php-general Digest 30 May 2007 08:39:02 -0000 Issue 4819
Topics (messages 255770 through 255784):
Re: php and Ajax problem
255770 by: Arpad Ray
Re: Streaming download to IE doesn't work
255771 by: Daniel Kasak
Re: Too many records to display in one web page
255772 by: Chris
Re: Client does not support authentication protocol...
255773 by: Chris
255781 by: Zoltán Németh
Re: Tipos about which CMS use
255774 by: Fernando Cosso
OOB problem, super stumped.
255775 by: Brian Seymour
255776 by: Robert Cummings
255779 by: Jim Lucas
Re: OOB problem, super stumped. (resolved)
255777 by: Brian Seymour
255778 by: Robert Cummings
php via cmdline including unwanted headers
255780 by: Sebe
255782 by: Zoltán Németh
255783 by: Sebe
255784 by: Stut
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
--- Begin Message ---
Richard Kurth wrote:
if(response.indexOf('|' != -1)) {
Spot the misplaced bracket.
if($_GET['takeaction']=="delete"){
$uid=$_GET['uid'];
echo $uid;
This is wide open to XSS attacks, you need to be just as careful with
scripts intended to be accessed via javascript as you do with user
facing scripts. If uid is as it sounds, an integer, then
intval($_GET['uid']) will do nicely; otherwise at least use
htmlentities() to prevent XSS.
Arpad
--- End Message ---
--- Begin Message ---
On Tue, 2007-05-29 at 13:52 +0200, Jochem Maas wrote:
> Daniel Kasak wrote:
> > Hi all.
>
> ....
>
> >
> > Who knows WTF is wrong and how I can work around it?
>
> without getting into the holywar of download headers,
> here is one mans's take/solution:
>
> http://richardlynch.blogspot.com/2006_06_01_archive.html
>
> it should contain enough to help you out.
>
> PS. you might recognize the name from the list
> PPS. if you have STFA you would have have found this already, this download
> problem comes up regularly.
Actually, that blog had absolutely nothing to do with my problem
( thanks for RTFP!). Not only that, but the recommendation that I
construct URLs:
http://address.com/script/thing=2/this=3/that=4/download.txt
is patently ridiculous. Anyway, for people who will stumble across this
bug in the future, check out:
http://terra.di.fct.unl.pt/docs/php/function.session-cache-limiter.php.htm
... in particular, adding:
header("Cache-control: private");
header("Pragma: public");
fixed things perfectly. Also note that things worked perfectly with
normal http access from the start; this is required for streaming
downloads to IE over *https*
--
Daniel Kasak
IT Developer
NUS Consulting Group
Level 5, 77 Pacific Highway
North Sydney, NSW, Australia 2060
T: (+61) 2 9922-7676 / F: (+61) 2 9922 7989
email: [EMAIL PROTECTED]
website: http://www.nusconsulting.com.au
--- End Message ---
--- Begin Message ---
Steve wrote:
The way I handle it:
Step 1-
Add SELECT SQL_CALC_FOUND_ROWS to the front of your initial query and add
the pagination limit to the end (LIMIT 200, 400 or whatever range you want
to display.)
Step 2-
Do a 2nd query: SELECT FOUND_ROWS() immediately after.
With a *HUGE* clause that this only works with mysql.
There are other databases out there :P
--
Postgresql & php tutorials
http://www.designmagick.com/
--- End Message ---
--- Begin Message ---
Zoltán Németh wrote:
2007. 05. 28, hétfő keltezéssel 23.52-kor Tom ezt írta:
Hi, as always, I'm trying to connect to a MySQL database in the following
way:
mysql_connect('host','user','password');
In my local PC this Works perfectly, but in the server I receipt the
following error:
mysql_connect(): Client does not support authentication protocol requested
by server; consider upgrading MySQL client
Which can the cause of this error be?
Am I able to make something to solve it or does a problem belong exclusively
to the administrator of the server?
I've met this problem when I upgraded mysql-server from mysql 4.0 to
mysql 4.1
it was because mysql 4.1 and newer versions use a different password
encryption method. I think it can be solved by upgrading mysql-client
too. or you can issue the following mysql command on the server:
SET PASSWORD FOR [EMAIL PROTECTED] = OLD_PASSWORD('something');
Which is also listed on the same page on the mysql site :P
--
Postgresql & php tutorials
http://www.designmagick.com/
--- End Message ---
--- Begin Message ---
2007. 05. 30, szerda keltezéssel 10.04-kor Chris ezt írta:
> Zoltán Németh wrote:
> > 2007. 05. 28, hétfő keltezéssel 23.52-kor Tom ezt írta:
> >> Hi, as always, I'm trying to connect to a MySQL database in the following
> >> way:
> >>
> >> mysql_connect('host','user','password');
> >>
> >> In my local PC this Works perfectly, but in the server I receipt the
> >> following error:
> >>
> >> mysql_connect(): Client does not support authentication protocol requested
> >> by server; consider upgrading MySQL client
> >>
> >> Which can the cause of this error be?
> >> Am I able to make something to solve it or does a problem belong
> >> exclusively
> >> to the administrator of the server?
> >
> > I've met this problem when I upgraded mysql-server from mysql 4.0 to
> > mysql 4.1
> > it was because mysql 4.1 and newer versions use a different password
> > encryption method. I think it can be solved by upgrading mysql-client
> > too. or you can issue the following mysql command on the server:
> >
> > SET PASSWORD FOR [EMAIL PROTECTED] = OLD_PASSWORD('something');
>
> Which is also listed on the same page on the mysql site :P
I guess originally I found this info there ;)
but now I just pasted it here from my "knotes" :D
greets
Zoltán Németh
>
--- End Message ---
--- Begin Message ---
Hi
I am currently trying to start a new project with Drupal.
My first CMS site was developed in XOOPS. It is really nice and easy to
understand, from the developer and the user view. The structure was
extremely simple but I had to drop it because the terribly lack of
documentation. I think it is pointless to write a whole database abstraction
layer and all that stuff if you don't tell people how to use it.
I searched for almost one month and I found it was the only one I could use,
yet I am not fully satisfied. I will expend a lot of time learning taxonomy,
views and some other concepts.
The documentation is really good and it seems to be very flexible, many
people have came up with solutions to their problems without the necessity
of making a module.
If I were a computer science engineer I would probably start a new CMS, but
I am just an electronic engineer student, so I could not even dream on
making a presentation / logic abstraction.
Well hope this helps.
PS: I apologize for my English. I am working on it
--
[EMAIL PROTECTED]
http://www.fernandocosso.com.ar
--- End Message ---
--- Begin Message ---
I am super stumped. This works fine separately but when I put everything
together it breaks. I has an authenticate class and a sql class. However I
always get the same error.
SQL class.
<?php
class SQL {
public $host;
public $user;
public $pass;
public $conx;
public $db;
public $dbname;
public $query;
public $result;
public $fetchedArray;
public $nRows;
public function __construct($host,$user,$pass,$dbname = null){
$this->host=$host;
$this->user=$user;
$this->pass=$pass;
$this->conx=$this->connection($host,$user,$pass);
if (!is_null($dbname)){ $this->selectDb($dbname); }
}
final public function connection($host,$user,$pass){
$this->conx=mysql_connect($host,$user,$pass) or
die(mysql_error());
}
final public function selectDb($db){
$this->db=mysql_select_db($db);
}
final public function query($query){
$this->result=mysql_query($query, $this->conx);
echo mysql_error();
echo $query;
return $this->result;
}
final public function fetchArray($query){
$this->result=$this->query($query);
$this->fetchedArray=mysql_fetch_array($this->result,MYSQL_ASSOC);
return $this->fetchedArray;
}
final public function makeArray($query){
$this->curArray=mysql_fetch_array($query,MYSQL_ASSOC);
return $this->curArray;
}
final public function numRows($result)
{
$this->nRows=mysql_num_rows($result);
return $this->nRows;
}
public function __destruct(){
if (isset($this->connection)){
mysql_close($this->connection); }
}
}
?>
Authenticate class
<?php
class Authentication extends SQL {
public $errorMsg;
public function __construct(){echo "Auth constructed";}
final public function verifyCreds ($user, $pass, $table)
{
$result = $this->query("SELECT * FROM $table where
$user='$pass'");
if ($this->numRows($this->result) == 0)
{
$this->errorMsg = "Incorrect Username/Password
Combo";
return false;
}
else
{
// debugging lines \/
echo "login good!";
// debugging lines /\
return true;
}
}
public function __destruct(){}
}
?>
Normal page.
<?php
/************************************************************
* common.php
*
* project: Renegades Revenge
* programmer: Brian Seymour
************************************************************/
// autoload classes
function __autoload($class_name) {
require_once 'includes/classes/class_' . strtolower($class_name)
. '.php';
}
// initialize Renegades Revenge database
$database = new SQL($host,$user,$pass,"aerocor_renegade");
// login
if (isset($_GET['login']))
{
$auth = new
Authentication($host,$user,$pass,"aerocor_renegade");
if
($auth->verifyCreds($_POST['username'],$_POST['password'],"players"))
{
echo "logged in good!";
}
}
?>
The form is just 2 fields. Username and password. I get this error.
Warning: mysql_query(): supplied argument is not a valid MySQL-Link resource
in /home/aerocor/public_html/rr/includes/classes/class_sql.php on line 52
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result
resource in /home/aerocor/public_html/rr/includes/classes/class_sql.php on
line 71
I put some simple query and display code in the constructor for the SQL
class and it outputted from the database with no problem, that's whats
weird.
Any help would be great, thanks.
Brian
--- End Message ---
--- Begin Message ---
On Tue, 2007-05-29 at 22:36 -0400, Brian Seymour wrote:
> I am super stumped. This works fine separately but when I put everything
> together it breaks. I has an authenticate class and a sql class. However I
> always get the same error.
The following line:
> $this->conx=$this->connection($host,$user,$pass);
Completely buggers things up. The connection() method doesn't return a
value. So the next query has a null resource and so fails and generates
the error you are seeing. You've already set the value of $this->conx in
your connection() method so even if you did return the resource
identifier it would be redundant.
Cheers,
Rob.
--
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting |
| a powerful, scalable system for accessing system services |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for |
| creating re-usable components quickly and easily. |
`------------------------------------------------------------'
--- End Message ---
--- Begin Message ---
Brian Seymour wrote:
I am super stumped. This works fine separately but when I put everything
together it breaks. I has an authenticate class and a sql class. However I
always get the same error.
SQL class.
<?php
class SQL {
public $host;
public $user;
public $pass;
public $conx;
public $db;
public $dbname;
public $query;
public $result;
public $fetchedArray;
public $nRows;
public function __construct($host,$user,$pass,$dbname = null){
$this->host=$host;
$this->user=$user;
$this->pass=$pass;
$this->conx=$this->connection($host,$user,$pass);
if (!is_null($dbname)){ $this->selectDb($dbname); }
}
final public function connection($host,$user,$pass){
$this->conx=mysql_connect($host,$user,$pass) or
die(mysql_error());
}
final public function selectDb($db){
$this->db=mysql_select_db($db);
}
final public function query($query){
$this->result=mysql_query($query, $this->conx);
echo mysql_error();
echo $query;
return $this->result;
}
final public function fetchArray($query){
$this->result=$this->query($query);
$this->fetchedArray=mysql_fetch_array($this->result,MYSQL_ASSOC);
return $this->fetchedArray;
}
final public function makeArray($query){
$this->curArray=mysql_fetch_array($query,MYSQL_ASSOC);
return $this->curArray;
}
final public function numRows($result)
{
$this->nRows=mysql_num_rows($result);
return $this->nRows;
}
public function __destruct(){
if (isset($this->connection)){
mysql_close($this->connection); }
}
}
?>
Authenticate class
<?php
class Authentication extends SQL {
public $errorMsg;
public function __construct(){echo "Auth constructed";}
You didn't call the __construct() method of your parent.
The above code, should be like this
public function __construct($host,$user,$pass,$dbname = null) {
parent::__construct($host,$user,$pass,$dbname);
echo "Auth constructed";
}
You were forgetting to call to the parent and have it initialize the DB
connection.
In the second part, the $auth->verifyCreds() call, it didn't create a
valid db connection to pass as the second arg to the mysql_query() call.
And by not passing the $this->conx as the second arg, you are telling it
to "use the most recently opened mysql connection.
Hope this clears up why it was failing on the latter mysql_query() calls.
final public function verifyCreds ($user, $pass, $table)
{
$result = $this->query("SELECT * FROM $table where
$user='$pass'");
if ($this->numRows($this->result) == 0)
{
$this->errorMsg = "Incorrect Username/Password
Combo";
return false;
}
else
{
// debugging lines \/
echo "login good!";
// debugging lines /\
return true;
}
}
public function __destruct(){}
}
?>
Normal page.
<?php
/************************************************************
* common.php
*
* project: Renegades Revenge
* programmer: Brian Seymour
************************************************************/
// autoload classes
function __autoload($class_name) {
require_once 'includes/classes/class_' . strtolower($class_name)
. '.php';
}
// initialize Renegades Revenge database
$database = new SQL($host,$user,$pass,"aerocor_renegade");
// login
if (isset($_GET['login']))
{
$auth = new
Authentication($host,$user,$pass,"aerocor_renegade");
if
($auth->verifyCreds($_POST['username'],$_POST['password'],"players"))
{
echo "logged in good!";
}
}
?>
The form is just 2 fields. Username and password. I get this error.
Warning: mysql_query(): supplied argument is not a valid MySQL-Link resource
in /home/aerocor/public_html/rr/includes/classes/class_sql.php on line 52
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result
resource in /home/aerocor/public_html/rr/includes/classes/class_sql.php on
line 71
I put some simple query and display code in the constructor for the SQL
class and it outputted from the database with no problem, that's whats
weird.
Any help would be great, thanks.
Brian
--
Jim Lucas
"Some men are born to greatness, some achieve greatness,
and some have greatness thrust upon them."
Unknown
--- End Message ---
--- Begin Message ---
Strangely enough the only thing that was wrong was:
$this->result=mysql_query($query, $this->conx);
I removed $this->conx so it looked like
$this->result=mysql_query($query);
And now everything works perfect. I also fixed the line you recommended I
fix. I must have overlooked that =D. But anyhow, problem solved.
Brian Seymour
AeroCoreProductions
http://www.aerocore.net/
-----Original Message-----
From: Robert Cummings [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 29, 2007 10:51 PM
To: Brian Seymour
Cc: 'php php'
Subject: Re: [PHP] OOB problem, super stumped.
On Tue, 2007-05-29 at 22:36 -0400, Brian Seymour wrote:
> I am super stumped. This works fine separately but when I put everything
> together it breaks. I has an authenticate class and a sql class. However I
> always get the same error.
The following line:
> $this->conx=$this->connection($host,$user,$pass);
Completely buggers things up. The connection() method doesn't return a
value. So the next query has a null resource and so fails and generates
the error you are seeing. You've already set the value of $this->conx in
your connection() method so even if you did return the resource
identifier it would be redundant.
Cheers,
Rob.
--
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting |
| a powerful, scalable system for accessing system services |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for |
| creating re-usable components quickly and easily. |
`------------------------------------------------------------'
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
On Tue, 2007-05-29 at 23:07 -0400, Brian Seymour wrote:
> Strangely enough the only thing that was wrong was:
>
> $this->result=mysql_query($query, $this->conx);
>
> I removed $this->conx so it looked like
>
> $this->result=mysql_query($query);
NO NO NO... don't do that. If you remove the link identifier then
mysql_query() defaults to the last connection opened. In which case if
you make more than one DB connection, you'll have connection soup.
Cheers,
Rob.
--
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting |
| a powerful, scalable system for accessing system services |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for |
| creating re-usable components quickly and easily. |
`------------------------------------------------------------'
--- End Message ---
--- Begin Message ---
I run some scripts via php (cgi) which sends output to another file, but
it's including unwanted cookie header, etc in the outfile.
example:
php /home/dev/script.php > /home/production/feeds/news.xml 2>&1
and at the top of news.xml i get:
X-Powered-By: PHP/5.2.2
Set-Cookie: .....
Set-Cookie: .....
Cache-Control: private
Content-Type: text/html; charset=ISO-8859-1
i turned off expose php which gets rid of the x-powered-by but what
about the rest?
--- End Message ---
--- Begin Message ---
2007. 05. 30, szerda keltezéssel 02.11-kor Sebe ezt írta:
> I run some scripts via php (cgi) which sends output to another file, but
> it's including unwanted cookie header, etc in the outfile.
>
> example:
>
> php /home/dev/script.php > /home/production/feeds/news.xml 2>&1
>
> and at the top of news.xml i get:
>
> X-Powered-By: PHP/5.2.2
> Set-Cookie: .....
> Set-Cookie: .....
> Cache-Control: private
> Content-Type: text/html; charset=ISO-8859-1
>
> i turned off expose php which gets rid of the x-powered-by but what
> about the rest?
>
what if you just simply replace all echo-s with fwrite calls in the
script (of course with an fopen at the beginning and an fclose at the
end). you could pass the filename as a parameter into $argv
greets
Zoltán Németh
--- End Message ---
--- Begin Message ---
Yeni Setiawan wrote:
On 5/30/07, *Sebe* <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>
wrote:
I run some scripts via php (cgi) which sends output to another
file, but
it's including unwanted cookie header, etc in the outfile.
example:
php /home/dev/script.php > /home/production/feeds/news.xml 2>&1
and at the top of news.xml i get:
X-Powered-By: PHP/5.2.2
Set-Cookie: .....
Set-Cookie: .....
Cache-Control: private
Content-Type: text/html; charset=ISO-8859-1
i turned off expose php which gets rid of the x-powered-by but what
about the rest?
try to use quiet mode by using -q option as follow:
php -q /home/dev/script.php > /home/production/feeds/news.xml 2>&1
i tried using -q
still shows the headers.. this problem started when i switched to php cgi.
--- End Message ---
--- Begin Message ---
Sebe wrote:
Yeni Setiawan wrote:
On 5/30/07, *Sebe* <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>
wrote:
I run some scripts via php (cgi) which sends output to another
file, but
it's including unwanted cookie header, etc in the outfile.
example:
php /home/dev/script.php > /home/production/feeds/news.xml 2>&1
and at the top of news.xml i get:
X-Powered-By: PHP/5.2.2
Set-Cookie: .....
Set-Cookie: .....
Cache-Control: private
Content-Type: text/html; charset=ISO-8859-1
i turned off expose php which gets rid of the x-powered-by but what
about the rest?
try to use quiet mode by using -q option as follow:
php -q /home/dev/script.php > /home/production/feeds/news.xml 2>&1
i tried using -q
still shows the headers.. this problem started when i switched to php cgi.
Well that's your mistake. The CGI binary is meant for use as a web page
generator. You need php-cli.
-Stut
--- End Message ---
