php-general Digest 1 Apr 2007 21:28:22 -0000 Issue 4710
Topics (messages 251880 through 251902):
Re: Security Best Practice: typecast?
251880 by: Tijnema !
251889 by: tedd
Re: finding the index name of an associative array
251881 by: Man-wai Chang
251886 by: itoctopus
251890 by: Man-wai Chang
251891 by: Peter Lauri
251892 by: itoctopus
why would these few statements writes the array?
251882 by: Man-wai Chang
251884 by: Man-wai Chang
Re: Saving css state in javascript and passing to php via form submit
251883 by: Jürgen Wind
Re: Downloads for subsrcibers only
251885 by: itoctopus
251896 by: Mário Gamito
Get free broadband internet from google!
251887 by: Tijnema !
251888 by: itoctopus
251895 by: tedd
Re: Alternative/Addition to using a CAPTCHA
251893 by: tedd
Re: Audio CAPTCHA review request
251894 by: tedd
Re: PHP sample code for XMLHttprequest with jQuery
251897 by: tedd
Re: Gnome and MIME types
251898 by: Nathan Ziarek
Re: PDO and buffered queries
251899 by: Larry Garfield
251900 by: Jürgen Wind
251901 by: Larry Garfield
HTDIGEST FILE FORMAT
251902 by: Manolet Gmail
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[email protected]
----------------------------------------------------------------------
--- Begin Message ---
On 4/1/07, Richard Lynch <[EMAIL PROTECTED]> wrote:
So, after a recent thread on data filtering, I'm wondering...
Is this "good enough" in ALL possible Unicode/charset situations:
$foo_id = (int) $_POST['foo_id'];
$query = "insert into whatever(foo_id) values($foo_id)";
Or is it possible, even theoretically possible, for a sequence of:
[-]?[0-9]+
to somehow run afoul of ANY charset?
Perhaps more interesting, how about this:
$foo = (float) $_POST['foo'];
Is there any way for any PHP output from (float), even with decimal
overflow/underflow in various databases, for that to "go wrong"?
Should one be ultra-conservative and just do:
$foo_sql = mysql_real_escape_string($connection);
or is that just being silly?
This oen is better i believe, but you probably don't want to unescape
the connection :)
use this instead:
$foo_sql = mysql_real_escape_string($foo_sql,$connection);
Tijnema
--
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
At 11:03 PM -0500 3/31/07, Richard Lynch wrote:
So, after a recent thread on data filtering, I'm wondering...
Is this "good enough" in ALL possible Unicode/charset situations:
$foo_id = (int) $_POST['foo_id'];
$query = "insert into whatever(foo_id) values($foo_id)";
The range of Unicode is massive FFFFFF. The "effective" range of
Unicode code points is 0x10FFFF, which is around 1.1 million, you
might want to limit it to that. That should work until someone either
adds more new languages than we currently have or we discover several
new continents. The "current" range is less than 0xFFFF (65k), so I
don't think you would have problems limiting it to that figure.
Cheers,
tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--- End Message ---
--- Begin Message ---
Jake McHenry wrote:
> foreach ($myarray as $key => $value)
> {
> echo "$key = $value";
> }
Thanks. I just found that there is an array_key() function.
--
.~. Might, Courage, Vision, SINCERITY. http://www.linux-sxs.org
/ v \ Simplicity is Beauty! May the Force and Farce be with you!
/( _ )\ (Ubuntu 6.10) Linux 2.6.20.4
^ ^ 17:09:01 up 8 days 4:21 1 user load average: 1.10 1.03 1.01
news://news.3home.net news://news.hkpcug.org news://news.newsgroup.com.hk
--- End Message ---
--- Begin Message ---
Note, however, that array_keys is not recursive.
--
itoctopus - http://www.itoctopus.com
"Man-wai Chang" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Jake McHenry wrote:
> > foreach ($myarray as $key => $value)
> > {
> > echo "$key = $value";
> > }
>
> Thanks. I just found that there is an array_key() function.
>
> --
> .~. Might, Courage, Vision, SINCERITY. http://www.linux-sxs.org
> / v \ Simplicity is Beauty! May the Force and Farce be with you!
> /( _ )\ (Ubuntu 6.10) Linux 2.6.20.4
> ^ ^ 17:09:01 up 8 days 4:21 1 user load average: 1.10 1.03 1.01
> news://news.3home.net news://news.hkpcug.org news://news.newsgroup.com.hk
--- End Message ---
--- Begin Message ---
itoctopus wrote:
> Note, however, that array_keys is not recursive.
foreach is recursive??? thanks.
--
.~. Might, Courage, Vision, SINCERITY. http://www.linux-sxs.org
/ v \ Simplicity is Beauty! May the Force and Farce be with you!
/( _ )\ (Ubuntu 6.10) Linux 2.6.20.4
^ ^ 20:44:01 up 8 days 7:56 0 users load average: 1.00 1.00 1.00
news://news.3home.net news://news.hkpcug.org news://news.newsgroup.com.hk
--- End Message ---
--- Begin Message ---
> -----Original Message-----
> From: news [mailto:[EMAIL PROTECTED] On Behalf Of Man-wai Chang
> Sent: Sunday, April 01, 2007 2:45 PM
> To: [email protected]
> Subject: [PHP] Re: finding the index name of an associative array
>
> itoctopus wrote:
> > Note, however, that array_keys is not recursive.
>
> foreach is recursive??? thanks.
>
> --
[Peter Lauri - DWS Asia]
foreach is NOT recursive :)
--- End Message ---
--- Begin Message ---
foreach is also not recursive, writing a recursive function to recursively
return the keys in an array should be trivial.
--
itoctopus - http://www.itoctopus.com
"Man-wai Chang" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> itoctopus wrote:
> > Note, however, that array_keys is not recursive.
>
> foreach is recursive??? thanks.
>
> --
> .~. Might, Courage, Vision, SINCERITY. http://www.linux-sxs.org
> / v \ Simplicity is Beauty! May the Force and Farce be with you!
> /( _ )\ (Ubuntu 6.10) Linux 2.6.20.4
> ^ ^ 20:44:01 up 8 days 7:56 0 users load average: 1.00 1.00 1.00
> news://news.3home.net news://news.hkpcug.org news://news.newsgroup.com.hk
--- End Message ---
--- Begin Message ---
$array = array(1,2,3);
foreach( $array as &$item );
foreach( $array as $item );
print_r( $array );
foreach is a read, not a write, isn't it?
--
.~. Might, Courage, Vision, SINCERITY. http://www.linux-sxs.org
/ v \ Simplicity is Beauty! May the Force and Farce be with you!
/( _ )\ (Ubuntu 6.10) Linux 2.6.20.4
^ ^ 17:09:01 up 8 days 4:21 1 user load average: 1.10 1.03 1.01
news://news.3home.net news://news.hkpcug.org news://news.newsgroup.com.hk
--- End Message ---
--- Begin Message ---
Man-wai Chang wrote:
> $array = array(1,2,3);
> foreach( $array as &$item );
> foreach( $array as $item );
> print_r( $array );
>
> foreach is a read, not a write, isn't it?
I got it...
--
.~. Might, Courage, Vision, SINCERITY. http://www.linux-sxs.org
/ v \ Simplicity is Beauty! May the Force and Farce be with you!
/( _ )\ (Ubuntu 6.10) Linux 2.6.20.4
^ ^ 19:33:01 up 8 days 6:45 0 users load average: 1.00 1.02 1.00
news://news.3home.net news://news.hkpcug.org news://news.newsgroup.com.hk
--- End Message ---
--- Begin Message ---
Richard Lynch wrote:
>
> On Fri, March 30, 2007 12:13 pm, Juergen Wind wrote:
>> Tijnema ! wrote:
>>>
>>> You can use session within javascript too i believe.
>>>
>> no, sessions are completely serverside, but you can use js to pass
>> variables
>> using the query string when sending a xmlHttpRequest.
>
> [pedantic]
> Actually, the cookie for a session, if it's using cookies and not
> trans_sid, lives on the client, and can (I think) be affected in JS.
>
> One can even store up to 4K of session data *in* the cookie,
> sufficiently encrypted with a 2-way encryption with the private key
> server-side, and achieve server-neutrality in a server farm, if one is
> so inclined.
>
> So it's POSSIBLE for one to architect a system wherein the session all
> lives on the client.
>
> If you're willing to expose your entire inner workings of your
> application (e.g., it's Open Source anyway, or there's just nothing
> worth hiding in the first place) you wouldn't NEED to encrypt the
> data.
>
> None of this would be useful in the context of this particular thread.
> [/pedantic]
>
>
of course you are right, Richard, i was too lazy to elaborate the whole
issue,
i should have written "$_SESSION" ;)
--
View this message in context:
http://www.nabble.com/Saving-css-state-in-javascript-and-passing-to-php-via-form-submit-tf3492648.html#a9776277
Sent from the PHP - General mailing list archive at Nabble.com.
--- End Message ---
--- Begin Message ---
Depends where you store the file, if you store the file in the database,
then it's much easier to do it.
Your idea (as it is right now) won't work, because anyone will be able to
copy and paste the link to your PDF document and download it (thus easily
overriding the logic you have in the page).
I've attached a class, called the FileManager class, which handles saving
and displaying data (virtually all types) from the database. It's extremely
easy to use. The usage is demonstrated in download.php (also attached). You
have to add some logic in order to restrict access to your files.
--
itoctopus - http://www.itoctopus.com
"Mário Gamito" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Hi,
>
> I made this site in PHP that has a page with some PDFs to download.
> My costumer wants that only subscribed people are allowed to download
> the PDFs.
>
> I've already made the subscrbe and login mechanism.
>
> Now, my question for you is about letting only subscribers download the
> PDFs.
> What is the best approach ?
> Register a session when they login and then in the PDFs page apply a
>
> if email is registered
> you can download the PDFs
> else
> you can't
>
> Something like this ?
> Or is it there a better way ?
>
> Any help would be appreciated.
>
> Warm Regards
> --
> :wq! Mário Gamito
begin 666 download.php
M/#]P:' -"@ES97-S:6]N7V-A8VAE7VQI;6ET97(H)VYO;F4G*3L-"@ER97%U
M:7)E*")I;F-L=61E<R]C;VYF:6<N<&AP(BD[#0H)+R]-:7-C96QL86YE;W5S
M.CIS86YI=&[EMAIL PROTECTED]"D[#0H))&9I;&5?:60@/2!H=&UL96YT:71I97,H
M)%]'151;)V9I;&5?:[EMAIL PROTECTED])1FEL94UA;F%G97(Z
8.F=E="@D9FEL95]I9"P@)&1B*3L-"C\^
`
end
begin 666 FileManager.class.php
M/#]P:' -"@[EMAIL PROTECTED]"0E 8VQA<W,@1FEL94UA;F%G97(-"@D)0&1E<V-R:7!T
M:6]N(%1H:7,@8VQA<W,@:&%N9&QE<R!I;G1E<F%C=&EO;B!W:71H($9I;&5S
M#0H)"4!C;W!Y<FEG:'0@:71O8W1O<'5S(#(P,#<@+2!4:&[EMAIL PROTECTED];V,@3&EB
M<F%R>0T*"2HO#0H)8VQA<W,@1FEL94UA;F%G97)[#0H)"2\J#0H)"0DJ0&9U
M;F-T:6]N('-A=F4-"@D)"2I 9&5S8R!T:&ES(&9U;F-T:6]N('-A=F5S('1H
M92!F:6QE(&EN('1H92!D871A8F%S90T*"0D)*D!P87)A;2!A<G)A>2 D9FEL
M95]H86YD;&[EMAIL PROTECTED];&4@;[EMAIL PROTECTED]&AE(&9I;&[EMAIL
PROTECTED]&5X+B D7T9)3$536R=T
M:&5?9FEL92==*0T*"0D)*D!P87)A;2!S=')I;F<@)&9I96QD7VYA;[EMAIL PROTECTED]&AE
M(&YA;64@;[EMAIL PROTECTED]&AE(&9I96QD#0H)"0DJ0'!A<F%M('-T<FEN9R D86-T:6]N
M(%5P9&%T92!O<B!S879E('1H92!F:6QE(&EN('1H92!T86)[EMAIL PROTECTED]&5F875L
M=',@=&\@<V%V92X-"@D)"2I <&%R86T@<W1R:6YG("1F:6QE7W-O=7)C92!4
M:&4@;F%M92!O9B!T:&4@<V]U<F-E('1A8FQE('-A=FEN9R!T:&[EMAIL PROTECTED] H
M<W5C:"!A<R!R96%L97-T871E*0T*"0D)*D!P87)A;2!S=')I;F<@)&9I;&5?
M<V]U<F-E7VED(%1H92!I9"!O9B!T:&4@<F]W(&EN('1H92!S;[EMAIL PROTECTED]&%B
M;&4-"@D)"2I <&%R86T@;V)J96-T("1D8B!4:&[EMAIL PROTECTED]&%T86)A<V4@:&%N9&QE
M#0H)"2HO#0H)"7-T871I8R!F=6YC=&EO;B!S879E*"1F:6QE7VAA;F1L92P@
M)&9I;&5?<V]U<F-E+" D9FEL95]S;W5R8V5?:60L("1A8W1I;VX])W-A=F4G
M+" D86QL;W=E9%]T>7!E<R ](&%R<F%Y*"DL("1D8BE[#0H)"0EI9B H96UP
M='DH)&9I;&5?:&%N9&QE6R=T;7!?;F%M92==*2D-"@D)"0ER971U<FX[#0H)
M"0DD9&%T82 ](&%D9'-L87-H97,H9G)E860H9F]P96XH)&9I;&5?:&%N9&QE
M6R=T;7!?;F%M92==+" B<B(I+" D9FEL95]H86YD;&5;)W-I>F4G72DI.PT*
M"0D):[EMAIL PROTECTED]"1A8W1I;VX@/3T@)W-A=F4G*7L-"@D)"0DD8W)E871I;VYD871E
M(#T@)&QA<W1U<&1A=&5D871E([EMAIL PROTECTED]&[EMAIL PROTECTED]@2#II.G,B*3L-"@D)
M"0DD<W%L(#T@)TE.4T525"!)3E1/(&9I;&[EMAIL PROTECTED]&9I;&5?;[EMAIL PROTECTED]
M>7!E+"!F:6QE7W-I>F4L(&9I;&5?<V]U<F-E+"!F:6QE7W-O=7)C95]I9"P@
M9FEL95]B:6YA<GDL(&9I;&5?8W)E871I;VYD871E+"!F:6QE7VQA<W1U<&1A
M=&5D871E*2!604Q515,@*%PG)RXD9FEL95]H86YD;&5;)VYA;64G72XG7"<L
M(%PG)RXD9FEL95]H86YD;&5;)W1Y<&4G72XG7"<L(%PG)RXD9FEL95]H86YD
M;&5;)W-I>F4G72XG7"<L(%PG)RXD9FEL95]S;W5R8V4N)UPG+"!<)R<N)&9I
M;&5?<V]U<F-E7VED+B=<)[EMAIL PROTECTED]"<G+B1D871A+B=<)[EMAIL
PROTECTED]"<G+B1C<F5A=&EO
M;F1A=&4N)UPG+"!<)R<N)&QA<W1U<&1A=&5D871E+B=<)RDG.PT*"0D)"0T*
M"0D)"2\O;F]W(&EF('1H92!T>7!E(&ES(&%N(&EM86=E+"!T:&5N(&-R96%T
M92!A('1H=6UB;F%I;" H<F5S:7IE('-H;W5L9"!B92!R96QA=&EV92D-"@D)
M"0D-"@D)"7T-"@D)"65L<V5[#0H)"0D))&QA<W1U<&1A=&5D871E([EMAIL PROTECTED]&%T
[EMAIL PROTECTED]@2#II.G,B*3L-"@D)"0DD<W%L(#T@)U501$%412!F:6QE(%-%
M5"!F:6QE7VYA;64]7"<G+B1F:6QE7VAA;F1L95LG;F%M92==+B=<)[EMAIL PROTECTED]
M95]T>7!E/5PG)RXD9FEL95]H86YD;&5;)W1Y<&4G72XG7"<L(&9I;&5?<V]U
M<F-E/5PG)RXD9FEL95]S;W5R8V4N)UPG+"!F:6QE7W-O=7)C95]I9#U<)R<N
M)&9I;&5?<V]U<F-E7VED+B=<)[EMAIL PROTECTED]:6YA<GD]7"<G+B1D871A+B=<
M)[EMAIL PROTECTED]&%T93U<)R<N)&QA<W1U<&1A=&5D871E+B=<
M)R<[#0H)"0D)#0H)"0D)+R]N;W<@:[EMAIL PROTECTED]&AE('1Y<&4@:7,@86X@:6UA9V4L
M('[EMAIL PROTECTED](&[EMAIL PROTECTED]&AU;6)N86EL#0H)"0D)#0H)"0E]#0H)"0DD<F5S
M=6QT/2 D9&(M/G%U97)Y*"1S<6PI.PT*"0E]#0H)"0T*"[EMAIL PROTECTED]"0D)*D!F
M=6YC=&EO;B!G970-"@D)"2I 9&5S8R!4:&ES(&9U;F-T:6]N(')E='5R;G,@
M82!L:6YK('1O('1H92!F:6QE(&)A<V5D(&]N('1H92!I9 T*"0D)*D!P87)A
M;2!S=')I;F<@)&9I;&5?:[EMAIL PROTECTED]&AE(&ED(&]F('1H92!F:6QE(&EN('1H92!D
M871A8F%S90T*"0D)*D!P87)A;2!O8FIE8W0@)&1B(%1H92!D871A8F%S92!H
M86YD;&4-"@D)"2I <F5T=7)N('9O:60-"@D)*B\-"@D)<W1A=&EC(&9U;F-T
M:6]N(&=E="@D9FEL95]I9"P@)&1B*7L-"@D)"21S<6P@/2 G4T5,14-4(&9I
M;&5?:60L(&9I;&5?;[EMAIL PROTECTED]>7!E+"!F:6QE7W-I>F4L(&9I;&5?
M8FEN87)Y([EMAIL PROTECTED]:&5R92!F:6QE7VED/5PG)RXD9FEL95]I9"XG
M7"<G.PT*"0D))')E<W5L=#T@)&1B+3YQ=65R>[EMAIL PROTECTED]<W%L*3L-"@D)"6AE861E
M<[EMAIL PROTECTED]&5N="UL96YG=&@Z)RXD<F5S=6QT6S!=6R=F:6QE7W-I>F4G72D[
M#0H)"0EH96%D97(H)T-O;G1E;G0M='EP93HG+B1R97-U;'1;,%U;)V9I;&5?
M='EP92==*3L-"@D)"2\O:68@:70G<R!N;[EMAIL PROTECTED]@:[EMAIL
PROTECTED]&AE;B!D;W=N
M;&]A9"!I="P@;W1H97)W:7-E(&1I<W!L87D@:70-"@D)"6EF("AS=')P;W,H
M)')E<W5L=%LP75LG9FEL95]T>7!E)UTL("=I;6%G92<I("$]/2!&04Q312D-
M"@D)"0EH96%D97(H(D-O;G1E;G0M='EP93H@(BXD<F5S=6QT6S!=6R=F:6QE
M7W1Y<&4G72XB.R!F:6QE;F%M93TB+B1R97-U;'1;,%U;)V9I;&5?;F%M92==
M*3L-"@D)"65L<V4-"@D)"0EH96%D97(H(D-O;G1E;G0M1&ES<&]S:71I;VXZ
M(&%T=&%C:&UE;G0[(&9I;&5N86UE/2(N)')E<W5L=%LP75LG9FEL95]N86UE
M)UTI.PT*"0D)96-H;[EMAIL PROTECTED]<F5S=6QT6S!=6R=F:6QE7V)I;F%R>2==*3L-"@D)
M?0T*"0D-"@D)+RH-"@D)"2I 9G5N8W1I;[EMAIL PROTECTED]&5L971E#0H)"0DJ0&1E<V,@
M5&AI<R!F=6YC=&EO;B!D96QE=&[EMAIL PROTECTED]:6QE(&9R;[EMAIL
PROTECTED]&AE(&1A=&%B87-E
M#0H)"0DJ0'!A<F%M(&EN=&5G97(@)&9I;&5?:[EMAIL PROTECTED]&AE(&ED(&]F('1H92!F
M:6QE('1O(&)E(&1E;&5T960-"@D)"2I <&%R86T@;V)J96-T("1D8B!4:&4@
M9&%T86)A<V4@:&%N9&QE#0H)"0DJ0'-T871I8PT*"0DJ+PT*"0ES=&%T:6,@
M9G5N8W1I;[EMAIL PROTECTED]&5L971E*"1F:6QE7VED+" D9&(I>PT*"0D))'-Q;" ]("=$
[EMAIL PROTECTED])/32!F:6QE(%=(15)%(&9I;&5?:60]7"<D9FEL95]I9%PG)SL-
M"@D)"21R97-U;'0]("1D8BT^<75E<GDH)'-Q;"D[#0H)"7T-"@D)#0H)?0T*
"/SX`
`
end
--- End Message ---
--- Begin Message ---
Hi,
itoctopus wrote:
> Depends where you store the file, if you store the file in the database,
> then it's much easier to do it.
> Your idea (as it is right now) won't work, because anyone will be able to
> copy and paste the link to your PDF document and download it (thus easily
> overriding the logic you have in the page).
> I've attached a class, called the FileManager class, which handles saving
> and displaying data (virtually all types) from the database. It's extremely
> easy to use. The usage is demonstrated in download.php (also attached). You
> have to add some logic in order to restrict access to your files.
Thanks a bunch.
I'll try it tomorrow at work
Warm Regards
--
:wq! Mário Gamito
--- End Message ---
--- Begin Message ---
Hi,
It's true, free broadband internet from google :)
Have a look at this page:
http://www.google.com/tisp
Start now with installing:
http://www.google.com/tisp/install.html
Tijnema
ps. 1 April is cool huh?
--- End Message ---
--- Begin Message ---
That's funny, looks like the good people at google have lots of time on
their hands.
--
itoctopus - http://www.itoctopus.com
""Tijnema !"" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Hi,
>
> It's true, free broadband internet from google :)
>
> Have a look at this page:
> http://www.google.com/tisp
>
> Start now with installing:
> http://www.google.com/tisp/install.html
>
>
> Tijnema
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> ps. 1 April is cool huh?
--- End Message ---
--- Begin Message ---
At 2:29 PM +0200 4/1/07, Tijnema ! wrote:
Hi,
It's true, free broadband internet from google :)
Have a look at this page:
http://www.google.com/tisp
Start now with installing:
http://www.google.com/tisp/install.html
Tijnema
Tijnema:
Not that I fell for it, but I just couldn't imagine why Google would
have that on their site, so in that aspect, it got me.
Nice April fool joke. :-)
tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--- End Message ---
--- Begin Message ---
At 2:00 AM -0500 4/1/07, Richard Lynch wrote:
On Fri, March 30, 2007 2:29 pm, [EMAIL PROTECTED] wrote:
For those of you not following, what tedd's done with is blue dot is
created a larger image that contains a blue dot somewhere. You can
click in a fairly wide area, but only clicking on the blue dot yields
a success.
But it's probably not any harder to "crack" than the traditional
WORD_AS_IMAGE captchas -- One just has to write an algorithm to
edge-detect the blue circle instead of edge-detecting the letters and
converting them to ASCII.
Actually, edge-detecting the blue circle is probably easier, when you
get right down to it.
It's the same kind of basic "robot vision" that's covered in CS
Algorithms 101 class.
That's true to a certain extent, but robot vision has it's limits and cost.
The alpha channel image allows text and the image to merge as a
screen reader would view it -- as such the text on the page become
noise for edge detection routines.
Plus, I can certainly change the blue-dot image to anything I want
such as a red pig, yellow star, green leaf, white-dot (i.e., the
dimming or absence of text), even different text, or anything that
could be easily recognized by a sighted human but be a nightmare for
edge detection and subsequent object identification.
http://sperling.com/examples/p-captcha
I can also add logic to the presentation such as "click the largest
blue dot" and present three of different sizes -- or present "click
the tree" in a presentation of several different objects.
The number of different types of presentations and how easily the
presentations can be changed would be an effective method for
stopping bots. I can't envision how a bot could accurately solve such
problems.
As I see it, the only means a bot would have at successful navigation
would be a random "guess" at what the coordinates might be and then
the success of that is a function of how large the background is as
compared to the image (background pixels/image pixels) and how many
times they are allowed to guess.
Plus, what's to stop one from using multiple layer dot-capthca's?
Present two test and the odds against random success go up
tremendously.
Considering that most graphic CAPTCHA's are broken with respect to
blocking bots and are clearly approaching the point where even able
visioned users have problems with them, I see this technique as a
very viable alternative. Would you rather try to decipher twisted
letters in an image OR click the dot twice?
The biggest problem here, of course, is we are considering ONLY able
vision users. Those with impaired vision or limited cognitive or
physical skills would be also blocked and therein lies the rub. Thus,
my continued work to find a solution as with my recent work on my
audio CAPTCHA, regardless of speech recognition techniques.
I just need a way for vision impaired users to find the dot -- any suggestions?
Cheers,
tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--- End Message ---
--- Begin Message ---
At 3:02 AM -0500 4/1/07, Richard Lynch wrote:
On Fri, March 30, 2007 2:23 am, Tijnema ! wrote:
Speech recognition
isn't working very well, and i don't think it would be able to get
these numbers from the audio, but I have too less experience with
speech recognition.
Put it this way:
If Corporate America uses speech recognition on national 1-800 numbers
successfully, with every accent from NYC to Alabama to Minnesota, what
are the odds that Tedd's audio samples, even muddied up a bit, are
going to be a challenge?...
Is that true?
I read an article about Japan's speech recognition as being very
successful because of the purity of their language's phonetics and
used English as an example of being problematic.
Every time I'm asked to say my credit card number over the phone to
some speech recognition algorithm, the human operator always asks for
it again.
But, in support of your claim, I think you are probably correct -- I
just don't know for sure.
Cheers,
tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--- End Message ---
--- Begin Message ---
At 10:26 PM +0200 3/30/07, Otto Wyss wrote:
I'm currently evaluating jQuery as a Javascript library for my web
site but first would like to see a working sample with PHP doing
XMLHttprequest. Is anyone else using jQuery and has some sample code
to look at?
O. Wyss
I'm not using php to generate a XMLHttprequest, but I am mixing languages, see:
http://xn--nvg.com/thickbox
If you can't read it, try it with a better browser.
Cheers,
tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--- End Message ---
--- Begin Message ---
Thanks for the tips.
What I ultiamtely ended up finding was that www-data's home dir is /
var/www/. I made a writeable directory called .gnome2 in there and
then the command worked. I then made that directory read-only and the
command still works.
For whatever it is worth (in case I'm making things way too
complicated) I'm looking for a way to have people in my department be
able to import pictures, movies, word docs, powerpoints, etc using a
common interface. I'd like to use the MIMe types for two things: 1 -
to limit what gets imported, and two to have filters work on each
file to create thumbnails (I'll be using OOo to create a PDF from the
Word/Excel/PPT files).
I tried fileinfo, but couldn't get it to work consistently. The
gnomevfs-info command provided very good MIME data, but needed this
directory to work. I'm not sure if I can change the home dir in /etc/
password and not have any other ill effects, but I don't think it
matter much at this point.
Thanks again for all the help,
nate
On Apr 1, 2007, at 1:48 AM, Richard Lynch wrote:
exec takes a couple optional args to get your error code and output.
Use them.
Then use perror on the command line to see what error code means.
Or I guess you could install my perror extension, if you were bored:
http://l-i-e.com/perror
All that said, I'm not at all sure why you are trying to do what you
are doing, so can't really guess the best way to do it.
Where do the files come from?
Why do you want to guess their mime type?
PHP can't do much useful with a mime type of an MS Office Document
anyway... Unless you are running PHP on Windows, and want to use
http://php.net/com to open up the document...
On Thu, March 29, 2007 2:29 pm, Nathan Ziarek wrote:
I'm having a hard time getting solid MIME Types of various files.
On my Ubuntu/Apache2/PHP5 system, I first attempted to install
fileInfo. That didn't go so well (on Safari even running "$finfo =
finfo_open(FILEINFO_MIME);" causes it to complain that it lost the
network connection; Firefox prompts me to download the file_ and
seeing as it is not really ready for release, I thought I should stay
away from that.
I then tried running "system("file -i -m /usr/share/docs/mim file")"
which worked, but file doens't provide very good mime types -- all
Microsoft Office Documents returned nothing, for example.
I then stumbled upon gnomevfs-info that provided the information I
wanted. I don't know what mime database it is using (couldn't find
it)
but it sure seemed more complete than anything else I had used.
Problem is, I can't seem to run it from within a PHP script (system,
exec, etc). I used the full path (/usr/bin/gnamevfs-info) so I don't
believe that to be the problem, and the page has no errors (I am
using
error_reporting(E_ALL)).
Any tips or suggestions?
Thanks!
Nate
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?
--- End Message ---
--- Begin Message ---
On Sunday 01 April 2007 3:42 am, Tijnema ! wrote:
> > On Wednesday 28 March 2007 11:14 pm, Larry Garfield wrote:
> > > HI all. The PHP.net manual is somewhat unclear on this point, so I
> > > thought I'd ask here. Does PDO automatically buffer queries the way
> > > that the mysql_* extension does, in order to allow multiple result sets
> > > open at the same time? Or is that something that has to be set on the
> > > connection, and if so, is that available for all drivers?
> > >
> > > I ask because I am running into a problem with a query segfaulting on
> > > me, but only under PHP 5.1 with PDO from pecl. It ran fine in PHP
> > > 5.2.0. The only mention in the manual on this subject is:
> > >
> > > http://us2.php.net/manual/en/ref.pdo-mysql.php
> > >
> > > "If this attribute is set to TRUE on a PDOStatement, the MySQL driver
> > > will use the buffered versions of the MySQL API. If you're writing
> > > portable code, you should use PDOStatement::fetchAll() instead."
> > >
> > > The sample code there suggests that nothing does buffered queries
> > > except the MySQL driver. I find no mention of that anywhere else,
> > > though, one way or another. Of course, using fetchAll(), as it
> > > suggests, means that I only get arrays, not objects. (Unless I'm
> > > misreading those docs, too.)
> > >
> > > Any PDO experts out there able to shed some light on the situation?
> > > I'm thoroughly confused at this point, and the manual is quite unclear
> > > on all of the important details I care about. :-)
> > >
> > > --
> > > Larry Garfield AIM: LOLG42
> > > [EMAIL PROTECTED] ICQ: 6817012
> The manual isn't very clear at this part, but from what i understand
> of you is that you want to get objects from PDO using fetchAll().
> Normally you would used fetch()? If so, it shouldn't be too hard i
> think as fetchAll() accepts the same constants as fetch() does. You
> should pass PDO::FETCH_OBJ: as first parameter for the fetchAll()
> function.
>
> If this wasn't what you were looking for, then sorry for wasting your
> time, as I'm no PDO expert. But I thought lets give it a shot :)
>
> Tijnema
Hrm. See, here's the trick. I'm trying to write a PDO backend driver for an
existing abstraction layer, as the first step in deprecating the existing
layer. That means I want to keep the existing flow as much as possible.
The manual seems to say I don't get buffered queries, and therefore don't get
the ability to run multiple queries at the same time. However, in testing
with MySQL I have no problem at all with multiple queries at the same time.
I don't know if that's me misunderstanding the manual, misunderstanding how
result sets work, or MySQL doing extra magic for me even though I don't tell
it to.
I'm all confused. :-(
Of course, I'm also getting mysterious segfaults under PHP 5.1.6 with PDO-PECL
that don't happen under PHP 5.2, which is another thing making it harder...
--
Larry Garfield AIM: LOLG42
[EMAIL PROTECTED] ICQ: 6817012
"If nature has made any one thing less susceptible than all others of
exclusive property, it is the action of the thinking power called an idea,
which an individual may exclusively possess as long as he keeps it to
himself; but the moment it is divulged, it forces itself into the possession
of every one, and the receiver cannot dispossess himself of it." -- Thomas
Jefferson
--- End Message ---
--- Begin Message ---
Larry Garfield wrote:
>
> ...segfaults under PHP 5.1.6 ...
>
php 5.1.5/6 was the source for many segfaults (f.e. using phpmyadmin)
better don't use it any more. See also: http://bugs.php.net/bug.php?id=39036
--
View this message in context:
http://www.nabble.com/PDO-and-buffered-queries-tf3484324.html#a9781631
Sent from the PHP - General mailing list archive at Nabble.com.
--- End Message ---
--- Begin Message ---
On Sunday 01 April 2007 3:09 pm, Jürgen Wind wrote:
> Larry Garfield wrote:
> > ...segfaults under PHP 5.1.6 ...
>
> php 5.1.5/6 was the source for many segfaults (f.e. using phpmyadmin)
> better don't use it any more. See also:
> http://bugs.php.net/bug.php?id=39036
Oh goodie. That only includes all Ubuntu Edgy systems, of which I have 2.
*sigh* Anyone know of a good 3rd party repository that has 5.2? :-)
--
Larry Garfield AIM: LOLG42
[EMAIL PROTECTED] ICQ: 6817012
"If nature has made any one thing less susceptible than all others of
exclusive property, it is the action of the thinking power called an idea,
which an individual may exclusively possess as long as he keeps it to
himself; but the moment it is divulged, it forces itself into the possession
of every one, and the receiver cannot dispossess himself of it." -- Thomas
Jefferson
--- End Message ---
--- Begin Message ---
hi, i want a php script to create htdigest file...
the correct file is:
username:admin
digest:trac
pass:admin
admin:trac:71ea86385b35d5e2575b0baec1904ded
i try to do it on php with this:
echo "admin:trac:".md5("admin");
but i receive this:
admin:trac:21232f297a57a5a743894a0e4a801fc3
how is the htdigest format?
--- End Message ---
