php-general Digest 12 Nov 2005 16:30:33 -0000 Issue 3790

[php-general-digest-help]

php-general Digest 12 Nov 2005 16:30:33 -0000 Issue 3790

Topics (messages 225663 through 225673):

Re: Filtering and Escaping (Was: Select and $_POST)
        225663 by: Chris Shiflett

emailing MySQL list not working
        225664 by: Bruce Gilbert
        225669 by: Marco Kaiser

url query problem
        225665 by: Imroz
        225666 by: Minuk Choi

Re: Question about session
        225667 by: Bagus Nugroho

Re: mail return-path problem
        225668 by: Eric Butera

Re: Catch the   WMV first frame picture  in PHP script?
        225670 by: M

Re: arrays question
        225671 by: Brian V Bonini

Re: php session in ie
        225672 by: James Benson

Recommendations for the Zend PHP Certification
        225673 by: Gustavo Narea

Administrivia:

To subscribe to the digest, e-mail:
        [EMAIL PROTECTED]

To unsubscribe from the digest, e-mail:
        [EMAIL PROTECTED]

To post to the list, e-mail:
        php-general@lists.php.net


----------------------------------------------------------------------

--- Begin Message ---

Chris Shiflett wrote:

However, most security issues like XSS and SQL injection aren't
really input filtering problems. Often, input filtering can
effectively eliminate these vulnerabilities (and there's no
excuse to not be filtering input), but escaping addresses the
root cause of the problem.

I decided to blog about this in more detail:

http://shiflett.org/archive/168

Chris

--
Chris Shiflett
Brain Bulb, The PHP Consultancy
http://brainbulb.com/

--- End Message ---

--- Begin Message ---

Hello,

I am using a template for an email database. This has a MySQL database
where the end user can sign up to receive my email newsletter, They
subscribe and are entered into a MySQL database that I have set up.
Everything works fine as far as  being entered into the dataase The
problem occurs when I send a test email to the database list. (I am
sending one to myself). The email never gets sent!

the code to send out the email from the MySQL database list is as follows:

<?php
// this script is used to as the action for the form on sendmailform.php
// it sends the email to all persons who have subscribed to the
mailinglist and confirmed their subscription

//include the config file
include("config.php");

$subject = $_REQUEST['subject'];
$message = $_REQUEST['message'];

//Variables for the headers
// customize this stuff
$sender = "Bruce Gilbert <[EMAIL PROTECTED]>\n"; //put your name and
sending address here
$reply_to = "<[EMAIL PROTECTED]>\n"; //reply-to, insert your address
here,  might not be supported by your server
$return_path = "[EMAIL PROTECTED]"; // return-path, if you have
one, also might not be supported by your server
$x_sender = "<[EMAIL PROTECTED]>\n"; //your address, another setting
possibly not supported by your server

$message .= "\n\n This is a double opt-in mailing list. All recipients
have confirmed their subscription. If you no longer wish to receive
these emails, please go to http://$list_owner_domain_name \n
                                        Get this custom mailing list system for 
your site. Go to
http://www.karlcore.com for more info! \n";

// this selects the table and orders the results by the name
// it only selects the listings that have been confirmed
$query = "
        SELECT
                *
        FROM
                mailinglist
        WHERE
                subscribe=1
                AND
                confirmed=1";

$result = mysql_query($query);

while ( $row = mysql_fetch_array($result))
        {
        $rec_id = $row["rec_id"];
        $email = $row["email"];

        $recipient = $email;

        $headers = "From: $sender";
        $headers .= "Reply-To: $reply_to";
        $headers .= "Return-Path: $return_path";
        $headers .= "X-Sender: $x_sender";
        $headers .= "X-Mailer: PHP4\n"; //mailer
        $headers .= "X-Priority: 3\n"; //1 UrgentMessage, 3 Normal
        $headers .= "Mime-Version:1.0\n Content-Type: text/plain;
charset=\"iso-8859-1\nContent-Transfer-Encoding: 8bit\n";
                
        mail( $recipient, $subject, stripslashes($message), $headers );
        sleep(1);

}

// run second query to automatically dump unsubscribed email addresses.
$query2 = "
        DELETE FROM
                mailinglist
        WHERE
                subscribe='0'
                AND
                confirmed='0' ";

//run the query
mysql_query($query2, $link) or die (mysql_error());

mysql_close();

header("location: mailsent.php");
exit;
?>

The form is located here:

http://www.inspired-evolution.com/sendmailform.php

let me know if I need to provide any more information.

Thanks!

Bruce Gilbert

--- End Message ---

--- Begin Message ---

Hi,

try to add in your $headers linebreaks. ("\r\n").

-- Marco

>         $headers = "From: $sender";
>         $headers .= "Reply-To: $reply_to";
>         $headers .= "Return-Path: $return_path";
>         $headers .= "X-Sender: $x_sender";
>         $headers .= "X-Mailer: PHP4\n"; //mailer
>         $headers .= "X-Priority: 3\n"; //1 UrgentMessage, 3 Normal
>         $headers .= "Mime-Version:1.0\n Content-Type: text/plain;
> charset=\"iso-8859-1\nContent-Transfer-Encoding: 8bit\n";

--- End Message ---

--- Begin Message ---

Hi PHP Gurus Am new to the php world, I need help to do something. PlZzzzzz help   I have this link http://www.taximauritius.mu/link1.php.   What I want to do :   When clicking on the link above, that would bring me to a page http://www.taximauritius.mu/reservation.php?client=apartment1, and in this URL, as can be seen, there is a variable called apartment1.   I want to get the name of this variable + other form fields in my email message when the form is sent. Actually I do get the other form fields in my email message. I just don’t get the variable (client=apartment1)   Am attaching the codes, It would really be grateful if you could plzzz help me.   Thanks a lot for helping Imrose   -- Outgoing mail is certified Virus Free. Checked by AVG Anti-Virus (http://www.grisoft.com). Version: 7.0.269 / Virus Database: 264.8.0 - Release Date: 9/6/2004

--- End Message ---

--- Begin Message ---

You've tried accessing $_GET in reservation.php?

Like

$_GET['client'] would return "apartment1" in reservation.php if you clicked on

http://www.taximauritius.mu/reservation.php?client=apartment1


-Minuk

Imroz wrote:

Hi PHP Gurus

Am new to the php world, I need help to do something. PlZzzzzz help

I have this link http://www.taximauritius.mu/link1.php.

What I want to do :

When clicking on the link above, that would bring me to a page

http://www.taximauritius.mu/reservation.php?client=apartment1, and in this URL, as can be seen, there is a variable called apartment1.

I want to get the name of this variable + other form fields in my email message when the form is sent. Actually I do get the other form fields in my email message. I just don’t get the variable (client=apartment1)

Am attaching the codes, It would really be grateful if you could plzzz help me.

Thanks a lot for helping

Imrose

--
Outgoing mail is certified Virus Free.
Checked by AVG Anti-Virus (http://www.grisoft.com).
Version: 7.0.269 / Virus Database: 264.8.0 - Release Date: 9/6/2004

--- End Message ---

--- Begin Message ---

poblem was solved by add
session_register function
 
before $_SESSION["blablabla"];
 

________________________________

From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Sat 12-Nov-2005 09:50
To: Bagus Nugroho; php-general@lists.php.net
Subject: Re: [PHP] Question about session


There's no code. You need to put your code in the Email so we can see it...

--- End Message ---

--- Begin Message ---

On 11/8/05, Richard Heyes <[EMAIL PROTECTED]> wrote:
>
> Eric Butera wrote:
> > I was just curious if there was a way to set the return path of an email
> > dynamically. I've looked around and all I could find was a Zend tutorial
> > running sendmail from the command line, which I don't want to do. :)
> >
> > I tried setting "Return-Path:" in the mail() headers, but that didn't
> seem
> > to make a difference. If anybody knows anything about this and could
> point
> > me in the right direction, I'd appreciate it.
> >
> > Thanks!
> >
>
> Use the fifth argument to the mail() function and the -f option for
> sendmail:
>
> mail('...', '...', '...', null, '[EMAIL PROTECTED]')
>
> --
> Richard Heyes
> http://www.phpguru.org


The -f was the trick. Thank you for all the input guys. =)

--- End Message ---

--- Begin Message ---

張 峰銘 wrote:
> Mr. M:
> Hello, thanks for your kind help.
> But my Linux system is Fedora Core 1 ,
> there isn't any totem-video-thumbnailer.
> What should I do?
>  
> Do I have to upgrade the Linux system to FC 3 or heigher  ?
> (the Totem  exists in FC3 )
> or Is there any  other method to solve this problem?

totem-video-thumbnailer should be in of totem rpm. install totem and you
are done.

--- End Message ---

--- Begin Message ---

On Fri, 2005-11-11 at 15:25, cybermalandro cybermalandro wrote:
> I have this that looks like this
> 
> array(3) {
>   [0]=>
>   array(2) {
>     [0]=>
>     string(1) "1"
>     [1]=>
>     string(1) "2"
>   }
>   [1]=>
>   array(2) {
>     [0]=>
>     string(3) "492"
>     [1]=>
>     string(3) "211"
>   }
>   [2]=>
>   array(2) {
>     [0]=>
>     string(2) "11"
>     [1]=>
>     string(2) "20"
>   }
> }
> 
> I want to loop through so I can get and print "1","492","11" and
> "2","211","20" What is the best way to do this? I suck with arrays and
> I can't get my looping right.

$a = array(array(1,2),
           array(492,211),
           array(11,20)
     );

for($i=0;$i<2;$i++) {
    foreach($a as $v) {
        echo $v[$i] . "\n";
    }

    echo "======\n";
}

Prints:

1
492
11
======
2
211
20
======


-Brian
-- 

s/:-[(/]/:-)/g


Brian        GnuPG -> KeyID: 0x04A4F0DC | Key Server: pgp.mit.edu
======================================================================
gpg --keyserver pgp.mit.edu --recv-keys 04A4F0DC
Key Info: http://gfx-design.com/keys
Linux Registered User #339825 at http://counter.li.org

--- End Message ---

--- Begin Message ---

sunaram patir wrote:

Hi, i am having problem with internet explorer. i am working on a
project on building a website where i need to keep track of the users
i.e. i use a login system in there in short. with the following code i
check whether the user is logged in or not.
<?php
session_start();

$_SESSION['myurl']=$_SERVER['PHP_SELF'];
if(!isset($_SESSION['student_username']) &&
!isset($_SESSION['student_password']))
         header("Location: login.php");
?>

You should use an absolute path for the header redirection,

header("Location: http://example.com/login.php";);

if the user is not logged in, it redirects to the login page login.php
as is shown in the above code. now the user is allowed to log in
through the following code:


<?php
session_cache_limiter('private_no_expire');
session_set_cookie_params(0,"/","schools.zenrays.com");
session_start();



if(isset($_POST['submit'])){
   include("../database.inc");
   $login=trim($_POST['login']);
   $pass=trim($_POST['pass']);
   $Effectivelogin=strtoupper($login);
   $auth=false;
   $connection=mysql_connect($host,$user,$password);
   mysql_select_db($database,$connection);
   $query="SELECT password FROM students WHERE userID='$Effectivelogin'";
   $result=mysql_query($query);
   if(mysql_num_rows($result)){
        while($row=mysql_fetch_array($result))
   {

        if($row[0]!=$pass)
              echo ("Wrong Username/Password!");
         else
               $auth=true;
   }
   }


   if($auth){
         $_SESSION["student_username"]=$Effectivelogin;
         $_SESSION["student_password"]=$pass;
         if(isset($_SESSION['myurl']))
            header("Location: http://schools.zenrays.com".$_SESSION['myurl']);
         else
            header("Location: http://schools.zenrays.com/students";);

   }


}
?>
<html>
<head>
<title>User Authentication</title>
</head>
<body>
<form method="post">
LoginID:
<input type="text" name="login"><br>
Password:
<input type="password" name="pass"><br>
<input type="submit" name="submit" value="Login">
</form>


</body>


</html>

then the user is redirected back to the page he visited. it workd fine
in firefox and msn explorer. in internet explorer, when i visit to a
link in any page it asks for the login details again. could anyone
please help me out?!

--- End Message ---

--- Begin Message ---

Hello everybody.

I want to take the ZPC test the next year and I am going to buy these books:
  - Zend PHP Certification Study Guide.
  - Zend PHP Certification Practice Test Book.

Are these ones enough? Should I get other books?

By the way, my skills are oriented to LAMP and according to what I read on the ZPC's FAQs that is not good. I must know the Standard SQL, not only MySQL. So, I have these questions: - Where can I find the Standard SQL? I've been googling for it, but I couldn't find it. - AFAIK, there are 3 versions of the Standard SQL (1993, 1999 and 2003), but, Which one am I going to need for this test?

  - Should I learn to use another HTTP server?

Do you have any other suggestion?

Thanks in advanced!

Cheers.

--
Gustavo Narea.
PHP Documentation - Spanish Translation Team.
Valencia, Venezuela.

--- End Message ---