php-general Digest 15 Nov 2005 10:06:22 -0000 Issue 3795
Topics (messages 225785 through 225808):
Re: Walking through a bunch of MySQL Records
225785 by: Miles Thompson
[EMAIL PROTECTED]
225786 by: Miles Thompson
225789 by: Jasper Bryant-Greene
Re: Filtering and Escaping (Was: Select and $_POST)
225787 by: Ben Ramsey
225791 by: GamblerZG
225794 by: Chris Shiflett
Re: What is the purpose of sessions extension?
225788 by: GamblerZG
Can't use secure file wrappers - Windows
225790 by: Chuck Anderson
225799 by: James Benson
225803 by: Chuck Anderson
Re: mod_rewrite and include paths
225792 by: Marcus Bointon
Re: Printing to a buffer
225793 by: Marcus Bointon
Re: Zend + Eclipse + Standized Framework
225795 by: Roman Ivanov
225796 by: Roman Ivanov
225798 by: Esteamedpw.aol.com
225802 by: Greg Donald
test, ignore
225797 by: Roman Ivanov
Re: emailing MySQL list not working
225800 by: Bruce Gilbert
225801 by: Jasper Bryant-Greene
Template Question
225804 by: Leonard Burton
225805 by: Robert Cummings
Re: Create a numeric hash from a text string?
225806 by: Curt Zirzow
ignore: this is a test
225807 by: adriano ghezzi
Newbie to PHP5
225808 by: Danny
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[email protected]
----------------------------------------------------------------------
--- Begin Message ---
Yeah Jim - that's better than mine.
Miles
At 03:28 PM 11/14/2005, Jim Moseby wrote:
>
> I have a question.
> I want to display a group of records pulled form a MySQL db
> in the following
> fashion.
>
> 1 6
> 2 7
> 3 8
> 4 9
> 5 10
>
> Now I can easily figure out how to display the records as
>
> 1 2
> 3 4
> 5 6
> 7 8
> 9 10
>
> But since I am in an HTML table and the need to display the
> <TR> and </TR> I
> am not sure how to make th logic so that I can get the first
> listing. Can
> anyone help me out?? Need more information??
You could load up an array with your result set:
$records=array();
$rownum=0;
while ($row=mysql_fetch_array($result)){
$rownum++;
records[$rownum]=$row['data'];
}
...then use $rownum/2 to determine the second column:
for ($i==1;$i<=$rownum/2;$i++){
$col1=$i;
$col2=$i+($rownum/2);
echo "<tr>$record[$col1]</tr>";
echo "<tr>$record[$col2]</tr>";
}
There are probably much better ways to do this, but this is a start.
JM
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
Can someone get rid of him?
Every time I post, which I admit is not often, I get a bounce.
Cheers - Miles
--- End Message ---
--- Begin Message ---
Miles Thompson wrote:
Can someone get rid of him?
Every time I post, which I admit is not often, I get a bounce.
Yeah, same. I think there was some discussion recently regarding it but
I don't know what happened.
I even tried to go to www.xasamail.com and register an account ale0952
just to stop the bounces, but it appears there is no way to sign up on
that webmail site.
Jasper
--- End Message ---
--- Begin Message ---
On 11/14/05 3:38 PM, Richard Lynch wrote:
Perhaps one should use:
$_ICLEAN
$_OCLEAN
for Input and Output.
$kosher = '/[^A-Za-z0-9\\',\\.-]/';
$_ICLEAN['first_name'] = preg_replace($kosher, '', $_GET['first_name'];
/* more code */
$_OCLEAN['first_name'] = htmlentities($_ICLEAN['first_name']);
echo "<p>$_OCLEAN[first_name] is way smarter than me.</p>\n";
If you had anything other than $_OCLEAN in an echo and friends, then
you would know you were screwing up.
I don't like $_OCLEAN primarily because I like Chris's suggestion of
using an output array that is named according to where the data is
going, so $url, $sql, $html, etc. But, with that in mind, it wouldn't be
too hard to use $_OCLEAN['url'], $_OCLEAN['sql'], and $_OCLEAN['html']
as arrays within the $_OCLEAN array.
--
Ben Ramsey
http://benramsey.com/
--- End Message ---
--- Begin Message ---
Richard Lynch wrote:
If you had anything other than $_OCLEAN in an echo and friends, then
you would know you were screwing up.
Personally, if I pull something info from the database, then I do not
usually sanitize it. Yes, I know it's less secure, but I'm willing to
take such (negligible) risk for extra performance. So I sanitize data on
input only.
--- End Message ---
--- Begin Message ---
GamblerZG wrote:
> If you had anything other than $_OCLEAN in an echo and friends, then
> you would know you were screwing up.
Personally, if I pull something info from the database, then I do not
usually sanitize it. Yes, I know it's less secure, but I'm willing to
take such (negligible) risk for extra performance. So I sanitize data
on input only.
Sanitizing is an alias for filtering and has nothing to do with
escaping. One should never be considered a substitute for the other,
although this is a common mistake.
Chris
--
Chris Shiflett
Brain Bulb, The PHP Consultancy
http://brainbulb.com/
--- End Message ---
--- Begin Message ---
Richard Lynch wrote:
But it ain't easy the first time.
If you're using DB to store session data, and trying to improve session
security, than it ain't easy even the second time. Or the third. In
fact, I gave up on that extension before it became easy. After that my
session-related code shrunk by half. And I have 100% control over what
happens and when it happens.
--- End Message ---
--- Begin Message ---
[I've had this posted in the php.windows group for a few days, but I got no
replies there.]
I have been plugging away at this for some time now and I can not figure out
how to get https and ftps as registered streams in my Windows installation of
Php (4.4.0). My direct need is to use fopen on secure URLs - https.
(I've installed openssl - enabled the Php openssl extension - and verified that
my copy of Php was compiled with the openssl module.)
The latest thing I have read says that I need a "special" copy of
php4ts.dll in order to enable secure streams (https, ftps) in Php on
Windows (XP, in my case).
The posts I read point to copies of php4ts.dll for Php 4.3.4.
I am running Php 4.4.0. Where can I find a copy of php4ts.dll for
Php4.4.0 that enables secure streams?
(And is that really the solution in Php 4.4.0?)
Thanks in Advance
--- End Message ---
--- Begin Message ---
Could use the xampp package or just the openssl & php from it,
http://www.apachefriends.org/en/xampp.html
Chuck Anderson wrote:
[I've had this posted in the php.windows group for a few days, but I got
no replies there.]
I have been plugging away at this for some time now and I can not figure
out how to get https and ftps as registered streams in my Windows
installation of Php (4.4.0). My direct need is to use fopen on secure
URLs - https.
(I've installed openssl - enabled the Php openssl extension - and
verified that my copy of Php was compiled with the openssl module.)
The latest thing I have read says that I need a "special" copy of
php4ts.dll in order to enable secure streams (https, ftps) in Php on
Windows (XP, in my case).
The posts I read point to copies of php4ts.dll for Php 4.3.4.
I am running Php 4.4.0. Where can I find a copy of php4ts.dll for
Php4.4.0 that enables secure streams?
(And is that really the solution in Php 4.4.0?)
Thanks in Advance
--- End Message ---
--- Begin Message ---
James Benson wrote:
Could use the xampp package or just the openssl & php from it,
http://www.apachefriends.org/en/xampp.html
Hey thanks. I may give that a try, but I already have two full apache
servers loaded on my PC. What I can't figure out is why these secure
streams are not registered. I seem to have done everything needed.
If I get some free time this week, I may install Xampp - see what happens.
Chuck Anderson wrote:
[I've had this posted in the php.windows group for a few days, but I got
no replies there.]
I have been plugging away at this for some time now and I can not figure
out how to get https and ftps as registered streams in my Windows
installation of Php (4.4.0). My direct need is to use fopen on secure
URLs - https.
(I've installed openssl - enabled the Php openssl extension - and
verified that my copy of Php was compiled with the openssl module.)
The latest thing I have read says that I need a "special" copy of
php4ts.dll in order to enable secure streams (https, ftps) in Php on
Windows (XP, in my case).
The posts I read point to copies of php4ts.dll for Php 4.3.4.
I am running Php 4.4.0. Where can I find a copy of php4ts.dll for
Php4.4.0 that enables secure streams?
(And is that really the solution in Php 4.4.0?)
Thanks in Advance
--- End Message ---
--- Begin Message ---
On 14 Nov 2005, at 18:51, Richard Lynch wrote:
include_path("/full/path/to/DocumentRoot:" . include_path());
This may not be the right syntax/function to set include_path, but it
is a dynamic way to set the include path, from within PHP.
Yup, I tried this and it kind-of works, but still leads to some weird
behaviour.
INSTEAD, do this.
Create a PHP script, and name it 'x'
In .htaccess, force 'x' to be PHP as far as Apache is concerned:
<Files x>
ForceType application/x-httpd-php
</Files>
You can now access your "x=123" from $_SERVER['PATHINFO'] (or is it
'PATH_INFO'?
No more endless tweaking of Regex rules in httpd.conf and logging the
mod_rewrite and dinking with ^/[0-9]+ junk and re-starting Apache
every time you want to try a change.
That's a nice trick - I'll have to remember that. My rules are
in .htaccess (as seems normal for 'deployable' systems) so I don't
need to restart apache and it's easy to twiddle with them, and
besides, I like regexes ;^) The issue isn't really the passing of
parameters (which your approach deals with very nicely), it's that
PHP gets fooled into thinking that it's somewhere that it's not. The
most annoying thing about this problem is that I'm sure it should
'just work', and I know I've seen it do so before in both my scripts
and others - Serendipity has an almost identical setup for rewrites
and it doesn't do anything special to work with them - all this
futzing with paths that mod_rewrite does is long finished by the time
that PHP gets to hear about anything - PHP never has to know the real
URL, it should be happy to deal with the rewritten one.
The problem seems to be that given the incoming URL:
/x/123
this gets rewritten to
/x.php?x=123
and it does run the correct script in the correct directory, however,
once it's running PHP acts as if it had said:
/x/x.php?x=123
Which just breaks paths everywhere. I know that this is what the
passthrough option is supposed to deal with, but removing it doesn't
help either. Maybe I should look more carefully at my RewriteBase etc.
I've asked in sitepoint apache forums too, see if anyone there has
any idea.
Thanks for the ideas.
Marcus
--
Marcus Bointon
Synchromedia Limited: Putting you in the picture
[EMAIL PROTECTED] | http://www.synchromedia.co.uk
--- End Message ---
--- Begin Message ---
On 14 Nov 2005, at 19:01, Richard Lynch wrote:
It may not be my final choice whether they download or not, but if a
browser doesn't treat:
application/octet-stream
as a download, and only as a download, then that browser is pretty
broken.
Letting the user configure their browser for that MIME type to be
opened by an application is just plain wrong for a browser, by
specification.
If you find a browser that lets you configure application/octet-stream
to be opened with a specific application, then file a bug report with
whomever wrote that browser.
There's no such spec for browsers per se (which is why they vary so
much) - they are just HTTP clients. I can think of a perfectly
reasonable situation where I would want a plugin to handle
application/octet-stream - say I'm pulling some arbitrary binary data
and while I'm debugging, an in-browser hex dump could be very useful.
The other thing is that I may be being forced to use that 'wrong'
MIME type to work around bad implementations of content-
disposition... I know that's not a common situation, but there should
be nothing preventing me from doing it. There are browsers that don't
do downloads at all (I've written some), there are others that do
nothing but downloads (I use Interarchy for just that). I could offer
a similar opinion about the browsers that have odd implementations of
content-disposition.
Marcus
--
Marcus Bointon
Synchromedia Limited: Putting you in the picture
[EMAIL PROTECTED] | http://www.synchromedia.co.uk
--- End Message ---
--- Begin Message ---
Dan Rossi wrote:
Personally, i am trying to avoid all these frameworks until
everyones ideas are collabroated into one as i think they only work for
some or for the developers purposes only.
What features do you need from a framework?
--- End Message ---
--- Begin Message ---
Dan Rossi wrote:
Just found this article via phpeclipse.de stating Zend will be including
Eclipse framework in their development schedules :)
http://www.zend.com/news/zendpr.php?id=109
Id like to know more about this standardized application framework.
Me too, considering the fact that I spent last 1.5 years developing my
own PHP framework.
--- End Message ---
--- Begin Message ---
_http://andigutmans.blogspot.com/_ (http://andigutmans.blogspot.com/)
Andi talks about the Framework on his Blog.
- Clint
--- End Message ---
--- Begin Message ---
On Mon, 2005-11-14 at 03:55 -0500, Roman Ivanov wrote:
> What features do you need from a framework?
Convention over configuration. (Yaml, not XML. ActiveRecord not
Propel/Phing.)
A persist-able domain model where logic and data are presented in one
wrapping. (I don't want to re-assign my data in the view for use in the
template after it's already ready already in the controller, pointless.)
A database-agnostic database abstraction layer capable of using database
meta data effectively. (Why am I still writing SQL?)
Ajax, built-in. (Cause all the cool kids are using it.)
--
Greg Donald
Zend Certified Engineer
MySQL Core Certification
http://destiney.com/
--- End Message ---
--- Begin Message ---
test
--- End Message ---
--- Begin Message ---
Sorry for the newbie question...
I did a search on php.net but didn't find my answer.
what does \r\n do as opposed to just \n?
and yes, I know what \n does.
On 11/14/05, Richard Lynch <[EMAIL PROTECTED]> wrote:
> On Fri, November 11, 2005 9:33 pm, Bruce Gilbert wrote:
> > $headers = "From: $sender";
> > $headers .= "Reply-To: $reply_to";
> > $headers .= "Return-Path: $return_path";
>
> > $headers .= "X-Sender: $x_sender";
> > $headers .= "X-Mailer: PHP4\n"; //mailer
>
> These two may trip some spam filters.
>
> > $headers .= "X-Priority: 3\n"; //1 UrgentMessage, 3 Normal
>
> Setting this at all probably trips a few spam filters.
>
> > $headers .= "Mime-Version:1.0\n Content-Type: text/plain;
> > charset=\"iso-8859-1\nContent-Transfer-Encoding: 8bit\n";
> >
> > mail( $recipient, $subject, stripslashes($message), $headers );
>
> Check the return error code!!!
> http://php.net/mail
>
> > sleep(1);
>
> Just how many emails are you trying to send with mail()?
>
> http://php.net/mail was never designed for heavy-volume lists...
>
> Look into http://phpclasses.org for something that WAS designed to
> handle the volume you need.
>
> > }
> >
> > // run second query to automatically dump unsubscribed email
> > addresses.
>
>
> > $query2 = "
> > DELETE FROM
> > mailinglist
> > WHERE
> > subscribe='0'
> > AND
> > confirmed='0' ";
> >
> > //run the query
> > mysql_query($query2, $link) or die (mysql_error());
>
> Dude, if I unsubscribed, get me off the list *BEFORE* you send out
> another email, not after.
>
> --
> Like Music?
> http://l-i-e.com/artists.htm
>
>
>
--
::Bruce::
--- End Message ---
--- Begin Message ---
Bruce Gilbert wrote:
Sorry for the newbie question...
I did a search on php.net but didn't find my answer.
what does \r\n do as opposed to just \n?
and yes, I know what \n does.
Different platforms have different line-break conventions. \n is a line
feed, while \r is a carriage return (these names date from typewriters,
I believe!)
I think that \r\n is the standard way to separate header fields in HTTP
and SMTP, but maybe it's just the most interoperable way. Everyone I
know does it, so I'm just being a sheep...
Jasper
--- End Message ---
--- Begin Message ---
HI All,
In your template parsing classes do you put the code for tags in
seperate files or do you have some kind of array or other method of
assigning the action associated with the tag?
I have been putting the code for the tags in a dat/tag.dat file and
then including the file wherever the tag is called. For good measure
I call the attributes in the tags (which a returned by a regex) as
$ATTRIBUTES['name']. and then any data needing passed back from the
code in the tag I call $PASSBACK['name'].
Does this seem standard? I have looked through a few template parsing
classes and feel it is easier to come up with my own than it is to use
most of them.
Thanks,
--
Leonard Burton, N9URK
[EMAIL PROTECTED]
"The prolonged evacuation would have dramatically affected the
survivability of the occupants."
--- End Message ---
--- Begin Message ---
On Mon, 2005-11-14 at 23:42, Leonard Burton wrote:
> HI All,
>
> In your template parsing classes do you put the code for tags in
> seperate files or do you have some kind of array or other method of
> assigning the action associated with the tag?
>
> I have been putting the code for the tags in a dat/tag.dat file and
> then including the file wherever the tag is called. For good measure
> I call the attributes in the tags (which a returned by a regex) as
> $ATTRIBUTES['name']. and then any data needing passed back from the
> code in the tag I call $PASSBACK['name'].
>
> Does this seem standard? I have looked through a few template parsing
> classes and feel it is easier to come up with my own than it is to use
> most of them.
I don't think there's a standard per se :) Different template systems
reach for different results and employ different methods in doing so. At
some point though there needs to be something to handle the
content/attributes and so your inclusion system works.
My own system requires that custom compilers be configured (registered)
in the project config file, and then the template manager loops over
each entry and allows each one to process the content in turn. Most of
these custom compilers inherit from a base compiler class and so the
actual parsing code is shared, upon parsing, the code performs a call to
tag handling methods contained/registered in the compiler object that
can process the content that was parsed. In this way custom compilers of
different semantics can be plugged in with a simple registry entry.
Additionally within this system the generated content can itself include
custom tags/content which can subsequently be reparsed. This can cause
recursion issues if the developer isn't wary, but allows for the
building of custom tags based on smaller custom tags.
HTH,
Rob.
--
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting |
| a powerful, scalable system for accessing system services |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for |
| creating re-usable components quickly and easily. |
`------------------------------------------------------------'
--- End Message ---
--- Begin Message ---
On Mon, Nov 14, 2005 at 02:08:08PM -0600, Richard Lynch wrote:
> On Mon, November 14, 2005 12:41 pm, Brian Dunning wrote:
> > Does anyone know if there's a handy way to create a numeric hash from
> > a text string? I'm trying to generate an integer as a sort of quick &
> > dirty checksum for text strings. Needs to be a decimal integer, not
> > hex or otherwise. Any clever ideas appreciated. :)
>
>
> You're probably better off re-thinking your "needs to be an integer"
> requirement, though, honestly, unless there is some really really
> compelling driving external force at work.
yeah, i would tend to agree. I'm not sure what your 'Integer'
requirements are but if you use md5() or sha1(), you will more
likely be able to validate the content more reliably vs crc32().
Curt.
--
--- End Message ---
--- Begin Message ---
bye
--- End Message ---
--- Begin Message ---
Hi there,
I´m familiar with PHP syntax, but I´ve been reading some sample scripts, in
PHP5 and i´ve seen some "strange" things, like diferent ways to read a
collection of rows, magic functions, wrapers, and operators like "::" and
"->". I know that all is the manual, but before that anyone nows, a website
or a simple tutorial or explained samples, in order that the transition from
PHP4 and PHP5 were easiest as possible.
Thanks
--
dpc
--- End Message ---
