php-general Digest 12 Oct 2008 03:52:35 -0000 Issue 5730
Topics (messages 281712 through 281737):
Setcookie()
281712 by: Ben Stones
281715 by: Per Jessen
281716 by: Ben Stones
281717 by: Per Jessen
Re: Remove index.php from url
281713 by: Shawn McKenzie
281714 by: Shawn McKenzie
281718 by: Ashley Sheridan
281719 by: \"Crash\" Dummy
281720 by: Ashley Sheridan
281721 by: Richard Heyes
281723 by: \"Crash\" Dummy
281731 by: jason php
Re: Problem with memory management
281722 by: Alan Boudreault
281724 by: Eric Butera
281726 by: Alan Boudreault
Alternative to HTTP_REFERER?
281725 by: Ben Stones
281727 by: Per Jessen
security and database
281728 by: Alain Roger
281729 by: Stut
SESSION variables
281730 by: Ron Piggott
281732 by: Daniel Brown
281733 by: Ron Piggott
281734 by: Ron Piggott
281735 by: Ron Piggott
trouble uploading more than 500 bytes...
281736 by: Karl St-Jacques
Re: Variable Variables and Super Global Arrays
281737 by: ANR Daemon
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
--- Begin Message ---
Hi,
I'm using cookies for my website script and upon users logging in a cookie
is set. Problem for me is that the cookie doesn't work due to headers
already sent. Is there anyway of fixing this because, there is no possible
way of adding setcookie() to the top of the PHP file when the cookie is
holding the username from the POSTed form. Any help appreciated.
--- End Message ---
--- Begin Message ---
Ben Stones wrote:
> I'm using cookies for my website script and upon users logging in a
> cookie is set. Problem for me is that the cookie doesn't work due to
> headers already sent. Is there anyway of fixing this because, there is
> no possible way of adding setcookie() to the top of the PHP file when
> the cookie is holding the username from the POSTed form.
This must be a self imposed restriction on your side, coz' otherwise I
see no problem.
/Per Jessen, Zürich
--- End Message ---
--- Begin Message ---
What I mean is I cannot use setcookie, I need to check if user credentials
are correct first (which is BEFORE setcookie) and if so, set a cookie. I
can't do that unless setcookie is first, but I need to check if the user
credentials is correct. Furthermore I cannot use setcookie in the header as
I want to display a message saying that they have successfully logged in in
the correct area of my template.
2008/10/11 Per Jessen <[EMAIL PROTECTED]>
> Ben Stones wrote:
>
> > I'm using cookies for my website script and upon users logging in a
> > cookie is set. Problem for me is that the cookie doesn't work due to
> > headers already sent. Is there anyway of fixing this because, there is
> > no possible way of adding setcookie() to the top of the PHP file when
> > the cookie is holding the username from the POSTed form.
>
> This must be a self imposed restriction on your side, coz' otherwise I
> see no problem.
>
>
> /Per Jessen, Zürich
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
--- Begin Message ---
Ben Stones wrote:
> What I mean is I cannot use setcookie, I need to check if user
> credentials are correct first (which is BEFORE setcookie) and if so,
> set a cookie. I can't do that unless setcookie is first, but I need to
> check if the user credentials is correct. Furthermore I cannot use
> setcookie in the header as I want to display a message saying that
> they have successfully logged in in the correct area of my template.
Well, I'm doing exactly that and it works just fine. This is a rough
outline of the flow:
GET <login page> (form with user and password fields)
POST <login page>
validate user+password, save in session
setcookie().
redirect with 303 to <welcome page>
GET <welcome page>
/Per Jessen, Zürich
--- End Message ---
--- Begin Message ---
OOzy Pal wrote:
> Hello,
>
> I expect that this question been beaten to death. I googled for many hours
> and all what I found is related to one CMS or another. I want to do is to
> make a very very very simple index.php that when is it called it
> automatically detect the page and load it. For example, when I call
>
> www.xyz.com/index.php/company, it calls for company.html. I have made that
> index.php. Now I need to remove this index.php from the url.
>
> Can you help?
>
mod_rewite if you use Apache. In the simplest form (not tested):
.htaccess
RewriteRule ^index\.php\/(.*)$ $1 [L,NC,NS]
HTH
-Shawn
--- End Message ---
--- Begin Message ---
Shawn McKenzie wrote:
> OOzy Pal wrote:
>> Hello,
>>
>> I expect that this question been beaten to death. I googled for many hours
>> and all what I found is related to one CMS or another. I want to do is to
>> make a very very very simple index.php that when is it called it
>> automatically detect the page and load it. For example, when I call
>>
>> www.xyz.com/index.php/company, it calls for company.html. I have made that
>> index.php. Now I need to remove this index.php from the url.
>>
>> Can you help?
>>
> mod_rewite if you use Apache. In the simplest form (not tested):
>
> .htaccess
>
> RewriteRule ^index\.php\/(.*)$ $1 [L,NC,NS]
>
> HTH
> -Shawn
Scrub that. The rule is backwards. But mod_rewrite is the answer.
-Shawn
--- End Message ---
--- Begin Message ---
On Sat, 2008-10-11 at 11:02 -0500, Shawn McKenzie wrote:
> Shawn McKenzie wrote:
> > OOzy Pal wrote:
> >> Hello,
> >>
> >> I expect that this question been beaten to death. I googled for many hours
> >> and all what I found is related to one CMS or another. I want to do is to
> >> make a very very very simple index.php that when is it called it
> >> automatically detect the page and load it. For example, when I call
> >>
> >> www.xyz.com/index.php/company, it calls for company.html. I have made that
> >> index.php. Now I need to remove this index.php from the url.
> >>
> >> Can you help?
> >>
> > mod_rewite if you use Apache. In the simplest form (not tested):
> >
> > .htaccess
> >
> > RewriteRule ^index\.php\/(.*)$ $1 [L,NC,NS]
> >
> > HTH
> > -Shawn
> Scrub that. The rule is backwards. But mod_rewrite is the answer.
>
> -Shawn
>
Incidentally, does anyone know how this would be achieved on IIS? We've
got a site at work that's running off a CMS I knocked up, but they'd
prefer the URLs to look proper, without the query string.
Ash
www.ashleysheridan.co.uk
--- End Message ---
--- Begin Message ---
> Incidentally, does anyone know how this would be achieved on IIS?
> We've got a site at work that's running off a CMS I knocked up, but
> they'd prefer the URLs to look proper, without the query string.
On IIS, the default document(s) are set on the server. If index.php is
not in the default document list, and you don't have access to the
server, I don't know how to override the default except by
redirecting.
--
Crash
Committed to the search for intraterrestrial intelligence.
--- End Message ---
--- Begin Message ---
On Sat, 2008-10-11 at 13:00 -0400, "Crash" Dummy wrote:
> > Incidentally, does anyone know how this would be achieved on IIS?
> > We've got a site at work that's running off a CMS I knocked up, but
> > they'd prefer the URLs to look proper, without the query string.
>
> On IIS, the default document(s) are set on the server. If index.php is
> not in the default document list, and you don't have access to the
> server, I don't know how to override the default except by
> redirecting.
> --
> Crash
> Committed to the search for intraterrestrial intelligence.
>
>
>
>
That wasn't what I was asking. I meant is there an equivalent to
mod-rewrite for IIS? I've got bunches of pages being sourced from one
php file, and i'd like to be able to accept URLs without the querystring
part, but still have access to those querystring variables in my php
code.
Ash
www.ashleysheridan.co.uk
--- End Message ---
--- Begin Message ---
> mod_rewite if you use Apache.
Or, if you don't have it (not very likely), directories. Eg For the
URL you gave, make a dir called company and put a default document in
there (usually index.html). You will end up with a trailing slash on
the URL, and it does incur a redirect, but it works. This might even
work with IIS, so it would be cross-server compatible.
--
Richard Heyes
HTML5 Graphing for FF, Chrome, Opera and Safari:
http://www.rgraph.org
--- End Message ---
--- Begin Message ---
> That wasn't what I was asking. I meant is there an equivalent to
> mod-rewrite for IIS?
No. At least nothing simple and free. Run a Google search for
"mod_rewrite iis" and you will see what I mean.
--
Crash
Committed to the search for intraterrestrial intelligence.
--- End Message ---
--- Begin Message ---
I think what you're looking at is one of a myriad of available ISAPI
plug-ins; essentially, an IIS add-on that mimics the functionality of
mod_rewrite to some degree.
I found one that claims to work on IIS 5.0-7.0 *and* appears to be FREE.
Problem is, you won't be able to simply copy over any existing .htaccess
files: http://www.codeplex.com/IIRF
Another interesting find was one that advertises 100% compatibility between
it and Apache .htaccess files. It, however, costs a few bucks:
http://www.micronovae.com/ModRewrite/ModRewrite.html
Jason
I haven't used either one of these myself, so I can't provide you with
anything more concrete... Hope this helps!
On Sat, Oct 11, 2008 at 2:02 PM, Crash Dummy <[EMAIL PROTECTED]> wrote:
> > That wasn't what I was asking. I meant is there an equivalent to
> > mod-rewrite for IIS?
>
> No. At least nothing simple and free. Run a Google search for
> "mod_rewrite iis" and you will see what I mean.
> --
> Crash
> Committed to the search for intraterrestrial intelligence.
>
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
--- Begin Message ---
Richard Heyes wrote:
Problem with memory management
I sure know that feeling... :-/
So, there is no other choice that waiting a new PHP release ?
--
Alan Boudreault
Mapgears
http://www.mapgears.com/
--- End Message ---
--- Begin Message ---
On Sat, Oct 11, 2008 at 1:58 PM, Alan Boudreault
<[EMAIL PROTECTED]> wrote:
> Richard Heyes wrote:
>>>
>>> Problem with memory management
>>>
>>
>> I sure know that feeling... :-/
>>
>>
>
> So, there is no other choice that waiting a new PHP release ?
>
> --
> Alan Boudreault
> Mapgears
> http://www.mapgears.com/
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
Are you actually having a real problem here other than just looking at
the memory usage function? Or are you just trying to get an idea for
how much power this app is going to need? Perhaps maybe you can do
some pre-generation of the heavier parts of this app before it is used
in a front-end script.
--- End Message ---
--- Begin Message ---
Eric Butera wrote:
On Sat, Oct 11, 2008 at 1:58 PM, Alan Boudreault
<[EMAIL PROTECTED]> wrote:
Richard Heyes wrote:
Problem with memory management
I sure know that feeling... :-/
So, there is no other choice that waiting a new PHP release ?
--
Alan Boudreault
Mapgears
http://www.mapgears.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Are you actually having a real problem here other than just looking at
the memory usage function? Or are you just trying to get an idea for
how much power this app is going to need? Perhaps maybe you can do
some pre-generation of the heavier parts of this app before it is used
in a front-end script.
I don't have a REAL PROBLEM. We made an extension for PHP for web
mapping that uses GIS data. GIS data can be large sometime and some
scripts can easily use a lot of memory for big data process. (We don't
control how our clients use our extension) So... i don't have a real
problem at the moment... but not beeing able to free the memory when we
need/want it is obviously a problem. I was just trying to understand
this behavior.
Thanks
Alan
--
Alan Boudreault
Mapgears
http://www.mapgears.com/
--- End Message ---
--- Begin Message ---
are there any alternatives to HTTP_REFERER as that only works for "clicking"
but it won't work for referrals from redirects?
Cheers
--- End Message ---
--- Begin Message ---
Ben Stones wrote:
> are there any alternatives to HTTP_REFERER as that only works for
> "clicking" but it won't work for referrals from redirects?
>
It does work in FF, but not in MSIE - as usual. I had a design that
relied on HTTP_REFERER, but I had to change for exactly that reason.
I'd be very interested to hear if anyone's got any general alternatives
that don't involve a lot of coding around the issue.
/Per Jessen, Zürich
--- End Message ---
--- Begin Message ---
Hi,
to have access to my web application, user needs to log in. Before to send
login/password over the net, user is directly redirected to HTTPS version of
my web application in case he did not write HTTPS:// at the address bar.
once he types login/password, everything is checked with DB data and if it
is correct, so he's granted right to continue and he redirected to another
HTTPS web page.
i would like improve security but i'm not sure it make sense as HTTPS is
used.
therefore i was thinking to request for each stored procedures (all my SQL
requests are in stored procedures) login and password (stored into
session)... but does it make really sense ?
thx.
--
Alain
------------------------------------
Windows XP SP3
PostgreSQL 8.2.4 / MS SQL server 2005
Apache 2.2.4
PHP 5.2.4
C# 2005-2008
--- End Message ---
--- Begin Message ---
On 11 Oct 2008, at 20:18, Alain Roger wrote:
to have access to my web application, user needs to log in. Before
to send
login/password over the net, user is directly redirected to HTTPS
version of
my web application in case he did not write HTTPS:// at the address
bar.
once he types login/password, everything is checked with DB data and
if it
is correct, so he's granted right to continue and he redirected to
another
HTTPS web page.
i would like improve security but i'm not sure it make sense as
HTTPS is
used.
SSL secures the data transmission from client to server and there's
nothing currently available that provides better security at that level.
therefore i was thinking to request for each stored procedures (all
my SQL
requests are in stored procedures) login and password (stored into
session)... but does it make really sense ?
First of all, IMHO there are no valid reasons for storing passwords in
the session. If you think you have one I'm betting your architecture
is either overly complicated or just plain wrong.
Secondly, I see no security advantage in requiring a username and
password to be passed along with each stored procedure request. Aside
from the extra overhead, if someone gets access to your database you
have other problems which won't be solved by requiring a username and
password to execute stored procedures.
-Stut
--
http://stut.net/
--- End Message ---
--- Begin Message ---
I am programming a blog.
index.php sets up the layout for the web page. This includes the
heading, left hand and bottom menus.
The content is loaded by the command:
include($filename);
the $_SESSION variables aren't available to files like blog.php . The
session variables only work in the initial file, index.php.
I am NOT using frames. The web page is loaded all at the same time.
Simply when index.php is done, it passes the "baton" to the next .php
file to display the specific information the user is requesting.
Any ideas / suggestions?
Ron
--- End Message ---
--- Begin Message ---
On Sat, Oct 11, 2008 at 7:49 PM, Ron Piggott <[EMAIL PROTECTED]> wrote:
> I am programming a blog.
>
> index.php sets up the layout for the web page. This includes the
> heading, left hand and bottom menus.
>
> The content is loaded by the command:
>
> include($filename);
>
> the $_SESSION variables aren't available to files like blog.php . The
> session variables only work in the initial file, index.php.
Did you remember to add session_start() to the head of the master
file that's including the other files?
--
</Daniel P. Brown>
More full-root dedicated server packages:
Intel 2.4GHz/60GB/512MB/2TB $49.99/mo.
Intel 3.06GHz/80GB/1GB/2TB $59.99/mo.
Intel 2.4GHz/320/GB/1GB/3TB $74.99/mo.
Dedicated servers, VPS, and hosting from $2.50/mo.
--- End Message ---
--- Begin Message ---
This is one of the first commands given.
I am using modrewrites to call the blog entries.
blog.php is responsible for displaying both the table of contents and
the blog entries. When the table of contents is called
(http://www.rons-home.net/page/blog/ ) the session variables are
present. When an actual blog entry is displayed
( http://www.rons-home.net/blog/28/ ) the session variables aren't
there.
I am not sure what is happening / why.
The login is at http://www.rons-home.net/page/login/ It has 'page' in
the URL. But I am not sure why this should upset the session
variables ...
Any thoughts?
Ron
On Sat, 2008-10-11 at 19:59 -0400, Daniel Brown wrote:
> On Sat, Oct 11, 2008 at 7:49 PM, Ron Piggott <[EMAIL PROTECTED]> wrote:
> > I am programming a blog.
> >
> > index.php sets up the layout for the web page. This includes the
> > heading, left hand and bottom menus.
> >
> > The content is loaded by the command:
> >
> > include($filename);
> >
> > the $_SESSION variables aren't available to files like blog.php . The
> > session variables only work in the initial file, index.php.
>
> Did you remember to add session_start() to the head of the master
> file that's including the other files?
>
--- End Message ---
--- Begin Message ---
I did some more testing. The URL is the problem.
Logins are from
On Sat, 2008-10-11 at 19:59 -0400, Daniel Brown wrote:
> On Sat, Oct 11, 2008 at 7:49 PM, Ron Piggott <[EMAIL PROTECTED]> wrote:
> > I am programming a blog.
> >
> > index.php sets up the layout for the web page. This includes the
> > heading, left hand and bottom menus.
> >
> > The content is loaded by the command:
> >
> > include($filename);
> >
> > the $_SESSION variables aren't available to files like blog.php . The
> > session variables only work in the initial file, index.php.
>
> Did you remember to add session_start() to the head of the master
> file that's including the other files?
>
--- End Message ---
--- Begin Message ---
Oops
Logins are from
http://www.rons-home.net/page/login-greeting/
Blog postings are from
http://www.rons-home.net/blog/28/
with the word 'page' gone the session variable doesn't acknowledge the
login.
Ron
On Sat, 2008-10-11 at 21:12 -0400, Ron Piggott wrote:
> I did some more testing. The URL is the problem.
>
> Logins are from
>
>
> On Sat, 2008-10-11 at 19:59 -0400, Daniel Brown wrote:
> > On Sat, Oct 11, 2008 at 7:49 PM, Ron Piggott <[EMAIL PROTECTED]> wrote:
> > > I am programming a blog.
> > >
> > > index.php sets up the layout for the web page. This includes the
> > > heading, left hand and bottom menus.
> > >
> > > The content is loaded by the command:
> > >
> > > include($filename);
> > >
> > > the $_SESSION variables aren't available to files like blog.php . The
> > > session variables only work in the initial file, index.php.
> >
> > Did you remember to add session_start() to the head of the master
> > file that's including the other files?
> >
--
Acts Ministries Christian Evangelism
Where People Matter
12 Burton Street
Belleville, Ontario, Canada
K8P 1E6
[EMAIL PROTECTED]
www.actsministrieschristianevangelism.org
In Belleville Phone: (613) 967-0032
In North America Call Toll Free: (866) ACTS-MIN
Fax: (613) 967-9963
--- End Message ---
--- Begin Message ---
Hello,
I have trouble uploading files to a server. Actually I can't upload more than
500 bytes or so.
Here's a quick print_r of the $_FILES
[_FILES] => Array( [avatar] => Array ( [name] => index.html [type] =>
text/html [tmp_name] => /tmp/phpRbmXK5 [error] => 0 [size] => 505 ))
If I try bigger file (540 bytes or 2mb) it's simply return this.
[_FILES] => Array([avatar] => Array( [name] => ajax-loader.gif [type] =>
[tmp_name] => [error] => 3 [size] => 0)
)
error 3 is partial files sended. (By the way, there's no processing, only a
print_r();
So here's my setup from the php.ini
PHP Version 5.2.4-2ubuntu5.3
max_execution_time 1000 1000
max_input_nesting_level 64 64
max_input_time 1000 1000
memory_limit 999M 999M
post_max_size 200M 200M
upload_max_filesize 200M 200M
upload_tmp_dir no value no value
I run Apache/2.2.8
I checked the /tmp folder. it's empty, even if uploading really big file, same
for /var/tmp. the permission seems to be ok (chmod 777).
So, I'm pretty clueless about that one.
Anyone have any insight about this ?
Thanks,
Karl.
_________________________________________________________________
--- End Message ---
--- Begin Message ---
Greetings, "daniel danon".
In reply to Your message dated Saturday, October 11, 2008, 2:50:34,
> By php.net manual, "Please note that variable variables cannot be used with
> PHP's Superglobal arrays within functions or class methods". Is there any
> way to override this problem? Just the not nice eval("return $variable");?
> and in simple words - is there any way to make the following code work:
> $varname = "\$_SERVER['REMOTE_ADDR']";
> $varvalue = $$varname;
First of all, why you need it to work?
Explain real case please.
--
Sincerely Yours, ANR Daemon <[EMAIL PROTECTED]>
--- End Message ---
