php-general Digest 25 Mar 2008 02:28:05 -0000 Issue 5366
Topics (messages 272032 through 272059):
Re: Date math
272032 by: Jim Lucas
272059 by: Bill Guion
Re: This beats me (variable not being passed through pages)
272033 by: Jim Lucas
Re: Including files for templates
272034 by: Philip Thompson
272035 by: Eric Butera
Re: restricting access to folders on server
272036 by: Daniel Brown
Array and Object
272037 by: VamVan
272038 by: Eric Butera
272039 by: VamVan
272040 by: tedd
272041 by: VamVan
272045 by: tedd
272047 by: Greg Bowser
272048 by: Greg Bowser
Why won't this query work?
272042 by: Jason Pruim
272043 by: Jason Pruim
272046 by: Daniel Brown
272049 by: Jason Pruim
272050 by: Daniel Brown
272053 by: Eric Butera
google books
272044 by: John Pillion
272051 by: Ray Hauge
Beware of round() function
272052 by: Kirk.Johnson.zootweb.com
272055 by: Jeremy Privett
272056 by: Jeremy Privett
272057 by: MartÃn Marqués
help with autoload
272054 by: Jonathan Mast
Re: Stored Procedure Question
272058 by: Dan
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
--- Begin Message ---
Ron Piggott wrote:
I have this math equation this list helped me generate a few weeks ago.
The purpose is to calculate how many days have passed between 2 dates.
Right now my output ($difference) is 93.9583333333 days.
I am finding this a little weird. Does anyone see anything wrong with
the way this is calculated:
$date1 = strtotime($date1); (March 21st 2008)
$date2 = strtotime($date2); (December 18th 2007)
echo $date1 => 1206072000
echo $date2 => 1197954000
#86400 is 60 seconds x 60 minutes x 24 hours (in other words 1 days
worth of seconds)
$factor = 86400;
$difference = (($date1 - $date2) / $factor);
As Casey suggested, it is a timestamp issue.
Checkout my test script.
http://www.cmsws.com/examples/php/testscripts/[EMAIL PROTECTED]/0001.php
<plaintext><?php
$date1 = strtotime('March 21st 2008'); //(March 21st 2008)
echo "date1 = {$date1}\n";
$date2 = strtotime('December 18th 2007'); //(December 18th 2007)
echo "date2 = {$date2}\n";
$date1 = 1206072000;
echo date('c', $date1)."\n";
$date2 = 1197954000;
echo date('c', $date2)."\n";
#86400 is 60 seconds x 60 minutes x 24 hours (in other words 1 days worth of
seconds)
$factor = 86400;
$difference = (($date1 - $date2) / $factor);
echo $difference."\n";
--
Jim Lucas
"Some men are born to greatness, some achieve greatness,
and some have greatness thrust upon them."
Twelfth Night, Act II, Scene V
by William Shakespeare
--- End Message ---
--- Begin Message ---
At 12:17 AM -0400 3/24/08, Ron Piggott wrote:
I have this math equation this list helped me generate a few weeks ago.
The purpose is to calculate how many days have passed between 2 dates.
Right now my output ($difference) is 93.9583333333 days.
I am finding this a little weird. Does anyone see anything wrong with
the way this is calculated:
$date1 = strtotime($date1); (March 21st 2008)
$date2 = strtotime($date2); (December 18th 2007)
echo $date1 => 1206072000
echo $date2 => 1197954000
#86400 is 60 seconds x 60 minutes x 24 hours (in other words 1 days
worth of seconds)
$factor = 86400;
$difference = (($date1 - $date2) / $factor);
94 - 93.9583333333 = .0416666666667
.0416666666667 * 86400 = 3600 = 1 hour. Didn't you pass throught
daylight savings time prior to 21 March?
-----===== Bill =====-----
--
You can't tell which way the train went by looking at the track.
--- End Message ---
--- Begin Message ---
Mário Gamito wrote:
Hi,
I have a ASP.NET / C# page calling a webmail Linux server:
WebRequest request =
WebRequest.Create("http://192.168.1.4/horde/imp/index.php?username=gamito";);
(etc...)
It seems to work as in my Linux Apache logs, i get:
(...) "GET /horde/imp/index.php?username=gamito HTTP/1.1" 200 223
File index.php is:
<?php
$username_from_iis = $_REQUEST['username'];
print('Hello ' . $username_from_iis);
?>
But index.php only shows "Hello" and not "Hello gamito" as I'd expect.
Any ideias ?
Any help would be appreciated.
Warm Regards,
Mário Gamito
Sounds a little obvious, but change _REQUEST to _GET and see what you get.
_REQUEST might not be getting populated correctly. It is configurable ya know.
Check you php.ini and see if the variables_order entry is set correctly. This
is mine;
variables_order = "GPCS"
(GET, POST, COOKIE, SESSION)
There might be others that affect it, but I'm not sure. Maybe others will have
suggestions.
--
Jim Lucas
"Some men are born to greatness, some achieve greatness,
and some have greatness thrust upon them."
Twelfth Night, Act II, Scene V
by William Shakespeare
--- End Message ---
--- Begin Message ---
On Mar 23, 2008, at 12:10 PM, Daniel Brown wrote:
On Sun, Mar 23, 2008 at 6:32 AM, Terry Burns-Dyson
<[EMAIL PROTECTED]> wrote:
[snip!]
$pageTitle is in the template, it's replaced, $pageContent is in the
template, it's replaced. But any variables within the
page_to_display are
simply output into the page rather than processed by PHP. I
realise that
file_get_contents is basically returning a string and I"m just
doing string
replacement when I include the template.html, so my only question
is, what's
the actual way of doing this?
The simples way would be like so:
<?php
// content/page1.php
#
# Define the variables for the content of the page.
#
$page_title = "Welcome To My Website!";
$paragraph_a =<<<EOT
Welcome to my website!
This is a HEREDOC that we'll be using in the template to display some
text, formatted with HTML line breaks and all.
It's that simple!
EOT;
$paragraph_a = nl2br($paragraph_a);
$main_image = "images/main.png";
$main_image_link = "http://www.other-website.tld";;
?>
<?
// templates/page1.php
#
# The formatting for the page.
#
/* All of your headers and starting
HTML should be included by your
switching script. This file will also
require that short_open_tags is on.
If you can't/don't want it on, just
modify the tags herein. */
?>
<div>
<?=$paragraph_a;?>
</div>
<div><a href="<?=$main_image_link;?>"><img src="<?=$main_image;?>"
border="0"></a></div>
<? // End of templates/page1.php ?>
<?php
// templates/header.php
#
# A very basic sample header.
#
?>
<html>
<head>
<title><?=$page_title;?></title>
</head>
<body>
<?php // End of templates/header.php ?>
<?php
// templates/footer.php
#
# A very basic sample footer.
#
?>
</body>
</html>
<?php // End of templates/footer.php ?>
<?
// index.php
#
# A simple index switch page.
#
if(isset($_GET['s']) && strlen($_GET['s']) > 1) {
switch($_GET['s']) {
case "page1":
$section = $_GET['s'];
break;
case "contact":
$section = $_GET['s'];
break;
case "about":
// We'll pretend the page name was changed here.
$section = "about_us";
break;
default:
$section = "home";
break;
}
} else {
$section = "home";
}
include('content/'.$section.'.php');
include('templates/header.php');
include('templates/'.$section.'.php');
include('templates/footer.php');
/* This means that the content file with the
variables is parsed first, and defines the
variables within the scope of this execution.
It's included before the header.php file so
that the $page_title variable is defined. */
?>
Everything herein was typed directly into this email and is
untested, so it's by no means guaranteed to work, has not been
properly sanitized or tested, and is for informational purposes only,
to get you started in the right direction.
Here is another way (same disclaimer as above):
<?php
$replace = array(
'REPLACE_ME_1' => $replaceMe1,
'REPLACE_ME_2' => $replaceMe2,
'REPLACE_ME_3' => $replaceMe3,
'REPLACE_ME_4' => $replaceMe4,
);
$template = file_get_contents ('templates/somePage.tpl.php');
$somePage = str_replace (array_keys($replace), array_values($replace),
$template);
?>
<html>
<head><title>Contents of some page</title></head>
<body>
<div id="somePage"><?php echo $somePage; ?></div>
</body>
</html>
Happy coding!
~Philip
--- End Message ---
--- Begin Message ---
On Sun, Mar 23, 2008 at 7:32 AM, Terry Burns-Dyson
<[EMAIL PROTECTED]> wrote:
> I'm trying to write a template system, my template is the HTML layout, and
> my content is fetched from another source. However I don't quite understand
> how to output the template so that all the variables are parsed by PHP.
> Simple version of what I'm trying to do;
>
> ob_start( );
>
> extract( $params, EXTR_PREFIX_SAME, "am_");
>
> $pageContent = file_get_contents( "page_to_display.html");
>
> include( "template.html");
>
> echo ob_get_clean( );
>
>
> $pageTitle is in the template, it's replaced, $pageContent is in the
> template, it's replaced. But any variables within the page_to_display are
> simply output into the page rather than processed by PHP. I realise that
> file_get_contents is basically returning a string and I"m just doing string
> replacement when I include the template.html, so my only question is, what's
> the actual way of doing this?
>
> Thanks
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
I used to use this extract/include methodology before I really thought
about the performance aspect of it. I would create a template object
that could have variables injected into it and then tell it to
render(). The render process would extract everything in the data
array & include a template file.
After I found out about xdebug I stopped doing this.
Now my approach is more in line of the Zend_View[1] template engine.
Just a generic class to define the path to the template, a way to put
variables into it, and a render function. The big difference this
time is that instead of extract I just use $this-> inside the
template.
[1] http://framework.zend.com/manual/en/zend.view.html
--- End Message ---
--- Begin Message ---
On Mon, Mar 24, 2008 at 7:08 AM, Sudhakar <[EMAIL PROTECTED]> wrote:
> i am using apache server and presently when i try accessing any folders of
> my website i am able to browse the files ex = www.website.com/images which
> is a serious security risk as i am building a forum website using php and
> mysql.
[snip!]
>
> 1. how can i do this using apache.
> 2. where do i write the username and password information and will this
> apply to all the folders in the root directory or specific directories.
In addition to Richard's suggestion, you can also place a
.htaccess file in each directory for which you don't want listing with
this:
Redirect Permanent index.php http://www.yourdomain.com/index.php
That will automatically forward them to your homepage. Otherwise,
you can turn off directory listing completely by explicitly stating it
in your .htaccess file in your web root. It will work recursively for
all directories in the web root.
<Limit GET POST PUT DELETE>
Order Deny,Allow
Deny From All
Options -Indexes
</Limit>
In the future, though, please only post PHP-related questions to
this list. Apache has its own user lists where you can ask these
questions.
--
</Daniel P. Brown>
Forensic Services, Senior Unix Engineer
1+ (570-) 362-0283
--- End Message ---
--- Begin Message ---
Hello All,
I am having an array structure as displayed below, The title is the
key and value is the simplexmlelementobject.
[Advanced Virtualization Technologies in Workstation 6-20080320 1604]
=> SimpleXMLElement Object
(
[recordingID] => 932467
[hostWebExID] => marketingprograms
[name] => Title
[createTime] => 03/20/2008 09:04:42
[timeZoneID] => 4
[size] => 49.441048
[recordingType] => 0
[duration] => 3218
)
I access the array $this->result["$event->eventName"] = $event;
But I want to decode all the elements of the object using utf8_decode
but still keep the same structure of the array.
what i mean can I do this ?
$this->result["$event->eventName"] = utf_iso($event);
I appreciate if anyone can help me with this.
Thanks
--- End Message ---
--- Begin Message ---
On Mon, Mar 24, 2008 at 12:50 PM, VamVan <[EMAIL PROTECTED]> wrote:
> Hello All,
>
> I am having an array structure as displayed below, The title is the
> key and value is the simplexmlelementobject.
>
> [Advanced Virtualization Technologies in Workstation 6-20080320 1604]
> => SimpleXMLElement Object
> (
> [recordingID] => 932467
> [hostWebExID] => marketingprograms
> [name] => Title
> [createTime] => 03/20/2008 09:04:42
> [timeZoneID] => 4
> [size] => 49.441048
> [recordingType] => 0
> [duration] => 3218
> )
>
>
> I access the array $this->result["$event->eventName"] = $event;
>
> But I want to decode all the elements of the object using utf8_decode
> but still keep the same structure of the array.
> what i mean can I do this ?
>
> $this->result["$event->eventName"] = utf_iso($event);
>
> I appreciate if anyone can help me with this.
>
> Thanks
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
Can you jump upstream and decode it before you parse the xml?
--- End Message ---
--- Begin Message ---
I cannot do that. because Simple xml element retrieves everything in
UTF8. I need to decode it to latin1 for comparison with another array.
My query still remains the same.
On Mon, Mar 24, 2008 at 9:56 AM, Eric Butera <[EMAIL PROTECTED]> wrote:
>
> On Mon, Mar 24, 2008 at 12:50 PM, VamVan <[EMAIL PROTECTED]> wrote:
> > Hello All,
> >
> > I am having an array structure as displayed below, The title is the
> > key and value is the simplexmlelementobject.
> >
> > [Advanced Virtualization Technologies in Workstation 6-20080320 1604]
> > => SimpleXMLElement Object
> > (
> > [recordingID] => 932467
> > [hostWebExID] => marketingprograms
> > [name] => Title
> > [createTime] => 03/20/2008 09:04:42
> > [timeZoneID] => 4
> > [size] => 49.441048
> > [recordingType] => 0
> > [duration] => 3218
> > )
> >
> >
> > I access the array $this->result["$event->eventName"] = $event;
> >
> > But I want to decode all the elements of the object using utf8_decode
> > but still keep the same structure of the array.
> > what i mean can I do this ?
> >
> > $this->result["$event->eventName"] = utf_iso($event);
> >
> > I appreciate if anyone can help me with this.
> >
> > Thanks
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> >
> >
>
> Can you jump upstream and decode it before you parse the xml?
>
--- End Message ---
--- Begin Message ---
At 10:00 AM -0700 3/24/08, VamVan wrote:
I cannot do that. because Simple xml element retrieves everything in
UTF8. I need to decode it to latin1 for comparison with another array.
Unless there is something here that I don't understand, there is no
decoding UTF-8 to Latin1
Latin1 is a subset of UTF-8 -- what you find (characters) in Latin 1
is the same as in UTF-8.
If you have a code point (character) that lies outside of the range
of Latin 1, then there is no solution.
Cheers,
tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--- End Message ---
--- Begin Message ---
Well anyways please let me handle the problems with decoding. I just
want to know if there is a way that I could traverse through all the
elements of the simplexmlobject and still keep the same structure of
the array. What I mean is
[Advanced Virtualization Technologies in Workstation 6-20080320 1604]
=> SimpleXMLElement Object
(
[recordingID] => 932467
[hostWebExID] => marketingprograms
[name] => Title
[createTime] => 03/20/2008 09:04:42
[timeZoneID] => 4
[size] => 49.441048
[recordingType] => 0
[duration] => 3218
)
Go through all the elements of the object and do some encoding and get
back the same array structure.
In raw terms I need to know the procedure that does this and still
keep the same structure of the array.
[Advanced Virtualization Technologies in Workstation 6-20080320 1604]
=> SimpleXMLElement Object
(
[recordingID] => utf8_decode(932467)
[hostWebExID] => utf8_decode(marketingprograms)
[name] => utf8_decode(Title)
[createTime] => utf8_decode(03/20/2008 09:04:42)
[timeZoneID] => utf8_decode(4)
[size] => utf8_decode(49.441048)
[recordingType] => utf8_decode(0)
[duration] => utf8_decode(3218)
)
On Mon, Mar 24, 2008 at 10:10 AM, tedd <[EMAIL PROTECTED]> wrote:
> At 10:00 AM -0700 3/24/08, VamVan wrote:
> >I cannot do that. because Simple xml element retrieves everything in
> >UTF8. I need to decode it to latin1 for comparison with another array.
>
> Unless there is something here that I don't understand, there is no
> decoding UTF-8 to Latin1
>
> Latin1 is a subset of UTF-8 -- what you find (characters) in Latin 1
> is the same as in UTF-8.
>
> If you have a code point (character) that lies outside of the range
> of Latin 1, then there is no solution.
>
> Cheers,
>
> tedd
>
>
> --
> -------
> http://sperling.com http://ancientstones.com http://earthstones.com
>
> --
>
>
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
--- Begin Message ---
At 10:23 AM -0700 3/24/08, VamVan wrote:
Well anyways please let me handle the problems with decoding.mail.com> wrote:
> At 10:00 AM -0700 3/24/08, VamVan wrote:
>I cannot do that. because Simple xml element retrieves everything in
>UTF8. I need to decode it to latin1 for comparison with another array.
Unless there is something here that I don't understand, there is no
decoding UTF-8 to Latin1
Latin1 is a subset of UTF-8 -- what you find (characters) in Latin 1
is the same as in UTF-8.
If you have a code point (character) that lies outside of the range
of Latin 1, then there is no solution.
Cheers,
> tedd
I'm not stopping you.
When you figure out how to decode UTF-8 to Latin, I would like to see it.
Cheers,
tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--- End Message ---
--- Begin Message ---
Take a look at array_walk(), array_walk_recursive(), array_map() in the PHP
manual.
On Mon, Mar 24, 2008 at 2:04 PM, tedd <[EMAIL PROTECTED]> wrote:
> At 10:23 AM -0700 3/24/08, VamVan wrote:
> >Well anyways please let me handle the problems with decoding.mail.com>
> wrote:
> > > At 10:00 AM -0700 3/24/08, VamVan wrote:
> >> >I cannot do that. because Simple xml element retrieves everything in
> >> >UTF8. I need to decode it to latin1 for comparison with another
> array.
> >>
> >> Unless there is something here that I don't understand, there is no
> >> decoding UTF-8 to Latin1
> >>
> >> Latin1 is a subset of UTF-8 -- what you find (characters) in Latin 1
> >> is the same as in UTF-8.
> >>
> >> If you have a code point (character) that lies outside of the range
> >> of Latin 1, then there is no solution.
> >>
> >> Cheers,
> >>
> > > tedd
>
> I'm not stopping you.
>
> When you figure out how to decode UTF-8 to Latin, I would like to see it.
>
> Cheers,
>
> tedd
>
> --
> -------
> http://sperling.com http://ancientstones.com http://earthstones.com
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
--- Begin Message ---
That top post was totally not I... It was my roommate playing with my
computer *nods*.
--- End Message ---
--- Begin Message ---
Hi Everyone,
Attempting to get this query:
"SELECT customerName, loginName, email, adminLevel FROM current WHERE
customerBusiness=$business ORDER BY adminLevel"
to work.
So far it doesn't like me... It pops up saying that "Unknown column
'Raoset' in 'where clause'"
Here is what I get if I echo the query:
SELECT customerName, customerBusiness, loginName, email, adminLevel
FROM current WHERE customerBusiness='Raoset'
$business is populated from a session variable and echos right... What
I can't figure out is what in the world is wrong... If I type in the
variable info, it works just fine. So why can't I pull it from a
variable?
--
Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424-9337
www.raoset.com
[EMAIL PROTECTED]
--- End Message ---
--- Begin Message ---
Okay... so as happens to me more times then I care to admit... as soon
as I sent it I simply added: .....WHERE
customerBusiness='$business'..... and it works just fine... Sorry for
the noise!
On Mar 24, 2008, at 1:47 PM, Jason Pruim wrote:
Hi Everyone,
Attempting to get this query:
"SELECT customerName, loginName, email, adminLevel FROM current
WHERE customerBusiness=$business ORDER BY adminLevel"
to work.
So far it doesn't like me... It pops up saying that "Unknown column
'Raoset' in 'where clause'"
Here is what I get if I echo the query:
SELECT customerName, customerBusiness, loginName, email, adminLevel
FROM current WHERE customerBusiness='Raoset'
$business is populated from a session variable and echos right...
What I can't figure out is what in the world is wrong... If I type
in the variable info, it works just fine. So why can't I pull it
from a variable?
--
Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424-9337
www.raoset.com
[EMAIL PROTECTED]
--
Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424-9337
www.raoset.com
[EMAIL PROTECTED]
--- End Message ---
--- Begin Message ---
On Mon, Mar 24, 2008 at 1:47 PM, Jason Pruim <[EMAIL PROTECTED]> wrote:
> Hi Everyone,
>
> Attempting to get this query:
> "SELECT customerName, loginName, email, adminLevel FROM current WHERE
> customerBusiness=$business ORDER BY adminLevel"
>
> to work.
> So far it doesn't like me... It pops up saying that "Unknown column
> 'Raoset' in 'where clause'"
[snip!]
Encapsulate your $business variable in quotes. If you don't,
MySQL sees it as a relational link.
Also, as a reminder, be sure to use
mysql_real_escape_string($business) if you're not using mysqli_*().
--
</Daniel P. Brown>
Forensic Services, Senior Unix Engineer
1+ (570-) 362-0283
--- End Message ---
--- Begin Message ---
On Mar 24, 2008, at 2:23 PM, Daniel Brown wrote:
On Mon, Mar 24, 2008 at 1:47 PM, Jason Pruim <[EMAIL PROTECTED]>
wrote:
Hi Everyone,
Attempting to get this query:
"SELECT customerName, loginName, email, adminLevel FROM current WHERE
customerBusiness=$business ORDER BY adminLevel"
to work.
So far it doesn't like me... It pops up saying that "Unknown column
'Raoset' in 'where clause'"
[snip!]
Encapsulate your $business variable in quotes. If you don't,
MySQL sees it as a relational link.
Also, as a reminder, be sure to use
mysql_real_escape_string($business) if you're not using mysqli_*().
It's already been escaped, $business is pulled out of the database
after they log in. :)
--
</Daniel P. Brown>
Forensic Services, Senior Unix Engineer
1+ (570-) 362-0283
--
Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424-9337
www.raoset.com
[EMAIL PROTECTED]
--- End Message ---
--- Begin Message ---
On Mon, Mar 24, 2008 at 2:29 PM, Jason Pruim <[EMAIL PROTECTED]> wrote:
>
> It's already been escaped, $business is pulled out of the database
> after they log in. :)
I don't care, Prune.
(I still get a kick out of knowing that. Who was it, Jochem or
Zoltan who said that? ;-P)
NEVER trust that the data is escaped regardless of where it
originated. Supposed someone else writes a script to tie into your
database and doesn't escape it, and Hagar The Horrible's
great-great(^15) grandson, Hacker The Horndog comes in and finds the
vulnerability, and enters the company name as "';DELETE FROM current
WHERE 1;SELECT * FROM current WHERE 1 "?
Bye, data.
Learn: http://xkcd.com/327/
--
</Daniel P. Brown>
Forensic Services, Senior Unix Engineer
1+ (570-) 362-0283
--- End Message ---
--- Begin Message ---
On Mon, Mar 24, 2008 at 2:40 PM, Daniel Brown <[EMAIL PROTECTED]> wrote:
> On Mon, Mar 24, 2008 at 2:29 PM, Jason Pruim <[EMAIL PROTECTED]> wrote:
> >
> > It's already been escaped, $business is pulled out of the database
> > after they log in. :)
>
> I don't care, Prune.
>
> (I still get a kick out of knowing that. Who was it, Jochem or
> Zoltan who said that? ;-P)
>
> NEVER trust that the data is escaped regardless of where it
> originated. Supposed someone else writes a script to tie into your
> database and doesn't escape it, and Hagar The Horrible's
> great-great(^15) grandson, Hacker The Horndog comes in and finds the
> vulnerability, and enters the company name as "';DELETE FROM current
> WHERE 1;SELECT * FROM current WHERE 1 "?
>
> Bye, data.
>
> Learn: http://xkcd.com/327/
>
>
> --
> </Daniel P. Brown>
> Forensic Services, Senior Unix Engineer
> 1+ (570-) 362-0283
>
> --
>
>
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
Jason,
Listen to Daniel's advice on this. Hacker issues aside, wouldn't it
be embarrassing if someone typed O'Brien in the input field and it
gave a white screen or worse yet text that said "Error with SQL?"
--- End Message ---
--- Begin Message ---
Not a PHP question. but could someone point me in the direction of how to
download/display only a portion of a PDF, much like google books does? For
example, if you have a 200 page pdf, but the user wishes to see the portion
that is on page 150. rather than downloading the entire PDF, only
download/display page 150?
I would like to avoid having to split them into 200 individual PDF's
(whether manually or automatically).
Any suggestions?
- JP
--- End Message ---
--- Begin Message ---
John Pillion wrote:
Not a PHP question. but could someone point me in the direction of how to
download/display only a portion of a PDF, much like google books does? For
example, if you have a 200 page pdf, but the user wishes to see the portion
that is on page 150. rather than downloading the entire PDF, only
download/display page 150?
I would like to avoid having to split them into 200 individual PDF's
(whether manually or automatically).
Any suggestions?
- JP
You could use FPDF and FPDI to just load up the one page:
http://www.setasign.de/support/manuals/fpdi/
Just use importPage($thePageNumberYouWanted);
<code>
$pdf = new fpdi('P', 'pt', 'letter');
$pdf->setSourceFile(self::PATH);
$tpl = $pdf->ImportPage(1);
$pdf->AddPage();
$pdf->useTemplate($tpl, 0, 0);
$data = $pdf->buffer;
$pdf->closeParsers();
header("Content-type: application/pdf");
header("Content-disposition: inline; filename=FileName.pdf");
header("Content-length: " . strlen($data));
echo $data;
</code>
I just realized that the version of FPDI I've been using is a little
old. There's a new update out, so some of the above code might change a
little.
--
Ray Hauge
www.primateapplications.com
--- End Message ---
--- Begin Message ---
Beware: round() apparently has changed its behavior from PHP 4. For
certain special numbers that seem to be multiples of 100,000, the return
value is in exponential format, rather than the usual decimal format. Some
of these special values are 1200000, 1400000, 2300000, which are returned
as 1.2E+6, 1.4E+6, etc. You can generate your own list of these special
numbers using this code:
<?php
for( $tmp = 0, $i = 0; $i < 100; $i++ ) {
$tmp += 100000;
echo round($tmp),"\n";
}
?>
The exponential format is fine as long as the number is only used
internally to PHP. However, we have found two cases so far where the
exponential format has caused errors resulting in failed transactions.
One, if you interpolate a value in exponential format into xml, as in this
example, then you will likely end up with an xsd validation error and a
failed transaction:
'<AnnualIncome>' . round($income) . '</AnnualIncome>'
Two, if you have field validation code like below, this will falsely
indicate an error when the consumer enters one of the "special" values for
income, e.g., 1200000, which is returned as "1.2E+6":
if(!ereg("^[0-9]{1,10}$", round($_POST['income']))) {
$errors .= "<li>Income should be whole dollars only (10 digits
max).</li>";
}
Needless to say, not a good user experience.
I reported this as a bug to the PHP dev team, but it was rejected.
Regardless of what it is, it will bite you if you're not careful.
http://bugs.php.net/?id=44223&edit=2
- Kirk
--- End Message ---
--- Begin Message ---
[EMAIL PROTECTED] wrote:
Beware: round() apparently has changed its behavior from PHP 4.
This is actually a change in the behavior of the float type, not the
round function. Replace your round() with a cast to float and you'll see
the exact same result.
--
Jeremy Privett
C.E.O. & C.S.A.
Omega Vortex Corporation
http://www.omegavortex.net
Please note: This message has been sent with information that could be
confidential and meant only for the intended recipient. If you are not the
intended recipient, please delete all copies and inform us of the error as soon
as possible. Thank you for your cooperation.
--- End Message ---
--- Begin Message ---
Jeremy Privett wrote:
[EMAIL PROTECTED] wrote:
Beware: round() apparently has changed its behavior from PHP 4.
This is actually a change in the behavior of the float type, not the
round function. Replace your round() with a cast to float and you'll
see the exact same result.
Also, as a side-note, the only way I've found to get these numbers to
print properly is through either printf or sprintf. Also, you could cast
back to an integer, if you explicitly don't need floats.
--
Jeremy Privett
C.E.O. & C.S.A.
Omega Vortex Corporation
http://www.omegavortex.net
Please note: This message has been sent with information that could be
confidential and meant only for the intended recipient. If you are not the
intended recipient, please delete all copies and inform us of the error as soon
as possible. Thank you for your cooperation.
--- End Message ---
--- Begin Message ---
On Mon, 24 Mar 2008 13:10:17 -0600, [EMAIL PROTECTED] wrote:
> Beware: round() apparently has changed its behavior from PHP 4. For
> certain special numbers that seem to be multiples of 100,000, the return
> value is in exponential format, rather than the usual decimal format.
Some
> of these special values are 1200000, 1400000, 2300000, which are returned
> as 1.2E+6, 1.4E+6, etc. You can generate your own list of these special
> numbers using this code:
>
> <?php
> for( $tmp = 0, $i = 0; $i < 100; $i++ ) {
> $tmp += 100000;
> echo round($tmp),"\n";
> }
> ?>
Use (int)round($tmp) to get integer format.
--- End Message ---
--- Begin Message ---
I have a project the someone else wrote and that I can't get to work.
It uses a rather large library of classes that are not apparently getting
loaded by the provided __autoload() function.
I'm not very well versed in PHP and one of the first things I did was see if
in fact the __autoload function was being called. I place some print
statements in it and got no result. But I don't know if that is because it
is not really calling that function or perhaps the print outs are out of
scope and won't be catched by the browser, I don't know.
thanks,
PHP: 5.1
TOMCAT: 5.5
Windows XP
--- End Message ---
--- Begin Message ---
I'm not sure that it can be done. I've never heard of anyone doing it
before. Why don't you just call the PHP script from your C++ program after
you call the stored proc?
- Dan
<[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
I am very aware most of you do not use a stored procedure in mysql.
However with my latest C++ programming I have created a few that make life
a dream.
The issue I am having. When I call the stored procedure I would like the
end of the procedure to call or invoke a php script.
I have read many MySQL Stored Procedure documents, nothing as of yet that
describes what the best practic syntax or structure of a php script call.
"Reality is a delusion brought on by alcohol deficiency $1000"
"Fixing the GUI between the chair and the keyboard Priceless"
--- End Message ---
