php-general Digest 9 Sep 2006 06:59:36 -0000 Issue 4337
Topics (messages 241496 through 241522):
Re: PHP Access Violations
241496 by: Wolf
Re: Strange server crash problem
241497 by: Robert Cummings
241502 by: Andrew Kreps
Re: Segfault problem [long]
241498 by: Daniel A. Ramaley
241515 by: Curt Zirzow
Variable of current function call?
241499 by: Brent Meshier
241500 by: Robert Cummings
241501 by: KermodeBear
Proxy and header redirection
241503 by: Ashley M. Kirchner
if statement with or comparison (newbie)
241504 by: JD
241505 by: Prathaban Mookiah
241506 by: Kevin Murphy
241507 by: Mitch Miller
241508 by: Jeremy Privett
241509 by: Satyam
241510 by: Satyam
241512 by: JD
241514 by: Robert Cummings
241516 by: tedd
241520 by: Robert Cummings
241521 by: Satyam
241522 by: Satyam
spec chars in file name
241511 by: afan.afan.net
241513 by: Curt Zirzow
unset globals and memory_get_usage
241517 by: Matthew North
Using a variable to call another variable
241518 by: Dave M G
241519 by: Robert Cummings
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
php-general@lists.php.net
----------------------------------------------------------------------
--- Begin Message ---
MySQL Query Tool
MySQL Admin Tool
Both free, both work flawlessly w/ MySQL and both maintained by MySQL
Wolf
Christopher Watson wrote:
> Following up on this now...
>
> I have successfully installed Apache 2.0.59 (Win32), and configured
> successfully for PHP 5.1.6 and MySQL 5.0.24. The app is running fine,
> but I ran a few manipulation queries from the SQLyog interface and
> Apache did crash. I'll have try to reproduce the problem again in
> order to get the exception data. This is looking more and more like a
> SQLyog problem. Maybe I should try another MySQL admin client.
>
> -Christopher
>
> On 9/6/06, Christopher Watson <[EMAIL PROTECTED]> wrote:
>> Spoke too soon. After a reboot, I had only IE and Homesite open,
>> making changes to PHP code and running the app, and it hit an access
>> violation. So SQLyog ain't it.
>>
>> -Chris
>>
>> On 9/6/06, Christopher Watson <[EMAIL PROTECTED]> wrote:
>> > Thanks for the input, Jon. I'll get to the Apache and IIS restart
>> > suggestions soon.
>> >
>> > Meanwhile, I think I have a semi-repeatable recipe for getting the
>> > access violation to happen. As far as I can tell, everything is cool
>> > until I open up SQLyog and do some sort of database manipulation
>> > within it. Almost immediately after that, switching back to the
>> > browser and flying through the app a little more brings on the
>> > violation. So far, my testing is indicating to me that the violation
>> > does not occur without SQLyog having done some work in the database.
>> >
>> > -Chris
>>
>
--- End Message ---
--- Begin Message ---
On Fri, 2006-09-08 at 09:19 -0500, Larry Garfield wrote:
>
> Our development server is an IIS/PHP 4.3 environment. The live server is a
> 4.0.6 box sitting behind a proxy server as well, which could be part of the
> problem. The whole thing is a mess, I agree. :-)
There are still boxes with PHP versions that low? Ugh :/ And it does
help you're using IIS *hahah* ;) Anyways, one thing that used to get me
occasionally that far back was trim( $var ) where $var was null. I was
always able to fix those by doing trim( ''.$var ). Anyways, just a
thought.
Cheers,
Rob.
--
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting |
| a powerful, scalable system for accessing system services |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for |
| creating re-usable components quickly and easily. |
`------------------------------------------------------------'
--- End Message ---
--- Begin Message ---
One thing that jumped to mind from my PHP 4 days -- do you have output_gzip
(or similar) enabled in your PHP.ini? I seem to remember having a similar
problem a while back, and disabling the gzipped output fixed it for me.
Also, is it possible to browse the website from the web server itself? That
could eliminate the proxy server as a potential issue.
On 9/8/06, Larry Garfield <[EMAIL PROTECTED]> wrote:
On Friday 08 September 2006 01:22, Robert Cummings wrote:
Our development server is an IIS/PHP 4.3 environment. The live server is
a
4.0.6 box sitting behind a proxy server as well, which could be part of
the
problem. The whole thing is a mess, I agree. :-)
--- End Message ---
--- Begin Message ---
On Thursday 07 September 2006 16:46, you wrote:
>You seem to be at least somewhat familiar with gdb, so this may not be
>news to you, but the segfault looks to be in PHP's pcre extension. PHP
>version 4.4.3 has an updated version of PCRE. That might be worth a
> shot.
My thanks to those of you who responded. I'll try compiling the latest
4.4.x and see if that fixes anything. If not, then i'll follow Chris'
suggestion to ask about it on the internals list.
------------------------------------------------------------------------
Dan Ramaley Dial Center 118, Drake University
Network Programmer/Analyst 2407 Carpenter Ave
+1 515 271-4540 Des Moines IA 50311 USA
--- End Message ---
--- Begin Message ---
On 9/7/06, Daniel A. Ramaley <[EMAIL PROTECTED]> wrote:
Hello. I have been struggling for a few months to solve a problem with
an Apache web server. First i'll try to describe the symptoms, then
give details about the configuration and what i have tried so far. I
would greatly appreciate any suggestions on how to diagnose and correct
the problem.
Symptom 1:
After starting Apache during periods of high load the server appears to
run fine for awhile ("awhile" is highly variable but on the order of 90
minutes) then starts returning empty pages. When the empty pages start,
Apache's error_log gets filled with lines like this:
First:
Hmm.. as noted in your post you are using apache2, what process method
are you using?
prefork
worker
perchild
if you have anything other than prefork, change your apache config to
use prefork. ( this is a very common issue with random highload random
crashes).
Second:
if that doesn't work and you dont need anything special with what
apache2 brings you, try apache 1.x
[Thu Sep 07 09:09:11 2006] [notice] child pid 3579 exit signal
Segmentation fault (11), possible coredump in /etc/httpd/core
These errors are very intermittent during periods of light load. I have
had CoreDumpDirectory defined for awhile and have amassed quite a
collection of core files. This is the first few lines of what gdb
reports for one of them:
(gdb) bt
#0 0x0000002a99ff2492 in preg_replace_impl (ht=Variable "ht" is not
available.)
at /usr/src/redhat/BUILD/php-4.3.9/ext/pcre/php_pcre.c:1154
#1 0x0000002a9a0ac255 in execute (op_array=0x552afe2798)
at /usr/src/redhat/BUILD/php-4.3.9/Zend/zend_execute.c:1640
#2 0x0000002a9a0a9386 in execute (op_array=0x552aff7fb8)
at /usr/src/redhat/BUILD/php-4.3.9/Zend/zend_execute.c:1684
#3 0x0000002a9a0a9386 in execute (op_array=0x552b0e26c8)
at /usr/src/redhat/BUILD/php-4.3.9/Zend/zend_execute.c:1684
#4 0x0000002a9a0a9386 in execute (op_array=0x552af80db8)
at /usr/src/redhat/BUILD/php-4.3.9/Zend/zend_execute.c:1684
Symptom 2:
A further symptom of problems is found in PostgreSQL's logs. The web
applications the server runs rely on PostgreSQL, which logs several
times per minute messages like this:
Sep 7 10:16:09 sun12 postgres[7411]: [1-1] LOG: unexpected EOF on
client connection
PostgreSQL is configured to accept 256 connections, twice as many
children as Apache should spawn.
Configuration:
The server is a Sun v40z, which is a dual Opteron box with 2 GB RAM. It
is running Red Hat Linux Enterprise AS 4.4 64-bit, with Apache 2.0.52,
PHP 4.3.9, and eAccelerator 0.9.4. The server's purpose is to run Horde
and Imp, with the latest versions of those packages and a few other
Horde components (Ingo, Passwd, and Turba).
I suppose the best thing to look for is to find a small sniplet of
code that you can reproduce the segfault and see if php 4.x and apache
2.x segfault on other systems with that setup.
otherwise there are just to many variables that could cause the
segfault it is a hard thing to trace.
Curt
--- End Message ---
--- Begin Message ---
While I'm inside a function call, is it possible to know what function
is currently being called?
Brent
--- End Message ---
--- Begin Message ---
On Fri, 2006-09-08 at 14:54 -0400, Brent Meshier wrote:
> While I'm inside a function call, is it possible to know what function
> is currently being called?
RTFM: http://www.php.net/manual/en/language.constants.predefined.php
Cheers,
Rob.
--
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting |
| a powerful, scalable system for accessing system services |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for |
| creating re-usable components quickly and easily. |
`------------------------------------------------------------'
--- End Message ---
--- Begin Message ---
> While I'm inside a function call, is it possible to know what
> function is currently being called?
Yes.
http://us2.php.net/debug_backtrace
--- End Message ---
--- Begin Message ---
In Apache I can configure a proxy redirect from one URL to another, ej:
htp://www.somesite.com/test -> http://www.othersite.com/path/to/display/
So that when the user loads up http://www.somesite.com/test they
actually see the content of the redirect instead (without the URL
getting rewritten.) However, if that redirected URL happens to be a PHP
script with a header() statement in it, things go wrong, ej:
http://www.somesite.com/test ->
http://www.othersite.com/locate.php?page=test
Assume that locate.php does a header() redirect to
/path/to/display/, suddenly the proxy redirect doesn't work, instead the
user will see the URL they typed in changed into:
http://www.somesite.com/test ->
http://www.somesite.com/path/to/display/ which will cause 404's.
Does this make any sense, and can someone figure out how to fix this?
--
W | It's not a bug - it's an undocumented feature.
+--------------------------------------------------------------------
Ashley M. Kirchner <mailto:[EMAIL PROTECTED]> . 303.442.6410 x130
IT Director / SysAdmin / Websmith . 800.441.3873 x130
Photo Craft Laboratories, Inc. . 3550 Arapahoe Ave. #6
http://www.pcraft.com ..... . . . Boulder, CO 80303, U.S.A.
--- End Message ---
--- Begin Message ---
I'm trying to set up a simple conditional, something like this:
If my_variable is NOT equal to (black or white)
echo "wrong color"
else
echo "right color"
Here is what I have tried:
if ($_REQUEST['id'] != ("black" or "white")) {
echo "wrong color";
} else (
echo "right color";
)
However, no matter what I enter, I always get response "right color".
I should add that if I change the if statement to:
if ($_REQUEST['id'] != ("black"))
then I get "right color" when I enter "black" and "wrong color" for
everything else.
Would you please point out what's the trivial thing I'm missing here...
jd
--- End Message ---
--- Begin Message ---
Let me rephrase it. Your color should be black or white to be the right
colour. Is this correct?
In that case you should change it to
if ($_REQUEST['id'] != "black" AND $_REQUEST['id'] != "white") {
echo "wrong color";
} else (
echo "right color";
}
----- Original Message -----
From: "JD" <[EMAIL PROTECTED]>
To: <php-general@lists.php.net>
Sent: Friday, September 08, 2006 5:03 PM
Subject: [PHP] if statement with or comparison (newbie)
> I'm trying to set up a simple conditional, something like this:
>
> If my_variable is NOT equal to (black or white)
> echo "wrong color"
> else
> echo "right color"
>
> Here is what I have tried:
>
> if ($_REQUEST['id'] != ("black" or "white")) {
>
> echo "wrong color";
>
> } else (
>
> echo "right color";
>
> )
>
> However, no matter what I enter, I always get response "right color".
>
> I should add that if I change the if statement to:
>
> if ($_REQUEST['id'] != ("black"))
>
> then I get "right color" when I enter "black" and "wrong color" for
> everything else.
>
> Would you please point out what's the trivial thing I'm missing here...
>
> jd
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
--- Begin Message ---
Shouldn't that be this instead:
if (($_REQUEST['id'] != "black") OR ($_REQUEST['id'] !=
"white")) {
echo "wrong color";
} else {
echo "right color";
}
--
Kevin Murphy
Webmaster: Information and Marketing Services
Western Nevada Community College
www.wncc.edu
775-445-3326
On Sep 8, 2006, at 2:28 PM, Prathaban Mookiah wrote:
Let me rephrase it. Your color should be black or white to be the
right
colour. Is this correct?
In that case you should change it to
if ($_REQUEST['id'] != "black" AND $_REQUEST['id'] != "white") {
echo "wrong color";
} else (
echo "right color";
}
----- Original Message -----
From: "JD" <[EMAIL PROTECTED]>
To: <php-general@lists.php.net>
Sent: Friday, September 08, 2006 5:03 PM
Subject: [PHP] if statement with or comparison (newbie)
I'm trying to set up a simple conditional, something like this:
If my_variable is NOT equal to (black or white)
echo "wrong color"
else
echo "right color"
Here is what I have tried:
if ($_REQUEST['id'] != ("black" or "white")) {
echo "wrong color";
} else (
echo "right color";
)
However, no matter what I enter, I always get response "right color".
I should add that if I change the if statement to:
if ($_REQUEST['id'] != ("black"))
then I get "right color" when I enter "black" and "wrong color" for
everything else.
Would you please point out what's the trivial thing I'm missing
here...
jd
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
I think the OR should be an AND ...
If $_REQUEST['id'] = "black" then the second test will be true and it
will output "wrong color." If the color is "white" then the same thing
will happen 'cause it meets the first criteria.
-- Mitch
Kevin Murphy wrote:
Shouldn't that be this instead:
if (($_REQUEST['id'] != "black") OR ($_REQUEST['id'] != "white")) {
echo "wrong color";
} else {
echo "right color";
}
--- End Message ---
--- Begin Message ---
Well, it could be this, too:
switch( $_REQUEST['id'] ) {
case "white":
echo "Right color.";
break;
case "black":
echo "Right color.";
break;
default:
echo "Wrong color.";
break;
}
---
Jeremy C. Privett
Director of Product Development
Zend Certified Engineer
Completely Unique
[EMAIL PROTECTED]
Phone: 303.459.4819
Fax: 303.459.4821
Web: www.completelyunique.com
This email may contain confidential and privileged material for the sole use
of the intended recipient. Any review or distribution by others is strictly
prohibited. If you are not the intended recipient please contact the sender
and delete all copies. Your compliance is appreciated.
-----Original Message-----
From: Kevin Murphy [mailto:[EMAIL PROTECTED]
Sent: Friday, September 08, 2006 3:26 PM
To: php
Cc: JD
Subject: Re: [PHP] if statement with or comparison (newbie)
Shouldn't that be this instead:
if (($_REQUEST['id'] != "black") OR ($_REQUEST['id'] !=
"white")) {
echo "wrong color";
} else {
echo "right color";
}
--
Kevin Murphy
Webmaster: Information and Marketing Services
Western Nevada Community College
www.wncc.edu
775-445-3326
On Sep 8, 2006, at 2:28 PM, Prathaban Mookiah wrote:
> Let me rephrase it. Your color should be black or white to be the
> right
> colour. Is this correct?
>
> In that case you should change it to
>
> if ($_REQUEST['id'] != "black" AND $_REQUEST['id'] != "white") {
>
> echo "wrong color";
>
> } else (
>
> echo "right color";
>
> }
>
> ----- Original Message -----
> From: "JD" <[EMAIL PROTECTED]>
> To: <php-general@lists.php.net>
> Sent: Friday, September 08, 2006 5:03 PM
> Subject: [PHP] if statement with or comparison (newbie)
>
>
>> I'm trying to set up a simple conditional, something like this:
>>
>> If my_variable is NOT equal to (black or white)
>> echo "wrong color"
>> else
>> echo "right color"
>>
>> Here is what I have tried:
>>
>> if ($_REQUEST['id'] != ("black" or "white")) {
>>
>> echo "wrong color";
>>
>> } else (
>>
>> echo "right color";
>>
>> )
>>
>> However, no matter what I enter, I always get response "right color".
>>
>> I should add that if I change the if statement to:
>>
>> if ($_REQUEST['id'] != ("black"))
>>
>> then I get "right color" when I enter "black" and "wrong color" for
>> everything else.
>>
>> Would you please point out what's the trivial thing I'm missing
>> here...
>>
>> jd
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
--- End Message ---
--- Begin Message ---
----- Original Message -----
From: "JD" <[EMAIL PROTECTED]>
To: <php-general@lists.php.net>
Sent: Friday, September 08, 2006 11:03 PM
Subject: [PHP] if statement with or comparison (newbie)
I'm trying to set up a simple conditional, something like this:
If my_variable is NOT equal to (black or white)
echo "wrong color"
else
echo "right color"
Here is what I have tried:
if ($_REQUEST['id'] != ("black" or "white")) {
What PHP (and any parser, for that matter) will try to do is first solve the
innermost parenthesis. ("black" or "white"). Many typed languages would
give an error at this point, but PHP tries to convert anything it gets to
whatever is more useful at the moment. Since both "black" and "white" are
not null or empty strings, they are evaluated as true for the logical
comparison and true or true is always true. Now, $_REQUEST['id'] might be
whatever it is, but dealing with booleans as we are this far, anything but
missing or empty string will be true as well, which will give you the second
option.
Now, first of all, avoid negative comparissons, negative booleans are
horrible. Try first to straighten them up or you might get thoroughly
confussed:
if ($_REQUEST['id] == 'black' or $_REQUEST['id'] == 'white') {
echo 'right color';
} else {
echo 'wrong color'';
}
And so as you know why it is good to straighten negative booleans, this
would be the twisted way
if ($_REQUEST['id] != 'black' and $_REQUEST['id'] != 'white') {
echo 'wrong color'';
} else {
echo 'right color';
}
Notice that not only the comparisson changed but now they are joined by an
AND instead of an OR and the then and else parts are swapped.
Satyam
echo "wrong color";
} else (
echo "right color";
)
However, no matter what I enter, I always get response "right color".
I should add that if I change the if statement to:
if ($_REQUEST['id'] != ("black"))
then I get "right color" when I enter "black" and "wrong color" for
everything else.
Would you please point out what's the trivial thing I'm missing here...
jd
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
----- Original Message -----
From: "JD" <[EMAIL PROTECTED]>
To: <php-general@lists.php.net>
Sent: Friday, September 08, 2006 11:03 PM
Subject: [PHP] if statement with or comparison (newbie)
I'm trying to set up a simple conditional, something like this:
If my_variable is NOT equal to (black or white)
echo "wrong color"
else
echo "right color"
Here is what I have tried:
if ($_REQUEST['id'] != ("black" or "white")) {
What PHP (and any parser, for that matter) will try to do is first solve the
innermost parenthesis. ("black" or "white"). Many typed languages would
give an error at this point, but PHP tries to convert anything it gets to
whatever is more useful at the moment. Since both "black" and "white" are
not null or empty strings, they are evaluated as true for the logical
comparison and true or true is always true. Now, $_REQUEST['id'] might be
whatever it is, but dealing with booleans as we are this far, anything but
missing or empty string will be true as well, which will give you the second
option.
Now, first of all, avoid negative comparissons, negative booleans are
horrible. Try first to straighten them up or you might get thoroughly
confussed:
if ($_REQUEST['id] == 'black' or $_REQUEST['id'] == 'white') {
echo 'right color';
} else {
echo 'wrong color'';
}
And so as you know why it is good to straighten negative booleans, this
would be the twisted way
if ($_REQUEST['id] != 'black' and $_REQUEST['id'] != 'white') {
echo 'wrong color'';
} else {
echo 'right color';
}
Notice that not only the comparisson changed but now they are joined by an
AND instead of an OR and the then and else parts are swapped.
Satyam
echo "wrong color";
} else (
echo "right color";
)
However, no matter what I enter, I always get response "right color".
I should add that if I change the if statement to:
if ($_REQUEST['id'] != ("black"))
then I get "right color" when I enter "black" and "wrong color" for
everything else.
Would you please point out what's the trivial thing I'm missing here...
jd
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
At 05:30 PM 9/8/2006, you wrote:
----- Original Message ----- From: "JD" <[EMAIL PROTECTED]>
To: <php-general@lists.php.net>
Sent: Friday, September 08, 2006 11:03 PM
Subject: [PHP] if statement with or comparison (newbie)
I'm trying to set up a simple conditional, something like this:
If my_variable is NOT equal to (black or white)
echo "wrong color"
else
echo "right color"
Here is what I have tried:
if ($_REQUEST['id'] != ("black" or "white")) {
What PHP (and any parser, for that matter) will try to do is first solve
the innermost parenthesis. ("black" or "white"). Many typed languages
would give an error at this point, but PHP tries to convert anything it
gets to whatever is more useful at the moment. Since both "black" and
"white" are not null or empty strings, they are evaluated as true for the
logical comparison and true or true is always true. Now, $_REQUEST['id']
might be whatever it is, but dealing with booleans as we are this far,
anything but missing or empty string will be true as well, which will give
you the second option.
Now, first of all, avoid negative comparissons, negative booleans are
horrible. Try first to straighten them up or you might get thoroughly
confussed:
if ($_REQUEST['id] == 'black' or $_REQUEST['id'] == 'white') {
echo 'right color';
} else {
echo 'wrong color'';
}
And so as you know why it is good to straighten negative booleans, this
would be the twisted way
if ($_REQUEST['id] != 'black' and $_REQUEST['id'] != 'white') {
echo 'wrong color'';
} else {
echo 'right color';
}
Notice that not only the comparisson changed but now they are joined by an
AND instead of an OR and the then and else parts are swapped.
Satyam
Thank you all!
jd
--- End Message ---
--- Begin Message ---
On Fri, 2006-09-08 at 15:30 -0600, Jeremy Privett wrote:
> Well, it could be this, too:
>
> switch( $_REQUEST['id'] ) {
> case "white":
> echo "Right color.";
> break;
>
> case "black":
> echo "Right color.";
> break;
>
> default:
> echo "Wrong color.";
> break;
> }
Ugh, if you're going to use a big ugly case statement for something so
trivial at least make use of the fall-through feature:
<?php
switch( $_REQUEST['id'] )
{
case 'white':
case 'black':
{
echo 'Right color.';
break;
}
default:
{
echo 'Wrong color.';
}
}
?>
Cheers,
Rob.
--
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting |
| a powerful, scalable system for accessing system services |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for |
| creating re-usable components quickly and easily. |
`------------------------------------------------------------'
--- End Message ---
--- Begin Message ---
At 5:03 PM -0400 9/8/06, JD wrote:
I'm trying to set up a simple conditional, something like this:
Here is what I have tried:
if ($_REQUEST['id'] != ("black" or "white")) {
In all of the answers given thus far, no one mentioned that the use
of $_REQUEST has a security issue with regard to where the $_REQUEST
originated.
$_REQUEST is an array consisting of $_GET, $_POST and $_COOKIE values
and as such, you don't know where the data came from and that might
be important.
So, wouldn't it be better to recommend that the poster use $_GET,
$_POST, or $_COOKIE instead of $_REQUEST?
Just an idea -- comments?
tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--- End Message ---
--- Begin Message ---
On Fri, 2006-09-08 at 18:38 -0400, tedd wrote:
> At 5:03 PM -0400 9/8/06, JD wrote:
> >I'm trying to set up a simple conditional, something like this:
> >
> >Here is what I have tried:
> >
> > if ($_REQUEST['id'] != ("black" or "white")) {
>
>
> In all of the answers given thus far, no one mentioned that the use
> of $_REQUEST has a security issue with regard to where the $_REQUEST
> originated.
>
> $_REQUEST is an array consisting of $_GET, $_POST and $_COOKIE values
> and as such, you don't know where the data came from and that might
> be important.
>
> So, wouldn't it be better to recommend that the poster use $_GET,
> $_POST, or $_COOKIE instead of $_REQUEST?
Nope, not inherently less secure. If you are properly cleaning and
validating your data (as every good program should) then it doesn't
matter whether you pull from $_GET, $_POST, or $_REQUEST. The only time
it's bad is if you make assumptions about the value received -- AND YOU
SHOULD NEVER ASSUME YOU HAVE CLEAN DATA FROM AN OUTSIDE SOURCE!!
Cheers,
Rob.
--
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting |
| a powerful, scalable system for accessing system services |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for |
| creating re-usable components quickly and easily. |
`------------------------------------------------------------'
--- End Message ---
--- Begin Message ---
No, just try it. Since the returned value cannot have to values at once,
whatever it comes it will succeed either one or both and being joined by an
or, any single one that succeeds make the whole succeed. Just try it:
Returned value result
red true or true => true
black false or true => true
white true or false => true
That is why in my e-mail I insisted that the best thing you can do with
complex booleans is try to straighten the logic and avoid too many
negations, which tend to turn the logic upside down.
Satyam
----- Original Message -----
From: "Kevin Murphy" <[EMAIL PROTECTED]>
To: "php" <php-general@lists.php.net>
Cc: "JD" <[EMAIL PROTECTED]>
Sent: Friday, September 08, 2006 11:25 PM
Subject: Re: [PHP] if statement with or comparison (newbie)
Shouldn't that be this instead:
if (($_REQUEST['id'] != "black") OR ($_REQUEST['id'] !=
"white")) {
echo "wrong color";
} else {
echo "right color";
}
--
Kevin Murphy
Webmaster: Information and Marketing Services
Western Nevada Community College
www.wncc.edu
775-445-3326
On Sep 8, 2006, at 2:28 PM, Prathaban Mookiah wrote:
Let me rephrase it. Your color should be black or white to be the
right
colour. Is this correct?
In that case you should change it to
if ($_REQUEST['id'] != "black" AND $_REQUEST['id'] != "white") {
echo "wrong color";
} else (
echo "right color";
}
----- Original Message -----
From: "JD" <[EMAIL PROTECTED]>
To: <php-general@lists.php.net>
Sent: Friday, September 08, 2006 5:03 PM
Subject: [PHP] if statement with or comparison (newbie)
I'm trying to set up a simple conditional, something like this:
If my_variable is NOT equal to (black or white)
echo "wrong color"
else
echo "right color"
Here is what I have tried:
if ($_REQUEST['id'] != ("black" or "white")) {
echo "wrong color";
} else (
echo "right color";
)
However, no matter what I enter, I always get response "right color".
I should add that if I change the if statement to:
if ($_REQUEST['id'] != ("black"))
then I get "right color" when I enter "black" and "wrong color" for
everything else.
Would you please point out what's the trivial thing I'm missing
here...
jd
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
No, just try it. Since the returned value cannot have to values at once,
whatever it comes it will succeed either one or both and being joined by an
or, any single one that succeeds make the whole succeed. Just try it:
Returned value result
red true or true => true
black false or true => true
white true or false => true
That is why in my e-mail I insisted that the best thing you can do with
complex booleans is try to straighten the logic and avoid too many
negations, which tend to turn the logic upside down.
Satyam
----- Original Message -----
From: "Kevin Murphy" <[EMAIL PROTECTED]>
To: "php" <php-general@lists.php.net>
Cc: "JD" <[EMAIL PROTECTED]>
Sent: Friday, September 08, 2006 11:25 PM
Subject: Re: [PHP] if statement with or comparison (newbie)
Shouldn't that be this instead:
if (($_REQUEST['id'] != "black") OR ($_REQUEST['id'] !=
"white")) {
echo "wrong color";
} else {
echo "right color";
}
--
Kevin Murphy
Webmaster: Information and Marketing Services
Western Nevada Community College
www.wncc.edu
775-445-3326
On Sep 8, 2006, at 2:28 PM, Prathaban Mookiah wrote:
Let me rephrase it. Your color should be black or white to be the
right
colour. Is this correct?
In that case you should change it to
if ($_REQUEST['id'] != "black" AND $_REQUEST['id'] != "white") {
echo "wrong color";
} else (
echo "right color";
}
----- Original Message -----
From: "JD" <[EMAIL PROTECTED]>
To: <php-general@lists.php.net>
Sent: Friday, September 08, 2006 5:03 PM
Subject: [PHP] if statement with or comparison (newbie)
I'm trying to set up a simple conditional, something like this:
If my_variable is NOT equal to (black or white)
echo "wrong color"
else
echo "right color"
Here is what I have tried:
if ($_REQUEST['id'] != ("black" or "white")) {
echo "wrong color";
} else (
echo "right color";
)
However, no matter what I enter, I always get response "right color".
I should add that if I change the if statement to:
if ($_REQUEST['id'] != ("black"))
then I get "right color" when I enter "black" and "wrong color" for
everything else.
Would you please point out what's the trivial thing I'm missing
here...
jd
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
I made a simple file uploader and it works fine (at lest I thought it
works fine). But, people uploaded files with so crazy names, like "MOORE's
20% Off.pdf" ?!?!?!?!?
First, it was uploaded with slash in front of apostrophy - I fixed that.
but, because of percent sign I can't link it.
How can I get rid of special chars from file names?
Thanks.
-afan
--- End Message ---
--- Begin Message ---
On 9/8/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
I made a simple file uploader and it works fine (at lest I thought it
works fine). But, people uploaded files with so crazy names, like "MOORE's
20% Off.pdf" ?!?!?!?!?
This is why it is so important that you understand how to filter data
based on where you are going to use it. You need to ensure the chars
used in the name you are using is going to be usable.
First, it was uploaded with slash in front of apostrophy - I fixed that.
but, because of percent sign I can't link it.
This is why you need to generate a unique 'safe' file name to store
the file as. If you are refering to a database entry that you keep
track of, use the auto generated id with a safe 'name'.
A Safe name would be any filename that is able to be saved on youre
file system, the safest you could get is to filter the data with:
$safe_filename = preg_replace('/[^a-zA-Z0-9/', '', $unsafe_name);
That will ensure that $safe _filename only has chars with A-Z or 0-9
in it, of course it doesn't address the length limitations of the
filename.
As I mentioned earlier, if you are storing this uploaded file into a
database use its auto generated id counter to ensure you dont have
name clashes, so you end up with:
$real_safe_filename = $safe_filename . $auto_generated_atomic_id .
'.extention of file';
HTH,
Curt
--- End Message ---
--- Begin Message ---
Hello All,
I've been struggling with a rather obscure PHP memory issue for the
last few days. Here's my setup:
FreeBSD 5.5
Apache2.0, PHP 5.1.6, and MySQL 4.1.x compiled from scratch (that is,
we're not using FreeBSD ports)
PHP is compiled with --enable-memory-limit and the limit is set to 8MB
We're developing a web application that involves traversal of a
hierarchical database structure (MySQL, PEAR::DB, and
PEAR::DB::DataObject). Currently that traversal is done recursively,
and involves visiting thousands of nodes in the tree. However, the
tree is relatively flat, and the recursion never gets more than 4 or 5
calls deep. A severely truncated but illustrative version of the code
of interest is:
<?php
// ... setup database connection and other infrastructure ...
trigger_error(memory_get_usage());
$result = traverse_hierarchy();
trigger_error(memory_get_usage());
// ... do something with $result
?>
Exactly what the traverse_hierarchy function does is mostly irrelevant
to my question, as will become clear in a moment.
In practice, the first trigger_error outputs ~2.5MB (mostly in
$GLOBALS['_DB_DATAOBJECT']...), and the 2nd, after the traversal,
outputs ~8MB. This puts us dangerously near our limit, and frequently
causes the application to quit as it reaches the 8MB limit.
The problem is this: the amount of data gathered is nowhere near the
~5.5 MB that PHP claims has been allocated during execution of
traverse_hierarchy, and attempts to figure out WHERE that memory has
been assigned have failed. Consider the following alterations to the
code:
<?php
// ... setup database connection and other infrastructure ...
trigger_error(memory_get_usage());
$result = traverse_hierarchy();
trigger_error(memory_get_usage());
clear_globals();
trigger_error(memory_get_usage());
// function to iteratively unset all globals
function clear_globals() {
foreach ($GLOBALS as $k => &$v) {
if ($k === 'GLOBALS')
continue;
$before = memory_get_usage();
unset($v);
unset($$k);
unset($GLOBALS[$k]);
$after = memory_get_usage();
trigger_error($k.':'.($before-$after));
unset($k);
}
unset($GLOBALS);
}
?>
The above code outputs the memory allocated before and after the
traversal, and before and after a function call (clear_globals) that
iteratively 'unset's all members of the $GLOBALS array. It also
outputs the amount of memory reclaimed after each unset of the members
of $GLOBALS.
When I wrote this I expected something like the following (ignoring
the superfluous error text generated by trigger_error):
2500000
8000000
(key):(memory released)
.
.
.
40000
Where 40000 is about the minimum memory footprint of an empty PHP
script as reported by memory_get_usage(), and where one of the
(key):(memory released) outputs would identify the memory hogging
culprit. However, what I got instead was something like:
2500000
8000000
(key):(memory released)
.
.
.
5500000
After unsetting ALL globals within the global context (there are no
stack frames present, and therefore no non-global variables), PHP
still claimed my script was holding onto 5.5MB!!
Note that traverse_hierarchy does not do anything that results in
additional code being evaluated. There are no new function
definitions, includes, or evals. So the additional memory is not
being used to store any new function or class definitions. All
non-global memory allocated by the function (theoretically) goes away
when the function exits, and all globals allocated by the function get
unset by the clear_globals function. I'm leaking memory somewhere --
the question is where?
I've scoured my own code -- and even tentatively looked at
DB_DataObject -- for cases of circular references, and have found
none.
The question is this: Given the following assumptions:
1) PHP's memory manager reclaims memory when all references to that memory are
gone.
2) A reference is 'gone' when it goes out of scope or is 'unset'.
3) The only references that remain in the global context are
references to globals (all non-global variables have gone out of scope
and that memory reclaimed)
4) $GLOBALS is a PHP special associative array that contains the name and
value of all global variables.
5) By doing unset($GLOBALS[$varname]) and unset($$varname), where $varname is
each key of the $GLOBALS array, I am effectively eliminating all remaining
references, and all allocated memory should be reclaimed by the memory
manager (except perhaps for memory associated with function and class
definitions).
6) Resources (think database resources) are automatically freed by
garbage collection when there are no more references to them
7) No additional code is being evaluated within traverse_hierarchy
8) I'm correct that there aren't any circular references in my code
nor in any PEAR module code
Are there any other ways that user code can result in this apparent
memory leak situation? If so, what are they?
Or, are any of my first 6 assumptions incorrect?
Thanks,
- Matthew H. North
--- End Message ---
--- Begin Message ---
PHP List,
I have a list of variables:
$001
$002
$003
$004
And what I'd like to do is have a function which will select and return
one of them. Something like:
public function returnVar($n)
{
return $(somehow n is made to reference the name of the variable);
}
And then in later scripts I can call anyone of the variables by saying
returnVar(001)
Or something like that.
I've been scratching my head on how to do this for a while. I thought
the answer might lie somewhere in call_user_func(), but even if it is I
can't determine how.
Any advice would be much appreciated.
Thank you for your time.
--
Dave M G
Ubuntu 6.06 LTS
Kernel 2.6.17.7
Pentium D Dual Core Processor
PHP 5, MySQL 5, Apache 2
--- End Message ---
--- Begin Message ---
On Sat, 2006-09-09 at 12:57 +0900, Dave M G wrote:
> PHP List,
>
> I have a list of variables:
>
> $001
> $002
> $003
> $004
>
> And what I'd like to do is have a function which will select and return
> one of them. Something like:
>
> public function returnVar($n)
> {
> return $(somehow n is made to reference the name of the variable);
> }
>
> And then in later scripts I can call anyone of the variables by saying
>
> returnVar(001)
>
> Or something like that.
>
> I've been scratching my head on how to do this for a while. I thought
> the answer might lie somewhere in call_user_func(), but even if it is I
> can't determine how.
>
> Any advice would be much appreciated.
<?php
function easy_peasy( $name )
{
$foo1 = 1;
$foo2 = 2;
$foo3 = 3;
return $$name;
}
echo easy_peasy( 'foo2' )."\n";
?>
Cheers,
Rob.
--
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting |
| a powerful, scalable system for accessing system services |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for |
| creating re-usable components quickly and easily. |
`------------------------------------------------------------'
--- End Message ---
