php-general Digest 2 Nov 2002 19:07:18 -0000 Issue 1681
Topics (messages 122503 through 122531):
Re: Problem with 4.2.3?
122503 by: Jason Wong
122526 by: Adam
Re: -How to do Mapping ?
122504 by: Jason Wong
Control Point of Access for certain pages.
122505 by: Monty
122506 by: Jonathan Sharp
Re: Session Management
122507 by: Jonathan Sharp
122508 by: Robert Samuel White
122513 by: John W. Holmes
Re: uping to plaese help
122509 by: marcelo
This is a test mail for this mail list!
122510 by: Joskey Liaus
Can you guys do me a favor?
122511 by: PHP Mailing List
Re: ftp_rawlist problems
122512 by: Andrew Brampton
Re: Installation prob: I can't see libphp4.so
122514 by: Daniele Baroncelli
122525 by: Daniele Baroncelli
Protecting your scripts
122515 by: scott
122517 by: Manuel Lemos
help on php dbg
122516 by: Vivek Kedia
Executing the value of a variable
122518 by: Jackson Miller
122521 by: John W. Holmes
122522 by: Marek Kilimajer
122523 by: Rick Emery
122524 by: John W. Holmes
Re: storing inc.php outside doc root/security/includes
122519 by: Marek Kilimajer
Re: using mysql_field_type to disginguish between a blob and a text field.
122520 by: Marek Kilimajer
Re: Quarter question..
122527 by: Jim Hatridge
122529 by: Jonathan Sharp
122530 by: John Nichel
Time limit exceeded when uploading files
122528 by: Eduardo M. Bragatto
Problem with is_dir function
122531 by: Roger Lewis
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
--- Begin Message ---
On Saturday 02 November 2002 06:16, Adam Humphrey wrote:
> I just upgraded my PHP from 4.2.2 to 4.2.3 and now I have a problem. Right
> now I have some HTML with included PHP. When the client opens a page with
> PHP and HTML it used to (under 4.2.2) display all the HTML before the PHP
> and then process the PHP and finally (when processing completed) finish the
> rest of the HTML.
>
> This allowed my to do some DHTML to let the user know that the PHP was
> processing. Now with the new version of PHP (4.2.3) when I hit these pages
> it will process the PHP before it sends any HTML to the client.
>
> This is really frustrating. Is there some setting in php.ini that I can
> modify to allow the browser to get the HTML before the PHP code? Or any
> other way to get the old behavior?
Try disabling output buffering (php.ini).
--
Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
/*
You can fool some of the people some of the time,
and some of the people all of the time,
and that is sufficient.
*/
--- End Message ---
--- Begin Message ---
output buffering = off
This is already set to "off"
Any other suggestions?
-Adam
"Jason Wong" <[EMAIL PROTECTED]> wrote in message
news:200211021451.44280.php-general@;gremlins.com.hk...
> On Saturday 02 November 2002 06:16, Adam Humphrey wrote:
> > I just upgraded my PHP from 4.2.2 to 4.2.3 and now I have a problem.
Right
> > now I have some HTML with included PHP. When the client opens a page
with
> > PHP and HTML it used to (under 4.2.2) display all the HTML before the
PHP
> > and then process the PHP and finally (when processing completed) finish
the
> > rest of the HTML.
> >
> > This allowed my to do some DHTML to let the user know that the PHP was
> > processing. Now with the new version of PHP (4.2.3) when I hit these
pages
> > it will process the PHP before it sends any HTML to the client.
> >
> > This is really frustrating. Is there some setting in php.ini that I can
> > modify to allow the browser to get the HTML before the PHP code? Or any
> > other way to get the old behavior?
>
> Try disabling output buffering (php.ini).
>
> --
> Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
> Open Source Software Systems Integrators
> * Web Design & Hosting * Internet & Intranet Applications Development *
>
> /*
> You can fool some of the people some of the time,
> and some of the people all of the time,
> and that is sufficient.
> */
>
--- End Message ---
--- Begin Message ---
On Friday 01 November 2002 18:57, N.Paramaguru wrote:
> Hi,
>
> I'm currently developing clubs and groups...the individual group pages are
> displayed based on the group id like login.php?id=1...etc,during Creation
> of the group the user is allowed to enter their subdomain and to select a
> domain from the available list and all this details are stored in mysql
> database. The main requirement is that whenever the user types
> domain.subdomain.com they must be able to go to the home page of the group
It is not possible to have something like domain.subdomain.com, but you can
have subdomain.domain.com.
There are two things you need:
1) Setup your DNS records properly
2) If you're using Apache, read up on the Rewrite features.
Both are OT and beyond the scope of this list.
> which will be in a separate server...i.e it must be able to map it to the
> page login.php?id="required Id" for the particular group...
>
> How can this be done....is there any way to do this in PHP...
Nothing to do with PHP.
> I still have a doubt whether its related to PHP :-)
Try the apache mailing list.
--
Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
/*
If you don't care where you are, then you ain't lost.
*/
--- End Message ---
--- Begin Message ---
On a site that uses a popup window to display images, I want to prevent
people from hotlinking directly to the popup page because it just looks like
crap if not sized properly with controls removed.
But I'm not sure how I can prevent someone from doing this. It appears the
HTTP_REFERER isn't always a reliable way to see if they are entering the
page from another page on your own site. And I'm not using sessions for this
site (it's not necessary).
So, I'm a little stuck on how I can allow access to a page only from certain
other pages. Has anyone done this with PHP?
Thanks!
--- End Message ---
--- Begin Message ---
in the url pass two (GET) variables: hash and token
generate a md5 hash from a secret string and the token (like time())...
oh your page with links to pop ups:
<?
$secret = "Pigs can fly i see";
$token = time();
$hash = md5($secret.$token);
?>
On your popup page:
<?
$secret = "Pigs can fly i see";
if ( md5($secret.$_GET['token']) != $_GET['hash'] )
{
echo "I'm reporting you to the police! (Please link correctly)";
exit;
}
?>
-js
Monty wrote:
> On a site that uses a popup window to display images, I want to prevent
> people from hotlinking directly to the popup page because it just looks like
> crap if not sized properly with controls removed.
>
> But I'm not sure how I can prevent someone from doing this. It appears the
> HTTP_REFERER isn't always a reliable way to see if they are entering the
> page from another page on your own site. And I'm not using sessions for this
> site (it's not necessary).
>
> So, I'm a little stuck on how I can allow access to a page only from certain
> other pages. Has anyone done this with PHP?
>
> Thanks!
>
>
>
--- End Message ---
--- Begin Message ---
first off: IP addresses are not the way to go about this AT ALL. Even if
they are behind a proxy, they would most likely be running on a private
subnet (say 10.0.0.x) and worse yet, if a company has multiple backbones
(like the one I consult at) traffic could go through one of 3 gateway
routes (different IP's) and thus i'd end up with 1 of three sessions!?
Also i could just go through and guess id's since they're a relatively
"small" set. (Easily scripted to probe for sessions)
Creating a 'jump' page is your best bet to cross domains and pass the
session id in the url, and then set the id for that domain. There should
not be any issues if they use the same session store, etc.
As for the internals of php's sessions, I'll leave someone else to
answer that.
-js
Robert Samuel White wrote:
> I'm looking for some well thought out advice on session management.
>
> I've created a class for handling session management across an unlimited
> number of domains (without using cookies) however it has some inherent
> problems. In order to differentiate between users, it is using the IP
> Address. I realize this is completely inefficient, and I was hoping
> that someone could give me some pointers on how exactly PHP handles
> session management from the backend. When not using cookies, PHP
> propagates the Session ID in the URL and a hidden variable in forms.
> However, is this even safe? Or is this completely blind faith that the
> Session belongs to that person?
>
> Basically, I want to know if PHP *knows for sure* the right user is
> using the right session. In other words, can it detect hijacked
> sessions? My guess is a resounding no.
>
> I'm wondering if there is some way to determine the real IP Address of a
> user, even if that user is behind a proxy farm, etc., and if this is, in
> fact, what PHP does.
>
> If not, I'm stuck with figuring out how best to accomplish my goals
> using cookies. The problem: a cookie can only bet set for a single
> domain; therefore, the session will not be carried with the person if
> they browse to another domain which also uses the same eNetwizard
> Content Management Server. A possibility is to always propagate a State
> Id with the URL and forms, however even this would not prevent the exact
> same problem: Is this blind faith?
>
> If you can point me to any excellent resources on the state of session
> management on the web and how to do this securely, please let me know.
>
> -Samuel | http://enetwizard.net
>
>
>
>
--- End Message ---
--- Begin Message ---
I am quite aware that IP's are not the way to go, and why. That is why
I asked about the internal ways PHP handles sessions. Thanks.
Creating a "jump page" as you call it does not answer the fundamental
question concerning the security of session management, and that is the
basis of what I want to discuss.
-----Original Message-----
From: Jonathan Sharp [mailto:js-lists@;sharpmedia.net]
Sent: Saturday, November 02, 2002 3:16 AM
To: Robert Samuel White
Cc: [EMAIL PROTECTED]
Subject: Re: [PHP] Session Management
first off: IP addresses are not the way to go about this AT ALL. Even if
they are behind a proxy, they would most likely be running on a private
subnet (say 10.0.0.x) and worse yet, if a company has multiple backbones
(like the one I consult at) traffic could go through one of 3 gateway
routes (different IP's) and thus i'd end up with 1 of three sessions!?
Also i could just go through and guess id's since they're a relatively
"small" set. (Easily scripted to probe for sessions)
Creating a 'jump' page is your best bet to cross domains and pass the
session id in the url, and then set the id for that domain. There should
not be any issues if they use the same session store, etc.
As for the internals of php's sessions, I'll leave someone else to
answer that.
-js
Robert Samuel White wrote:
> I'm looking for some well thought out advice on session management.
>
> I've created a class for handling session management across an
unlimited
> number of domains (without using cookies) however it has some inherent
> problems. In order to differentiate between users, it is using the IP
> Address. I realize this is completely inefficient, and I was hoping
> that someone could give me some pointers on how exactly PHP handles
> session management from the backend. When not using cookies, PHP
> propagates the Session ID in the URL and a hidden variable in forms.
> However, is this even safe? Or is this completely blind faith that
the
> Session belongs to that person?
>
> Basically, I want to know if PHP *knows for sure* the right user is
> using the right session. In other words, can it detect hijacked
> sessions? My guess is a resounding no.
>
> I'm wondering if there is some way to determine the real IP Address of
a
> user, even if that user is behind a proxy farm, etc., and if this is,
in
> fact, what PHP does.
>
> If not, I'm stuck with figuring out how best to accomplish my goals
> using cookies. The problem: a cookie can only bet set for a single
> domain; therefore, the session will not be carried with the person if
> they browse to another domain which also uses the same eNetwizard
> Content Management Server. A possibility is to always propagate a
State
> Id with the URL and forms, however even this would not prevent the
exact
> same problem: Is this blind faith?
>
> If you can point me to any excellent resources on the state of session
> management on the web and how to do this securely, please let me know.
>
> -Samuel | http://enetwizard.net
>
>
>
>
--- End Message ---
--- Begin Message ---
> I've created a class for handling session management across an
unlimited
> number of domains (without using cookies) however it has some inherent
> problems. In order to differentiate between users, it is using the IP
> Address. I realize this is completely inefficient, and I was hoping
> that someone could give me some pointers on how exactly PHP handles
> session management from the backend. When not using cookies, PHP
> propagates the Session ID in the URL and a hidden variable in forms.
> However, is this even safe? Or is this completely blind faith that
the
> Session belongs to that person?
It's blind faith, just like every other system. That's the nature of
HTTP. PHP makes a "unique" session id that it passes around to identify
the user and link all of the requests.
> Basically, I want to know if PHP *knows for sure* the right user is
> using the right session. In other words, can it detect hijacked
> sessions? My guess is a resounding no.
No...and neither can any program you write that uses HTTP. The only
thing you can do is make it unique enough so that it can't be hijacked.
> I'm wondering if there is some way to determine the real IP Address of
a
> user, even if that user is behind a proxy farm, etc., and if this is,
in
> fact, what PHP does.
No. The PHP session management isn't related to IP at all, that I know
of. It shouldn't have to be because of the problem with proxies and
people having changing IPs or people sharing IP addresses.
> If not, I'm stuck with figuring out how best to accomplish my goals
> using cookies. The problem: a cookie can only bet set for a single
> domain; therefore, the session will not be carried with the person if
> they browse to another domain which also uses the same eNetwizard
> Content Management Server. A possibility is to always propagate a
State
> Id with the URL and forms, however even this would not prevent the
exact
> same problem: Is this blind faith?
If you want the session to maintain over different domains, your only
option is to pass the unique id in the URL or POST data. It's just as
safe as cookies, but, like you said, you can't pass cookies across
domains.
Put everything behind SSL and that's as secure as you can get.
Hopefully I'm not too confusing. Feel free to ask more questions.
---John Holmes...
--- End Message ---
--- Begin Message ---
Still needing help
please help me
"Marcelo" <[EMAIL PROTECTED]> wrote in message
news:20021102001942.34689.qmail@;pb1.pair.com...
> Hi need some help please
>
> What is wrong with my code?
>
> it is supposed to upload 2 files but instead gives me this error
>
> Warning: Unable to open 'Array' for reading
>
> The code
>
> <html>
> <head>
> <title>O Leme upload</title>
> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
> </head>
>
> <body>
>
> <?php
>
>
>
> $PHP_SELF = $_SERVER['PHP_SELF'];
> $page = $_REQUEST['page'];
> $origem = $_FILES['origem'];
> $origem2 = $_FILES['origem2'];
>
>
>
> switch($page)
> {
> case "um":
> um($origem ,$origem2);
> break;
> case "dois":
> dois($origem, $origem2);
> break;
>
> default:
> um($origem ,$origem2);
> break;
> }
>
> function um($origem ,$origem2)
>
>
> {
>
> ?>
>
>
>
> <title>Jornal O Leme</title>
> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
> </head>
>
> <body bgcolor="#006699">
> <table width="100%" border="0" cellpadding="0" cellspacing="0">
> <!--DWLayoutTable-->
> <tr>
> <td width="100%" height="70" valign="top"><img src="test.jpg"
> width="600" height="120">
> </td>
> </tr>
> <tr>
> <td height="262" valign="top"><p> </p>
> <form method="post" action="<?php $PHP_SELF ?>"
> enctype="multipart/form-data">
> <table width="75%" border="0" align="center" bgcolor="#FFFFFF">
> <tr>
> <td width="23%"><div align="center"><font face="BankGothic Md
> BT">
> </font></div></td>
> <td width="77%" bgcolor="#FFFFFF"> </td>
> </tr>
> <tr>
> <td><div align="center"></div></td>
> <td bgcolor="#FFFFFF"> </td>
> </tr>
> <tr>
> <td><div align="center"></div></td>
> <td bgcolor="#FFFFFF"> </td>
> </tr>
> <tr>
> <td><div align="left"><strong>Imagem
pequena</strong></div></td>
> <td bgcolor="#FFFFFF"> <input type=hidden name=MAX_FILE_SIZE
> value=102400>
> <input type="File" name="origem"> </td>
> </tr>
> <tr>
> <td><div align="left"><strong>Imagem
grande</strong></div></td>
> <td bgcolor="#FFFFFF"><input type=hidden name=MAX_FILE_SIZE
> value=102400>
> <input type="File" name="origem2"> </td>
> </tr>
> <tr>
> <td><div align="center"></div></td>
> <td bgcolor="#FFFFFF"> </td>
> </tr>
> <tr>
> <td> </td>
> <td> </td>
> </tr>
> </table>
> <p align="center">
> <input name="submit" type="submit" value="Adicionar">
> <input type="hidden" name="page" value="dois">
> </form></p>
> </td>
> </tr>
> <tr>
> <td height="81" valign="top"><div align="center">
> <p> </p>
> <p>
> <?php
>
> include ('menu.php');
>
> ?>
> </p>
> </div></td>
> </tr>
> </table>
>
>
> <?php
>
>
>
> }
>
>
>
>
> function dois($origem, $origem2)
>
>
> {
> set_time_limit(60);
> $path=(dirname($PATH_TRANSLATED))."../primeirapagina/";
> $origem_name="pppv2.jpg";
> $dest= $path.$origem_name;
>
> if (($origem <> "none") && ($origem <> "")){
> if (copy($origem,$dest)){;
>
> } else {
> echo "directoria sem direitos de escrita <br>";
> }
> unlink ($origem);
> }
>
> set_time_limit(60);
> $path2=(dirname($PATH_TRANSLATED))."../primeirapagina/";
> $origem2_name="ppv2.jpg";
> $dest2= $path2.$origem2_name;
>
> if (($origem2 <> "none") && ($origem2 <> "")){
> if (copy($origem2,$dest2)){;
>
> } else {
> echo "directoria sem direitos de escrita <br>";
> }
> unlink ($origem2);
> }
>
>
>
>
> }
>
>
>
>
>
> ?>
> </body>
> </html>
>
>
>
>
> and yes i am new to php
>
> tk
>
>
>
>
>
> Marcelo Salvador
>
> www.sinesdigital.pt
>
>
>
>
--- End Message ---
--- Begin Message ---
Thank you for reading my mail!
----------------------------------------------------------
test
----------------------------------------------------------
Joskey Liaus
[EMAIL PROTECTED]
--- End Message ---
--- Begin Message ---
I just started a service on my website, for free TopSite Hosting. It's had
great exposure from Hotscripts.com, in fact, my "Remote-Hosted Search
EWngine" service has taken off quite well. The only problem here is that
people just don't seem to take to it too well. I haven't had one person
sign up, and I don't know why! Not many people contact a website with bug
issues, and I think that's what I need here! Anyways, the favor I'm
asking, if you're even slightly interested in this idea, to create your
own TopSite, set it up on your site, and email me with any bugs, comments
and suggestions.
If running your own TopSite isn't your cup o' tea, then you can join the
TopSite I've already created, for PHP sites (the URLs for all of these are
below). I could also use the help so I can create an administration panel
for TopSite owners, to edit/remove TopSites, and check if their code is on
their page. I haven't been able to create this feature since no one's
signed up yet ;) Also email me with bugs/comments/suggestions if you help
me this way too! I'll greatly appreciate all of it. :)
Create a TopSite: http://www.nukedweb.com/topsites/
Top 10 PHP Sites: http://www.nukedweb.com/topsites/topsites.php?ts=php
Please don't reply to this email! I'll never be able to find it ;) Use the
Contact link on the menu on the website. :)
Also, if you're interested (here comes the shameless plug), if you'd be
interested in selling my PHP scripts on your website and making a little
extra money, check out: http://www.nukedweb.com/phpscripts/affiliates.php
Many thanks in advance!
~ Tim
--- End Message ---
--- Begin Message ---
This is a known bug on the windows platform.
It has been fixed in CVS, and is most likly fixed in the current 4.3.0pre2
release.
I experience this problem a few weeks ago, but once I downloaded the lastest
CVS Snapshot it worked as expected.
hope this helps
Andrew
----- Original Message -----
From: "Alex" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Saturday, November 02, 2002 12:27 AM
Subject: [PHP] ftp_rawlist problems
> I'm writing a script which crawls through ftp servers, retrieving file
> listings and saving them to a DB so they may be searched.
>
> What happens, is the script connects to the ftp server, and asks for a
> listing of a directory. The ftp server apparentally sends the script the
> file listing, but then the script hangs. I have absolutely no idea what
> causes the problem.
> To combat this problem, I have a loop which keeps looping until
ftp_rawlist
> actually returns something valid.
> $files = false;
> while (! is_array($files))
> {
> $files = ftp_rawlist($conn, $dir);
> }
> That, along with
> ftp_set_option($conn, FTP_TIMEOUT_SEC, 3);
> Seems to fix the problem for now, but I would still like to know what's
> going on.
>
> Please note...
> I'm running PHP 4.2.1 as a module with apache 1.3.x on a win2k machine.
The
> server I am using for testing, if it should make any difference, is
> Filezilla 0.7.2.
> Also, this problem does not occur every time a directory listing is
> requested, but perhaps every 15-20 directories. In any case, which
directory
> php stalls on is random.
>
> If anyone else has ever encountered this problem, or has any idea what is
> going on, I would be very interested in hearing what you have to say :).
>
> - Alex
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
--- Begin Message ---
> > I can't actually find out where the libphp4.so has been placed.
>
> Assuming you have done 'make', 'make install', use 'find / -name
libphp4.so'
> to find where it is.
>
> Or just do 'make install' again and watch carefully to see where
libphp4.so is
> copied to.
The 'find / -name libphp4.so' didn't return me any directory where the file
is placed.
The make install returned me this at the end:
/usr/home/rockit/usr/local/lib/php/php-4.2.3/build/shtool install -c -m 0755
php
/usr/home/rockit/usr/local/bin/php
installing shared modules into
/usr/home/rockit/usr/local/lib/php/extensions/no-
debug-non-zts-20020429
So, it should mean that the libphp4.so is placed in this last directory "no-
debug-non-zts-20020429".
But this directory is empty.
Does anyone have any other hint in order to find out the installed module?
Daniele
--- End Message ---
--- Begin Message ---
Now it works.
I repeated the installation from scratch and now it finally creates the
libphp4.so file.
Daniele
"Daniele Baroncelli" <[EMAIL PROTECTED]> wrote in message
news:20021102130710.81040.qmail@;pb1.pair.com...
> > > I can't actually find out where the libphp4.so has been placed.
> >
> > Assuming you have done 'make', 'make install', use 'find / -name
> libphp4.so'
> > to find where it is.
> >
> > Or just do 'make install' again and watch carefully to see where
> libphp4.so is
> > copied to.
>
>
> The 'find / -name libphp4.so' didn't return me any directory where the
file
> is placed.
>
> The make install returned me this at the end:
> /usr/home/rockit/usr/local/lib/php/php-4.2.3/build/shtool install -c -m
0755
> php
> /usr/home/rockit/usr/local/bin/php
> installing shared modules into
> /usr/home/rockit/usr/local/lib/php/extensions/no-
> debug-non-zts-20020429
>
> So, it should mean that the libphp4.so is placed in this last directory
"no-
> debug-non-zts-20020429".
>
> But this directory is empty.
>
>
> Does anyone have any other hint in order to find out the installed module?
>
>
> Daniele
>
>
--- End Message ---
--- Begin Message ---
Hi there
I wrote some php scripts that I want some friends to be able to use from
there php scripts. Some on my server under different domains and some on
other servers else where on the web
How could I enable them to embed and use my scripts from within there
php pages without them getting access to the source.
Best regards
Scott
--- End Message ---
--- Begin Message ---
Hello,
On 11/02/2002 10:26 AM, Scott wrote:
Hi there
I wrote some php scripts that I want some friends to be able to use from
there php scripts. Some on my server under different domains and some on
other servers else where on the web
How could I enable them to embed and use my scripts from within there
php pages without them getting access to the source.
http://pear.php.net/bcompiler
--
Regards,
Manuel Lemos
--- End Message ---
--- Begin Message ---
Hello all
I am new to programming I need a urgent help, I
recently installed PHP 4.2.3 ( ON win me , running
apache 1.3.22 ) from the install shield downloaded
from php.net.
Earlier my dbugger used to work but now it doesnt
work, the nupshere phped gives the following error --
----------------------------------------------
Security Alert! The PHP CGI cannot be accessed
directly.
This PHP CGI binary was compiled with
force-cgi-redirect enabled. This means that a page
will only be served up if the REDIRECT_STATUS CGI
variable is set, e.g. via an Apache Action directive.
For more information as to why this behaviour exists,
see the manual page for CGI security.
For more information about changing this behaviour or
re-enabling this webserver, consult the installation
file that came with this distribution, or visit the
manual page.
==============================================
I will b highly obliged if any1 can give me step by
step instructions how to make the dbugger run, Thanx
in advance
vivek
__________________________________________________
Do you Yahoo!?
HotJobs - Search new jobs daily now
http://hotjobs.yahoo.com/
--- End Message ---
--- Begin Message ---
I would like to store some code in a database and load/execute that code
based on a query.
Is it possible to execute the value of a variable in a php script?
I am aware of several other ways to accomplish the same task, but I just
want to see if there is in fact a performance hit from storing code in a
database.
I tried something along the line of:
while ($row = mysql_fetch_array($result)
{
function loaded_module()
{$row[moduleCode];}
}
loaded_module();
but that doesn't seem to work.
Any thoughts?
-Jackson
--- End Message ---
--- Begin Message ---
www.php.net/exec
Make sure you read the entire page and are aware of the security
concerns of using this function.
---John Holmes...
> -----Original Message-----
> From: Jackson Miller [mailto:anything@;jaxn.org]
> Sent: Saturday, November 02, 2002 8:03 AM
> To: [EMAIL PROTECTED]
> Subject: [PHP] Executing the value of a variable
>
> I would like to store some code in a database and load/execute that
code
> based on a query.
>
> Is it possible to execute the value of a variable in a php script?
>
> I am aware of several other ways to accomplish the same task, but I
just
> want to see if there is in fact a performance hit from storing code in
a
> database.
>
> I tried something along the line of:
> while ($row = mysql_fetch_array($result)
> {
> function loaded_module()
> {$row[moduleCode];}
> }
>
> loaded_module();
>
> but that doesn't seem to work.
>
> Any thoughts?
>
> -Jackson
>
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
You want to look at eval();
Jackson Miller wrote:
I would like to store some code in a database and load/execute that code
based on a query.
Is it possible to execute the value of a variable in a php script?
I am aware of several other ways to accomplish the same task, but I just
want to see if there is in fact a performance hit from storing code in a
database.
I tried something along the line of:
while ($row = mysql_fetch_array($result)
{
function loaded_module()
{$row[moduleCode];}
}
loaded_module();
but that doesn't seem to work.
Any thoughts?
-Jackson
--- End Message ---
--- Begin Message ---
eval()
----- Original Message -----
From: "Jackson Miller" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Saturday, November 02, 2002 7:02 AM
Subject: [PHP] Executing the value of a variable
I would like to store some code in a database and load/execute that code
based on a query.
Is it possible to execute the value of a variable in a php script?
I am aware of several other ways to accomplish the same task, but I just
want to see if there is in fact a performance hit from storing code in a
database.
I tried something along the line of:
while ($row = mysql_fetch_array($result)
{
function loaded_module()
{$row[moduleCode];}
}
loaded_module();
but that doesn't seem to work.
Any thoughts?
-Jackson
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
www.php.net/eval I mean... duh! sorry...
---John Holmes...
> -----Original Message-----
> From: John W. Holmes [mailto:holmes072000@;charter.net]
> Sent: Saturday, November 02, 2002 9:24 AM
> To: 'Jackson Miller'; [EMAIL PROTECTED]
> Subject: RE: [PHP] Executing the value of a variable
>
> www.php.net/exec
>
> Make sure you read the entire page and are aware of the security
> concerns of using this function.
>
> ---John Holmes...
>
> > -----Original Message-----
> > From: Jackson Miller [mailto:anything@;jaxn.org]
> > Sent: Saturday, November 02, 2002 8:03 AM
> > To: [EMAIL PROTECTED]
> > Subject: [PHP] Executing the value of a variable
> >
> > I would like to store some code in a database and load/execute that
> code
> > based on a query.
> >
> > Is it possible to execute the value of a variable in a php script?
> >
> > I am aware of several other ways to accomplish the same task, but I
> just
> > want to see if there is in fact a performance hit from storing code
in
> a
> > database.
> >
> > I tried something along the line of:
> > while ($row = mysql_fetch_array($result)
> > {
> > function loaded_module()
> > {$row[moduleCode];}
> > }
> >
> > loaded_module();
> >
> > but that doesn't seem to work.
> >
> > Any thoughts?
> >
> > -Jackson
> >
> >
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
>
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
I know how it works, I just want to know the error (or warning you get)
example:
*Warning*: Failed opening ... for inclusion
(include_path='.:/php/includes:/usr/share/php') in */var/www/... *on
line ...
Also check if your $_SERVER['DOCUMENT_ROOT'] really corresponds to real
filesystem path,
for example on my system $_SERVER['DOCUMENT_ROOT'] is /www/htdocs, but
/www/htdocs is only
a symlink to /var/www/html, so I need to put sensitivedata.inc.php into
/var/www/html.
You might also have safe mode restrictions in effect.
rolf vreijdenberger wrote:
this is how it is done:
include ($_SERVER['DOCUMENT_ROOT'].'/../sensitivedata.inc.php');
explanation:
suppose i have a file:
www.mydomain.com/file.php
on the server it could be :
/home/sites/site168/web/file.php
this file wants to include a file with sensitive data, (or just download
some other files ) that should not be in the root (accessible via the web)
so I store this files in this directory, one higher than the doc root
/home/sites/site168/
like this
/home/sites/site168/sensitivedata.inc.php
it is now inaccesible via the web in a direct way, but not indirectly,
through other php scripts.
you include it in the way described above:
include ($_SERVER['DOCUMENT_ROOT'].'/../sensitivedata.inc.php');
$_SERVER['DOCUMENT_ROOT']
quote php manual "The document root directory under which the current script
is executing, as defined in the server's configuration file."
hope to have helped you all
--- End Message ---
--- Begin Message ---
Use method found in user comments on http://www.php.net/mysql_field_type
John Meyer wrote:
I've recently found out that mysql returns blob for both blobs and text
fields. Now, how do I distinguish between the two?
--- End Message ---
--- Begin Message ---
HI all,
In the code below I'm trying to get the last column to show 1, 2, 3, or 4
according to which quarter of the year it is. But all it shows in that column
is " Resource ID # X". The X starts with #3 and goes to 18. There are (at the
moment) 15 items in the table. Any ideas what's wrong?
Thanks
JIM
#############################
<?php
echo "<table border=1> \n";
$i=1;
while ($myrow = mysql_fetch_array($result)) {
if($i % 2) { //this means if there is a remainder
echo "<TR bgcolor=\"yellow\">\n";
} else { //if there isn't a remainder we will do the else
echo "<TR bgcolor=\"white\">\n";
}
$qdate=$myrow["date"];
$sql = "select quarter($qdate)" or die("not work #3");
$yyy = mysql_query ($sql) or die("not work #4");
printf("<td><a href=\"%s?id=%s&delete=yes\">Delete</a></td>", $PHP_SELF,
$myrow["id"]);
printf("<td><a href=\"%s?id=%s&submit=yes\">Update</td><td>%s</td><td>
%s</td><td> %s</td></a></tr>",
"update-inv.php", $myrow["id"], $myrow["name"], $myrow["details"], $yyy);
$i=$i+1;
}
echo "</table>\n";
}
?>
#############################
--
Vielfeind -- Viel Ehr'
Antiamerikanische Propaganda in der Philatelie des 20. Jahrhunderts
http:/www.fecundswamp.net/~hatridge/stamps/index.html
--- End Message ---
--- Begin Message ---
try this:
-js
<table border=1>
<?
$i = 0;
while ( $myrow = mysql_fetch_array($result) )
{
$c = ( ++$i % 2 ? 'yellow' : 'white' );
echo "<tr bgcolor=\"$c\">";
printf('<td><a href="%s?id=%s&delete=yes">Delete</a></td>',
$PHP_SELF, $myrow['id'] );
$q = ceil( 4/(int)date('n', strtotime($mydata['date']) ));
printf('<td><a
href="%s?id=%s&submit=yes">%s</a></td><td>%s</td><td>%s</td></tr>',
'update-inv.php', $myrow['id'], $myrow['name'], $myrow['details'], $q);
}
?>
</table>
Jim Hatridge wrote:
> HI all,
>
> In the code below I'm trying to get the last column to show 1, 2, 3, or 4
> according to which quarter of the year it is. But all it shows in that column
> is " Resource ID # X". The X starts with #3 and goes to 18. There are (at the
> moment) 15 items in the table. Any ideas what's wrong?
>
> Thanks
>
> JIM
>
> #############################
> <?php
> echo "<table border=1> \n";
> $i=1;
> while ($myrow = mysql_fetch_array($result)) {
> if($i % 2) { //this means if there is a remainder
> echo "<TR bgcolor=\"yellow\">\n";
> } else { //if there isn't a remainder we will do the else
> echo "<TR bgcolor=\"white\">\n";
> }
> $qdate=$myrow["date"];
> $sql = "select quarter($qdate)" or die("not work #3");
> $yyy = mysql_query ($sql) or die("not work #4");
>
> printf("<td><a href=\"%s?id=%s&delete=yes\">Delete</a></td>", $PHP_SELF,
> $myrow["id"]);
> printf("<td><a href=\"%s?id=%s&submit=yes\">Update</td><td>%s</td><td>
> %s</td><td> %s</td></a></tr>",
> "update-inv.php", $myrow["id"], $myrow["name"], $myrow["details"], $yyy);
> $i=$i+1;
> }
> echo "</table>\n";
> }
> ?>
> #############################
>
--- End Message ---
--- Begin Message ---
When you run mysql_query, it just sends back a resource id to the result
set. To get the data, use something like mysql_fetch_array()
$sql = "SELECT * FROM `myDataBase.myTable`";
if ( $result = @mysql_query ( $sql ) ) {
while ( $data = @mysql_fetch_array ( $result, MYSQL_ASSOC ) ) {
print_r ( $data );
}
@mysql_free_result ( $result );
} else {
echo ( mysql_error() );
}
Jim Hatridge wrote:
HI all,
In the code below I'm trying to get the last column to show 1, 2, 3, or 4
according to which quarter of the year it is. But all it shows in that column
is " Resource ID # X". The X starts with #3 and goes to 18. There are (at the
moment) 15 items in the table. Any ideas what's wrong?
Thanks
JIM
#############################
<?php
echo "<table border=1> \n";
$i=1;
while ($myrow = mysql_fetch_array($result)) {
if($i % 2) { //this means if there is a remainder
echo "<TR bgcolor=\"yellow\">\n";
} else { //if there isn't a remainder we will do the else
echo "<TR bgcolor=\"white\">\n";
}
$qdate=$myrow["date"];
$sql = "select quarter($qdate)" or die("not work #3");
$yyy = mysql_query ($sql) or die("not work #4");
printf("<td><a href=\"%s?id=%s&delete=yes\">Delete</a></td>", $PHP_SELF,
$myrow["id"]);
printf("<td><a href=\"%s?id=%s&submit=yes\">Update</td><td>%s</td><td>
%s</td><td> %s</td></a></tr>",
"update-inv.php", $myrow["id"], $myrow["name"], $myrow["details"], $yyy);
$i=$i+1;
}
echo "</table>\n";
}
?>
#############################
--- End Message ---
--- Begin Message ---
I'm using a single php script to send files named upload.php,
here is the source code:
<?php
set_time_limit(500);
copy($userfile, "log\\$userfile_name");
echo "<html><head><title>Uploading file...</title><meta
http-equiv=\"refresh\" content=\"0;
url=http://test.com/file_sent.html\";></head><body><center><font
face=\"Verdana\" size=\"4\">Uploading
file...</font></center></body></html>";
?>
I've tried to change the "time limit" because there's an error that
doesn't stop:
Fatal error: Maximum execution time of 20 seconds exceeded in
D:\dominios\E\escolas-es\spe\upload.php on line 2
As you can see, the time limit is exceeded before the
"set_time_limit" is executed. I thing that's because the script begins
only after the file is uploaded. My problem is that I can't change the
"maximum_execution_time" in the configuration file.
Does anyone can help me out?
Thank you,
Eduardo M. Bragatto.
--- End Message ---
--- Begin Message ---
I'm having a problem with the is_dir function, or maybe I don't understand
how it supposed to work. I'm using the following code to check whether or
not a directory called $user_dir exists. If it exists, I am returned the
proper message. But if it doesn't exist, I get the following error message
that says that it doesn't exist. (I already knew that!)
<ERROR Number="8" Description="Error: "stat failed for
/home/sites/home/users/demodocs/web/userforum/user
(errno=2 - No such file or directory)" on line 175 of
/home/sites/home/users/demo/web/user_forum/messages.php."/
Can someone please explain what I am doing wrong here, and how to return a
usable value if the directory doesn't exist.
$test = is_dir($user_dir);
if($test){echo "You have a user directory. It is $user_dir";}
else{echo "Your user directory doesn't exist";
return;}
Thanks a lot.
Roger Lewis
--- End Message ---
