RE: [PHP-DB] what's wrong with this?
can't you attach files in this mailing list? is there a special way? could someone tell me. Thanks -Original Message- From: Ali Nayeri [mailto:[EMAIL PROTECTED]] Sent: January 27, 2002 8:27 PM To: PHP Database Mailing List Subject: RE: [PHP-DB] what's wrong with this? i'm not sure why the files didn't come through. i'll try again. -Original Message- From: Ali Nayeri [mailto:[EMAIL PROTECTED]] Sent: January 27, 2002 8:18 PM To: PHP Database Mailing List Subject: [PHP-DB] what's wrong with this? hi all i've been trying this script for a day and i just can't figure out why it doesn't work. could someone check and see if there is something i did wrong? the error is "unknown function include_menu()" which actually exist in the menu.inc file. this is the structure: home.php includes (folder) layout.inc menu.inc thanks in advance Ali _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP-DB] what's wrong with this?
i'm not sure why the files didn't come through. i'll try again. -Original Message- From: Ali Nayeri [mailto:[EMAIL PROTECTED]] Sent: January 27, 2002 8:18 PM To: PHP Database Mailing List Subject: [PHP-DB] what's wrong with this? hi all i've been trying this script for a day and i just can't figure out why it doesn't work. could someone check and see if there is something i did wrong? the error is "unknown function include_menu()" which actually exist in the menu.inc file. this is the structure: home.php includes (folder) layout.inc menu.inc thanks in advance Ali -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] what's wrong with this?
usage...
...
...
...
include ("menu.inc');
include_menu()
...
...
...
Check your PHP.INI..
Or send more code!!!
Dan
- Original Message -
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, January 27, 2002 10:18 PM
Subject: [PHP-DB] what's wrong with this?
hi all
i've been trying this script for a day and i just can't figure out why it
doesn't work. could someone check and see if there is something i did
wrong? the error is "unknown function include_menu()" which actually exist
in the menu.inc file.
this is the structure:
home.php
includes (folder)
layout.inc
menu.inc
thanks in advance
Ali
> --
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] what's wrong with this?
hi all i've been trying this script for a day and i just can't figure out why it doesn't work. could someone check and see if there is something i did wrong? the error is "unknown function include_menu()" which actually exist in the menu.inc file. this is the structure: home.php includes (folder) layout.inc menu.inc thanks in advance Ali -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] PHP safe mode
On Monday 28 January 2002 04:43, CrossWalkCentral wrote: > Question? > What is php safe mode. > > I have heard that it will allow you to pass information to a mysql database > w/o a user name and pass. > > Has any one heard of this. I am just curious. I would not use it but if > this is something that is true I would like that could be a security > problem. > > let me know Manual -> Chapter -> Safe Mode -- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk /* "I'd love to go out with you, but I've been scheduled for a karma transplant." */ -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] Re: [PHP] PHP and MYSQL Security`
If you know you are running on an apache server, you could try using a
simple .htaccess file in a (say) etc directory which contains any or all
files you wish to secure.
ie:
/index.php
/etc/config.php
/etc/.htaccess
--index.php
--etc/config.php
$config['db_host']="sql";
$config['db_name']="root";
$config['db_pass']="hooray";
?>
--etc/.htaccess
deny from all
And that's it!
Duky Yuen <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> How can I secure my username and password? In 1 of my files, it contains
> the following:
>
> $conn = mysql_connect( "12.34.56.78", "username", "password");
> mysql_select_db("database",$conn);
>
> What should I do, so people can't get this information?
>
> Duky
>
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP-DB] [PHP] PHP and MYSQL Security`
The actual content of the .php files won't be seen from the net since it is
server side scripting language.. But if you are still concerned you can put
database connection info into another file (preferably .php file) and place
it somewhere outside your web directory and access it thru require() or
include() functions inside your actual web page.
But if your concern is for local users' access to those file , just set
your file/directory permissions accordingly.
Gurhan
-Original Message-
From: Duky Yuen [mailto:[EMAIL PROTECTED]]
Sent: Sunday, January 27, 2002 7:38 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: [PHP-DB] [PHP] PHP and MYSQL Security`
How can I secure my username and password? In 1 of my files, it contains
the following:
$conn = mysql_connect( "12.34.56.78", "username", "password");
mysql_select_db("database",$conn);
What should I do, so people can't get this information?
Duky
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] Re: [PHP] PHP and MYSQL Security`
At 16:59 -0800 1/27/02, Fred wrote:
>If this file has a .php extension remote users will not have access to the
>variables because the file is parsed by php and they never see the actual
>file contents when requesting the document via the web. If you are
>concerned with users on localhost having access to the file, simply give it
>the correct permissions so that no one else has read access.
No so easy. The server itself must have read access. If other users on
the local host can install scripts that the server executes, any of those
scripts can read the text of your scripts.
What then? You're hosed.
>
>If you are concerned about web users having access, if, for example, the php
>parser crashed and apache tried to pass the file through without parsing,
>you can put the default server, user and pass variables in the php.ini file
>which is not in the document root for apache. Of course, this only works if
>all of your scripts use the same server, user and password.
>
>Fred
>
>Duky Yuen <[EMAIL PROTECTED]> wrote in message
>[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>> How can I secure my username and password? In 1 of my files, it contains
>> the following:
>>
>> $conn = mysql_connect( "12.34.56.78", "username", "password");
>> mysql_select_db("database",$conn);
>>
>> What should I do, so people can't get this information?
>>
>> Duky
>>
>
>
>
>--
>PHP Database Mailing List (http://www.php.net/)
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] Re: [PHP] PHP and MYSQL Security`
If this file has a .php extension remote users will not have access to the
variables because the file is parsed by php and they never see the actual
file contents when requesting the document via the web. If you are
concerned with users on localhost having access to the file, simply give it
the correct permissions so that no one else has read access.
If you are concerned about web users having access, if, for example, the php
parser crashed and apache tried to pass the file through without parsing,
you can put the default server, user and pass variables in the php.ini file
which is not in the document root for apache. Of course, this only works if
all of your scripts use the same server, user and password.
Fred
Duky Yuen <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> How can I secure my username and password? In 1 of my files, it contains
> the following:
>
> $conn = mysql_connect( "12.34.56.78", "username", "password");
> mysql_select_db("database",$conn);
>
> What should I do, so people can't get this information?
>
> Duky
>
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] [PHP] PHP and MYSQL Security`
How can I secure my username and password? In 1 of my files, it contains
the following:
$conn = mysql_connect( "12.34.56.78", "username", "password");
mysql_select_db("database",$conn);
What should I do, so people can't get this information?
Duky
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] [PHP] File uploading like hotmail
I want to make something like when you are attaching something to an email in hotmail. I want to make something that searches your own computer for files on your harddisk that you want to upload to the server. But I don't know if this is possible. If this is possible.Can somebody tell me which function I should use? Or if someone have an example... please... Duky -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] [PHP]please help
I want to make something like when you are attaching something to an email in hotmail. I want to make something that searches your own computer for files on your harddisk that you want to upload to the server. But I don't know if this is possible. If this is possible.Can somebody tell me which function I should use? Or if someone have an example... please... Duky -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] uploading
On Sun, 27 Jan 2002 13:04:09 +0200 Thomas \ "Thomas \"omega\" Henning" <[EMAIL PROTECTED]> wrote: > Hello how can i upload something from my hdd to the webserver > using php? > > note: don't have ftp on the machine!! > > Thanks > > Thomas "omega" Henning I usually don't like saying this, but in this case you should check out the manual page at http://www.php.net/manual/en/features.file-upload.php It explains it much better than I could on my own. -- Raquel Change has a considerable psychological impact on the human mind. To the fearful it is threatening because it means that things may get worse. To the hopeful it is encouraging because things may get better. To the confident it is inspiring because the challenge exists to make things better. --King Whitney, Jr. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] PHP safe mode
Question? What is php safe mode. I have heard that it will allow you to pass information to a mysql database w/o a user name and pass. Has any one heard of this. I am just curious. I would not use it but if this is something that is true I would like that could be a security problem. let me know Cross Walk Central www.crosswalkcentral.net Your Web Hosting Community!
AW: [PHP-DB] Pictures+MySQL+PHP
> -Ursprüngliche Nachricht- > Von: Michael Waples [mailto:[EMAIL PROTECTED]] > Gesendet: Samstag, 26. Januar 2002 09:54 > An: [EMAIL PROTECTED] > Betreff: Re: [PHP-DB] Pictures+MySQL+PHP > > > Ck Raju wrote: > > > > that I changed my mind. Gurhan Ozen>Storing images in the > database is not a > > good idea , just store the path of Gurhan Ozen>the images > in the database > > and keep your images in your hard disk... Gurhan Ozen> > > > > Since everything is on hard-disk, I personally feel, the > image can be stored > > anywhere. BLOB should be easier when doing a mysqldump, or > when replication > > is needed. > > > > Anywhere else go in for storing images separately. > > Raju > I prefer storing images out of the dbserver to save on server > load. You > can serve those images with a http server like thttpd, boa etc which > will serve images quicker and with a lighter load. > If you need replication just use rsync to move your images around. > > But if server load isn't an issue a database is as good as any place. > I did a community software where users can upload pics all over the application. It is run on LVS cluster, so nobody can say to which of the cluster members the pic is uploaded to. NFS, or unattended rsync/scp has been denied by security policy, so the only way was to store the pics in the DB (mysql). I also did some performance measures, and, as all the pic requests had to go thru php (for member verification), there was practically no performance drawback; in fact, storing the pics in database was a bit quicker than getting them through the filesystem when the number of pics went above 100,000 :-) And now it is very easy to do full backups, and no problem with db/fs getting out of sync. Only one thing has given me a hard time: The first time I stored all 5 instances of an image (thumb plus 4 other resolutions) in the same db table, but mysql choked on it when it became about 200 mb (the whole server did not respond or respond veeery slow). I split the whole thing into 5 tables, and now it runs like a charm. Thomas -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] Double results
$sql = "SELECT DISTINCT * FROM newforum WHERE id='$id' OR replyto='$id''"; BUT you do have an OR in your where condition. Try it - Miles On Sunday 27 January 2002 10:18 am, Jordy Driessen wrote: > Hello, > > Is there a query which can eliminate double results? Because my query ($sql > = "SELECT * FROM newforum WHERE id='$id' OR replyto='$id''";) selects > information from my MySQL-database double which isn't necessary... > > Who knows the answer? > > Thanx, > > Jordy -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] Double results
Hello, Is there a query which can eliminate double results? Because my query ($sql = "SELECT * FROM newforum WHERE id='$id' OR replyto='$id''";) selects information from my MySQL-database double which isn't necessary... Who knows the answer? Thanx, Jordy -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] uploading
Hello how can i upload something from my hdd to the webserver using php? note: don't have ftp on the machine!! Thanks Thomas "omega" Henning -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] Re: PHP + Postgresql + Linux = Frustration
Mike Dichiappari wrote: > Hello, > > I am rather new to Linux but an old timer at software development. I am > investigating alternate platforms for future development for my company. > Linux is at the top of the list. > > I am trying to get a server setup with a db (PostgreSQL), web server > (Apache), and some sort of web scripting language (PHP). I can not make > everything work together. PHP4 won't work out-of-the-box with PostgreSQL > because PHP doesn't have support for PosgreSQL built in at compile time (why > not just build everything into when it was initially built?). The manual page for PostgreSQL did not exaplain about --with-pgsql option just like most modules' manual pages didn't :) However, I think install section explains how to selectively install modules. > > So I get the sources to PHP and try to build. However, it wants the sources > (header files) for Apache. It *MUST* be there, if you want Apache SAPI. It's the way should be. > > At this point I don't want to go any further. Eventually, I'll probably > need the sources for everything. If you follow installation instruction closely (PostgreSQL, Apache, PHP) there would be no problems. Make sure you build/install them with this order. PostgreSQL->Apache->PHP. > > Is there an easy way to do this sort of stuff on Linux or is it better to > just buy off the shelf products that work? Install from RPM or like, they should work out of box. BTW, do not cross post :) -- Yasuo Ohgaki Please CC me when you reply to news/list messages. Do not reply only to me :) -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
