appreciated.
>       
> thanks
>       Kyriacos

--- End Message ---

--- Begin Message ---

Yoy can try this one:
http://pear.php.net/package/LiveUser

> > Hi!
> >
> > I am developing an applicaton in PHP where
> different users would have 
> > different permissions and access to different
> functions/pages of website. 
> > Now whats the best way to do tht?
> >
> > One way I can think of is keep all permissions in
> a table and divide 
> > everyting on site into functions..and when every
> function is called, check 
> > whether thecurrent user has permission to
> particular function..
> >
> > But this method looks quiet complicated..is ther
> any other way to do this?
> >
> > Also if you can give me some links to
> articles/tutorials on user/levels 
> > management in PHP, it would be really helpful..
> >
> > Thanks in advance 
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 
> 

--- End Message ---

--- Begin Message ---

Hi,

As the subject mentions, is fwrite method atomic in PHP? What I mean
by that is, does fwrite function acquire an implicit lock while
writing or do I need to explicitly acquire an EXCLUSIVE lock on the
file before I call fwrite?

The problem I am having is that, I want to track user requests by
logging simple request parameters such as user IP, request URI, etc.
instead of inserting into the db for avoiding overheads. And I will
have a cronjob read this data around midnight and write it into the
database (when there is little load on the server).

So, the questions I have is:

1. While writing this information, do I need to get an exclusive lock
before writing? Say I have a 200 bytes string, and 2 people call
fwrite at the same time with 2 strings, will they be written
sequentually or will it mix these strings depending on the O/S IO
buffer size.

2. While I am inserting this data into the database, I will have to
lock the file, dump them into the database and empty it. So, this
might make some users wait, which is something I am trying to avoid.
But, in anycase I will need to have a secondary lock object which
controls access to this log I guess, i.e. acquire secondary lock,
rename the file to .tmp or something, release the lock, and in the
meantime read from .tmp, parse it and put it in the db.

Any ideas?

Thanks...

--- End Message ---

--- Begin Message ---

As the subject mentions, is fwrite method atomic in PHP? What I mean
by that is, does fwrite function acquire an implicit lock while
writing or do I need to explicitly acquire an EXCLUSIVE lock on the
file before I call fwrite?

While I haven't checked, I would imagine the answer is NO.

The problem I am having is that, I want to track user requests by
logging simple request parameters such as user IP, request URI, etc.
instead of inserting into the db for avoiding overheads. And I will
have a cronjob read this data around midnight and write it into the
database (when there is little load on the server).

So, the questions I have is:

1. While writing this information, do I need to get an exclusive lock
before writing? Say I have a 200 bytes string, and 2 people call
fwrite at the same time with 2 strings, will they be written
sequentually or will it mix these strings depending on the O/S IO
buffer size.

I certainly would. I don't know how the data will get written out in simultaneous writes. I would guess it involves filesystem options, what OS, kernel buffers, etc...

Just create a "data.lock" file, open that, flock it, do your write, and close everything.

2. While I am inserting this data into the database, I will have to
lock the file, dump them into the database and empty it. So, this
might make some users wait, which is something I am trying to avoid.
But, in anycase I will need to have a secondary lock object which
controls access to this log I guess, i.e. acquire secondary lock,
rename the file to .tmp or something, release the lock, and in the
meantime read from .tmp, parse it and put it in the db.

I'd lock your data.lock file, move your actual data file, create an empty new data file, remove the lock, then process your local copy.

You might also consider using syslog to send things there, but that might be more messy then it's worth...

-philip
--- End Message ---

--- Begin Message --- Cabbar Duzayak wrote:

As the subject mentions, is fwrite method atomic in PHP? What I mean
by that is, does fwrite function acquire an implicit lock while
writing or do I need to explicitly acquire an EXCLUSIVE lock on the
file before I call fwrite?

That depends on your mode. If you opened the file in append mode, then yes, it is atomic. On some operating systems that may or may not be true over network filesystems like NFS if you are writing more than a block size, but if it is a local fs and you are in append mode, you can count on it being atomic. If you are not in append mode, then it is not atomic at all.

The problem I am having is that, I want to track user requests by
logging simple request parameters such as user IP, request URI, etc.
instead of inserting into the db for avoiding overheads. And I will
have a cronjob read this data around midnight and write it into the
database (when there is little load on the server).

For straight logging like this you should be able to simply append to the log file and thus your fwrite will be atomic.

2. While I am inserting this data into the database, I will have to
lock the file, dump them into the database and empty it. So, this
might make some users wait, which is something I am trying to avoid.
But, in anycase I will need to have a secondary lock object which
controls access to this log I guess, i.e. acquire secondary lock,
rename the file to .tmp or something, release the lock, and in the
meantime read from .tmp, parse it and put it in the db.

Have your cronjob rename the file to a temporary filename which is also an atomic operation. Then read that temp file into your database. The only slight wrinkle here is that a process could be writing to the file as you rename it. This in itself is fine. The write will survive the rename and still complete writing to your renamed file since at that level it is simply an open file descriptor and it doesn't care what its name is. To make sure any outstanding writes complete, simply add a little delay between your rename and your read in your cron job.

The next log write that comes in after the rename will automatically recreate the file since you are opening it in create+append mode.

This way you avoid all locking and your application will actually work. Locks are evil!

-Rasmus
--- End Message ---

--- Begin Message ---

Hi!

I`m currently working on PHP5-based extranet system which makes
intensive use of enterprise patterns. Some problems encountered during
developement cause serious haeadaches, but we`re going forward :)

I`m not 100% happy with architecture decisions we`ve made in the process
and therefore I came here to ask if maybe someone has better ideas than
we did.

Whole system is built on Data Mapper + Unit of Work + Identity Map +
Lazy Load base. Everything worked well until we started testing if lazy
loading is as lazy as it is supposed to be. We've used __set and __get
magic methods to automate loading data to ghost object when something
tried to access data inside. Yesterday was magic-methods-removal-day,
because we realized post-factum that using magic method sets a flag
blocking usage of another magic methods within that call. With high
encapsulation we were screwed - there was no way to assure not having
chained magic method calls (which still was far from being infinite
recurrency). __get returning null in such situations without any warning
caused many acts of disbelief in power of debugger among the developers
:] Yes, I know it`s all in comments to manual page. NOW I know that :]

Back to the architecture problem...

Inside mappers we have standard find($ID) methods returning ghosts of
real objects, which are filled at later time. Currently this mechanism
is implemented almost exacly as in Martin Fowler's sample code - by
adding notifyRead/notifyWrite in first line of public setters and
getters. This works nicely, collections of object also don`t cause
problems because they are not instantiated before we really need the
elements.

We also use separate methods for finding objects using criteria
different than just ID in database. So, some objects have
findByName($name) or findActive() methods which work very similiar to
find($ID) method, but use different queries. The problem with this
methods is the same thing which helps us very much in different parts of
application - Lazy Load.

Sample code:
$company = CompanyMapper::find(1); // we have ghost inside $company
//some other operations, but we don`t touch $company
$company2 = CompanyMapper::findByName('Big Ltd.');

Now let`s assume, that company with ID=1 has name Big Ltd. We have two
independent copies of the same object what kinda sucks :] The problem is
that both finding methods return ghosts and the second one doesn`t know
his ID yet. If there would be only ID-based searching than Identity Map
would detect it and caused returning the same instance, but it`s not...

Unfortunately, we cannot afford to loose lazy load for those searching
methods which use something different than ID. Our current solution is
putting every ghost object inside handler object, because it allows us
to switch object inside without rest of application noticing. This
however requires many classes with nothing more than bunch of methods
which transfer calls to another objects. We are working on piece of
code, which will use Reflection to autogenerate these classes, but still
it`s not very nice solution imho.

Long story short - what`s the best way to be able to load business
objects as ghosts using different criteria without problem with multiple
instances of the same object in the application.

rashid

ps. wow.. that was looong... :D
--- End Message ---

--- Begin Message ---

On Wed, April 13, 2005 2:01 pm, Robert Janeczek said:

I can't claim a detailed understanding of what you are doing, and,
frankly, it sounds like you are creating a BUNCH of over-engineered
headache-inducing code without a good, proven need for it.  YMVV.

That said, one thing I *did* understand and can comment on:

> Sample code:
> $company = CompanyMapper::find(1); // we have ghost inside $company
> //some other operations, but we don`t touch $company
> $company2 = CompanyMapper::findByName('Big Ltd.');
>
> Now let`s assume, that company with ID=1 has name Big Ltd. We have two
> independent copies of the same object what kinda sucks :] The problem is
> that both finding methods return ghosts and the second one doesn`t know
> his ID yet. If there would be only ID-based searching than Identity Map
> would detect it and caused returning the same instance, but it`s not...

So why not do this:
Make findByName look up the $ID with the query you already use, possibly
caching the other fields/data you use frequently in some kind of very temp
space: $row (array returned from query).
Then call CompanyMapper::find($ID, $row);
which uses the info it already has given for free in $row, but can also
check your cache of existing object, fill in any free data from $row, and
return the existing object if it's there.

> Unfortunately, we cannot afford to loose lazy load for those searching
> methods which use something different than ID. Our current solution is
> putting every ghost object inside handler object, because it allows us
> to switch object inside without rest of application noticing. This
> however requires many classes with nothing more than bunch of methods
> which transfer calls to another objects. We are working on piece of
> code, which will use Reflection to autogenerate these classes, but still
> it`s not very nice solution imho.

Perhaps a specialized object that manipulates/returns other objects based
on arguments is in order.  Instead of a zillion objects that all do that
same thing, only one for each real object, you have one that handles all
the other objects the same way, but trying to find the same object in your
cache first, then digging deeper into lazy load (or whatever) to build it.

How certain are you that all this code is saving you *ANYTHING*?

Is it worth the development/maintenance expense?

Only you can answer those questions.

-- 
Like Music?
http://l-i-e.com/artists.htm

--- End Message ---

--- Begin Message ---

Hi,
I copied this from the php site, but trying to modify it is driving me nuts
coz its not working.

Basically I am trying to make a thumb where the width is 87px...I dont care
what the height is,
heres the code:

function prop_thumb_height()
{
// The file
$filename = 'cat.jpg';

// Set a maximum height and width
$width = 87;
$height = 175;

// Content type
header('Content-type: image/jpeg');

// Get new dimensions
list($width_orig, $height_orig) = getimagesize($filename);

if ($width && ($width_orig < $height_orig)) {
   $width = ($height / $height_orig) * $width_orig;
} else {
   $height = ($width / $width_orig) * $height_orig;
}

// Resample
$image_p = imagecreatetruecolor($width, $height);
$image = imagecreatefromjpeg($filename);
imagecopyresampled($image_p, $image, 0, 0, 0, 0, $width, $height,
$width_orig, $height_orig);

// Output
imagejpeg($image_p, 'ryan.jpg', 100);
}



Thanks,
Ryan



-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.9.7 - Release Date: 4/12/2005

--- End Message ---

--- Begin Message ---

see below...

Basically I am trying to make a thumb where the width is 87px...I dont care what the height is, heres the code:

function prop_thumb_height()
{
// The file
$filename = 'cat.jpg';

// Content type
header('Content-type: image/jpeg');

// Get new dimensions
list($width_orig, $height_orig) = getimagesize($filename);

$width = 87;

// note I'm not checking if $width_orig == 0
$scale_by = $width / $width_orig;

$height = floor($height_orig * $scale_by + 0.5);

// Resample
$image_p = imagecreatetruecolor($width, $height);
$image = imagecreatefromjpeg($filename);
imagecopyresampled($image_p, $image, 0, 0, 0, 0, $width, $height, $width_orig, 
$height_orig);

// Output
imagejpeg($image_p, 'ryan.jpg', 100);
}

--- End Message ---

--- Begin Message ---

Thanks mate, it works perfectly.
-Ryan



On 4/13/2005 11:35:23 PM, Philip Hallstrom ([EMAIL PROTECTED]) wrote:
> see below...
>
>
>
> > Basically I am trying to make a thumb where the width is 87px...I dont
>
> > care what the height is, heres the code:
>
> >
>
> > function prop_thumb_height()
>
> > {
>
> > // The file
>
> > $filename = 'cat.jpg';
>
> >
>
> > // Content type
>
> > header('Content-type: image/jpeg');
>
> >
>
> > // Get new dimensions
>
> > list($width_orig, $height_orig) = getimagesize($filename);
>
> >
>
>
>
> $width = 87;
>
>
>
> // note
> I'm not checking if $width_orig == 0
> $scale_by = $width / $width_orig;
>
> $height = floor($height_orig * $scale_by + 0.5);
>
> > // Resample
> > $image_p = imagecreatetruecolor($width, $height);
> > $image = imagecreatefromjpeg($filename);
> > imagecopyresampled($image_p, $image, 0, 0, 0, 0, $width, $height,
$width_orig, $height_orig);
> >
> > // Output
> > imagejpeg($image_p, 'ryan.
> jpg', 100);
> > }
> >



-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.9.7 - Release Date: 4/12/2005

--- End Message ---

--- Begin Message ---

hi...

i'm trying to find an app to allow me to somehoe specify a dir/folder
structure and to be able to create the dir on the hard drive, using the
browser...

in other words, if i have a project:
   proj
     --include
     --docs
     --bin
     --src
     --obj

i'd like to be able to somehow enter this into a browser/app and have the
app then create the underlying structure on the harddrive...

anybody have any ideas/knowledge of such an app. i'd prefer it to be GUI is
possible, but i'll look at pretty much anything that works...

thanks

bruce
[EMAIL PROTECTED]

--- End Message ---

--- Begin Message ---

Hello, all -

I had some questions regarding the creation of "intelligent" forms - forms that take data, and then parse it for errors, "real" data, etc etc.

The first idea I had was to make a function to display the form. When the form is submitted, the page would be called again (i.e. the form's ACTION=itself), and then the POST or GET or SESSION variables will be the arguments to the form. The idea is, when this happens, the form will be able to check the data that was sent, verify it, etc etc. If there are no problems with the data, then the user is directed to step 2 of the form, or the second page, to enter in additional data. But how should the redirection happen?

At that point, am I able to manipulate the headers for a different Location:, that location being the second form to be filled out? Since this would be the first data sent to the BROWSER, I thought that this might work.

I've been toying with both of these ideas with varying success, but haven't quite gotten it figured out. I'm sure that, with due time, I'll be able to figure it out. However, I just want to make sure that this is a "correct" way of writing forms, and if it's normally accepted as a common practice, so I don't waste my time doing something that might not actually work.

Thanks!
-dant

--- End Message ---

--- Begin Message ---

 
> The first idea I had was to make a function to display the 
> form.  When the form is submitted, the page would be called 
> again (i.e. the form's ACTION=itself), and then the POST or 
> GET or SESSION variables will be the arguments to the form.  
> The idea is, when this happens, the form will be able to 
> check the data that was sent, verify it, etc etc.  If there 
> are no problems with the data, then the user is directed to 
> step 2 of the form, or the second page, to enter in 
> additional data.  But how should the redirection happen?
> 
> At that point, am I able to manipulate the headers for a 
> different Location:, that location being the second form to 
> be filled out?  Since this would be the first data sent to 
> the BROWSER, I thought that this might work.

What I've done is just have one script (call it form.php) and when you
process the data it posts/gets to itself. The first thing you do is validate
the data. You then flag each piece that has a problem. If you have no
problems after you've parsed all the data, you can simply include the
"processing" code from another file and then run that (no redirection) and
output what you need to output. If there are problems, just re-run the
print-form portion of the script but output the fields with the
previously-submitted data and also some sort of visual marker for the user
to identify that there's a problem (such as red text saying "Please correct
this field" or something).

> I've been toying with both of these ideas with varying 
> success, but haven't quite gotten it figured out.  I'm sure 
> that, with due time, I'll be able to figure it out.  However, 
> I just want to make sure that this is a "correct" way of 
> writing forms, and if it's normally accepted as a common 
> practice, so I don't waste my time doing something that might 
> not actually work.

I've done the above with much success. And I prefer not to have to redirect
people all over the place if possible. There's truly many ways of doing it
and different ways may work best for your needs - but I wanted to share what
has worked for me in the past.

-M

--- End Message ---

--- Begin Message ---

On Tue, April 12, 2005 8:03 pm, [EMAIL PROTECTED] said:
> On 11 Apr 2005 Chris Shiflett wrote:
>
>> > > DO NOT STORE PASSWORDS ON USERS COMPUTER
>> >
>> > A couple of people have stated this but I think it is incorrect.
>>
>> Please refrain from such speculation, because it does nothing to improve
>> the state of security within our community. This idea of storing
>> passwords in cookies is absurd.
>
> Hmmm, sorry, it wasn't speculation but an opinion in response to what I
> thought had moved from a practical into a theoretical discussion.  I
> agree, storing even an encrypted password in a cookie is a poor idea in
> most situations.  But to me development is about selecting the right
> tool and using it the right way for the job at hand, and as a matter of
> principle I'm not convinced that a password stored in some form in a
> cookie can never, ever be the right tool for any job -- even if it's
> the wrong tool for many or most.

Some absolutes are absolute.

That's why we call them absolutes.

This is one of them.

If you can think of a single real-life counter-example, feel free to post
it, and shock the world.

-- 
Like Music?
http://l-i-e.com/artists.htm

--- End Message ---

--- Begin Message ---

On Tue, April 12, 2005 4:40 am, [EMAIL PROTECTED] said:
[lots and lots of stuff, mostly valid, about Security being applied in
ratio with the data being protected]

I don't have the time to answer this point by point.

So I'll stick with some generalizations.

I have what I consider a MINIMUM standard level of security for any site
that asks for a password.

That would include:
Not storing the password *ANYWHERE* in clear-text.
  Not in database.
  Not in $_SESSION
  Not in COOKIES

Not storing an encrypted username/password in $_SESSION/COOKIE if having
those values provides access.  Because at that point, the encryption is
rather meaningless, as it's really a clear-text 32-character code that
happens to be the encrypted value of something secret, but the clear-text
32-character code gives the Bad Guy access, whether they know the secret
or not.

If your content/application/data is important enough to warrant a
username/password, then it should be important enough to secure with this
minimal level of security, IN MY OPINION.

The "tie-in" from a given user's session data should be ephemeral -- it
should expire within a short time frame.

It should also be un-guessable, like PHP's session IDs.

It should not, in and of itself, provide enough data for a Bad Guy with
the means to readily compromise an account on a long-term basis.

If users forget passwords, they should get new random passwords, with the
application/email directing them to change those passwords to memorable
(to them) but hopefully un-guessable (to Bad Guys) values.

Nothing I am recommending is significantly more difficult, nor complex,
then the alternatives you are presenting.

I would contend that anything less is simply a false sense of security,
provided to the un-informed, by using inherently insecure
username/password methodolgy.

The fact that 10 zillion sites are currently doing exactly that does not
make it "right".

You obviously disagree, and think everything is just hunky-dory in the 10
zillion sites that are leaking passwords to any Bad Guy with half a clue.

We'll simply have to agree to disagree on what is a minimal standard level
of security, and move forward.

-- 
Like Music?
http://l-i-e.com/artists.htm

--- End Message ---

--- Begin Message ---

On Mon, April 11, 2005 8:12 pm, Chris Shiflett said:
> Richard Lynch wrote:
>> On a shared server, every other PHP scripter can read your session data,
>> if they work at it a little bit.
>
> You should mention that this is assuming a default configuration. There
> are ways to avoid this.

There aren't a whole lot of shared servers that are running a different
pool of httpd for each user, nor using only CGI with different user ids,
nor...

I daresay that unless you are setting up a shared server yourself, rather
than renting space on one, you'll be hard-pressed to find that feature...

Perhaps phpsec.org would want to list hosts who go above and beyond the
current norm and actually provide that.

I know I've never seen one, at least not that's affordable to me.

>> For truly sensitive stuff like a CC#, do *NOT* put that in session data.
>> Write your script to get the CC# via SSL, process it, and throw it away,
>> all in one single PHP script.
>
> This is good advice, but if there is a business need to store the credit
> card number (for whatever reason), it's not necessarily always best to
> avoid storing it in the session.

If you can think of a good business reason to store somebody's CC# in
$_SESSION, I guess it must exist.

I sure can't think of one...

> Performance considerations can require that you couple its retrieval
> with other session data rather than incur the extra expense. It's just
> one of those things that is a little bit application-specific.

I dunno...  I mean, for me, a CC# comes from $_GET or $_POST, gets
scrubbed and validated for reasonable digits, gets sent to the Credit Card
processor, and you store the resulting transaction code from the Credit
Card guys, and that's it.

Any other data you've got tied in to the transaction, session, user, or
whatever, you've got a unique number you gave the Credit Card guys, and
you can match that up before you run the CC#, or even later on, if you
give the Credit Card guys a non-ephemeral unique ID to tie to the
transaction.

I guess I'm just blinded by experience to doing anything else with a CC#
-- That or shocked by seeing CC#s sitting in a new client's MySQL
database, in perpetuity, after transactions had been done.  [shudder] 
That sure got changed in a hurry. :-^

I'm certainly interested to know when/why Chris Shiflett would store a CC#
anywhere at all, unless he's actually working *FOR* the Credit Card guys,
cuz that's what they're there for. :-)  That doesn't count.

-- 
Like Music?
http://l-i-e.com/artists.htm

--- End Message ---

--- Begin Message ---

On Tue, April 12, 2005 12:33 pm, J J said:
> I'm struggling with the php or mysql query to find
> records within my database that are within 15 minutes
> from now and prior.
>
> Example:
> It's 2:30pm on 4/12/05
>
> I need to find all records with a RecordTime of 2:45pm
> and previous.
>
> So it should find:
> rec1 time: 2:45 date: 4/12/05
> rec2 time: 2:00 date: 4/12/05
> rec3 time: 1:30 date: 4/8/05
> etc.
>
> It would not find:
> rec4 time: 3:15 date: 4/12/05
> rec5 time: 4:00 date: 4/23/05

If RecordTime does not contain the DATE as well, as I suspect, then you
need to add/combine the two fields (date & time) before you compare to
'now()' with date_add() and INTERVAL.

-- 
Like Music?
http://l-i-e.com/artists.htm

--- End Message ---

--- Begin Message ---

Hey,
Can anyone recommend a host for dedicated hosting? Hopefully one that you
have used.
Please reply offlist so as not to disturb anyone else.

Thanks,
Ryan



-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.9.9 - Release Date: 4/13/2005

--- End Message ---

--- Begin Message ---

On Mon, April 11, 2005 5:48 pm, DuSTiN KRySaK said:
> On 11-Apr-05, at 5:05 PM, Richard Lynch wrote:
>
>> On Mon, April 11, 2005 3:04 pm, DuSTiN KRySaK said:
>> Fourth:  On the broken server, take *OUT* the header() lines in your
>> script, and surf directly to the image URL.  If you see PHP messages,
>> well, fix your script to get rid of them.  If you see a bunch of weird
>> characters, that's what it *should* be -- Pretty much the "same" as you
>> would see if you opened up a real JPEG in a text editor.
>
> I get the proper JPG results. As I said earlier - the output is only
> messed in the win/ie combo while printing.

Sorry, forgot that part...

Okay, try this.

Take your HTML page, scrape down as a static page, upload it, and try to
print the static page with the static image.

Pehaps GD, PHP, and everything else have *nothing* to do with this.

Maybe the *PRINTER* just chokes on some specific JPEG images, dynamic or not.

If so, then you are looking for a new printer driver, or documentation of
known issues with that printer and printing JPEGs of particular
characteristics.

The more I think about this, the more likely it is that the printer just
doesn't like that JPEG, period.

If the browsers likes it just fine...

-- 
Like Music?
http://l-i-e.com/artists.htm

--- End Message ---