[PHP] Sessions can be dangerous
Dear All, There doesn't seem to be much discussion of the disadvantages and long term dangers of using php sessions. So let's redress the balance: 1. Heterogeneous Code Environments php session data is not easily accessible from non-php code e.g. Perl/C/ASP etc. In contrast, either client-stored data e.g. cookies, hidden posts, get variables, or data stored in a structured database table, (i.e. one column per variable), is easily accessible from other code. The implication is that sessions may suit you fine as long as only php is used on your site. However, if your site matures and you ever want or need to use another language for some pages, it will be hard for those pages to access data stored in sessions. On the other hand, if the data had been stored in an well-established industry standard format, you should have no problems. 2. Provably Secure Authentication Data Hopefully we all know by now that the best way to safely authenticate for access control is to make sure the username/password is checked every time either by your script, your webserver or a trusted third-party. However, I have the feeling some session users are tempted to simply authenticate in one script and store a logged in or username flag in the session without the username/password having been re-validated. It's not a complete disaster if you do this, which probably means lots of people do it! But this is only as secure as the session_id key. I don't doubt that session_ids are generated with a high-quality random number generator and should be suitably uncrackable. However, the crackability/vulnerability of a username/password schema is very well understood. Can we really say that the vulnerability/crackability of a session_id is as well understood? What happens if, and I'm sure it's a remote chance, there is ever a bug in the session-key generation that stops them being so random so a session_id crack becomes not just possible but real easy! Usernames/passwords just don't have that kind of vulnerability, and the vulnerabilities they do have are well known. 3. Independent Audit of Server Stored Data Procedures for independently verifying the data stored on a server in a SQL RDBMs are well established. It is easy to query the database schema to see what columns are defined. It is easy to verify that the data actually held in a column is as expected. In general it is easy to prove and verify what data is held e.g. to prove Data Protection compliance or Bank/Credit Card requirements, (no storage of cvv2 for example). It is intrinsically much harder to prove that the contents of php session data are compliant. You need to write a php script to unpack the session data. That means proving that that script itself is safe. Even after you've unpacked the session data, you still have to make sense of it. Different sessions may hold different numbers of differently named variables. But that's not all, the same variable may hold data in different formats in different sessions! Practically you have some pretty complex processes to prove what data you have stored and to verify that you have stored what you thought you'd stored! All in all, php sessions are NOT going to be popular with data auditors. Once again, that may not matter to you now, but down the line it could become a BIG issue. 4. State-ful Designs My personal concern about sessions, is more about the design issues. What worries me is that sessions may be used to try and re-create client/server style state when the most distinctive advantage of the internet, (and the key to its astounding success), is that it is fundamentally state-less. What this means, is that the internet is based on the principle that every request is entirely self-contained and independent of any other request. There is for example, absolutely and explicitly, no guarantee that http requests will be received in chronological order. It is all strictly about best effort, and no guarantees. This is why the internet works: each component does its own job as well as it can without worrying about what else is happening. The implication from a design point of view is that you should not be making any assumptions about what has gone before or what will come after your php script runs. The functionality offered, should, as far as possible, be completely self-contained, with each php script acting as a component in its own right. That means no direct interaction between the scripts. Interaction should be gated through third-party standard interfaces such as http or SQL. The problem with sessions is that they encourage you to break this model by creating a new set of super-global data holding state information. This data is not exchanged through established standards, but rather, floats around in the background, changing the behaviour of the script but without being clearly externally defined. If the session data is only
Re: [PHP] Sessions can be dangerous
Some great points in here George - but it leaves me hanging What are the options? If we are not to use a 'state-ful' system, how do you track users preferences, login/logout states, shopping baskets, and other items that need sessions or some other type of reliable tracking method? Not that I am saying sessions are 100% reliaable - they are as good only as the cookie that is returned, and that is not 100% reliable - but it is the most reliable method that I am aware of - unless I am missing something :) So all that you say may be true, but what are the options? On 5/30/03 10:26 AM, George Whiffen [EMAIL PROTECTED] wrote: Dear All, There doesn't seem to be much discussion of the disadvantages and long term dangers of using php sessions. So let's redress the balance: 1. Heterogeneous Code Environments php session data is not easily accessible from non-php code e.g. Perl/C/ASP etc. In contrast, either client-stored data e.g. cookies, hidden posts, get variables, or data stored in a structured database table, (i.e. one column per variable), is easily accessible from other code. The implication is that sessions may suit you fine as long as only php is used on your site. However, if your site matures and you ever want or need to use another language for some pages, it will be hard for those pages to access data stored in sessions. On the other hand, if the data had been stored in an well-established industry standard format, you should have no problems. 2. Provably Secure Authentication Data Hopefully we all know by now that the best way to safely authenticate for access control is to make sure the username/password is checked every time either by your script, your webserver or a trusted third-party. However, I have the feeling some session users are tempted to simply authenticate in one script and store a logged in or username flag in the session without the username/password having been re-validated. It's not a complete disaster if you do this, which probably means lots of people do it! But this is only as secure as the session_id key. I don't doubt that session_ids are generated with a high-quality random number generator and should be suitably uncrackable. However, the crackability/vulnerability of a username/password schema is very well understood. Can we really say that the vulnerability/crackability of a session_id is as well understood? What happens if, and I'm sure it's a remote chance, there is ever a bug in the session-key generation that stops them being so random so a session_id crack becomes not just possible but real easy! Usernames/passwords just don't have that kind of vulnerability, and the vulnerabilities they do have are well known. 3. Independent Audit of Server Stored Data Procedures for independently verifying the data stored on a server in a SQL RDBMs are well established. It is easy to query the database schema to see what columns are defined. It is easy to verify that the data actually held in a column is as expected. In general it is easy to prove and verify what data is held e.g. to prove Data Protection compliance or Bank/Credit Card requirements, (no storage of cvv2 for example). It is intrinsically much harder to prove that the contents of php session data are compliant. You need to write a php script to unpack the session data. That means proving that that script itself is safe. Even after you've unpacked the session data, you still have to make sense of it. Different sessions may hold different numbers of differently named variables. But that's not all, the same variable may hold data in different formats in different sessions! Practically you have some pretty complex processes to prove what data you have stored and to verify that you have stored what you thought you'd stored! All in all, php sessions are NOT going to be popular with data auditors. Once again, that may not matter to you now, but down the line it could become a BIG issue. 4. State-ful Designs My personal concern about sessions, is more about the design issues. What worries me is that sessions may be used to try and re-create client/server style state when the most distinctive advantage of the internet, (and the key to its astounding success), is that it is fundamentally state-less. What this means, is that the internet is based on the principle that every request is entirely self-contained and independent of any other request. There is for example, absolutely and explicitly, no guarantee that http requests will be received in chronological order. It is all strictly about best effort, and no guarantees. This is why the internet works: each component does its own job as well as it can without worrying about what else is happening. The implication from a design point of view is that you should not be making any assumptions about what has gone before or what will come after your php
Re: [PHP] Suggestion of webpage about search engines
C'mon! You built this site - don't lie and say you 'found' it! Quoting l [EMAIL PROTECTED]: I found one small site (designed in php of course:)) what care about registration on search engines and search engine optimalization here: http://submit.prolidi.net/en/ I found some of the information very helpful, so I send it to you. L. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Email This Story and Print Functions
the Print this Story really doesn't have anything to do with PHP, if you are referring to actually sending the page to a printer (see Javascript) if you are storing your articles in a DB, simply pull the info out and create a mailbody for the Email this Story function. On Fri, 2003-05-30 at 02:36, Jeffrey L. Fitzgerald wrote: Thanks to Kevin, Monty and the others who helped with my earlier post... Anyone have experience with PHP based Email This Story and Print This Story functions?? I am looking to add these along with a digital postcard mailer. -- Michael Geier [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Email This Story and Print Functions
on 30/05/03 6:36 PM, Jeffrey L. Fitzgerald ([EMAIL PROTECTED]) wrote: Thanks to Kevin, Monty and the others who helped with my earlier post... Anyone have experience with PHP based Email This Story and Print This Story functions?? I am looking to add these along with a digital postcard mailer. Email this story is a way of someone emailing the contents of a page, OR the URL of the page (more common) to a friend so all you need to do is know what page they're trying to email, collect the sender and recipient email address', and send a URL short message with mail(). Look in the $_SERVER array for some values which will tell you the current URL query string. Print this page can be as simple as an alternate style sheet, or a simplified way of presenting data on a page, which is printer-friendly. If you're pulling your main content out of databases or flat files, then it should be relatively easy to set a value in the URL ($_GET array) which toggles between a complex (regular) page layout, and a simple (print) layout. Think it through. Justin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mail function problem
changing the value in the php.ini file is not the ideal option, as it screws things up for all of users/scripts on the server. you could use ini_set() for the script to change the sendmail_path var for that script. you could use a mail class that does alot of the grunt work for you (Manuel Lemos normally posts some classes from his site, however I use PHPMailer (http://phpmailer.sourceforge.net) and have never looked back. On Fri, 2003-05-30 at 03:26, David Grant wrote: Bersani Francesco wrote: Hi, I have a problem with the mail function; it always sends mails assuming in the from field the user [EMAIL PROTECTED]. I tried to override it with this code: ? $email = [EMAIL PROTECTED]; $subject = prova invio mail ; $message = parappaaa ; $headers = From:[EMAIL PROTECTED]:[EMAIL PROTECTED]; mail($email, $subject, $message, $headers); ? -- It doesn't work... Can anybody help me ? Take a peek into php.ini to change the default value. Note that you should seperate mail headers with \r\n. Regards, David -- David Grant Web Developer [EMAIL PROTECTED] http://www.wiredmedia.co.uk Tel: 0117 930 4365, Fax: 0870 169 7625 Wired Media Ltd Registered Office: 43 Royal Park, Bristol, BS8 3AN Studio: Whittakers House, 32 - 34 Hotwell Road, Bristol, BS8 4UD Company registration number: 4016744 ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. ** -- Michael Geier [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sessions can be dangerous
George, Having created an invoicing system using php , I very clearly understand the advantage the session construction holds : the information is maintained on the server, rather than floating around in cyberspace between the client and server each and every time you exchange information. If you want to use hidden input you need to set up a secure link each and every time you transfer the o so important username/password combination. Furthermore , the session data is not that difficult to access with another program as long as you can capture the session-id, which you can. All in all , I did not yet come across a better system to get something working in a manageable and secure way. You could go a step further and mimick the session_data management via a database interface if your data quality is such an important issue, but then again, make sure you have a foolproof system to make logging in into the database secure ! Nobody forces you to use the session system and if you want to shy away from it , it is your choice, but I am a little bit afraid that your lenghty email about session insecurity will be meaningfull only for the core PHP developers/auditors. Wim -Oorspronkelijk bericht- Van: George Whiffen [mailto:[EMAIL PROTECTED] Verzonden: Friday, May 30, 2003 4:27 PM Aan: [EMAIL PROTECTED] Onderwerp: [PHP] Sessions can be dangerous Dear All, There doesn't seem to be much discussion of the disadvantages and long term dangers of using php sessions. So let's redress the balance: 1. Heterogeneous Code Environments php session data is not easily accessible from non-php code e.g. Perl/C/ASP etc. In contrast, either client-stored data e.g. cookies, hidden posts, get variables, or data stored in a structured database table, (i.e. one column per variable), is easily accessible from other code. The implication is that sessions may suit you fine as long as only php is used on your site. However, if your site matures and you ever want or need to use another language for some pages, it will be hard for those pages to access data stored in sessions. On the other hand, if the data had been stored in an well-established industry standard format, you should have no problems. 2. Provably Secure Authentication Data Hopefully we all know by now that the best way to safely authenticate for access control is to make sure the username/password is checked every time either by your script, your webserver or a trusted third-party. However, I have the feeling some session users are tempted to simply authenticate in one script and store a logged in or username flag in the session without the username/password having been re-validated. It's not a complete disaster if you do this, which probably means lots of people do it! But this is only as secure as the session_id key. I don't doubt that session_ids are generated with a high-quality random number generator and should be suitably uncrackable. However, the crackability/vulnerability of a username/password schema is very well understood. Can we really say that the vulnerability/crackability of a session_id is as well understood? What happens if, and I'm sure it's a remote chance, there is ever a bug in the session-key generation that stops them being so random so a session_id crack becomes not just possible but real easy! Usernames/passwords just don't have that kind of vulnerability, and the vulnerabilities they do have are well known. 3. Independent Audit of Server Stored Data Procedures for independently verifying the data stored on a server in a SQL RDBMs are well established. It is easy to query the database schema to see what columns are defined. It is easy to verify that the data actually held in a column is as expected. In general it is easy to prove and verify what data is held e.g. to prove Data Protection compliance or Bank/Credit Card requirements, (no storage of cvv2 for example). It is intrinsically much harder to prove that the contents of php session data are compliant. You need to write a php script to unpack the session data. That means proving that that script itself is safe. Even after you've unpacked the session data, you still have to make sense of it. Different sessions may hold different numbers of differently named variables. But that's not all, the same variable may hold data in different formats in different sessions! Practically you have some pretty complex processes to prove what data you have stored and to verify that you have stored what you thought you'd stored! All in all, php sessions are NOT going to be popular with data auditors. Once again, that may not matter to you now, but down the line it could become a BIG issue. 4. State-ful Designs My personal concern about sessions, is more about the design issues. What worries me is that sessions may be used to try and re-create client/server style state when the most distinctive advantage of the internet, (and the key to its astounding success), is that it
[PHP] php + java in winxp platform, reload dont work~
Dear all, i installed java jdk 1.4 and php 4.3.2 i tried to use java in php i edited the php.ini as follows [Java] extension=php_java.dll java.class.path = c:\php\extensions\php_java.jar java.home = C:\j2sdk1.4.1_01 java.library = C:\j2sdk1.4.1_01\jre\bin\server\jvm.dll java.library.path = c:\php\extensions and test it with following codes and it works (the code copy from php.net) ?php // get instance of Java class java.lang.System in PHP $system = new Java('java.lang.System'); // demonstrate property access print 'Java version='.$system-getProperty('java.version').' br'; print 'Java vendor=' .$system-getProperty('java.vendor').' br'; print 'OS='.$system-getProperty('os.name').' '. $system-getProperty('os.version').' on '. $system-getProperty('os.arch').' br'; // java.util.Date example $formatter = new Java('java.text.SimpleDateFormat', , dd, 'at' h:mm:ss a ); print $formatter-format(new Java('java.util.Date')); ? however the problem is when i first run this page in IE, it works i click the reflesh button, it works but if i closed the IE, and load the page in a new broswer, it show Fatal error: Unable to create Java Virtual Machine i have to restart the apache server to get it work again, so what is going on? Jason -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] strip_tags() Quandry....
As you can guess, I'm more a fan of the regular expressions myself being primarily a PERL head. However, PHP string functions are useful and convenient (like trim() for example), and they don't require you to know the in's and out's of regexps which can look like gobbledygook, be very confusing, and sometimes very difficult to use if you don't really know how they work. If you can get them to work, they are very powerful. However getting them to work can require some serious tweaking. I think the main thing when deciding which to use is how much control you want over what is done to your string. Using a PHP function can lead to precarious results sometimes if you don't know exactly what they do (nl2br(), for example, you have to be sure that ALL of your br's are to occur right before a \n, this isn't always the case). They also don't afford as much flexibility in some cases as regular expressions do (str_replace for replacing multiple spaces, for example). If it's something simple that you know a PHP function can take of, use it. If not, use regexps. They may take a bit more tweaking, but in the long run are much more flexible and a lot more powerful. Carl. -Original Message- From: Noah [mailto:[EMAIL PROTECTED] Sent: Thursday, May 29, 2003 11:03 PM To: CPT John W. Holmes; Carl Furst Cc: [EMAIL PROTECTED] Subject: Re: [PHP] strip_tags() Quandry Hey John; Hey Carl. I've heard this debate before; i.e. regular expressions vs. PHP string formatting functions. The problem I'm dealing with will require, I believe, a combination of preg_replace(), str_replace(), strstr(), and str_pos(). To my limited knowledge, there is no way to remove white space with PHP string functions; when I use strip_tags on a block of html text, whitespace results; thus the need for preg_replace(). The rest can most likely be taken care of with PHP string functions, although I'm running into a few headaches with user errors; i.e. when a coach types up his/her team roster and mistakenly adds extra spaces between fields (e.g. player height = 6' 2 instead of 6' 2), or roster fields do not match up with our roster table fields (e.g. one team roster has a field for player's favorite professional athlete) -- in these cases it may be that I'll need to use regular expressions to crawl through roster string data looking for word boundaries and the like. I'm new to regular expressions to say the least -- just took the dive in yesterday; much to learn... If either of you feel like elaborating on the pros and cons of regular expressions vs. PHP string functions, let me know. --Noah - Original Message - From: CPT John W. Holmes [EMAIL PROTECTED] To: Carl Furst [EMAIL PROTECTED]; Noah [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, May 29, 2003 10:18 AM Subject: Re: [PHP] strip_tags() Quandry Yes, no problem! Glad it worked out. you may wish to actually study the perlre man page on perl.com. This goes into the most details and talks about how PERL actually EXTENDS shell regular expressions significantly and excellent resource that I have used many many times. I figure since PHP regexps are perl compatible, might as well go to the source, no? My other suggestion is that if you are taking this HTML and putting into a database, especially MySQL you should scrub for pipes, nulls and slashes, hackers can exploit user input to open a tty or shell or even access user files like /etc/passwd and mess wid ya here are a few regexps that do that While I agree that regexp are powerful and useful, the examples you gave are better suited to using str_replace(), trim(), or nl2br() calls rather than a regular expression. Also, about the warning for inserting data into a database... try not to scare people to much. If you have column = '$value' or column = $value in your query, as long as you've run addslashes on $value to escape single quotes in the first case and double quotes in the second, there's no vulnerabilities. If you have column = $column then you BETTER make sure that $column is a number and only a number. When you put unquoted (unquoted within the actual SQL, not PHP) values into your SQL, that's when you open yourself up to vulnerabilities if you're not validating that the value is only a number. For pipes: preg_replace('/\|/g','',$html_string); For nulls: Preg_replace('/\0/g','',$html_string); For slashes preg_replace('/\//g','',$html_string); # to be clearer, you can use s!\/! g; just so you can see where the regexp begins and ends. str_replace('|','',$html_string); etc... Some other useful ones for data like the stuff you're doing: Spaces at the beginning: /^\s/ spaces at the end: /\s$/ trim() br tags into \n preg_replace('!\br\!', \n, $string); nl2br(); ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP 4.3.2 released
Hi, This _still_ doesn't seem to work with Linux/Apache2. I have no problems with Apache 1.3.27. Have been running Apache/php for years, but I have been unable to get php to work with apache2 except as a cgi. I have now tried both --with-apxs2 and --with-apxs2filter. Neither appear to work. Useing --with-apxs2 I get segfaults (seen in error_log), and the server won't even serve up plain html, though server-info and server-status do work! Useing --with-apxs2filter, I just get a save-file dialog box, offering to save the source. I do note one apparent error in all the documentation I can find; the module is listed as sapi_apache2.c rather than mod_php4.c (as it is under apache 1.3.x). So rather than using IfModule mod_php4.c you need to use IfModule sapi_apache2.c to activate module specific actions. This _does_ work, and the module _is_ loading, as server info reflects the setting of PHPINIdir and php_admin_flag settings made in httpd.conf. Below is the end of my Apache config file, everything before the AddType was added just to see if I could get environment changes to show up in server- info, which they do. BTW, Apache compiled as pre-fork, just to make things as easy as possible. IfModule sapi_apache2.c php_value include_path .:/usr/local/lib/php php_admin_flag safe_mode on PHPINIDir /usr/local/lib /IfModule AddType application/x-httpd-php .php The most recent effort was compiled with _no_ extra functionality addded to php. I usually add gd and mysql at a minimum. Apache was compiled with -- enable-so, have been doing it this way since the first install of 1.3.x. I have tried searching for any info on what the problem might be, but everything I've found on the web seems to say I've been doing things correctly. Would really like to get this working! :) I have suspected that with apache2filter, php is never getting to see the pages. Possibly this has something to do with the fact that the module is known as sapi_php4 rather than mod_php4? I'm reaching I guess. On 29 May 2003 at 15:05, Jani Taskinen wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 After a lengthy QA process, PHP 4.3.2 is finally out! This maintenance release solves a lot of bugs found in earlier PHP versions and is a *strongly* recommended upgrade for all PHP users. PHP 4.3.2 contains, among others, following important fixes, additions and improvements: * Fixes several potentially hazardous integer and buffer overflows. * Fixes for several 64-bit problems. * New Apache 2.0 SAPI module (sapi/apache2handler, enabled with --with-apxs2). * New session_regenerate_id() function. (Important feature against malicious session planting). * Improvements to dba extension. * Improvements to thttpd SAPI module. * Dropped support for GDLIB version 1.x.x (php_gd.dll) on Windows. * An unix man page for CLI version of PHP. * New disable_classes php.ini option to allow administrators to disable certain classes for security reasons. * ..and huge amount other bug fixes _ / \ / [EMAIL PROTECTED] / \ \ / / \_/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Passing page referrer on as variable
I have a login process for an intranet that aims to allow all people to view the intranet front page, but as soon as they click on a link, they are taken to a login page. Once they have logged in (authentication via sessions, drawing from info held in a mysql database) they can then go wherever they want. What I am trying to get is that when they click on a link and login, the process then forwards them on to the page whose link they clicked on, rather than presenting them back with the home page. Basically, every page calls a function that checks whether the person is logged in, and if not redirects them to the login page. The login page register the $http_referer as a variable on the form - and when the form is submitted (ie. login takes place) that variable is passed on, and used for a location: instruction on success. The real kicker is that this worked fine when I developed it - using IE5 on my Mac (and still does). Only after a short while did I discover and realise that it wasn't working at all on IE5.5 / 6 on Windows. But surely these are server side operations, and if it works for one it should work for others? The only thing I can think of is that IE5.5 on Windows doesn't pass on the referer info in the same way?? In which case, is there an alternative way of capturing this that would withstand the differences? Thanks - Mallen This e-mail has been scanned for all viruses by Star Internet. The service is powered by MessageLabs. For more information on a proactive anti-virus service working around the clock, around the globe, visit: http://www.star.net.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] strip_tags() Quandry....
Exactly, Carl. The HTML team data I'm dealing with comes in myriad formats -- nothing is uniform as each school presents their team data differently, not to mention potential inconsistencies (e.g. users mistakenly entering multiple spaces between fields and the like) within each format. For the most part I intend to rely on regular expressions for this job, although I'm a little wary -- regexp syntax is tres bizarre ;--) Thanks for the clues; ultraedit.com has a great regexp tutorial Enjoy the spring/summer, --Noah - Original Message - From: Carl Furst [EMAIL PROTECTED] To: Noah [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Friday, May 30, 2003 7:44 AM Subject: RE: [PHP] strip_tags() Quandry As you can guess, I'm more a fan of the regular expressions myself being primarily a PERL head. However, PHP string functions are useful and convenient (like trim() for example), and they don't require you to know the in's and out's of regexps which can look like gobbledygook, be very confusing, and sometimes very difficult to use if you don't really know how they work. If you can get them to work, they are very powerful. However getting them to work can require some serious tweaking. I think the main thing when deciding which to use is how much control you want over what is done to your string. Using a PHP function can lead to precarious results sometimes if you don't know exactly what they do (nl2br(), for example, you have to be sure that ALL of your br's are to occur right before a \n, this isn't always the case). They also don't afford as much flexibility in some cases as regular expressions do (str_replace for replacing multiple spaces, for example). If it's something simple that you know a PHP function can take of, use it. If not, use regexps. They may take a bit more tweaking, but in the long run are much more flexible and a lot more powerful. Carl. -Original Message- From: Noah [mailto:[EMAIL PROTECTED] Sent: Thursday, May 29, 2003 11:03 PM To: CPT John W. Holmes; Carl Furst Cc: [EMAIL PROTECTED] Subject: Re: [PHP] strip_tags() Quandry Hey John; Hey Carl. I've heard this debate before; i.e. regular expressions vs. PHP string formatting functions. The problem I'm dealing with will require, I believe, a combination of preg_replace(), str_replace(), strstr(), and str_pos(). To my limited knowledge, there is no way to remove white space with PHP string functions; when I use strip_tags on a block of html text, whitespace results; thus the need for preg_replace(). The rest can most likely be taken care of with PHP string functions, although I'm running into a few headaches with user errors; i.e. when a coach types up his/her team roster and mistakenly adds extra spaces between fields (e.g. player height = 6' 2 instead of 6' 2), or roster fields do not match up with our roster table fields (e.g. one team roster has a field for player's favorite professional athlete) -- in these cases it may be that I'll need to use regular expressions to crawl through roster string data looking for word boundaries and the like. I'm new to regular expressions to say the least -- just took the dive in yesterday; much to learn... If either of you feel like elaborating on the pros and cons of regular expressions vs. PHP string functions, let me know. --Noah - Original Message - From: CPT John W. Holmes [EMAIL PROTECTED] To: Carl Furst [EMAIL PROTECTED]; Noah [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, May 29, 2003 10:18 AM Subject: Re: [PHP] strip_tags() Quandry Yes, no problem! Glad it worked out. you may wish to actually study the perlre man page on perl.com. This goes into the most details and talks about how PERL actually EXTENDS shell regular expressions significantly and excellent resource that I have used many many times. I figure since PHP regexps are perl compatible, might as well go to the source, no? My other suggestion is that if you are taking this HTML and putting into a database, especially MySQL you should scrub for pipes, nulls and slashes, hackers can exploit user input to open a tty or shell or even access user files like /etc/passwd and mess wid ya here are a few regexps that do that While I agree that regexp are powerful and useful, the examples you gave are better suited to using str_replace(), trim(), or nl2br() calls rather than a regular expression. Also, about the warning for inserting data into a database... try not to scare people to much. If you have column = '$value' or column = $value in your query, as long as you've run addslashes on $value to escape single quotes in the first case and double quotes in the second, there's no vulnerabilities. If you have column = $column then you BETTER make sure that $column is a number and only a number. When you put unquoted (unquoted within the actual SQL, not PHP) values into your SQL, that's when you open yourself up to vulnerabilities if you're not
Re: [PHP] Sessions can be dangerous
Wim While I do see the usefullness of sessions, I have to disagree with you on the security aspect. A session ID is just as vulnerable to sniffing as is a username / password combination. The only security you gain from using it instead is that it's value is time limited. If your application reallys needs all that security, you'd better be using a secure transport, period. The session might even be worse, because, for instance, if you're using the files session handler, another user of your system may be able to easily read the current sessions id's from the temp folder, and hijack an authenticated session, even if it were encrypted. As george stated, there is also always the chance that the session_id generator is NOT secure, in which case you're really up the proverbial creek. You're right, however, in that storing all the state information on the server is a good thing. Why pollute your html with hidden fields, or mangle the heck out of your urls. I DO believe that maintaining state is a necessity when attempting to write Applications on the web, instead of just web pages. --erik Wim Paulussen wrote: George, Having created an invoicing system using php , I very clearly understand the advantage the session construction holds : the information is maintained on the server, rather than floating around in cyberspace between the client and server each and every time you exchange information. If you want to use hidden input you need to set up a secure link each and every time you transfer the o so important username/password combination. Furthermore , the session data is not that difficult to access with another program as long as you can capture the session-id, which you can. All in all , I did not yet come across a better system to get something working in a manageable and secure way. You could go a step further and mimick the session_data management via a database interface if your data quality is such an important issue, but then again, make sure you have a foolproof system to make logging in into the database secure ! Nobody forces you to use the session system and if you want to shy away from it , it is your choice, but I am a little bit afraid that your lenghty email about session insecurity will be meaningfull only for the core PHP developers/auditors. Wim -Oorspronkelijk bericht- Van: George Whiffen [mailto:[EMAIL PROTECTED] Verzonden: Friday, May 30, 2003 4:27 PM Aan: [EMAIL PROTECTED] Onderwerp: [PHP] Sessions can be dangerous Dear All, There doesn't seem to be much discussion of the disadvantages and long term dangers of using php sessions. So let's redress the balance: 1. Heterogeneous Code Environments php session data is not easily accessible from non-php code e.g. Perl/C/ASP etc. In contrast, either client-stored data e.g. cookies, hidden posts, get variables, or data stored in a structured database table, (i.e. one column per variable), is easily accessible from other code. The implication is that sessions may suit you fine as long as only php is used on your site. However, if your site matures and you ever want or need to use another language for some pages, it will be hard for those pages to access data stored in sessions. On the other hand, if the data had been stored in an well-established industry standard format, you should have no problems. 2. Provably Secure Authentication Data Hopefully we all know by now that the best way to safely authenticate for access control is to make sure the username/password is checked every time either by your script, your webserver or a trusted third-party. However, I have the feeling some session users are tempted to simply authenticate in one script and store a logged in or username flag in the session without the username/password having been re-validated. It's not a complete disaster if you do this, which probably means lots of people do it! But this is only as secure as the session_id key. I don't doubt that session_ids are generated with a high-quality random number generator and should be suitably uncrackable. However, the crackability/vulnerability of a username/password schema is very well understood. Can we really say that the vulnerability/crackability of a session_id is as well understood? What happens if, and I'm sure it's a remote chance, there is ever a bug in the session-key generation that stops them being so random so a session_id crack becomes not just possible but real easy! Usernames/passwords just don't have that kind of vulnerability, and the vulnerabilities they do have are well known. 3. Independent Audit of Server Stored Data Procedures for independently verifying the data stored on a server in a SQL RDBMs are well established. It is easy to query the database schema to see what columns are defined. It is easy to verify that the data actually held in a column is as expected. In general it is easy to prove and verify what data is held e.g. to prove Data Protection compliance or Bank/Credit Card
Re: [PHP] Sessions can be dangerous
on 31/05/03 1:26 AM, George Whiffen ([EMAIL PROTECTED]) wrote: 1. Heterogeneous Code Environments php session data is not easily accessible from non-php code e.g. Perl/C/ASP etc. In contrast, either client-stored data e.g. cookies, hidden posts, get variables, or data stored in a structured database table, (i.e. one column per variable), is easily accessible from other code. The implication is that sessions may suit you fine as long as only php is used on your site. However, if your site matures and you ever want or need to use another language for some pages, it will be hard for those pages to access data stored in sessions. On the other hand, if the data had been stored in an well-established industry standard format, you should have no problems. 2. Provably Secure Authentication Data Hopefully we all know by now that the best way to safely authenticate for access control is to make sure the username/password is checked every time either by your script, your webserver or a trusted third-party. However, I have the feeling some session users are tempted to simply authenticate in one script and store a logged in or username flag in the session without the username/password having been re-validated. It's not a complete disaster if you do this, which probably means lots of people do it! But this is only as secure as the session_id key. I don't doubt that session_ids are generated with a high-quality random number generator and should be suitably uncrackable. However, the crackability/vulnerability of a username/password schema is very well understood. Can we really say that the vulnerability/crackability of a session_id is as well understood? What happens if, and I'm sure it's a remote chance, there is ever a bug in the session-key generation that stops them being so random so a session_id crack becomes not just possible but real easy! Usernames/passwords just don't have that kind of vulnerability, and the vulnerabilities they do have are well known. Maybe I'm missing something, but generally speaking, session id's are transmitted in plain text via either the URL, or via a cookie (neither of which is usually under SSL) so I don't see why you're paying so much attention to cracking or hijacking session ids... it is, to my knowledge, really easy to find out someone's session id, and similarly easy to hijack it. What's the option other than storing a value like logged in??? Storing the uid and pwd on the client side is a no-no, and storing them in the session in no more secure that storing logged in since the session can be hijacked. My preference is to re-ask the user for a password before: a) changing a password b) doing anything secure (like changing passwords, transferring funds, altering private information, etc etc) which is the ONLY reinforcement that is secure (ask them, then ask them again later). I don't really get your point. Yes, sessions can be unsecure, but so can $_GET variables in the wrong hands. 3. Independent Audit of Server Stored Data Procedures for independently verifying the data stored on a server in a SQL RDBMs are well established. It is easy to query the database schema to see what columns are defined. It is easy to verify that the data actually held in a column is as expected. In general it is easy to prove and verify what data is held e.g. to prove Data Protection compliance or Bank/Credit Card requirements, (no storage of cvv2 for example). It is intrinsically much harder to prove that the contents of php session data are compliant. You need to write a php script to unpack the session data. That means proving that that script itself is safe. Even after you've unpacked the session data, you still have to make sense of it. Different sessions may hold different numbers of differently named variables. But that's not all, the same variable may hold data in different formats in different sessions! Practically you have some pretty complex processes to prove what data you have stored and to verify that you have stored what you thought you'd stored! All in all, php sessions are NOT going to be popular with data auditors. Once again, that may not matter to you now, but down the line it could become a BIG issue. As long as an user-supplied data is appropriately validated before storing in sessions, I cannot see a way for the user to harm the session data, or to store bad data. Isn't the the whole point of storing JUST a session ID on the client machine (either in URL or cookie) and the data server-side, rather than storing all data client-side If a user indicates a preference for a blue background, and I validate the data that states this (sent to the script via POST or GET) before storing it as a session var, then I can't see where the danger lies... only PHP scripts have access to session data, and only a validated, expected data should be added to the session. 4. State-ful
RE: [PHP] strip_tags() Quandry....
OH yeah, it takes a little while to get the gist of how to use them, you should also Google Perl Regular Expressions see what turns up. The perlre man page is very detailed which is good but you might find some other useful tricks that PHP functions or the Perlre manpage may not cover, like checking for valid email addresses, or even phone numbers (which is a tricky little @#$%^#). Is there a PHP function that checks emails? That would be neat. Carl Furst System Developer Vote.com 50 Water St. South Norwalk, CT. 06854 203-854-9912 x.231 -Original Message- From: Noah [mailto:[EMAIL PROTECTED] Sent: Friday, May 30, 2003 2:04 PM To: Carl Furst Cc: [EMAIL PROTECTED] Subject: Re: [PHP] strip_tags() Quandry Exactly, Carl. The HTML team data I'm dealing with comes in myriad formats -- nothing is uniform as each school presents their team data differently, not to mention potential inconsistencies (e.g. users mistakenly entering multiple spaces between fields and the like) within each format. For the most part I intend to rely on regular expressions for this job, although I'm a little wary -- regexp syntax is tres bizarre ;--) Thanks for the clues; ultraedit.com has a great regexp tutorial Enjoy the spring/summer, --Noah - Original Message - From: Carl Furst [EMAIL PROTECTED] To: Noah [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Friday, May 30, 2003 7:44 AM Subject: RE: [PHP] strip_tags() Quandry As you can guess, I'm more a fan of the regular expressions myself being primarily a PERL head. However, PHP string functions are useful and convenient (like trim() for example), and they don't require you to know the in's and out's of regexps which can look like gobbledygook, be very confusing, and sometimes very difficult to use if you don't really know how they work. If you can get them to work, they are very powerful. However getting them to work can require some serious tweaking. I think the main thing when deciding which to use is how much control you want over what is done to your string. Using a PHP function can lead to precarious results sometimes if you don't know exactly what they do (nl2br(), for example, you have to be sure that ALL of your br's are to occur right before a \n, this isn't always the case). They also don't afford as much flexibility in some cases as regular expressions do (str_replace for replacing multiple spaces, for example). If it's something simple that you know a PHP function can take of, use it. If not, use regexps. They may take a bit more tweaking, but in the long run are much more flexible and a lot more powerful. Carl. -Original Message- From: Noah [mailto:[EMAIL PROTECTED] Sent: Thursday, May 29, 2003 11:03 PM To: CPT John W. Holmes; Carl Furst Cc: [EMAIL PROTECTED] Subject: Re: [PHP] strip_tags() Quandry Hey John; Hey Carl. I've heard this debate before; i.e. regular expressions vs. PHP string formatting functions. The problem I'm dealing with will require, I believe, a combination of preg_replace(), str_replace(), strstr(), and str_pos(). To my limited knowledge, there is no way to remove white space with PHP string functions; when I use strip_tags on a block of html text, whitespace results; thus the need for preg_replace(). The rest can most likely be taken care of with PHP string functions, although I'm running into a few headaches with user errors; i.e. when a coach types up his/her team roster and mistakenly adds extra spaces between fields (e.g. player height = 6' 2 instead of 6' 2), or roster fields do not match up with our roster table fields (e.g. one team roster has a field for player's favorite professional athlete) -- in these cases it may be that I'll need to use regular expressions to crawl through roster string data looking for word boundaries and the like. I'm new to regular expressions to say the least -- just took the dive in yesterday; much to learn... If either of you feel like elaborating on the pros and cons of regular expressions vs. PHP string functions, let me know. --Noah - Original Message - From: CPT John W. Holmes [EMAIL PROTECTED] To: Carl Furst [EMAIL PROTECTED]; Noah [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, May 29, 2003 10:18 AM Subject: Re: [PHP] strip_tags() Quandry Yes, no problem! Glad it worked out. you may wish to actually study the perlre man page on perl.com. This goes into the most details and talks about how PERL actually EXTENDS shell regular expressions significantly and excellent resource that I have used many many times. I figure since PHP regexps are perl compatible, might as well go to the source, no? My other suggestion is that if you are taking this HTML and putting into a database, especially MySQL you should scrub for pipes, nulls and slashes, hackers can exploit user input to open a tty or shell or even access user files like /etc/passwd and mess wid ya here are a few regexps that do that While I agree
Re: [PHP] PHP 4.3.2 released
on 31/05/03 1:46 AM, Andrew Scott ([EMAIL PROTECTED]) wrote: This _still_ doesn't seem to work with Linux/Apache2. I have no problems with Apache 1.3.27. Have been running Apache/php for years, but I have been unable to get php to work with apache2 except as a cgi. I don't mean to be rude, but this has been discussed HUNDREDS of times on the list. PHP is NOT stable with Apache 2, and is unlikely to be stable any time soon -- that's straight from people who know, like Rasmus. If you wish to use PHP in a production environment, use Apache 1.3.x. I doubt even PHP 5 will be a stable Apache 2 release, so don't hold your breath. Search the archives for detailed answers, especially from Rasmus. Justin French -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sessions can be dangerous
On Fri, 30 May 2003, George Whiffen wrote: 1. Heterogeneous Code Environments php session data is not easily accessible from non-php code e.g. Perl/C/ASP etc. In contrast, either client-stored data e.g. cookies, hidden posts, get variables, or data stored in a structured database table, (i.e. one column per variable), is easily accessible from other code. For anything beyond a trivial application, you are going to be writing your own backend save_handler anyway, so I don't really see how this is an issue. If you don't want to write your own save_handler (which is really really easy) you can always just set session.serialize_handler = wddx in your php.ini file and you will have the data stored in a standard XML format instead. This format is very accessible from non-PHP code. 2. Provably Secure Authentication Data Hopefully we all know by now that the best way to safely authenticate for access control is to make sure the username/password is checked every time either by your script, your webserver or a trusted third-party. However, I have the feeling some session users are tempted to simply authenticate in one script and store a logged in or username flag in the session without the username/password having been re-validated. Sure, but this isn't really specific to sessions. I would say this is related to any cookie a developer might create. There is always the temptation to not include the auth headers on each page and just toss the logged in user id into the cookie. This is obviously a bad idea, but I wouldn't necessarily attribute this to an inherent danger in sessions. 3. Independent Audit of Server Stored Data Procedures for independently verifying the data stored on a server in a SQL RDBMs are well established. It is easy to query the database schema to see what columns are defined. It is easy to verify that the data actually held in a column is as expected. In general it is easy to prove and verify what data is held e.g. to prove Data Protection compliance or Bank/Credit Card requirements, (no storage of cvv2 for example). It is intrinsically much harder to prove that the contents of php session data are compliant. You need to write a php script to unpack the session data. That means proving that that script itself is safe. Even after you've unpacked the session data, you still have to make sense of it. Different sessions may hold different numbers of differently named variables. But that's not all, the same variable may hold data in different formats in different sessions! Again, see point 1. Any real usage of sessions is going to need a custom save_handler most likely written against a real database. You simply cannot go beyond a trivial single-server web-app without doing so and the facilities in the php session support for doing this is good. 4. State-ful Designs My personal concern about sessions, is more about the design issues. What worries me is that sessions may be used to try and re-create client/server style state when the most distinctive advantage of the internet, (and the key to its astounding success), is that it is fundamentally state-less. What this means, is that the internet is based on the principle that every request is entirely self-contained and independent of any other request. There is for example, absolutely and explicitly, no guarantee that http requests will be received in chronological order. It is all strictly about best effort, and no guarantees. This is why the internet works: each component does its own job as well as it can without worrying about what else is happening. The boat has long since sailed on this one. People need and want to maintain state. You can't build any sort of shopping-cart style site without them. 5. Reduced Component Reusability ... On the other hand if the update is coded as a proper component i.e. it reads the key of the data to be updated from the http request, (GET, POST or COOKIE), then you can automatically allow it to be accessed from anywhere without having to always go through some particular search/list/select sequence. I tend to distinguish between the human interface to an app and the machine interface. Trying to put them both into the same interface tends to make them cumbersome for both sides. Often the human interface is just a thin layer on top of an underlying machine interface and it is at the machine interface that you have your reusability and transparency. In a properly designed architecture, the session layer is simply part of the human interface and really doesn't affect the reusability of your base machine interface. -Rasmus -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Passing page referrer on as variable
- Original Message - From: Mallen Baker [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, May 30, 2003 8:48 AM Subject: [PHP] Passing page referrer on as variable I have a login process for an intranet that aims to allow all people to view the intranet front page, but as soon as they click on a link, they are taken to a login page. Once they have logged in (authentication via sessions, drawing from info held in a mysql database) they can then go wherever they want. What I am trying to get is that when they click on a link and login, the process then forwards them on to the page whose link they clicked on, rather than presenting them back with the home page. Basically, every page calls a function that checks whether the person is logged in, and if not redirects them to the login page. The login page register the $http_referer as a variable on the form - and when the form is submitted (ie. login takes place) that variable is passed on, and used for a location: instruction on success. The real kicker is that this worked fine when I developed it - using IE5 on my Mac (and still does). Only after a short while did I discover and realise that it wasn't working at all on IE5.5 / 6 on Windows. But surely these are server side operations, and if it works for one it should work for others? The only thing I can think of is that IE5.5 on Windows doesn't pass on the referer info in the same way?? In which case, is there an alternative way of capturing this that would withstand the differences? Thanks - Mallen print_r($_SERVER) to see what values are available to you. If HTTP_REFERER is blank, which is entirely possible, try HTTP_HOST and SCRIPT_NAME and pass those to your from the intranet page to your login script instead of getting the referrer after you've redirected to the login script. - Kevin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] CR in MySQL?
How do you put a carriage return in a MySQL database and have it display as a line break on the web page? - Brian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] CR in MySQL?
How do you put a carriage return in a MySQL database and have it display as a line break on the web page? str_replace (\n, br, $var); -Dan Joseph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] CR in MySQL?
Dan Joseph wrote: How do you put a carriage return in a MySQL database and have it display as a line break on the web page? str_replace (\n, br, $var); -Dan Joseph Is CR == NL? What's wrong with nl2br()? -- David Grant Web Developer [EMAIL PROTECTED] http://www.wiredmedia.co.uk Tel: 0117 930 4365, Fax: 0870 169 7625 Wired Media Ltd Registered Office: 43 Royal Park, Bristol, BS8 3AN Studio: Whittakers House, 32 - 34 Hotwell Road, Bristol, BS8 4UD Company registration number: 4016744 ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. ** -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] reserver variable names
I could swear that I once saw a statement to the effect that certain variable names were reserved in PHP. Something along the lines of ''variable names starting with two underscores (__) are reserved... '' Is anyone else aware of this or do I have a circuit crossed somewhere? thanx --lee -- Flowers of morning glory. +-+ The sky above this street |donate to causes I care about: | Begins to overcast.| http://svcs.affero.net/rm.php?r=leed_25 | --Sugita+-+ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] CR in MySQL?
Hi, str_replace (\n, br, $var); -Dan Joseph Is CR == NL? What's wrong with nl2br()? Beats me, is it? nothing wrong with it I guess, I just didn't know about that function. -Dan Joseph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] reserver variable names
- Original Message - From: Lee Doolan [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, May 30, 2003 10:49 AM Subject: [PHP] reserver variable names I could swear that I once saw a statement to the effect that certain variable names were reserved in PHP. Something along the lines of ''variable names starting with two underscores (__) are reserved... '' Is anyone else aware of this or do I have a circuit crossed somewhere? thanx --lee Predefined constants: http://us3.php.net/manual/en/language.constants.predefined.php?PHPSESSID=3ff 34aabf314aabe3ba7b35de816ac94 - Kevin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] CR in MySQL?
Dan Joseph wrote: Hi, str_replace (\n, br, $var); -Dan Joseph Is CR == NL? What's wrong with nl2br()? Beats me, is it? nothing wrong with it I guess, I just didn't know about that function. -Dan Joseph Just did a bit of checking.. NL == ASCII 010, CR == ASCII 015.. -- David Grant Web Developer [EMAIL PROTECTED] http://www.wiredmedia.co.uk Tel: 0117 930 4365, Fax: 0870 169 7625 Wired Media Ltd Registered Office: 43 Royal Park, Bristol, BS8 3AN Studio: Whittakers House, 32 - 34 Hotwell Road, Bristol, BS8 4UD Company registration number: 4016744 ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. ** -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] preg_match array question
Hey, Im trying to use preg_match to validate numbers in multiple fields. I can check one field but Im having trouble checking multiple fields. preg_match ( '(foo)' , $_POST[num1] ); - That works fine. but I need to check multiple fields. I thought I would build an array with the POST data like this... $num = array ($_POST[num1], ($_POST[num2]); There are more than that... and then use preg_match ('(foo)', $num) ; $num should point to my array, but that doesnt work. I get a warning message.. and it doesnt check the first num1 in the array. Im certain that Its my code, and I wanted to get some input on what Im doing wrong. -Dan
RE: [PHP] CR in MySQL?
Hi, Just did a bit of checking.. NL == ASCII 010, CR == ASCII 015.. Ahh ok, so nl2br() would work. Cool, I guess you learn something new everyday. Is there a one for CR's? I noticed cr2br() wasn't listed in the manual. -Dan Joseph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] preg_match array question
Daniel J. Rychlik wrote: Hey, Im trying to use preg_match to validate numbers in multiple fields. I can check one field but Im having trouble checking multiple fields. preg_match ( '(foo)' , $_POST[num1] ); - That works fine. but I need to check multiple fields. I thought I would build an array with the POST data like this... $num = array ($_POST[num1], ($_POST[num2]); There are more than that... and then use preg_match ('(foo)', $num) ; $num should point to my array, but that doesnt work. I get a warning message.. and it doesnt check the first num1 in the array. Im certain that Its my code, and I wanted to get some input on what Im doing wrong. -Dan A quick search turned this up: http://www.php.net/manual/en/function.preg-grep.php -- David Grant Web Developer [EMAIL PROTECTED] http://www.wiredmedia.co.uk Tel: 0117 930 4365, Fax: 0870 169 7625 Wired Media Ltd Registered Office: 43 Royal Park, Bristol, BS8 3AN Studio: Whittakers House, 32 - 34 Hotwell Road, Bristol, BS8 4UD Company registration number: 4016744 ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. ** -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] preg_match array question
You could also have the form post as an array and this saves you the coding in PHP. Like this: form input type=text name=num[] input type=text name=num[] input type=text name=num[] /form Chris From: David Grant [EMAIL PROTECTED] Reply-To: David Grant [EMAIL PROTECTED] To: Daniel J. Rychlik [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [PHP] preg_match array question Date: Fri, 30 May 2003 17:59:58 +0100 Daniel J. Rychlik wrote: Hey, Im trying to use preg_match to validate numbers in multiple fields. I can check one field but Im having trouble checking multiple fields. preg_match ( '(foo)' , $_POST[num1] ); - That works fine. but I need to check multiple fields. I thought I would build an array with the POST data like this... $num = array ($_POST[num1], ($_POST[num2]); There are more than that... and then use preg_match ('(foo)', $num) ; $num should point to my array, but that doesnt work. I get a warning message.. and it doesnt check the first num1 in the array. Im certain that Its my code, and I wanted to get some input on what Im doing wrong. -Dan A quick search turned this up: http://www.php.net/manual/en/function.preg-grep.php -- David Grant Web Developer [EMAIL PROTECTED] http://www.wiredmedia.co.uk Tel: 0117 930 4365, Fax: 0870 169 7625 Wired Media Ltd Registered Office: 43 Royal Park, Bristol, BS8 3AN Studio: Whittakers House, 32 - 34 Hotwell Road, Bristol, BS8 4UD Company registration number: 4016744 ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. ** -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Cookies Probelm,
hi guys i am having this strange problem.i want to store quite a lot of data in cookie as an array but the problem is when ever my arrays size get equal to 4 it starts over. what could be the problem? here is the array that i get Array ( [Cart] = Array ( [14] = Array ( [nItmId] = Array ( [1] = 5 [4] = 0 ) ) [15] = Array ( [nQuan] = 1 [nSerId] = 1 [nItmId] = Array ( [3] = 86 [34] = 1 [1] = 5 [4] = 0 ) ) [16] = Array ( [nQuan] = 1 [nSerId] = 1 [nItmId] = Array ( [3] = 86 [34] = 1 [1] = 5 [4] = 0 ) ) [17] = Array ( [nQuan] = 1 [nSerId] = 1 [nItmId] = Array ( [3] = 86 [34] = 1 [1] = 5 [4] = 0 ) ) ) ) thanx in advance Haseeb _ The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] preg_match array question
Try this: Let say you have these three fields in your form: INPUT TYPE=text VALUE=num[1] INPUT TYPE=text VALUE=num[2] INPUT TYPE=text VALUE=num[3] then use the following to iterate through each field: foreach($_POST['num'] as $key = $value){ preg_match ( '(foo)' , $_POST[num][$key] ); } or you can also try this: $c = count($num); for($i; $i $c; $i++){ preg_match ( '(foo)' , $_POST[num][$i] ); } this should get you started. -Original Message- From: Daniel J. Rychlik [mailto:[EMAIL PROTECTED] Sent: Friday, May 30, 2003 9:48 AM To: [EMAIL PROTECTED] Subject: [PHP] preg_match array question Hey, Im trying to use preg_match to validate numbers in multiple fields. I can check one field but Im having trouble checking multiple fields. preg_match ( '(foo)' , $_POST[num1] ); - That works fine. but I need to check multiple fields. I thought I would build an array with the POST data like this... $num = array ($_POST[num1], ($_POST[num2]); There are more than that... and then use preg_match ('(foo)', $num) ; $num should point to my array, but that doesnt work. I get a warning message.. and it doesnt check the first num1 in the array. Im certain that Its my code, and I wanted to get some input on what Im doing wrong. -Dan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Cookies Probelm,
[snip] hi guys i am having this strange problem.i want to store quite a lot of data in cookie as an array but the problem is when ever my arrays size get equal to 4 it starts over. what could be the problem? [/snip] There are size limits for cookies dependent upon the browser. I am going to guess that you are testing with Netscape or Mozilla where the limit is 4kb. HTH! Jay -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Cookies Probelm,
thanx for the information. how can i overcome this ? any idea? Haseeb - Original Message - From: Jay Blanchard [EMAIL PROTECTED] To: Haseeb Iqbal [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Friday, May 30, 2003 11:01 PM Subject: RE: [PHP] Cookies Probelm, [snip] hi guys i am having this strange problem.i want to store quite a lot of data in cookie as an array but the problem is when ever my arrays size get equal to 4 it starts over. what could be the problem? [/snip] There are size limits for cookies dependent upon the browser. I am going to guess that you are testing with Netscape or Mozilla where the limit is 4kb. HTH! Jay -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Cookies Probelm,
Google for cookie information -Original Message- From: Haseeb Iqbal [mailto:[EMAIL PROTECTED] Sent: Friday, May 30, 2003 1:05 PM To: [EMAIL PROTECTED] Subject: Re: [PHP] Cookies Probelm, thanx for the information. how can i overcome this ? any idea? Haseeb - Original Message - From: Jay Blanchard [EMAIL PROTECTED] To: Haseeb Iqbal [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Friday, May 30, 2003 11:01 PM Subject: RE: [PHP] Cookies Probelm, [snip] hi guys i am having this strange problem.i want to store quite a lot of data in cookie as an array but the problem is when ever my arrays size get equal to 4 it starts over. what could be the problem? [/snip] There are size limits for cookies dependent upon the browser. I am going to guess that you are testing with Netscape or Mozilla where the limit is 4kb. HTH! Jay -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Cookies Probelm,
Hi, Try using sessions instead of cookies. This way the array gets saved locally and not sent packed into a cookie. The only thing which passes as a cookie is the session id. Cheers, Catalin Haseeb Iqbal [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] thanx for the information. how can i overcome this ? any idea? Haseeb - Original Message - From: Jay Blanchard [EMAIL PROTECTED] To: Haseeb Iqbal [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Friday, May 30, 2003 11:01 PM Subject: RE: [PHP] Cookies Probelm, [snip] hi guys i am having this strange problem.i want to store quite a lot of data in cookie as an array but the problem is when ever my arrays size get equal to 4 it starts over. what could be the problem? [/snip] There are size limits for cookies dependent upon the browser. I am going to guess that you are testing with Netscape or Mozilla where the limit is 4kb. HTH! Jay -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] CR in MySQL?
Hi guys, I see the following the messages Notice: Object to string conversion in D:\Inetpub\wwwroot\cad_service\presentation\PresentationObject.php on line 18 Notice: Object to string conversion in D:\Inetpub\wwwroot\cad_service\presentation\PresentationObject.php on line 19 class PresentationObject extends Object { var $templateRoot; var $cfgMgr; var $serviceManager; // Constructor function PresentationObject($cfgMgr, $serviceManager) { Line 18 $this-$cfgMgr = $cfgMgr; Line 19 $this-$serviceManager = $serviceManager; $this-templateRoot = TEMPLATE_ROOT_DIR; } ... } Can someone please help me figure out this problem. I am in desperate need to get rid of this problem. Thanks Ramki -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Assignment operator questions
Is it possible to do the following in PHP a = b = c; Which in C, for instance would set b and a equal to c. Thanks. Andrew. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Assignment operator questions
Exactly what you just did will work ... ?php $c = 1; $a = $b = $c; ? $a, $b and $c all are 1 now. --Joe -- Joe Stump [EMAIL PROTECTED] http://www.joestump.net Label makers are proof God wants Sys Admins to be happy. -Original Message- From: Andrew D. Luebke [mailto:[EMAIL PROTECTED] Sent: Friday, May 30, 2003 11:47 AM To: [EMAIL PROTECTED] Subject: [PHP] Assignment operator questions Is it possible to do the following in PHP a = b = c; Which in C, for instance would set b and a equal to c. Thanks. Andrew. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Best Practices in Directory Layout?
I've wanted to get some input on this for a while... I've recently been designing PHP applications using the following directory architecture: main/ master php files (e.g. addphoto.php) includes/ forms/ validation/ process/ So, using the addphoto.php example, there would be a file in the forms directory that read: addphoto_form.inc In the validation directory, there would be: addphoto_validation.inc And in the process directory, addphoto_process.inc The master php file (addphoto.php) would simply pull the form, validate it and process it. Now the problem is, as I add more master files (currently around 50), the forms, validation and process directories get equally large. Would it make more sense to simply allocate each master file its own directory like this: addphoto/ addphoto_form.inc addphoto_validate.inc addphoto_process.inc And so, with each new master file (for a task or module), there would be a new directory. I'm not sure which is better form, but I find that using the first method is easier when adding new tasks for the application to execute. I've looked at the layout of a couple big php applications and they all seem to do things differently. Any thoughts are welcome!! -m -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: \n outputs \r\n ??
Thanks for the promp replies to my message. After a bit of testing, running command line, and doing some debugging, I found that it was an ftp statement that was causing the problem. It was sending the file I was creating (which was correct) in ASCII format and this was changing the LF to CRLF. It took a bit to track this down. Thanks for the assistance. Michael Michael Isaacs [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Still new to PHP - any assistance would be very much appreciated... I am using a php script to send info to a local file for mail filtering. Whe the php script sends the following: fputs($nf, MAILDIR=$MAILDIR # Default mail directory\n); the output actually has a chr 13, 10 ProcMail interprest the CR as a part of the phrase it is using for parsing, so when it goes to send a filter out to a folder (testing in my case) it appends a CR to the end of it, which goofs up the user mail agent. It also goofs up the filter itself, as it is looking for a CR in the criteria. Is there a way to force it to only output a LF, not CRLF? Configuration issue? Michael Isaacs -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] preg_match array question
The problem is, that I have multiple fields and what I am trying to do is check each field to make sure I get the data that I need and not some crap, like letters in a number field or a script tag in a field. Things of this sort. The foreach loop wont work for me in this instance because Im checking for proper input. I can write multiple elseif statements to check each field but alas, this is not optimal. I may go ahead and write this to get it done and then go back and put it to the write board -dan - Original Message - From: Ralph [EMAIL PROTECTED] To: 'Daniel J. Rychlik' [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Friday, May 30, 2003 12:59 PM Subject: RE: [PHP] preg_match array question Try this: Let say you have these three fields in your form: INPUT TYPE=text VALUE=num[1] INPUT TYPE=text VALUE=num[2] INPUT TYPE=text VALUE=num[3] then use the following to iterate through each field: foreach($_POST['num'] as $key = $value){ preg_match ( '(foo)' , $_POST[num][$key] ); } or you can also try this: $c = count($num); for($i; $i $c; $i++){ preg_match ( '(foo)' , $_POST[num][$i] ); } this should get you started. -Original Message- From: Daniel J. Rychlik [mailto:[EMAIL PROTECTED] Sent: Friday, May 30, 2003 9:48 AM To: [EMAIL PROTECTED] Subject: [PHP] preg_match array question Hey, Im trying to use preg_match to validate numbers in multiple fields. I can check one field but Im having trouble checking multiple fields. preg_match ( '(foo)' , $_POST[num1] ); - That works fine. but I need to check multiple fields. I thought I would build an array with the POST data like this... $num = array ($_POST[num1], ($_POST[num2]); There are more than that... and then use preg_match ('(foo)', $num) ; $num should point to my array, but that doesnt work. I get a warning message.. and it doesnt check the first num1 in the array. Im certain that Its my code, and I wanted to get some input on what Im doing wrong. -Dan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Suggestion of webpage about search engines
Liar Liar, This is your site..I recognize the english/spelling mistakes. -Ryan - Original Message - From: l [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, May 30, 2003 2:24 PM Subject: [PHP] Suggestion of webpage about search engines I found one small site (designed in php of course:)) what care about registration on search engines and search engine optimalization here: http://submit.prolidi.net/en/ I found some of the information very helpful, so I send it to you. L. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Problem with DB2 on Linux?
Hi! I do not have problem with DB2 on AIX and I had never use DB2 on Linux before. So, I installed it and it was successful but I get an error message saying that it can not create DB2 instance due to permission denied. I tried many workaround to it with no luck, so did anyone who have this problem before please tell me what the problem is and what the workaround to it. Can't use the IBM support and did many searching on the Internet with no luck. Thanks, Scott -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] preg_match array question
Not sure if I'm misunderstanding, but I know that foreach() will do this. -Original Message- From: Daniel J. Rychlik [mailto:[EMAIL PROTECTED] Sent: Friday, May 30, 2003 11:58 AM To: Ralph; [EMAIL PROTECTED] Subject: Re: [PHP] preg_match array question The problem is, that I have multiple fields and what I am trying to do is check each field to make sure I get the data that I need and not some crap, like letters in a number field or a script tag in a field. Things of this sort. The foreach loop wont work for me in this instance because Im checking for proper input. I can write multiple elseif statements to check each field but alas, this is not optimal. I may go ahead and write this to get it done and then go back and put it to the write board -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Adding graphics library
I am new to Linux so I need some help for installing the graphics library. This is what I did to get PHP to inlcude Interbase. !! Configure PHP with Interbase with apxs 34 ./configure --with-apxs=/usr/sbin --with-interbase=/opt/interbase 35 ./configure --with-interbase=/opt/interbase --with-apxs=/usr/sbin 36 ./configure --with-interbase=/opt/interbase --with-apxs=/usr/sbin/apxs What do I need to add to this to include the graphics library? Many thanks... Todd -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] preg_match array question
perhaps I am misunderstanding... I have snipit of my foreach. I have a preg_match that checks for a valid email address. basically it just checks for an @ and a . When I place this in my loop all of the keys are evaluated, so hence the name key is evaluated and thrown error because of the check. To remedy this problem I took it out of the loop and it worked fine. Ultimately I would love to keep it in the loop and throw checks for certain fields, but syntaxtually it doesnt work for me. Any Suggestions ? foreach ($_POST as $key=$value) { # Begin Foreach loop if (empty($value)) { # Begin If echo $key :: Missing Databr/; if (!preg_match('/([a-z0-9\-\.\#\:[EMAIL PROTECTED])/i', $_POST[eaddy])) {echo $_POST[eaddy], is not a valid address.br/; } } # End if else { echo $key, -Okbr/;} } # End Foreach - Original Message - From: Ralph [EMAIL PROTECTED] To: 'Daniel J. Rychlik' [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Friday, May 30, 2003 2:42 PM Subject: RE: [PHP] preg_match array question Not sure if I'm misunderstanding, but I know that foreach() will do this. -Original Message- From: Daniel J. Rychlik [mailto:[EMAIL PROTECTED] Sent: Friday, May 30, 2003 11:58 AM To: Ralph; [EMAIL PROTECTED] Subject: Re: [PHP] preg_match array question The problem is, that I have multiple fields and what I am trying to do is check each field to make sure I get the data that I need and not some crap, like letters in a number field or a script tag in a field. Things of this sort. The foreach loop wont work for me in this instance because Im checking for proper input. I can write multiple elseif statements to check each field but alas, this is not optimal. I may go ahead and write this to get it done and then go back and put it to the write board -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Best Practices in Directory Layout?
I prefer the second method. It allows you to look at one folder and see everything that that one process can and will do. Jim Lucas - Original Message - From: motorpsychkill [EMAIL PROTECTED] To: Php General List [EMAIL PROTECTED] Sent: Friday, May 30, 2003 12:04 PM Subject: [PHP] Best Practices in Directory Layout? I've wanted to get some input on this for a while... I've recently been designing PHP applications using the following directory architecture: main/ master php files (e.g. addphoto.php) includes/ forms/ validation/ process/ So, using the addphoto.php example, there would be a file in the forms directory that read: addphoto_form.inc In the validation directory, there would be: addphoto_validation.inc And in the process directory, addphoto_process.inc The master php file (addphoto.php) would simply pull the form, validate it and process it. Now the problem is, as I add more master files (currently around 50), the forms, validation and process directories get equally large. Would it make more sense to simply allocate each master file its own directory like this: addphoto/ addphoto_form.inc addphoto_validate.inc addphoto_process.inc And so, with each new master file (for a task or module), there would be a new directory. I'm not sure which is better form, but I find that using the first method is easier when adding new tasks for the application to execute. I've looked at the layout of a couple big php applications and they all seem to do things differently. Any thoughts are welcome!! -m -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] static vars question
Sorry if this is completely stupid, but can anyone explain this, assuming the following code: function test() { static $i = 0; if( $i 10 ) { $i++; test(); } echo I'm here; } test(); I am a little surprised to find that even when $i 10 and test() is invoked again, the current function call executes all the way through to echoing I'm here. I would've thought current execution would be terminated as soon as the function is called again, and that I'd get I'm here only once we're out of the loop (ie, $i == 10). Thanks for any pointers. Martin Helie -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] static vars question
At 5/30/2003 04:49 PM, Martin Helie wrote: function test() { static $i = 0; if( $i 10 ) { $i++; test(); } echo I'm here; } I am a little surprised to find that even when $i 10 and test() is invoked again, the current function call executes all the way through to echoing I'm here. Why? The I'm here line is outside the conditional. The function will still complete independent of the conditional. If $i is greater than ten, the pointer just skips the contents of the if/then and continues on the next line after it. Here's a better illustration: function gooble($alGore) { echo This is a ; if ($alGore!=President) { echo longer ; } echo sentence.br /; } gooble(Vice President); gooble(Crazy Mountain Man); gooble(President); If you want the function to terminate when the conditional is false, then you need an Else statement to do so, otherwise it's going to keep going. -- S. Keller UI Engineer The Health TV Channel, Inc. (a non - profit organization) 3820 Lake Otis Pkwy. Anchorage, AK 99508 907.770.6200 ext.220 907.336.6205 (fax) Email: [EMAIL PROTECTED] Web: www.healthtvchannel.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] array count() oddity
Hello, I have a mysql statement listed below. The table contains about 100 rows of information. Only one row matches the $criteria. Can anyone tell me why the count($myrow) is 8? Shouldn't it be 4 (id, vanNumber, origin, destination)? $criteria = 02-25-2003; $result = mysql_query(SELECT id, vanNumber, origin, destination FROM thisHereTable WHERE date='$criteria'); $myrow = mysql_fetch_array($result); And when I run the rest of the script, it prints out the results 8 times instead of once for ($count=0; $countcount($myrow); $count++) { print p.$myrow[vanNumber]; print br.$myrow[origin]. to .$myrow[destination]; } THANKS, Roger -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] XPath and Namespaces
Hi, I have been successfully using XPath to parse some data from my XML docs for quite a while. Now I have a document that uses namespaces. And I can't get a grip on how to address my data any more. Does anyone know how to solve the following problem? Any help appreciated. Cheers, André ([EMAIL PROTECTED]) ?php // no namespaces - no trouble $xml1 = '?xml version=1.0 encoding=UTF-8?'. 'ITCL type=TestDefinition /'; $dom1 = domxml_open_mem($xml1); $xpc1 = xpath_new_context($dom1); $attrib1 = xpath_eval($xpc1, /ITCL/@type); $type1 = $attrib1-nodeset[0]-value; print Type1: $type1\n; // using namespaces I am lost // without the xmlns attribute, this also works fine $xml2 = '?xml version=1.0 encoding=UTF-8?'. 'ITCL xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance;' http://www.w3.org/2001/XMLSchema-instance%22' . ' xsi:schemaLocation=http://api.imbp.de/schema/xsd/itcl' http://api.imbp.de/schema/xsd/itcl' . ' http://api.imbp.de/schema/xsd/itcl;' http://api.imbp.de/schema/xsd/itcl%22' . ' xmlns=http://api.imbp.de/schema/xsd/itcl;' http://api.imbp.de/schema/xsd/itcl%22' . ' type=TestDefinition /'; $dom2 = domxml_open_mem($xml2); $xpc2 = xpath_new_context($dom2); $attrib2 = xpath_eval($xpc2, /ITCL/@type); $type2 = $attrib2-nodeset[0]-value; print Type2: $type2\n; ?
Re: [PHP] array count() oddity
- Original Message - From: Guru Geek [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, May 30, 2003 3:15 PM Subject: [PHP] array count() oddity Hello, I have a mysql statement listed below. The table contains about 100 rows of information. Only one row matches the $criteria. Can anyone tell me why the count($myrow) is 8? Shouldn't it be 4 (id, vanNumber, origin, destination)? $criteria = 02-25-2003; $result = mysql_query(SELECT id, vanNumber, origin, destination FROM thisHereTable WHERE date='$criteria'); $myrow = mysql_fetch_array($result); And when I run the rest of the script, it prints out the results 8 times instead of once for ($count=0; $countcount($myrow); $count++) { print p.$myrow[vanNumber]; print br.$myrow[origin]. to .$myrow[destination]; } THANKS, Roger Hi, mysql_fetch_array(); produces two arrays, one indexed and one associative, thus count() will return twice the expected number. Use mysql_fetch_row() to retrieve a single indexed array or mysql_fetch_assoc() to retrieve a single associative array. Refer to the documentation: http://us2.php.net/manual/en/function.mysql-fetch-array.php - Kevin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] preg_match array question
foreach ($_POST as $key=$value) { if (empty($value)) { error_message[] = $key :: Missing Databr/; } // if email field, perform email validation if($_POST[$key] == 'email') if (!preg_match('/([a-z0-9\-\.\#\:[EMAIL PROTECTED])/i', $_POST[$key])) { error_message[] = $value . is not a valid address.br/; } } // etc.. } // check for error message if(!empty($error_message)){ $c = count($error_message); for($i = 0; $i $c; $i++){ echo $error_message[$i]; } } else { // no error found } -Original Message- From: Daniel J. Rychlik [mailto:[EMAIL PROTECTED] Sent: Friday, May 30, 2003 1:04 PM To: Ralph; [EMAIL PROTECTED] Subject: Re: [PHP] preg_match array question perhaps I am misunderstanding... I have snipit of my foreach. I have a preg_match that checks for a valid email address. basically it just checks for an @ and a . When I place this in my loop all of the keys are evaluated, so hence the name key is evaluated and thrown error because of the check. To remedy this problem I took it out of the loop and it worked fine. Ultimately I would love to keep it in the loop and throw checks for certain fields, but syntaxtually it doesnt work for me. Any Suggestions ? foreach ($_POST as $key=$value) { # Begin Foreach loop if (empty($value)) { # Begin If echo $key :: Missing Databr/; if (!preg_match('/([a-z0-9\-\.\#\:[EMAIL PROTECTED])/i', $_POST[eaddy])) {echo $_POST[eaddy], is not a valid address.br/; } } # End if else { echo $key, -Okbr/;} } # End Foreach - Original Message - From: Ralph [EMAIL PROTECTED] To: 'Daniel J. Rychlik' [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Friday, May 30, 2003 2:42 PM Subject: RE: [PHP] preg_match array question Not sure if I'm misunderstanding, but I know that foreach() will do this. -Original Message- From: Daniel J. Rychlik [mailto:[EMAIL PROTECTED] Sent: Friday, May 30, 2003 11:58 AM To: Ralph; [EMAIL PROTECTED] Subject: Re: [PHP] preg_match array question The problem is, that I have multiple fields and what I am trying to do is check each field to make sure I get the data that I need and not some crap, like letters in a number field or a script tag in a field. Things of this sort. The foreach loop wont work for me in this instance because Im checking for proper input. I can write multiple elseif statements to check each field but alas, this is not optimal. I may go ahead and write this to get it done and then go back and put it to the write board -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Help about these algorithm methods
Hello all, I need help about to implement these methods in PHP: 1) Tree (Arbol) 2) Queue - FIFO (Cola) 3) Grafo 4) Linked lis - (Listas enlazadas o ligadas)) 5) Stack - LIFO - (Pila) If someone know about a web site that explain these in PHP, I will appreciate it, thanks for all your help :), bye. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] static vars question
Why? The I'm here line is outside the conditional. The function will still complete independent of the conditional. If $i is greater than ten, the pointer just skips the contents of the if/then and continues on the next line after it. Here's a better illustration: In my test() function, I called test() again inside the if statement (which checks true for 10 iterations), and I thought that the current function would immediately be terminated by calling itself (or any other function that doesn't return) again and never actually echo I'm here until the condition wasn't met, therefore the function not called again. No? function gooble($alGore) { echo This is a ; if ($alGore!=President) { echo longer ; } echo sentence.br /; } gooble(Vice President); gooble(Crazy Mountain Man); gooble(President); If you want the function to terminate when the conditional is false, then you need an Else statement to do so, otherwise it's going to keep going. -- S. Keller UI Engineer The Health TV Channel, Inc. (a non - profit organization) 3820 Lake Otis Pkwy. Anchorage, AK 99508 907.770.6200 ext.220 907.336.6205 (fax) Email: [EMAIL PROTECTED] Web: www.healthtvchannel.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] preg_match array question
OH man, thats the ticket. I didnt even think about checking the $_POST[email] == email and then running the preg_match. I assumed that it evaluate the end of the preg_match statement and see $_POST[email] I appreciate your time... Sincerely, Dan - Original Message - From: Ralph [EMAIL PROTECTED] To: 'Daniel J. Rychlik' [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Friday, May 30, 2003 4:41 PM Subject: RE: [PHP] preg_match array question foreach ($_POST as $key=$value) { if (empty($value)) { error_message[] = $key :: Missing Databr/; } // if email field, perform email validation if($_POST[$key] == 'email') if (!preg_match('/([a-z0-9\-\.\#\:[EMAIL PROTECTED])/i', $_POST[$key])) { error_message[] = $value . is not a valid address.br/; } } // etc.. } // check for error message if(!empty($error_message)){ $c = count($error_message); for($i = 0; $i $c; $i++){ echo $error_message[$i]; } } else { // no error found } -Original Message- From: Daniel J. Rychlik [mailto:[EMAIL PROTECTED] Sent: Friday, May 30, 2003 1:04 PM To: Ralph; [EMAIL PROTECTED] Subject: Re: [PHP] preg_match array question perhaps I am misunderstanding... I have snipit of my foreach. I have a preg_match that checks for a valid email address. basically it just checks for an @ and a . When I place this in my loop all of the keys are evaluated, so hence the name key is evaluated and thrown error because of the check. To remedy this problem I took it out of the loop and it worked fine. Ultimately I would love to keep it in the loop and throw checks for certain fields, but syntaxtually it doesnt work for me. Any Suggestions ? foreach ($_POST as $key=$value) { # Begin Foreach loop if (empty($value)) { # Begin If echo $key :: Missing Databr/; if (!preg_match('/([a-z0-9\-\.\#\:[EMAIL PROTECTED])/i', $_POST[eaddy])) {echo $_POST[eaddy], is not a valid address.br/; } } # End if else { echo $key, -Okbr/;} } # End Foreach - Original Message - From: Ralph [EMAIL PROTECTED] To: 'Daniel J. Rychlik' [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Friday, May 30, 2003 2:42 PM Subject: RE: [PHP] preg_match array question Not sure if I'm misunderstanding, but I know that foreach() will do this. -Original Message- From: Daniel J. Rychlik [mailto:[EMAIL PROTECTED] Sent: Friday, May 30, 2003 11:58 AM To: Ralph; [EMAIL PROTECTED] Subject: Re: [PHP] preg_match array question The problem is, that I have multiple fields and what I am trying to do is check each field to make sure I get the data that I need and not some crap, like letters in a number field or a script tag in a field. Things of this sort. The foreach loop wont work for me in this instance because Im checking for proper input. I can write multiple elseif statements to check each field but alas, this is not optimal. I may go ahead and write this to get it done and then go back and put it to the write board -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] static vars question
At 5/30/2003 05:53 PM, Martin Helie wrote: In my test() function, I called test() again inside the if statement (which checks true for 10 iterations) Yes. So you've called the statement 10 times. and I thought that the current function would immediately be terminated by calling itself (or any other function that doesn't return) again Why would you think this? Once whatever function is called terminates, the parent function will resume, which means that once the spawned version of the function is done, the original will resume. The difference here is that the child instances inherit the value of $i because you've made it static. and never actually echo I'm here until the condition wasn't met, therefore the function not called again. No? No. I told you, that I'm here is going to execute any time you call that function because it's OUTSIDE the if statement. Only statements inside the if are affected by its conditional. Once the pointer gets to the if, it's going to check the conditional and, if it's true, as it is the first 10 times you go through the function, then it will run whatever's inside. If it's not true, the pointer will look for an else statement to execute, and then resume running all of the other lines in the function. If you want a block of code to not run until the conditional is false, then you want to use an ELSE statement, you don't want to just drop your code after your if, it doesn't work that way. I suggest reading up more on user-defined functions and what terminates them http://www.php.net/manual/en/functions.php#functions.user-defined And if/then statements http://www.php.net/manual/en/control-structures.php#control-structures.if -- S. Keller UI Engineer The Health TV Channel, Inc. (a non - profit organization) 3820 Lake Otis Pkwy. Anchorage, AK 99508 907.770.6200 ext.220 907.336.6205 (fax) Email: [EMAIL PROTECTED] Web: www.healthtvchannel.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] static vars question
Hi Steve, yes, I am familiar with these concepts; I am just starting to experiment with recursive functions and static variables. Thanks for explaining that once the function is called and completed, the rest of the first call continues executing normally. That is what surprised me. Martin No. I told you, that I'm here is going to execute any time you call that function because it's OUTSIDE the if statement. Only statements inside the if are affected by its conditional. Once the pointer gets to the if, it's going to check the conditional and, if it's true, as it is the first 10 times you go through the function, then it will run whatever's inside. If it's not true, the pointer will look for an else statement to execute, and then resume running all of the other lines in the function. If you want a block of code to not run until the conditional is false, then you want to use an ELSE statement, you don't want to just drop your code after your if, it doesn't work that way. I suggest reading up more on user-defined functions and what terminates them http://www.php.net/manual/en/functions.php#functions.user-defined And if/then statements http://www.php.net/manual/en/control-structures.php#control-structures.if -- S. Keller UI Engineer The Health TV Channel, Inc. (a non - profit organization) 3820 Lake Otis Pkwy. Anchorage, AK 99508 907.770.6200 ext.220 907.336.6205 (fax) Email: [EMAIL PROTECTED] Web: www.healthtvchannel.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables not being past
The Doctor [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Questions, I have a cusotmer using a basic username and password verifier on a php Web Page. This was working and suddenly with I redefined the php environment, the php variables are not getting passed on. why? Questions you should answer 1) What kind of authentication? htaccess/apache, mysqldb, etc.. 2) Who wrote the authentication script? Is it part of the pear::Auth class? 3) What did you do to redefine the php environment? Change the php.ini file? Just to throw a guess out based on what you have given already you should check to see if the 'register_globals' option is set in php.ini. Many configurations will have it turned off for security reasons but if your authentication script was relying on them being turned on then it will fail. You can check the setting by either looking at the php.ini file in an editor or by running the following on your webserver: ?php phpinfo(); ? Good luck - John Zimmerman [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Adding graphics library
--with-gd and of oucrce you need the GD library. Todd Cary [EMAIL PROTECTED] escribió en el mensaje news:[EMAIL PROTECTED] I am new to Linux so I need some help for installing the graphics library. This is what I did to get PHP to inlcude Interbase. !! Configure PHP with Interbase with apxs 34 ./configure --with-apxs=/usr/sbin --with-interbase=/opt/interbase 35 ./configure --with-interbase=/opt/interbase --with-apxs=/usr/sbin 36 ./configure --with-interbase=/opt/interbase --with-apxs=/usr/sbin/apxs What do I need to add to this to include the graphics library? Many thanks... Todd -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] static vars question
At 5/30/2003 06:27 PM, Martin Helie wrote: Thanks for explaining that once the function is called and completed, the rest of the first call continues executing normally. That is what surprised me. Yup. It's what makes building function libraries a thing of art in PHP, you can create smaller functions that are called from larger functions. That way, your libraries are more specialized and easier to port from project to project. -- S. Keller UI Engineer The Health TV Channel, Inc. (a non - profit organization) 3820 Lake Otis Pkwy. Anchorage, AK 99508 907.770.6200 ext.220 907.336.6205 (fax) Email: [EMAIL PROTECTED] Web: www.healthtvchannel.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] How to secure a download ?
Hello, Is there any way to launch a download of a Zip file to the user without a link. The user must not know where the file is on the server. The transfert of the file must be made by a php file with special headers, no ? header(Content-type: zip); or something... Thanks. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] What's wrong with this code??
Hi, I have the following which gets the month and day: $mo = date(m); $dy = date(d); Then I have the following IF statements which do something based on the date.. if ($mo == 04 and $dy = 01 and $dy = 20) { $wd = 1; } if ($mo == 04 and $dy = 21 and $dy = 27) { $wd = 2; } if ($mo == 04 and $dy = 28 or $mo == 5 and $dy = 04) { $wd = 3; } if ($mo == 05 and $dy = 05 and $dy = 11) { $wd = 4; } if ($mo == 05 and $dy = 12 and $dy = 18) { $wd = 5; } if ($mo == 05 and $dy = 19 and $dy = 25) { $wd = 6; } if ($mo == 05 and $dy = 26 or $mo == 06 and $dy = 01) { $wd = 7; } Problem lines if ($mo == 06 and $dy 01 and $dy 09) { $wd = 8; } if ($mo == 06 and $dy 08) { $wd = 9; } The first 7 IF statements work fine ($wd gets the right value if the condition is met), but if I change my date to 06/02 then no matter what I try, $wd always gets the value of 9 (it should be 8 on this date). It should not get the value 9 until the 9th of June. I have checked and $mo and $dy have the proper values. Am I missing something? TIA -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] What's wrong with this code??
Problem lines if ($mo == 06 and $dy 01 and $dy 09) { $wd = 8; } if ($mo == 06 and $dy 08) { $wd = 9; } but if I change my date to 06/02 then no matter what I try, $wd always gets the value of 9 (it should be 8 on this date). It should not get the value 9 until the 9th of June. If the first if is true, so is the second, unless $dy == 8. In this case, the number is 2, which is greater than 1 and less than both 8 and 9, making both statements true. Check your logic. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Help about these algorithm methods
Here's an article that covers tree and stack http://www.evolt.org/article/Four_ways_to_work_with_hierarchical_data/17/4047/index.html olinux --- [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Hello all, I need help about to implement these methods in PHP: 1) Tree (Arbol) 2) Queue - FIFO (Cola) 3) Grafo 4) Linked lis - (Listas enlazadas o ligadas)) 5) Stack - LIFO - (Pila) If someone know about a web site that explain these in PHP, I will appreciate it, thanks for all your help :), bye. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php __ Do you Yahoo!? Yahoo! Calendar - Free online calendar with sync to Outlook(TM). http://calendar.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to secure a download ?
header(Content-type: application/zip); header(Content-Disposition: attachment; filename=yourfilename.zip); readfile(/path/to/yourfilename.zip); On Friday 30 May 2003 03:34 pm, Vincent M. wrote: Hello, Is there any way to launch a download of a Zip file to the user without a link. The user must not know where the file is on the server. The transfert of the file must be made by a php file with special headers, no ? header(Content-type: zip); or something... Thanks. -- Ocean: A body of water occupying 2/3 of a world made for man -- who has no gills. -Ambrose Bierce -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] static vars question
At 00:27 31.05.2003, Martin Helie said: [snip] yes, I am familiar with these concepts; I am just starting to experiment with recursive functions and static variables. Thanks for explaining that once the function is called and completed, the rest of the first call continues executing normally. That is what surprised me. [snip] Martin, then you should be surprised that message based systems work at all - stuff like XWin, and (yes ;-) even Windoze work exactly like this. Thanks heaven that language inventors allow functions to continue after they call others... Maybe you mixed this up with gotos, these never return. Thanks to Andi Gutman and Zeev Suraski that there's no goto in PHP *smile* -- O Ernest E. Vogelsinger (\)ICQ #13394035 ^ http://www.vogelsinger.at/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] What's wrong with this code??
At 01:08 30.04.2003, Beauford said: [snip] if ($mo == 06 and $dy 01 and $dy 09) { $wd = 8; } if ($mo == 06 and $dy 08) { $wd = 9; } [snip] The problem is your notation. If you had written if ($mo == 6 and $dy 1 and $dy 9) { $wd = 8; } if ($mo == 6 and $dy 8) { $wd = 9; } your logic would still look a bit clumsy but work as you intend. Why? Prefixing a number with a zero makes the intepreter believe you're using octal numbers. Oczal numbers range from 00 to 07, the decimal number 8 would be 010 in octal notation. Your code, translated in decimal for better understanding, is seen by the compiler as if ($mo == 6 and $dy 1 and $dy 2) { $wd = 8; } if ($mo == 6 and $dy 0) { $wd = 9; } (08 = decimal 0, 09 = decimal 1). In this case your last statement will trigger for _any_ day in June. -- O Ernest E. Vogelsinger (\)ICQ #13394035 ^ http://www.vogelsinger.at/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] What's wrong with this code??
I figured that out after I sent the email. The reason I used the 0 in the first place was that I was having all sorts of problems with it - and it seemed to work fine for 01 to 05 so I just continued on with it - not even thinking about it. Your right though, the code is awkward - but I couldn't think of any other way of doing it. Any suggestions? Thanks - Original Message - From: Ernest E Vogelsinger [EMAIL PROTECTED] To: Beauford [EMAIL PROTECTED] Cc: PHP General [EMAIL PROTECTED] Sent: Friday, May 30, 2003 7:39 PM Subject: Re: [PHP] What's wrong with this code?? At 01:08 30.04.2003, Beauford said: [snip] if ($mo == 06 and $dy 01 and $dy 09) { $wd = 8; } if ($mo == 06 and $dy 08) { $wd = 9; } [snip] The problem is your notation. If you had written if ($mo == 6 and $dy 1 and $dy 9) { $wd = 8; } if ($mo == 6 and $dy 8) { $wd = 9; } your logic would still look a bit clumsy but work as you intend. Why? Prefixing a number with a zero makes the intepreter believe you're using octal numbers. Oczal numbers range from 00 to 07, the decimal number 8 would be 010 in octal notation. Your code, translated in decimal for better understanding, is seen by the compiler as if ($mo == 6 and $dy 1 and $dy 2) { $wd = 8; } if ($mo == 6 and $dy 0) { $wd = 9; } (08 = decimal 0, 09 = decimal 1). In this case your last statement will trigger for _any_ day in June. -- O Ernest E. Vogelsinger (\)ICQ #13394035 ^ http://www.vogelsinger.at/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] static vars question
Ernest, I'm not _that_ clueless :-) As I said, since I was recursing through the function by calling it numerous times in the middle of its execution, and since the function didn't explicitly return, I didn't expect it to continue past each call. That's all! Martin Ernest E Vogelsinger [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] At 00:27 31.05.2003, Martin Helie said: [snip] yes, I am familiar with these concepts; I am just starting to experiment with recursive functions and static variables. Thanks for explaining that once the function is called and completed, the rest of the first call continues executing normally. That is what surprised me. [snip] Martin, then you should be surprised that message based systems work at all - stuff like XWin, and (yes ;-) even Windoze work exactly like this. Thanks heaven that language inventors allow functions to continue after they call others... Maybe you mixed this up with gotos, these never return. Thanks to Andi Gutman and Zeev Suraski that there's no goto in PHP *smile* -- O Ernest E. Vogelsinger (\)ICQ #13394035 ^ http://www.vogelsinger.at/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Code Help Please
Hello all ! Need a little help here. Is there a way to translate variables/field names in an SQL statement? I need to compare the content of two database fields that are in different tables. The trick, though, is that I need to join two fields together (as a string) before I compare it. For example: Table 1 has a field named username, with the following values: id | username | first_name | last_name 1 | prgn/jason | jason | x 2 | falcon/paul | pual | wood *The username in table is composed of the user's domain name and login name. Those fields are separated in table 2. Like Table 2 id | username | domain | first_name | last_name 1 | paul | falcon | paul | wood 2 | jason| prgn | jason | x * the data is rearranged, but it's the same. Now, I need to compare the values from table 2 to table 1. That is, I need to find if table1.username = table2.domain/table2.username is true. There lies my problem. How do I get mysql to translate: ... where table.username = 'table2.domain/table2.username' into ...where 'prgn/jason' = 'prgn/jason' and not into ...where 'prgn/jason' = 'prgn' / 'jason'// division. That is, I need it to compare 'prgn/jason' (from table1.username) to the string representation, of the values of table2.domain/table2.username (i.e. prgn/jason) and not read it as 'table2.prgn' divided by 'table2.username' ? I have the following code: select * from table1 t1, table 2 t2 where t1.username = 't2.domain/t2.username' ** how do I concatenate the two values, to compare it to that of table 1. i.e. prgn/jason = prgn/jason and not 'prgn/jason' = 'prgn' divided by 'jason'? Please help. -john -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] performance issue under IIS
Dear list, Hi there. I have a bit of a performance problem under IIS, and I can't seem to figure it out. I have two similar servers. Both are running php v4.3.1 (as a cgi) with IIS on Win2k. Both have nearly identical php.ini files, and IIS configurations (as far as I can tell). However, the slow server only serves one php document at a time. For example, I wrote a test script that counts from 0 to 10, sleeping for a second in between each count. If I hit that page with a browser, IIS waits until the counting is finished before serving up any subsequent pages (triggered from another browser window). The fast server doesn't behave like this. When I trigger the counter script, I can go to many other php pages while the counter is running. The strange thing is that the task manager shows many instances of php.exe (one for each php page that is hit). So, it looks like multiple instances of the php executable are being called. But, for some reason, IIS is waiting (linearly) to serve the php pages. I'm fairly sure I'm missing some obscure check box in the IIS configuration. Can anyone please point me in the right direction? Thanks, Matt -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Adding graphics library
Well, not necessarily, since gd is included with php 4.3.x. You'll probably still want to get libjpeg and libpng, and link against them with the proper configure options. Ef [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] --with-gd and of oucrce you need the GD library. Todd Cary [EMAIL PROTECTED] escribió en el mensaje news:[EMAIL PROTECTED] I am new to Linux so I need some help for installing the graphics library. This is what I did to get PHP to inlcude Interbase. !! Configure PHP with Interbase with apxs 34 ./configure --with-apxs=/usr/sbin --with-interbase=/opt/interbase 35 ./configure --with-interbase=/opt/interbase --with-apxs=/usr/sbin 36 ./configure --with-interbase=/opt/interbase --with-apxs=/usr/sbin/apxs What do I need to add to this to include the graphics library? Many thanks... Todd -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Code Help Please
I need to find if table1.username = table2.domain/table2.username is If you are using mySQL you can use CONCAT table1.username = CONCAT(table2.domain,'/',table2.username) http://www.mysql.com/doc/en/String_functions.html#IDX1174 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Long screen display cut short.
Hello... I have a routine that works fine on local win98 but when it runs on linux online, the screen output is cut short. I have lengthened the 30 second script time max to 45 but that made no difference at all. Depending on the particulars, the routine stops at a certain spot. If it is rerun, it stops at the very same spot again. Putting in other particulars cause it to stop at a different point, further down. It seems that changes which affect the number of mysql calculations, make some difference in the length of the screen display, but it's only a minor amount. It cuts off somewhere around 4 pages. Any ideas please. Floyd -- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Long screen display cut short.
Well, I don't know if this might be it, but a while back, I had problems with apache + php (forget which version) and a bug in php that cause memory problems. I was using an array to store fairly large amounts of data. What would happen is something similar to what you describe. Modifying the code to avoid using an array solved the problem. Have not had the problem since upgrading php. Martin Floyd Baker [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hello... I have a routine that works fine on local win98 but when it runs on linux online, the screen output is cut short. I have lengthened the 30 second script time max to 45 but that made no difference at all. Depending on the particulars, the routine stops at a certain spot. If it is rerun, it stops at the very same spot again. Putting in other particulars cause it to stop at a different point, further down. It seems that changes which affect the number of mysql calculations, make some difference in the length of the screen display, but it's only a minor amount. It cuts off somewhere around 4 pages. Any ideas please. Floyd -- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] What's wrong with this code??
On Fri, 2003-05-30 at 20:02, Beauford wrote: Your right though, the code is awkward - but I couldn't think of any other way of doing it. Any suggestions? switch http://us4.php.net/manual/en/control-structures.switch.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Best Practices in Directory Layout?
Hi, At 2003-05-30 12:04 -0700, motorpsychkill wrote: I've wanted to get some input on this for a while... I've recently been designing PHP applications using the following directory architecture: main/ master php files (e.g. addphoto.php) includes/ forms/ validation/ process/ I think you shouldn't use plurals, just call them include, form etc. When you use 'include', you should also consider renaming 'validation' to 'validate'. So, using the addphoto.php example, there would be a file in the forms directory that read: addphoto_form.inc In the validation directory, there would be: addphoto_validation.inc And in the process directory, addphoto_process.inc The master php file (addphoto.php) would simply pull the form, validate it and process it. Now the problem is, as I add more master files (currently around 50), the forms, validation and process directories get equally large. Would it make more sense to simply allocate each master file its own directory like this: addphoto/ addphoto_form.inc addphoto_validate.inc addphoto_process.inc Like Jim I prefer this second method, because it gives every application it's own directory. This also makes copying a project or part of a project and converting it into a new project easier. I wouldn't reuse the name of the project in the name of the file, because it makes copying and renaming the files and converting it into a new project harder. This also goes for the main file I think, so you also shouldn't call that addphoto.php but call it index.php instead. Greetings, Jaap -- Chip Directory -- http://www.chipdir.biz/ -- http://www.chipdir.info/ -- http://www.chipdir.net/ -- http://www.chipdir.nl/ -- http://www.chipdir.org/ -- And about 30 other mirror sites world-wide. -- -- To subscribe to a free 'chip issues, questions and answers' -- mailing list, send a message to [EMAIL PROTECTED] with -- in the body 'subscribe chipdir-L'. About 500 experts are -- willing to think with you about electronics problems etc. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] I guess I'll give the list a shot
Hi all, I've got a really tough question, I am building an application that allows PayPal's shopping cart to have multiple items, but also multiple prices for the same item, but a different style or size or color, and Im quite stuck on how I would get the prices of the item according to it's color or description from a dropdown and insert it into a hidden field to be inserted into the shopping cart, as far as I know I can't modify the dropdown or it will not show up in the options of the shopping cart, so I need to work around the dropdowns. Basically what Im trying to do is when lets say black is selected from the dropdown, then the price for a black shirt is grabbed from the database and inserted into a hidden field. Did I explain the right? -- David M. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Function result is an array
I briefly tried searching the archives for this, but there aren't any handy keywords, so I didn't find anything. Why can't I do this: $year = getdate($timestamp)['year']; (syntax error) while I can do this: $temp = getdate($timestamp); $year = $temp['year']; and is there a way to combine the above into one statement, however ungainly? This doesn't just happen with getdate -- it happens with any function returning an array. I'm using PHP 4.1.2. Dustin -- Dustin Mitchell [EMAIL PROTECTED]/[EMAIL PROTECTED] http://people.cs.uchicago.edu/~dustin/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Adding graphics library
You'll probably still want to get libjpeg and libpng, and link against them with the proper configure options. What is the correct syntax to do all of the suggestions? Todd Martin Helie wrote: Well, not necessarily, since gd is included with php 4.3.x. You'll probably still want to get libjpeg and libpng, and link against them with the proper configure options. Ef [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... --with-gd and of oucrce you need the GD library. "Todd Cary" [EMAIL PROTECTED] escribi en el mensaje news:[EMAIL PROTECTED]... I am new to Linux so I need some help for installing the graphics library. This is what I did to get PHP to inlcude Interbase. !! Configure PHP with Interbase with apxs 34 ./configure --with-apxs=/usr/sbin --with-interbase=/opt/interbase 35 ./configure --with-interbase=/opt/interbase --with-apxs=/usr/sbin 36 ./configure --with-interbase=/opt/interbase --with-apxs=/usr/sbin/apxs What do I need to add to this to include the graphics library? Many thanks... Todd --
Re: [PHP] Function result is an array
IMHO the function()[] syntax should be allowed, but it isn't. You could use list() or extract(), but then you'd wind up with a lot more date than you want. What I've been doing is creating a function, then calling when needed. For example: function array_get_value($array, $index) { return $array[$index]; } array_get_value(getdate($timestamp), 'year'); If you'd like to fill out a bug report (use 'feature request' for the type of bug), http://bugs.php.net/ On Friday 30 May 2003 06:52 pm, Dustin Mitchell wrote: I briefly tried searching the archives for this, but there aren't any handy keywords, so I didn't find anything. Why can't I do this: $year = getdate($timestamp)['year']; (syntax error) while I can do this: $temp = getdate($timestamp); $year = $temp['year']; and is there a way to combine the above into one statement, however ungainly? This doesn't just happen with getdate -- it happens with any function returning an array. I'm using PHP 4.1.2. Dustin -- All religions are founded on the fear of the many and the cleverness of the few. -Stendhal -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Using Cookies Securely
I see some posts here that say storing a username or encrypted password in a cookie is not secure. If so, then what's a more secure way to allow users to be remembered using a cookie so that they don't have to log in every time they come to the site? What do you store in the cookie to authenticate against? Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Using Cookies Securely
The short answer is that if you're worried about security, don't store a uid and pwd in a cookie on the client... banks don't do it, for example. It's also common for the uid to be remembered, but not the pwd. From what I can see happening on the big sites, you give the user the option to be remembered or not, and you advise them against it if they're on a shared/public computer, or even remotely care about security and privacy. Handling log-ins and cookie sending under SSL would also help. Justin on 31/05/03 4:29 PM, Monty ([EMAIL PROTECTED]) wrote: I see some posts here that say storing a username or encrypted password in a cookie is not secure. If so, then what's a more secure way to allow users to be remembered using a cookie so that they don't have to log in every time they come to the site? What do you store in the cookie to authenticate against? Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Using Cookies Securely
Send a session ID to the user in a cookie, then lookup that ID in a database on the server. It's extremely difficult to guess random session ID's (don't just increment them!), and if you have a session timeout, you're pretty much set. It's not perfect, but I don't think anyone has come up with a better way The way it's been explained to me, this is how PHP's sessions work, but I have not personally verified this. So I think it's okay to put semi-sensitive data in the session array (you shouldn't ever store really sensitive data). Check first though. On Friday 30 May 2003 10:29 pm, Monty wrote: I see some posts here that say storing a username or encrypted password in a cookie is not secure. If so, then what's a more secure way to allow users to be remembered using a cookie so that they don't have to log in every time they come to the site? What do you store in the cookie to authenticate against? Monty -- Perl - the only language that looks the same before and after RSA encryption. -Keith Bostic -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: ldap_add() troubles
In article [EMAIL PROTECTED], [EMAIL PROTECTED] says... Hi list, i'm very newbie in PHP so sorry for this simple question but i havn't found any differences between my code and example code on a lot of website that i visited. I use PHP-4.3.1, OpenLDAP 2.1.19, BerkeleyDB-4.1.25 and Apache-2.0.45. My problem is that my variables are not taken into account. This is the code : -- ?php print centerform method='post' Username : br input type='text' name='user' size='20'/form\n; print centerform method='post' Firstname : br input type='text' name='firstname' size='20'/form\n; print centerform method='post' Lastname : br input type='text' name='lastname' size='20'/form\n; print centerform method='post' Telephon Number : br input type='text' name='tel' size='20'/form\n; print centerform method='post' Mobile Number : br input type='text' name='mobile' size='20'/form\n; print centerform method='post' Address : br textarea name='street' rows='3' cols='20'/textarea/form\n; print centerform method='post'br input type='submit' value='Valider' name='goldap'/form\n; You only need one FORM here, not one for each value. When you click Valider, it only sends the values in that FORM element and of course the only variable there is goldap :-( So remove all FORM except the first, and remove all /FORM except the last and see how you go. -- Quod subigo farinam -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: ldap_add() troubles
Quoting David Robley [EMAIL PROTECTED]: In article [EMAIL PROTECTED], [EMAIL PROTECTED] says... [...] My problem is that my variables are not taken into account. This is the code : -- ?php print centerform method='post' Username : br input type='text' name='user' size='20'/form\n; print centerform method='post' Firstname : br input type='text' name='firstname' size='20'/form\n; print centerform method='post' Lastname : br input type='text' name='lastname' size='20'/form\n; print centerform method='post' Telephon Number : br input type='text' name='tel' size='20'/form\n; print centerform method='post' Mobile Number : br input type='text' name='mobile' size='20'/form\n; print centerform method='post' Address : br textarea name='street' rows='3' cols='20'/textarea/form\n; print centerform method='post'br input type='submit' value='Valider' name='goldap'/form\n; You only need one FORM here, not one for each value. When you click Valider, it only sends the values in that FORM element and of course the only variable there is goldap :-( So remove all FORM except the first, and remove all /FORM except the last and see how you go. [...] Hi David, the problem is resolved. I did not know that the variables was lost when the form was closed. It is logical... :-) Thanks a lot for your help in this basic case... Thanks also to Mark. Cheers, Cecile. - Mail sent through GFI Mailserver1.0 info: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Function result is an array
At 06:23 31.05.2003, Evan Nemerson said: [snip] IMHO the function()[] syntax should be allowed, but it isn't. You could use list() or extract(), but then you'd wind up with a lot more date than you want. What I've been doing is creating a function, then calling when needed. For example: function array_get_value($array, $index) { return $array[$index]; } array_get_value(getdate($timestamp), 'year'); [snip] A little profiling notice on this here. Constructing 3 testbeds, accessing an array through a function passing an array reference (so the array won't get copied to the function), one using your array_get_value() from above (without references, so the array will get copied), and one using a local variable and direct access. The testbed source is copied below, as always. The numbers: 1.355221 secs (0.013552 msecs each): Copy local, direct access (10 passes) 0.550718 secs (0.005507 msecs each): Ref local, direct access (10 passes) 2.497536 secs (0.024975 msecs each): array_get_value (10 passes) 0.906490 secs (0.009065 msecs each): array_get_value_ref (10 passes) The interesting stuff is that storing the array to a local variable and accessing it directly is slower than calling a function passing a reference to the array. As you may notice, using array references is _always_ faster by some factor, as copying the array is avoided. Conclusion: use array references wherever you can. If you build a function returning an array, let it return a reference (function myfunc()), and use this reference when calling ($var = myfunc()). If you have this in a loop it might save your script some valuable time. Notes to the test scenario: Since I've been interested in timing array access, not array creation, I've used a static copy of the getdate() array, avoiding to profile the getdate(time()) function. // the static array to run the test with $atime = getdate(time()); // return a reference to the array function arviaref() { global $atime; return $atime; } // return a copy of the array function arviacopy() { global $atime; return $atime; } // // PROFILE CANDIDATES function array_get_value_ref($array, $index) { return $array[$index]; } function array_get_value($array, $index) { return $array[$index]; } // $LOOPS = 10; $x = measure(); for ($i = 0; $i $LOOPS; ++$i) { $temp = arviacopy(); $rslt = $temp['year']; } echo measure($x, 'Copy local, direct access (%1$d passes)', $i, array($i)); $x = measure(); for ($i = 0; $i $LOOPS; ++$i) { $temp = arviaref(); $rslt = $temp['year']; } echo measure($x, 'Ref local, direct access (%1$d passes)', $i, array($i)); $x = measure(); for ($i = 0; $i $LOOPS; ++$i) $rslt = array_get_value(arviaref(), 'year'); echo measure($x, 'array_get_value (%1$d passes)', $i, array($i)); $x = measure(); for ($i = 0; $i $LOOPS; ++$i) $rslt = array_get_value_ref(arviaref(), 'year'); echo measure($x, 'array_get_value_ref (%1$d passes)', $i, array($i)); function measure($start = null, $string = null, $passes = null, $params = null) { // the bias is the effort made for calling measure() twice // and constructing the optional array parameter for the second call // note we do not run measure($start, $string, $passes, $params) since // this would add a lot of action that gets not timed by measure() // to the bias value. static $bias = -1; if ($bias == -1) { $bias = 0; $x = microtime(); for ($i = 0; $i 1000; ++$i) { measure(); measure(); $a = array('string entry','string entry','string entry'); } $y = microtime(); list($s0, $s1) = explode(' ', $x); list($e0, $e1) = explode(' ', $y); $bias = (($e0 + $e1) - ($s0 + $s1)) / 1000; } // get the current time $x = microtime(); // if the start time is set, this is a final profiling call if ($start) { list($s0, $s1) = explode(' ', $start); list($e0, $e1) = explode(' ', $x); $time = ($e0 + $e1) - ($s0 + $s1) - $bias; if (is_array($params)) { $cmd = return sprintf(\$string, ' . join(',', $params) . ');; $string = eval($cmd); } if ($passes) $x = sprintf(%f secs (%f msecs each): %s\n, $time, ($time * 1000) / $passes, $string); else $x = sprintf(%f secs: %s\n, $time, $string); } // return either the time, or the profiling string return $x; } -- O
Re: [PHP] What's wrong with this code??
I find the switch statement does not always give the desired results and it's really not any different than using the if statement - the calculations would still have to be the same - it's just laid out differently. - Original Message - From: Brian V Bonini [EMAIL PROTECTED] To: Beauford [EMAIL PROTECTED] Cc: PHP General [EMAIL PROTECTED] Sent: Friday, May 30, 2003 9:18 PM Subject: Re: [PHP] What's wrong with this code?? On Fri, 2003-05-30 at 20:02, Beauford wrote: Your right though, the code is awkward - but I couldn't think of any other way of doing it. Any suggestions? switch http://us4.php.net/manual/en/control-structures.switch.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Getting the parsing time of a script
Is there any way getting the time taken to parse a script? IE: This page took 0.13 seconds to generate. Is it a predefined variable anywhere? Thanks ;o) Bix. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] I guess I'll give the list a shot
On Fri, 30 May 2003 21:47:03 -0400, you wrote: Hi all, I've got a really tough question, I am building an application that allows PayPal's shopping cart to have multiple items, but also multiple prices for the same item, but a different style or size or color, and Im quite stuck on how I would get the prices of the item according to it's color or description from a dropdown and insert it into a hidden field to be inserted into the shopping cart, as far as I know I can't modify the dropdown or it will not show up in the options of the shopping cart, so I need to work around the dropdowns. Basically what Im trying to do is when lets say black is selected from the dropdown, then the price for a black shirt is grabbed from the database and inserted into a hidden field. Exactly what data are you trying to store? Something like this? for each item_chosen (id, qty, colour, price) One approach is to put all your data in an array, serialize the array and store that as the hidden field. Another is to use sessions, and store the array in the session (probably faster). A third is to write the data out to a series of hidden fields beginning with xyz (xyz1, xyz2, xyz3, etc), and iterate over the contents of the returned form to find the xyz* fields. Of the three, sessions are the one you /should/ use - because if pricing data goes out to the client, it can be altered. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Getting the parsing time of a script
On Sat, 31 May 2003 11:39:41 +0100, you wrote: Is there any way getting the time taken to parse a script? IE: This page took 0.13 seconds to generate. Call microtime() at the beginning and end of the script. $timeTaken = $timeEnd - $timeStart; see http://uk2.php.net/manual/en/function.microtime.php and read the comments. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Long screen display cut short.
what is the online-version? I mean which webserver-software in which version? Thomas On Fri, 30 May 2003 20:45:08 -0400 [EMAIL PROTECTED] (Floyd Baker) wrote: Hello... I have a routine that works fine on local win98 but when it runs on linux online, the screen output is cut short. I have lengthened the 30 second script time max to 45 but that made no difference at all. Depending on the particulars, the routine stops at a certain spot. If it is rerun, it stops at the very same spot again. Putting in other particulars cause it to stop at a different point, further down. It seems that changes which affect the number of mysql calculations, make some difference in the length of the screen display, but it's only a minor amount. It cuts off somewhere around 4 pages. Any ideas please. Floyd -- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Any POSTNUKER, reading from two DB
Greeting, I have a postnuke site and I want to connect it to two databases in order to verify users from these databases. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Getting the parsing time of a script
At 12:39 31.05.2003, Bix said: [snip] Is there any way getting the time taken to parse a script? IE: This page took 0.13 seconds to generate. Is it a predefined variable anywhere? [snip] $start = microtime(); for ($i = 0; $i 1; ++$i) $n = getdate(time()); $end = microtime(); list($s0, $s1) = explode(' ', $start); list($e0, $e1) = explode(' ', $end); echo sprintf('hrThis page took %.2f seconds to generate', ($e0+$e1)-($s0+$s1)); -- O Ernest E. Vogelsinger (\)ICQ #13394035 ^ http://www.vogelsinger.at/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Long screen display cut short.
On Fri, 30 May 2003 20:45:08 -0400 [EMAIL PROTECTED] (Floyd Baker) wrote: [snip] I have a routine that works fine on local win98 but when it runs on linux online, the screen output is cut short. I have lengthened the 30 second script time max to 45 but that made no difference at all. Depending on the particulars, the routine stops at a certain spot. If it is rerun, it stops at the very same spot again. Putting in other particulars cause it to stop at a different point, further down. It seems that changes which affect the number of mysql calculations, make some difference in the length of the screen display, but it's only a minor amount. It cuts off somewhere around 4 pages. [snip] I once had this effect on pages exceeding a total size of 8k when running a test server on an asynchronoous line (ADSL, in 712kB, out 64kB). As long as the page fits into a single IP packet (which usually equals 8kB) no problems occur, however if more than one packet is needed to transmit the page the webserver will only be able to send the first packet. All pages went fine when using a synchronous connection (in == out). -- O Ernest E. Vogelsinger (\)ICQ #13394035 ^ http://www.vogelsinger.at/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
php-general Digest 31 May 2003 12:37:10 -0000 Issue 2089
php-general Digest 31 May 2003 12:37:10 - Issue 2089 Topics (messages 149622 through 149646): performance issue under IIS 149622 by: matt rowe Re: Adding graphics library 149623 by: Martin Helie 149631 by: Todd Cary Re: Code Help Please 149624 by: Jennifer Goodie Long screen display cut short. 149625 by: Floyd Baker 149626 by: Martin Helie 149643 by: Thomas Seifert 149646 by: Ernest E Vogelsinger Re: What's wrong with this code?? 149627 by: Brian V Bonini 149639 by: Beauford Re: Best Practices in Directory Layout? 149628 by: Jaap van Ganswijk I guess I'll give the list a shot 149629 by: David McGlone 149641 by: David Otton Function result is an array 149630 by: Dustin Mitchell 149632 by: Evan Nemerson 149638 by: Ernest E Vogelsinger Using Cookies Securely 149633 by: Monty 149634 by: Justin French 149635 by: Evan Nemerson Re: ldap_add() troubles 149636 by: David Robley 149637 by: Cecile Getting the parsing time of a script 149640 by: Bix 149642 by: David Otton 149645 by: Ernest E Vogelsinger Any POSTNUKER, reading from two DB 149644 by: nabil Administrivia: To subscribe to the digest, e-mail: [EMAIL PROTECTED] To unsubscribe from the digest, e-mail: [EMAIL PROTECTED] To post to the list, e-mail: [EMAIL PROTECTED] -- ---BeginMessage--- Dear list, Hi there. I have a bit of a performance problem under IIS, and I can't seem to figure it out. I have two similar servers. Both are running php v4.3.1 (as a cgi) with IIS on Win2k. Both have nearly identical php.ini files, and IIS configurations (as far as I can tell). However, the slow server only serves one php document at a time. For example, I wrote a test script that counts from 0 to 10, sleeping for a second in between each count. If I hit that page with a browser, IIS waits until the counting is finished before serving up any subsequent pages (triggered from another browser window). The fast server doesn't behave like this. When I trigger the counter script, I can go to many other php pages while the counter is running. The strange thing is that the task manager shows many instances of php.exe (one for each php page that is hit). So, it looks like multiple instances of the php executable are being called. But, for some reason, IIS is waiting (linearly) to serve the php pages. I'm fairly sure I'm missing some obscure check box in the IIS configuration. Can anyone please point me in the right direction? Thanks, Matt ---End Message--- ---BeginMessage--- Well, not necessarily, since gd is included with php 4.3.x. You'll probably still want to get libjpeg and libpng, and link against them with the proper configure options. Ef [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] --with-gd and of oucrce you need the GD library. Todd Cary [EMAIL PROTECTED] escribió en el mensaje news:[EMAIL PROTECTED] I am new to Linux so I need some help for installing the graphics library. This is what I did to get PHP to inlcude Interbase. !! Configure PHP with Interbase with apxs 34 ./configure --with-apxs=/usr/sbin --with-interbase=/opt/interbase 35 ./configure --with-interbase=/opt/interbase --with-apxs=/usr/sbin 36 ./configure --with-interbase=/opt/interbase --with-apxs=/usr/sbin/apxs What do I need to add to this to include the graphics library? Many thanks... Todd ---End Message--- ---BeginMessage--- You'll probably still want to get libjpeg and libpng, and link against them with the proper configure options. What is the correct syntax to do all of the suggestions? Todd Martin Helie wrote: Well, not necessarily, since gd is included with php 4.3.x. You'll probably still want to get libjpeg and libpng, and link against them with the proper configure options. Ef [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... --with-gd and of oucrce you need the GD library. "Todd Cary" [EMAIL PROTECTED] escribi en el mensaje news:[EMAIL PROTECTED]... I am new to Linux so I need some help for installing the graphics library. This is what I did to get PHP to inlcude Interbase. !! Configure PHP with Interbase with apxs 34 ./configure --with-apxs=/usr/sbin --with-interbase=/opt/interbase 35 ./configure --with-interbase=/opt/interbase --with-apxs=/usr/sbin 36 ./configure --with-interbase=/opt/interbase --with-apxs=/usr/sbin/apxs What do I need to add to this to include the graphics library? Many thanks... Todd -- ---End Message--- ---BeginMessage--- I need to find if table1.username = table2.domain/table2.username is If you are using mySQL you can use CONCAT table1.username =