php-general Digest 8 Jul 2006 13:10:02 -0000 Issue 4228
Topics (messages 239202 through 239214):
Re: Problem using fgetcsv()
239202 by: Richard Lynch
Re: url obfuscation
239203 by: Richard Lynch
239205 by: Richard Lynch
239213 by: Anas Mughal
Re: uploading and extracting zip files
239204 by: Richard Lynch
Re: Bitwise operators and check if an bit is NOT within the flag.
239206 by: Richard Lynch
Re: running multiple updates on a single line
239207 by: Richard Lynch
Re: Web service in PHP
239208 by: Richard Lynch
Re: global class instance
239209 by: Richard Lynch
Re: Chnage Management in PHP aka version control?
239210 by: Richard Lynch
Re: Sanity checker?
239211 by: Ezra Nugroho
239214 by: David Tulloh
phpdocwriter
239212 by: Leonard Burton
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[email protected]
----------------------------------------------------------------------
--- Begin Message ---
On Thu, July 6, 2006 11:54 am, Don wrote:
> I have a CSV file, comma delimited with the data enclosed by double
> quotes.
>
> I am using the fgetcsv() function to read and into an array and update
> a
> database. It works great except for the odd record. After
> investigating, I
> have ascertained that it is due to a backslash character in the data
> which
> fgetcsv() cannot parse properly. I don;t see anyway around this using
> fgetcsv(). Has anyone written a custom routine for this?
>
> Code Snippet
> -------------------
> $vvFile = 'myfile.csv';
> $fph = fopen($vvFile,"r")
> if ($fph) {
> while (($data = fgetcsv($fph,4096,',','"')) !== FALSE) {M
You *MUST* use:
http://php.net/mysql_real_escape_string
on each element of the array before cramming it into MySQL.
> // Insert fields from array '$data' to my MySQL database -
> will fail
> on bad data
> }
> fclose($fph);
> }
>
> Sample Data
> ------------------
> "123456","135679048754","7154904875","HD INDOOR INSECT KILR 33 OZ
> 6","EA"
> "654321","246809052607","7154905260","59-2 CACTUS & SUCCULENTS
> \","EA"
The \ is special to MySQL (and PHP) but not CSV.
So your problem is not with CSV -- It's with MySQL input routines.
See above.
--
Like Music?
http://l-i-e.com/artists.htm
--- End Message ---
--- Begin Message ---
On Thu, July 6, 2006 11:49 am, Dan McCullough wrote:
> Looking for a good way to obfuscation the name value pairs in a URL,
> so it might be something like
> http://www.domain.com/page=fjdsaflkjdsafkfjdsakfjdsalkfjsda983dsf or
> something like that, I was looking at base64_encode, but was wondering
> what others might do or use. It doesnt have to be super secure, but I
> would still like the information to not be really visable.
Bad Idea.
Your URLs will get much too long, and GET data can be limited, and
you'll hit that limit if you keep this up...
If the data shouldn't be visible, put it in $_SESSION
--
Like Music?
http://l-i-e.com/artists.htm
--- End Message ---
--- Begin Message ---
On Thu, July 6, 2006 12:00 pm, Anas Mughal wrote:
> I have encrypted the values -- not the keys. With this approach, I
> presume I
> have made it harder for anyone trying to screen scrap my data. (It is
> not
> possible to write a script that would loop over my pages.)
Unless you are using an always-changing value for the value, then the
screen-scraper doesn't really give a damn whether the value is:
2
avpu8e9hgre98gh9erhb549hgt2395tybnsdibnusreiobnwre9pg8h25490t8
It's all the same to a computer.
If you ARE using always-changing URLs, then the search engines are
never gonna find your pages, which seems like an odd goal to me.
--
Like Music?
http://l-i-e.com/artists.htm
--- End Message ---
--- Begin Message ---
My URLs are constant. They are not changing.
All my dynamic pages are indexed nicely on Google.
I agree that a computerized screen scrapper could still screen scrap most of
my site. However, a simple script that attempts to bump up the identifier of
a resource in a URL, would not work. Here is example:
http://mydomain.com/view_resource.php?id=1
http://mydomain.com/view_resource.php?id=2
http://mydomain.com/view_resource.php?id=3
http://mydomain.com/view_resource.php?id=4
That would not work because my IDs are not sequential.
Any thoughts...
On 7/7/06, Richard Lynch <[EMAIL PROTECTED]> wrote:
On Thu, July 6, 2006 12:00 pm, Anas Mughal wrote:
> I have encrypted the values -- not the keys. With this approach, I
> presume I
> have made it harder for anyone trying to screen scrap my data. (It is
> not
> possible to write a script that would loop over my pages.)
Unless you are using an always-changing value for the value, then the
screen-scraper doesn't really give a damn whether the value is:
2
avpu8e9hgre98gh9erhb549hgt2395tybnsdibnusreiobnwre9pg8h25490t8
It's all the same to a computer.
If you ARE using always-changing URLs, then the search engines are
never gonna find your pages, which seems like an odd goal to me.
--
Like Music?
http://l-i-e.com/artists.htm
--
Anas Mughal
--- End Message ---
--- Begin Message ---
On Tue, July 4, 2006 7:26 pm, Schalk wrote:
> Can someone please point me to a tutorial or open source 'library'
> that
> will explain how one can upload a .zip file and then extract it's
> contents and store this on the server and/or database using PHP.
> Basically the same way as one can upload and install components etc.
> with Joomla. Thanks!
http://php.net/zip
--
Like Music?
http://l-i-e.com/artists.htm
--- End Message ---
--- Begin Message ---
On Tue, July 4, 2006 7:35 am, Mathijs wrote:
> //Do if VALIDATE_CHECK1 is set BUT NOT when VALIDATE_CHECK3 is set.
> if ($flag2 & self::VALIDATE_CHECK1 && $flag2 & ~self::VALIDATE_CHECK3)
Did you check operator precedence for & versus &&?
Perhaps you just need parentheses...
I'm also not at all sure the ~self::VALIDATE_CHECK3 is doing what you
want... Echo that out and see if it's the number you would expect...
--
Like Music?
http://l-i-e.com/artists.htm
--- End Message ---
--- Begin Message ---
On Mon, July 3, 2006 8:29 pm, Ryan A wrote:
> in phpmyadmin, in the SQL part where you can write a
> query if I have a double update such as this:
>
> it works without a problem as I am ending each sql
> statement with a simicolon, but in my scripts when I
> try to run multiple updates in a single line
>
> eg:
> $xyz="update xyz set id=1 where id=0;update xyz set
> id=3 where id=2;";
>
> it does not work... any idea why?
PHP MySQL client disallows that as a crude stop for some SQL injection
attacks.
I believe that upcoming MySQL client libraries may put it back in.
mysqli might even have it already.
--
Like Music?
http://l-i-e.com/artists.htm
--- End Message ---
--- Begin Message ---
On Fri, July 7, 2006 3:39 am, Pham Huu Le Quoc Phuc wrote:
> I want to build a Web Service in PHP.
> Could you give me some explain about this problem.
> Have any framework of Web service in PHP?
One framework:
http://php.net/soap
Roll your own framework:
http://php.net/sockets
--
Like Music?
http://l-i-e.com/artists.htm
--- End Message ---
--- Begin Message ---
On Wed, July 5, 2006 3:32 pm, KermodeBear wrote:
>>> i don't want to:
>>> - or use a::print
> $myFoo =& Singleton::getFoo();
What's wrong in this picture? :-)
As far as I can tell, the original poster shouldn't be using PHP,
since he wants the language to have some kind of implicit "$this"
--
Like Music?
http://l-i-e.com/artists.htm
--- End Message ---
--- Begin Message ---
On Wed, July 5, 2006 10:40 am, [EMAIL PROTECTED] wrote:
> I don't know about you, Jay, but all we really want to do is keep a
> record of revisions and be able to 'diff' between them and have the
> files lock so if someone tries to open the file and it's already open,
> that the user is alerted and allowed to open read-only if they desire.
I *much* prefer the CVS/subversion paradigm of concurrent changes, but
if the above is what you want, perhaps you should look into
SourceSafe.
NOTE:
SourceSafe in the 80s on Mac PPC *ate* two of my projects when
goofballs added ".doc" files as text.
I'll never ever ever use this product again, no matter how many people
tell me it's been fixed.
YMMV
--
Like Music?
http://l-i-e.com/artists.htm
--- End Message ---
--- Begin Message ---
Php experts everywhere,
This is a response to an old thread about a php audit tool.
I just want to announce a simple tool for that. It is not super smart
yet, but it is easily extensible.
Please check it out, and provide me with suggestions.
http://developer.spikesource.com/projects/phpsecaudit
I need a lot of help identifying function calls that need to be handled
with cautions.
Thank you
--
Ezra Nugroho
http://ez.spikesource.com
On Thu, 2006-05-04 at 14:44 -0500, Jay Blanchard wrote:
> [snip]
> Have you ever seen things like
>
> for ($i = 0; $i < count($some_array); $i++) {
> //do stuff
> }
>
> Do you know how slow it is if $some_array gets big compared to
>
> $array_count = count($some_array);
> for ($i = 0; $i < $array_count; $i++) {
> //do stuff
> }
> [/snip]
>
> The thing is this; there are lots of cases such as the one above that
> someone would have to code in order to make the tool worthwhile. It
> sounds like a good project for a large group of folks. We have headed
> down the road a couple of times on things like this and the problem
> always comes down to manpower. Start a project at SF or FM that maybe
> does a couple of basic things and hope that it grows from there.
--- End Message ---
--- Begin Message ---
Ezra Nugroho wrote:
> It was a long time since I post any question to this list, like back at
> php 3x time. Boy, a lot has change now.
>
> So I actually did kick some funny bones, not quite flames yet. And
> that's good, I don't really like that.
>
> <Wolf>
> We aren't going to take the time
> to answer a rhetorical question when you can STFW, RTFM, or RTA.
> </Wolf>
>
> Who are "we"? I hope you are not talking about php community in general.
> I would be really sad if that's true. Unfortunately, it seems like
> that's the trend in this list. I want newbies to succeed, hence my talk
> about such tool. O.W. newbies will go to RoR instead.
>
> Anyways,
>
> Have you ever seen things like
>
> for ($i = 0; $i < count($some_array); $i++) {
> //do stuff
> }
>
>
> Do you know how slow it is if $some_array gets big compared to
>
> $array_count = count($some_array);
> for ($i = 0; $i < $array_count; $i++) {
> //do stuff
> }
>
>
> Of course you do!
> But newbies might not....
Of course! Every time you ask for the count of an array PHP loops
through every item meaning that a doing many counts on a large array (an
O(n^2) operation) reduces your program to a crippling crawl.
Hang on a tic, that doesn't sound like the PHP that I know.
PHP knows the size of the array, doing a count(array) just returns an
existing internal number. The count() function doesn't get any slower
with the array size and calling a simple function isn't significantly
slower than accessing a variable. In fact, the above examples with an
array of 100,000 elements didn't result in either script being
consistantly faster than the other.
David
--- End Message ---
--- Begin Message ---
HI All,
Has anyone used phpdocwriter?
Does anyone know how to get it to work with OO 2.0?
It does not seem to work and the export.sh is specific to OO1.1.1.
Does this seem to be a mostly dead project? I didn't see much on the
forums linked to from
http://phpdocwriter.sourceforge.net/links.php?lang=en
Any ideas?
Thanks.
--
Leonard Burton, N9URK
[EMAIL PROTECTED]
"The prolonged evacuation would have dramatically affected the
survivability of the occupants."
--- End Message ---
