php-general Digest 30 Dec 2010 23:32:34 -0000 Issue 7108
Topics (messages 310384 through 310402):
Re: Hot Topics
310384 by: Jason Pruim
310385 by: Daniel Brown
310386 by: Ashley Sheridan
310398 by: Nathan Rixham
Re: Do you trim() usernames and passwords?
310387 by: Paul M Foster
310388 by: Paul M Foster
310389 by: Ashley Sheridan
310390 by: Paul M Foster
310391 by: Omega -1911
310392 by: Ashley Sheridan
310393 by: Omega -1911
310394 by: Daniel P. Brown
310395 by: Ashley Sheridan
310396 by: Omega -1911
Re: File-Upload per Drag-N-Drop?
310397 by: Paul M Foster
Developer needed, right place for it?
310399 by: Bill Marcy
310400 by: Daniel Brown
310401 by: German Geek
Re: Regex for telephone numbers
310402 by: Ethan Rosenberg
Administrivia:
To subscribe to the digest, e-mail:
[email protected]
To unsubscribe from the digest, e-mail:
[email protected]
To post to the list, e-mail:
[email protected]
----------------------------------------------------------------------
--- Begin Message ---
Jason Pruim
On Dec 30, 2010, at 12:36 AM, Daniel Brown <[email protected]> wrote:
> On Dec 29, 2010 11:48 PM, "Jason Pruim" <[email protected]> wrote:
>>
>> Weren't you playing with the possibility of including the amount of actual
> code written as well?
>
> Yeah, that was in for a few weeks, but I believe it was Robert Cummings
> who went out of his way to show its imperfections. Maybe we should
> incorporate a syntax checker to show parse errors for the week, too. ;-P
>
>> Always thought that would be pretty cool :)
>>
>> And as someone who is married as well I agree with what you said.
> Sometimes it's easier to just say you're sorry then fighting even when you
> know you're right.
>
> Or when you top-post. Prune, Prune, Prune.... /me shakes head.
Hey it was late last night and I was responding from my iPod :P
I seem to remember you doing the same thing from your phone Mr. Brown :P
--- End Message ---
--- Begin Message ---
On Thu, Dec 30, 2010 at 08:23, Jason Pruim <[email protected]> wrote:
>
> I seem to remember you doing the same thing from your phone Mr. Brown :P
Yeah. Android finally updated that a few weeks ago. Now you can
respond inline, as I did from my DROID with that last post. ;-P
--
</Daniel P. Brown>
Network Infrastructure Manager
Documentation, Webmaster Teams
http://www.php.net/
--- End Message ---
--- Begin Message ---
On Thu, 2010-12-30 at 10:39 -0500, Daniel Brown wrote:
> On Thu, Dec 30, 2010 at 08:23, Jason Pruim <[email protected]> wrote:
> >
> > I seem to remember you doing the same thing from your phone Mr. Brown :P
>
> Yeah. Android finally updated that a few weeks ago. Now you can
> respond inline, as I did from my DROID with that last post. ;-P
>
> --
> </Daniel P. Brown>
> Network Infrastructure Manager
> Documentation, Webmaster Teams
> http://www.php.net/
>
Good to hear, I've been waiting for that. It's certainly kept me from
posting as much lately.
Thanks,
Ash
http://www.ashleysheridan.co.uk
--- End Message ---
--- Begin Message ---
Pretty sad day when you have to apologise for being a human on an open
list to which you've contributed heavily for many many years.
apology not accepted from me Dan, you've nothing to apologise for, and
anybody who doesn't like to read a bit of banter between people on a
list can just avert their eyes - it was hardly 4chan grade trolling!
Best & happy new year to you,
Nathan
Daniel Brown wrote:
First, I have to admit that what I did was wrong. I had assumed
(ASS-umed) that the other party in a discussion under a different
thread would understand and appreciate the irony of my email in reply
to his inappropriate message. Those of you who were barraged with the
fallout know what I mean. Unfortunately, it was not well-received by
the other person, which led to even further flaming and trolling.
While I had tried both on- and off-list to urge the other party to
move the discussion from the public forum to a private, one-on-one
conversation, it was ignored and actually seemed to exacerbate the
situation. For my part in that, I just wanted to send my general
apologies to those bombarded with an unnecessary and somewhat
illogical series of emails. If being married has taught me anything,
it's that it's better to just apologize and move on, regardless of
who's right or wrong. And if being married has taught me anything
else, it's that, at least in this house, I'm always wrong. So....
sorry for the unnecessary banter.
Moving on, those of you who have been on the list for several
years may recall when I was running the ListWatch and PostTrack
system, which would send a weekly summary of the list's activities at
the time. Before stopping it (it was on a server that burned out, and
I just never put it back online), I had added a topic tracker as well,
which would give the percentage of activity for a given topic, as well
as the ratio of its discussion versus all messages to the list.
Several people have asked if/when it would be coming back online, so
I'm contemplating bringing it back beginning with the first week of
January (next week). Does anyone have any thoughts on that, or any
ideas for other interesting metrics they'd like to see? I'm
particularly interested in the opinions of folks who recall the old
system, but any opinions and ideas are more than welcome.
If you'd rather send it to me directly instead of on the list, feel free.
Happy early New Year, all.
--- End Message ---
--- Begin Message ---
On Wed, Dec 29, 2010 at 05:32:38PM -0500, Daniel P. Brown wrote:
> On Wed, Dec 29, 2010 at 15:16, Omega -1911 <[email protected]> wrote:
> > Sound silly? Why Daniel? It's all documented and public knowledge. What I
> > thought was silly was a entire thread about which ASCII combination was
> > best.. convert to a higher range above the 255 character range...
> >
> > There is NOTHING I have mentioned that you or anyone can call a lie. Google
> > or eccouncil.org are great resources. You forte is php... what security
> > certs doyou hold that contradict my previous email?
>
> Aside from involvement with the now-defunct Federal agency, the
> National Infrastructure Protection Center, training by the FBI's
> Regional Computer Forensic Laboratories, accreditation as the first
> private-sector mobile computer forensic investigation laboratory in
> the tri-state area, multiple computer security certifications, and
> about fourteen years of professional network and computer security
> service to multiple public and private sector entities, I suppose not
> much.
>
> I was pleased earlier, however, to learn about your interest in
> helping others by creating a venue for them to sell their own homemade
> pornographic DVDs at such a low price, but then disappointed to learn
> that your grasp of Perl and site management wasn't yet up to par.
> "Hacking" didn't work out all that well over the last couple of years
> either, but you could probably go, what, just a thousand feet or so to
> hire one of the kids from Ben Davis high school to help out. Pay them
> a fair wage, though.... I mean, with your home last appraised at
> $122,100 (on the 27th of July, 2007, so you might want to see if it's
> appreciated more in value by now), we know you can afford to pay
> better than minimum. Heck, if they'd pave your street as well as your
> driveway is sealed, that alone might help improve the value, at least
> a little bit. Which would be fine --- I mean, you already get the
> benefits of better insurance, consider how close you are to that fire
> hydrant. (You know the one I mean, that little bluish-green one when
> you turn right out of your driveway and cross the street.)
>
> Speaking of blue-green, I love that picture of Javen. Was that
> done right on his iPhone, or did he do it on the computer before
> uploading it? Pretty cool either way, just like his name. I'm just
> not sure if it's pronounced with a "J" or an "H" sound. I mean,
> Arthur's name is easy enough, but I honestly am confused by Javen's
> (except when he spells it out like James Vencent). It's no surprise
> that he's an intelligent kid, though, being born at the autumnal
> equinox and all (and even before sunrise that morning).
>
> That aside, you might be right. Perhaps my qualifications don't
> quite justify my opinion in contradicting anything you have to say. I
> mean, being contracted to trace people all over the world can
> sometimes be almost as fun as knowing what tools to use to find out
> who they are in the first place. Still, one shouldn't spend so much
> time doing just one thing, which is why we both enjoy programming.
>
> Regardless, it doesn't matter, and I see no reason to get into any
> kind of flame war --- especially with one of the famous Six Hounds
> from the Darkside of Hell. Anyway, sorry for being ten days late, but
> happy birthday, Chap. It was good getting to know you. And, as the
> Ques know, "friendship is essential to the soul."
>
Okay Dan, just put the weapon down. I'm sure we can work this out.
Yeah... that's it. It'll all be okay. We can talk about it....
;-}
Paul
--
Paul M. Foster
http://noferblatz.com
--- End Message ---
--- Begin Message ---
On Wed, Dec 29, 2010 at 08:27:49PM -0500, Mujtaba Arshad wrote:
> craphound.com/images/xkcdwrongoninternet.jpg
And this is why I love XKCD. LOL.
Paul
--
Paul M. Foster
http://noferblatz.com
--- End Message ---
--- Begin Message ---
On Thu, 2010-12-30 at 11:04 -0500, Paul M Foster wrote:
> On Wed, Dec 29, 2010 at 08:27:49PM -0500, Mujtaba Arshad wrote:
>
> > craphound.com/images/xkcdwrongoninternet.jpg
>
> And this is why I love XKCD. LOL.
>
> Paul
>
> --
> Paul M. Foster
> http://noferblatz.com
>
>
It's got a comic for pretty much every situation!
Thanks,
Ash
http://www.ashleysheridan.co.uk
--- End Message ---
--- Begin Message ---
On Wed, Dec 29, 2010 at 06:52:28PM -0500, TR Shaw wrote:
[snip]
>
> So now lets look at the case where there is malware on your machine
> which will try to brute force your computationally hard password and
> is smart enough to use your graphics engine to increased computational
> power. Folks at MIT and Carnegie Mellon have already numerically
> proved that a 12 character password is not crackable using brute force
> in any reasonable timeframe. In fact an 8 character one has strength
> of years. I would contend that using that much power will make its
> existence known to you and coupled with the fact that you restart your
> computer every now and again and that you run an antivirus
> periodically that will eventually find it even if you don't notice the
> slow down.
Partially for this reason, I have a CPU meter on my desktop. If I see
the CPU usage climb oddly (and I have), I start checking what processes
are eating my CPU. This is one reason I don't keep my Facebook page open
all the time. It periodically sucks CPU. For some reason, Javascript
seems to chew CPU harder than almost anything else I run.
Paul
--
Paul M. Foster
http://noferblatz.com
--- End Message ---
--- Begin Message ---
I'm pretty sure there is a lot that happened that has not been mentioned yet
;)
But I digress... it's all came down to no one being able to contradict my
post. If u consider an attempt to get personal a defense, I would hope that
in a real world scenario, u have a better tactic.
--- End Message ---
--- Begin Message ---
On Thu, 2010-12-30 at 11:19 -0500, Omega -1911 wrote:
> I'm pretty sure there is a lot that happened that has not been mentioned yet
> ;)
>
> But I digress... it's all came down to no one being able to contradict my
> post. If u consider an attempt to get personal a defense, I would hope that
> in a real world scenario, u have a better tactic.
I would just like to say, that I've not seen any proof of your
statements, particularly pertaining to "the government" (of which
country you've not specified.) Following the scientific methodology,
it's up to the person who made the claim to provide proof, not on the
opposition to provide evidence to the contrary. As such, the onus is on
you to provide the proof of your statements.
[/end_two_pence_worth]
Thanks,
Ash
http://www.ashleysheridan.co.uk
--- End Message ---
--- Begin Message ---
Which topic ashley do u wish to discuss. With the eccouncil.org being in
your neck of th woods, learning/reading what hackers are using/doing
shouldn't be hard...
On Dec 30, 2010 11:23 AM, "Ashley Sheridan" <[email protected]>
wrote:
> On Thu, 2010-12-30 at 11:19 -0500, Omega -1911 wrote:
>
>> I'm pretty sure there is a lot that happened that has not been mentioned
yet
>> ;)
>>
>> But I digress... it's all came down to no one being able to contradict my
>> post. If u consider an attempt to get personal a defense, I would hope
that
>> in a real world scenario, u have a better tactic.
>
>
> I would just like to say, that I've not seen any proof of your
> statements, particularly pertaining to "the government" (of which
> country you've not specified.) Following the scientific methodology,
> it's up to the person who made the claim to provide proof, not on the
> opposition to provide evidence to the contrary. As such, the onus is on
> you to provide the proof of your statements.
>
> [/end_two_pence_worth]
>
> Thanks,
> Ash
> http://www.ashleysheridan.co.uk
>
>
--- End Message ---
--- Begin Message ---
On Thu, Dec 30, 2010 at 11:27, Omega -1911 <[email protected]> wrote:
> Which topic ashley do u wish to discuss. With the eccouncil.org being in
> your neck of th woods, learning/reading what hackers are using/doing
> shouldn't be hard...
Really, this entire thing has gone on for far too long. One final
time, please either move the discussion off-list, where it belongs, or
just drop it. This is the kind of stuff that makes good, talented
people leave the list, or new folks decide they'd rather not ever even
be involved. Everyone is entitled to their opinion, for sure, but
this is not the proper place to air them, unless they're
directly-related to PHP.
--
</Daniel P. Brown>
Dedicated Servers, Cloud and Cloud Hybrid Solutions, VPS, Hosting
(866-) 725-4321
http://www.parasane.net/
--- End Message ---
--- Begin Message ---
On Thu, 2010-12-30 at 11:27 -0500, Omega -1911 wrote:
> Which topic ashley do u wish to discuss. With the eccouncil.org being in
> your neck of th woods, learning/reading what hackers are using/doing
> shouldn't be hard...
> On Dec 30, 2010 11:23 AM, "Ashley Sheridan" <[email protected]>
> wrote:
> > On Thu, 2010-12-30 at 11:19 -0500, Omega -1911 wrote:
> >
> >> I'm pretty sure there is a lot that happened that has not been mentioned
> yet
> >> ;)
> >>
> >> But I digress... it's all came down to no one being able to contradict my
> >> post. If u consider an attempt to get personal a defense, I would hope
> that
> >> in a real world scenario, u have a better tactic.
> >
> >
> > I would just like to say, that I've not seen any proof of your
> > statements, particularly pertaining to "the government" (of which
> > country you've not specified.) Following the scientific methodology,
> > it's up to the person who made the claim to provide proof, not on the
> > opposition to provide evidence to the contrary. As such, the onus is on
> > you to provide the proof of your statements.
> >
> > [/end_two_pence_worth]
> >
> > Thanks,
> > Ash
> > http://www.ashleysheridan.co.uk
> >
> >
Well, by my "neck of the woods" I assume you mean Earth here, as I'm not
anywhere near there, to which I quote:
"The EC-Council University, based in the state of New Mexico, United
States of America,"
And my email address itself should be a little give-a-way that I'm not
based in the US ;)
I'm looking for proof provided by you on some of your own statements:
"it is a known fact that post 9/11 companies that
develop such leave ports open for "Big Brother" as required."
And:
"Even though a firewall reports that the ports are
blocked, they aren't."
I'd be very interested to find out which companies are "required" to do
this, and if any are at all, as it would go against a lot of laws we
have on privacy over here in the UK.
Thanks,
Ash
http://www.ashleysheridan.co.uk
--- End Message ---
--- Begin Message ---
Wont mind doing once I get home. You should study the council. The base of a
company does not mean they don't have branches. If you read past the first
page, you would understand... joint council... does microsoft have an office
there ;). What's your site again... interested. On a cell right now, but in
the mean time "pardon me..."
--- End Message ---
--- Begin Message ---
On Wed, Dec 29, 2010 at 07:23:25PM +0100, Michelle Konzack wrote:
> Hello,
>
> my users have an Online-File-Store with nearly anything they need but
> one feature is missing: Drag-D-Drop.
>
> I like to implement Drag-D-Drop so users can Drag a file from a File-
> Manager and Drop it on the Upload-Icon in my Webinterface.
>
> Can someone tell me HOW THIS WORKS?
This is a client-side question. Javascript can handle drag-n-drop;
WordPress does this in its site administration screens. However, it does
not do it from a file manager window.
In any case, this is a client side, not a PHP question.
Paul
--
Paul M. Foster
http://noferblatz.com
--- End Message ---
--- Begin Message ---
Looking to get a bit of PHP work done, is this the right place for it, or is
there a better place to ask?
Bill
--- End Message ---
--- Begin Message ---
On Thu, Dec 30, 2010 at 15:44, Bill Marcy <[email protected]> wrote:
> Looking to get a bit of PHP work done, is this the right place for it, or is
> there a better place to ask?
This is generally fine for one-off PHP requests, sure.
We really need to get a jobs list up. I'll work on that, but in
the meantime, go ahead and post the message here, Bill.
--
</Daniel P. Brown>
Network Infrastructure Manager
Documentation, Webmaster Teams
http://www.php.net/
--- End Message ---
--- Begin Message ---
Hi Bill, I'm a senior PHP/Javascript/Actionscript 3 developer. If you need
some PHP work done, contact me off-list and I can see what I can do for you.
Regards,
Tim
++Tim Hinnerk Heuer++
http://www.ihostnz.com
On 31 December 2010 09:44, Bill Marcy <[email protected]> wrote:
> Looking to get a bit of PHP work done, is this the right place for it, or
> is
> there a better place to ask?
> Bill
>
--- End Message ---
--- Begin Message ---
At 07:27 PM 12/29/2010, Josh Kehn wrote:
On Dec 29, 2010, at 7:12 PM, Ethan Rosenberg <[email protected]> wrote:
> Dear List -
>
> Thank you for all your help in the past.
>
> Here is another one....
>
> I would like to have a regex which would validate that a
telephone number is in the format xxx-xxx-xxxx.
>
> Thanks.
>
> Ethan
>
> MySQL 5.1 PHP 5 Linux [Debian (sid)]
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
You can't, phone numbers are more complex then that. You could use
\d{3}-\d{3}-\d{4} to match that basic pattern for all numbers though.
Regards,
-Josh
___________________________
http://joshuakehn.com
++++++++++++
Sent from my iPod
Josh -
I used use \d{3}-\d{3}-\d{4}.
It works beautifully!!
FYI [to all the list] -- I thank all for their input. I only needed
US phones, and I am forcing the user of the form to conform to
xxx-xxx-xxxx as the input format.
Ethan
++++++++++++
--- End Message ---
