RE: [PHP-DB] How to send a SID in a security way - SOLVED!!!

[Bart Baaten]

I think he meant one was named System1 and the other System2.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: vrijdag 22 oktober 2004 22:34
To: Andre Matos
Cc: [EMAIL PROTECTED]
Subject: RE: [PHP-DB] How to send a SID in a security way - SOLVED!!!

Andre,
Did you intend to write that both sessions have the same name? Doesn't 
that result in the same issue with the session identification?
dave





"Andre Matos" <[EMAIL PROTECTED]>

10/22/2004 03:25 PM



 

To:
<[EMAIL PROTECTED]>
cc:





Subject:
RE: [PHP-DB] How to send a SID in a security way - SOLVED!!!



Hi list,

Thanks for all people who tried to help me in my "session" problem.

I have found a simple and easy way to have to web-based php applications
running in the same server and having one user using both on the same web
browser (two different windows or tabs).

I did this in one system:

session_name("System1");
session_start();


and this in the another system:

session_name("System1");
session_start();


Now I can have my two applications running in the same browser at the same
time.

Thanks for all help that I received!!!

Andre

--
Andre Matos
[EMAIL PROTECTED] 

-Original Message-
From: Andre Matos [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 22, 2004 12:59 PM
To: 'Matt M.'
Cc: [EMAIL PROTECTED]
Subject: RE: [PHP-DB] How to send a SID in a security way

Hi Matt,

I am trying to solve my problem to have one browser accessing two 
different
applications (each one in a different window) where each application has 
its
own and unique sessionID. I really don't want to use cookie because I will
need that the user enable the option "accept cookies" in the browser.

However, I am afraid to pass the sessionID on the URL because someone can
cat it.

I am using currently using SSL.

Can you see any solution for my problem?

Thanks.

--
Andre Matos
[EMAIL PROTECTED] 

-Original Message-
From: Matt M. [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 22, 2004 12:35 PM
To: Andre Matos
Cc: [EMAIL PROTECTED]
Subject: Re: [PHP-DB] How to send a SID in a security way

> How can I send a SID (SessionID) in a security way from one page to
another?
> Is it "security" to do this?

not sure what exactly you want.  You could just use cookies, dont
allow it to be in form fields or query strings.

you could use ssl.

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DB] Two session for the same user, possible?

[Micah Stevens]

You can have two scripts talking to the same browser session by setting 
different session cookie names. Depending on which script is being loaded it 
will look at a different cookie to find out the session ID, once again, I 
have not tried it, but there is no reason why it wouldn't work, and not 
require option 1, 2 or 3 as Chris mentions below. 

-Micah 


On Friday 22 October 2004 12:55 pm, Chris Gregors wrote:
> The session information is bound to the users computer and the browser
> they use.
>
> option 1: user logs into app using a different computer (2 laptops)
> option 2: user logs into app using a different browser (ie and firefox)
> option 3: sessions have a lifetime of one screen (aka no session
> persistance).
>
> I use option 1,2 all the time. One session is "godly" and the second
> session is a "luser" session.
>
> 
>
> -Original Message-
> From: Micah Stevens [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 21, 2004 5:54 PM
> To: [EMAIL PROTECTED]
> Subject: Re: [PHP-DB] Two session for the same user, possible?
>
>
>
> p.s. you can also designate a session ID. If you do this you may be able
> to
> have two sessions running concurrently. Never tried it myself, but it
> should
> work.
>
> -Micah
>
> On Thursday 21 October 2004 02:03 pm, Micah Stevens wrote:
> > The Session ID is the same, so it will access the same variables. If
>
> you
>
> > want to force a new session in the new script, do this:
> >
> > http://us2.php.net/manual/en/function.session-regenerate-id.php
> >
> > But this will in effect log the user out of the first session as well.
>
> If
>
> > you want to be able to do both, I suggest you use different names for
>
> your
>
> > session vars.
> >
> > -Micah
> >
> > On Thursday 21 October 2004 12:39 pm, Andre Matos wrote:
> > > Hi Matt,
> > >
> > > I have developed two different web systems that use php sessions.
>
> When I
>
> > > a user log into one system, the system creates a session and storage
>
> on
>
> > > it one object called UserSession with some information that I need
>
> while
>
> > > the user works with the system.
> > >
> > > My problem is when the user decides to open the second system
>
> without log
>
> > > out from the first one that he logged, using a new window (crtl+N)
>
> from
>
> > > the same browser. This second system creates also an object called
> > > UserSession, but with different properties and this new object from
>
> the
>
> > > second system overwrites the object from the first system. This is
>
> my
>
> > > problem. Can I make PHP understand that this is a complete different
> > > session?
> > >
> > > Thanks.
> > >
> > > Andre
> > >
> > > --
> > > Andre Matos
> > > [EMAIL PROTECTED]
> > >
> > > -Original Message-
> > > From: Matt M. [mailto:[EMAIL PROTECTED]
> > > Sent: Thursday, October 21, 2004 3:23 PM
> > > To: Andre Matos
> > > Cc: [EMAIL PROTECTED]
> > > Subject: Re: [PHP-DB] Two session for the same user, possible?
> > >
> > > > Is it possible to have two sessions for the same user in php? If
>
> yes,
>
> > > > how can I implement this?
> > > >
> > > > I am currently using one without problem. However, when I try to
>
> create
>
> > > > a second session, the first one is lost.
> > >
> > > could you post some code.  I am not sure I follow what you are
>
> doing.

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DB] Aliased mysql queries and mysql_fetch_array()

[John Holmes]

Philip Thompson wrote:
I have the query to pull the information - and I know it works for 
everything else. Now how do I reference the director/manager to store it 
in a variable without having to use numerical indexing?


$query = "select projects.*, locations.*, funding.*, people.* from 
people as people_1 RIGHT JOIN " .
[snip]
$_SESSION["director"][$i] = $row["people_1.first_name"] . " " . 
$row["people_1.last_name"];
Do you really need to select _every_ column from _all_ of those tables? 
To solve your problem, you need to select the columns with aliases...

$query = "SELECT people_1.first_name as p1_first_name, people.first_name 
as p_first_name, ...";

Now you'll have $row['p1_first_name'] and $row['p_first_name'] available.
--
---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-DB] Aliased mysql queries and mysql_fetch_array()

[Philip Thompson]

Hi all.
I am having a problem obtaining the specific information I need. I have 
a table of "people" that can have multiple rows - ie, Director, 
Manager, etc. However, in the "projects" table, each project has a 
director AND manager, but not necessarily the same person.

I have the query to pull the information - and I know it works for 
everything else. Now how do I reference the director/manager to store 
it in a variable without having to use numerical indexing?


	$query = "select projects.*, locations.*, funding.*, people.* from 
people as people_1 RIGHT JOIN " .
"(people RIGHT JOIN (funding RIGHT JOIN (locations RIGHT JOIN 
projects on locations.id = " .
"projects.location_id) on funding.id = projects.funding_id) on 
people.id = projects.manager_id) on " .
"people_1.id = projects.director_id $whereCondition order by 
$criteria";

$result = @mysql_query($query, $link);
$i = 0;
while ($row = mysql_fetch_array($result, MYSQL_BOTH)) {
	// there are much more fields, but I have only included the
	// two important ones (manager and director)
$_SESSION["manager"][$i] = $row["first_name"] . " " . 
$row["last_name"];
$_SESSION["director"][$i] = $row["people_1.first_name"] . " " . 
$row["people_1.last_name"];

  $i++;
}

It does not work whenever I include the table within the $row[]. 
Otherwise, it shouldn't be a problem. Any suggestions?

Thanks in advance,
~Philip
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP-DB] COPY with PostgreSQL

[Robert Fitzpatrick]

On Fri, 2004-10-22 at 15:45, Norland, Martin wrote:
> What are the line endings of the file?  Maybe php is getting confused.
> How many KB is the file on disk when it's the ~1500 line version?
> There's length of each line (which you want under 1KB, probably not a
> problem unless you have BLOBS or equivalent) - and then there's how PHP
> determines what a line actually is.

Actually, I thought of line endings first. But after chopping the file
into pieces and getting all records to go in, ruled it out.

I finally, after trying many things have gotten this to work with the
large files. I found, if I issue a pg_connection_busy($dbh) before the
pg_put_line(...) in the while statement processing the lines of the temp
file handle, it works. Don't ask me why, that is what I'd like to know.
If I report back if busy is true, I get nothing. Maybe it is just giving
a millisecond to breathe or something while checking to see if the
connection is busy. But with that one line, all is well.

-- 
Robert

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP-DB] How to send a SID in a security way - SOLVED!!!

[dpgirago]

Andre,
Did you intend to write that both sessions have the same name? Doesn't 
that result in the same issue with the session identification?
dave





"Andre Matos" <[EMAIL PROTECTED]>

10/22/2004 03:25 PM



 

To:
<[EMAIL PROTECTED]>
cc:





Subject:
RE: [PHP-DB] How to send a SID in a security way - SOLVED!!!



Hi list,

Thanks for all people who tried to help me in my "session" problem.

I have found a simple and easy way to have to web-based php applications
running in the same server and having one user using both on the same web
browser (two different windows or tabs).

I did this in one system:

session_name("System1");
session_start();


and this in the another system:

session_name("System1");
session_start();


Now I can have my two applications running in the same browser at the same
time.

Thanks for all help that I received!!!

Andre

--
Andre Matos
[EMAIL PROTECTED] 

-Original Message-
From: Andre Matos [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 22, 2004 12:59 PM
To: 'Matt M.'
Cc: [EMAIL PROTECTED]
Subject: RE: [PHP-DB] How to send a SID in a security way

Hi Matt,

I am trying to solve my problem to have one browser accessing two 
different
applications (each one in a different window) where each application has 
its
own and unique sessionID. I really don't want to use cookie because I will
need that the user enable the option "accept cookies" in the browser.

However, I am afraid to pass the sessionID on the URL because someone can
cat it.

I am using currently using SSL.

Can you see any solution for my problem?

Thanks.

--
Andre Matos
[EMAIL PROTECTED] 

-Original Message-
From: Matt M. [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 22, 2004 12:35 PM
To: Andre Matos
Cc: [EMAIL PROTECTED]
Subject: Re: [PHP-DB] How to send a SID in a security way

> How can I send a SID (SessionID) in a security way from one page to
another?
> Is it "security" to do this?

not sure what exactly you want.  You could just use cookies, dont
allow it to be in form fields or query strings.

you could use ssl.

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP-DB] How to send a SID in a security way - SOLVED!!!

[Andre Matos]

Hi list,

Thanks for all people who tried to help me in my "session" problem.

I have found a simple and easy way to have to web-based php applications
running in the same server and having one user using both on the same web
browser (two different windows or tabs).

I did this in one system:

session_name("System1");
session_start();


and this in the another system:

session_name("System1");
session_start();


Now I can have my two applications running in the same browser at the same
time.

Thanks for all help that I received!!!

Andre

--
Andre Matos
[EMAIL PROTECTED] 

-Original Message-
From: Andre Matos [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 22, 2004 12:59 PM
To: 'Matt M.'
Cc: [EMAIL PROTECTED]
Subject: RE: [PHP-DB] How to send a SID in a security way

Hi Matt,

I am trying to solve my problem to have one browser accessing two different
applications (each one in a different window) where each application has its
own and unique sessionID. I really don't want to use cookie because I will
need that the user enable the option "accept cookies" in the browser.

However, I am afraid to pass the sessionID on the URL because someone can
cat it.

I am using currently using SSL.

Can you see any solution for my problem?

Thanks.

--
Andre Matos
[EMAIL PROTECTED] 

-Original Message-
From: Matt M. [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 22, 2004 12:35 PM
To: Andre Matos
Cc: [EMAIL PROTECTED]
Subject: Re: [PHP-DB] How to send a SID in a security way

> How can I send a SID (SessionID) in a security way from one page to
another?
> Is it "security" to do this?

not sure what exactly you want.  You could just use cookies, dont
allow it to be in form fields or query strings.

you could use ssl.

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-DB] Making php to make xml file with mysql query results.

[Juan Stiller]

Ok guys, after reading some tutorials, and seraching
flash mailing lists, i don´t remember if someone here
recommend me it too, i need to make php to insert a
mysql query results on an xml file. I don´t have a
clue how to do that, can anyone help me with this?

This is the php content that sends mysql query and get
the result.

No se pudo conectar " .
"al servidor MySQL." );
exit();
}

if (! @mysql_select_db("clientes") ) {
echo( "No se puede encontrar " .
"la base de datos clientes!" );
exit();
}

// Request all data
$result1 = mysql_query("select * from
clientesnuevos");

print "Results=";
echo "Clientes agregados:";

while($row=mysql_fetch_array($result1, MYSQL_ASSOC))
{
echo "&Id={$row['id']}";
echo "&Apellido={$row['apellidoclientesnuevos']}";
echo "&Nombre={$row['nombreclientesnuevos']}";
echo "&Dni={$row['dniclientesnuevos']}";
echo "&Telefono={$row['telefonoclientesnuevos']}";
echo "&Dia={$row['diacitaclientesnuevos']}";
echo "&Mes={$row['mescitaclientesnuevos']}";
echo "&Ano={$row['anocitaclientesnuevos']}";
echo "&Hora={$row['horacitaclientesnuevos']}";
echo "&Minutos={$row['minutoscitaclientesnuevos']}";
echo "&Abogado={$row['abogadoclientesnuevos']}";
echo "&Nombre={$row['nombreclientesnuevos']}";
echo "&Asunto={$row['asuntoclientesnuevos']}";
echo "&Donde={$row['dondeclientesnuevos']}";
}
mysql_free_result($result1);
?>

So what do i have to change to insert this results on
an xml file.

Correo Yahoo! - 6 MB, tecnología antispam ¡gratis! 
 Suscribite ya http://correo.yahoo.com.ar/

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP-DB] Two session for the same user, possible?

[Chris Gregors]

The session information is bound to the users computer and the browser
they use.

option 1: user logs into app using a different computer (2 laptops)
option 2: user logs into app using a different browser (ie and firefox)
option 3: sessions have a lifetime of one screen (aka no session
persistance).

I use option 1,2 all the time. One session is "godly" and the second
session is a "luser" session.

 

-Original Message-
From: Micah Stevens [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 21, 2004 5:54 PM
To: [EMAIL PROTECTED]
Subject: Re: [PHP-DB] Two session for the same user, possible?



p.s. you can also designate a session ID. If you do this you may be able
to 
have two sessions running concurrently. Never tried it myself, but it
should 
work.

-Micah 

On Thursday 21 October 2004 02:03 pm, Micah Stevens wrote:
> The Session ID is the same, so it will access the same variables. If
you
> want to force a new session in the new script, do this:
>
> http://us2.php.net/manual/en/function.session-regenerate-id.php
>
> But this will in effect log the user out of the first session as well.
If
> you want to be able to do both, I suggest you use different names for
your
> session vars.
>
> -Micah
>
> On Thursday 21 October 2004 12:39 pm, Andre Matos wrote:
> > Hi Matt,
> >
> > I have developed two different web systems that use php sessions.
When I
> > a user log into one system, the system creates a session and storage
on
> > it one object called UserSession with some information that I need
while
> > the user works with the system.
> >
> > My problem is when the user decides to open the second system
without log
> > out from the first one that he logged, using a new window (crtl+N)
from
> > the same browser. This second system creates also an object called
> > UserSession, but with different properties and this new object from
the
> > second system overwrites the object from the first system. This is
my
> > problem. Can I make PHP understand that this is a complete different
> > session?
> >
> > Thanks.
> >
> > Andre
> >
> > --
> > Andre Matos
> > [EMAIL PROTECTED]
> >
> > -Original Message-
> > From: Matt M. [mailto:[EMAIL PROTECTED]
> > Sent: Thursday, October 21, 2004 3:23 PM
> > To: Andre Matos
> > Cc: [EMAIL PROTECTED]
> > Subject: Re: [PHP-DB] Two session for the same user, possible?
> >
> > > Is it possible to have two sessions for the same user in php? If
yes,
> > > how can I implement this?
> > >
> > > I am currently using one without problem. However, when I try to
create
> > > a second session, the first one is lost.
> >
> > could you post some code.  I am not sure I follow what you are
doing.

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php





smime.p7s
Description: S/MIME cryptographic signature

RE: [PHP-DB] COPY with PostgreSQL

[Norland, Martin]

What are the line endings of the file?  Maybe php is getting confused.
How many KB is the file on disk when it's the ~1500 line version?
There's length of each line (which you want under 1KB, probably not a
problem unless you have BLOBS or equivalent) - and then there's how PHP
determines what a line actually is.

Both of these could be causing a syntax error if PHP isn't reading the
entire chunk in and feeding it whole to postgresql.

... this may be helpful - from description of fgets()
If you are having problems with PHP not recognizing the line endings
when reading files either on or created by a Macintosh computer, you
might want to enable the auto_detect_line_endings run-time configuration
option.

- Martin Norland, Database / Web Developer, International Outreach x3257
The opinion(s) contained within this email do not necessarily represent
those of St. Jude Children's Research Hospital.


-Original Message-
From: Robert Fitzpatrick [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 22, 2004 1:18 AM
To: PHP Databases
Subject: [PHP-DB] COPY with PostgreSQL


I am using COPY for PostgreSQL and having problems now that the incoming
file contains more than approx 1500 lines. Is this an issue anyone is
aware of? Lot's of files over 1000 lines have worked fine, but after
getting a file over 1800 I began having problems. I have broke the file
down to a approx. 1500 line that works sometimes and not others. Here is
a snippet of what I'm trying to do:

  $result = pg_exec($dbh, "COPY tblxrf FROM stdin USING DELIMITERS
','");
  fseek($temp_fh,0); // go to beginning of temp file
  while (($csv_line = fgets($temp_fh,1024))) {
   pg_put_line($dbh, $csv_line);
  }
  $stat = pg_put_line($dbh, "\\.\n"); // notify db finished or report
error
  if (!$stat) { echo "ERROR: An error has occurred while putting last
line of copy data\n"; exit; }
  $stat = pg_end_copy($dbh); // post (sync data) or report error

The process just hangs with the large number of lines, I have to kill
the COPY process for postgresql on the server before trying again.

--
Robert

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DB] COPY with PostgreSQL

[Martín Marqués]

El Vie 22 Oct 2004 03:18, Robert Fitzpatrick escribió:
> I am using COPY for PostgreSQL and having problems now that the incoming
> file contains more than approx 1500 lines. Is this an issue anyone is aware
> of? Lot's of files over 1000 lines have worked fine, but after getting a
> file over 1800 I began having problems. I have broke the file down to a
> approx. 1500 line that works sometimes and not others. Here is a snippet of
> what I'm trying to do:
>
>   $result = pg_exec($dbh, "COPY tblxrf FROM stdin USING DELIMITERS ','");
>   fseek($temp_fh,0); // go to beginning of temp file
>   while (($csv_line = fgets($temp_fh,1024))) {
>pg_put_line($dbh, $csv_line);
>   }
>   $stat = pg_put_line($dbh, "\\.\n"); // notify db finished or report error
>   if (!$stat) { echo "ERROR: An error has occurred while putting last line
> of copy data\n"; exit; } $stat = pg_end_copy($dbh); // post (sync data)
> or report error
>
> The process just hangs with the large number of lines, I have to kill the
> COPY process for postgresql on the server before trying again.

Logs, if any?

What does PostgreSQL say in the logs? Does PHP spit something in the logs?

-- 
 16:10:01 up 40 days,  6:28,  3 users,  load average: 1.01, 0.53, 0.53
-
Martín Marqués| select 'mmarques' || '@' || 'unl.edu.ar'
Centro de Telematica  |  DBA, Programador, Administrador
 Universidad Nacional
  del Litoral
-

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP-DB] How to send a SID in a security way

[Bastien Koert]

Write a function that gets called frequently (or with a cron job) to clean 
out session records every half an hour or so...

Each time a page loads with those session vars, update the timestamp in that 
record.

bastien

From: "Andre Matos" <[EMAIL PROTECTED]>
To: "'Bastien Koert'" <[EMAIL PROTECTED]>
CC: <[EMAIL PROTECTED]>
Subject: RE: [PHP-DB] How to send a SID in a security way
Date: Fri, 22 Oct 2004 14:19:05 -0400
I had thought about this idea to storage the session information in a
database. However, what's happening if a user just closes the browser
without logout from the application or if the browser crashes. The session
will be in the database and the user is gone. How to track this?
Thanks.
Andre
--
Andre Matos
[EMAIL PROTECTED]
-Original Message-
From: Bastien Koert [mailto:[EMAIL PROTECTED]
Sent: Friday, October 22, 2004 1:22 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: [PHP-DB] How to send a SID in a security way
What about writing a function that will store some of those required
variables into a db. Then on the second site, open a link to the first db
and query for those values that you need?
bastien
>From: "Andre Matos" <[EMAIL PROTECTED]>
>To: "'Matt M.'" <[EMAIL PROTECTED]>
>CC: <[EMAIL PROTECTED]>
>Subject: RE: [PHP-DB] How to send a SID in a security way
>Date: Fri, 22 Oct 2004 12:59:00 -0400
>
>Hi Matt,
>
>I am trying to solve my problem to have one browser accessing two 
different
>applications (each one in a different window) where each application has
>its
>own and unique sessionID. I really don't want to use cookie because I 
will
>need that the user enable the option "accept cookies" in the browser.
>
>However, I am afraid to pass the sessionID on the URL because someone can
>cat it.
>
>I am using currently using SSL.
>
>Can you see any solution for my problem?
>
>Thanks.
>
>--
>Andre Matos
>[EMAIL PROTECTED]
>
>-Original Message-
>From: Matt M. [mailto:[EMAIL PROTECTED]
>Sent: Friday, October 22, 2004 12:35 PM
>To: Andre Matos
>Cc: [EMAIL PROTECTED]
>Subject: Re: [PHP-DB] How to send a SID in a security way
>
> > How can I send a SID (SessionID) in a security way from one page to
>another?
> > Is it "security" to do this?
>
>not sure what exactly you want.  You could just use cookies, dont
>allow it to be in form fields or query strings.
>
>you could use ssl.
>
>--
>PHP Database Mailing List (http://www.php.net/)
>To unsubscribe, visit: http://www.php.net/unsub.php
>
>--
>PHP Database Mailing List (http://www.php.net/)
>To unsubscribe, visit: http://www.php.net/unsub.php
>

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP-DB] imagecreatefromjpeg()

[Norland, Martin]

Check phpinfo() and see what options it was compiled with - at the very
least you need gd support (--with-gd) and probably need to specify
(--with-jpeg-dir) to point to jpeg libs.  Aside from your configure
line, you should be able to see from perusing whether the image
functions are supported.  If you're using a packaged php, I would assume
these to already be enabled - strange.

The last comment on http://us2.php.net/function.imagecreatefromjpeg
suggests as much.

- Martin Norland, Database / Web Developer, International Outreach x3257
The opinion(s) contained within this email do not necessarily represent
those of St. Jude Children's Research Hospital.


-Original Message-
From: Perry, Matthew (Fire Marshal's Office)
[mailto:[EMAIL PROTECTED] 
Sent: Friday, October 22, 2004 1:45 PM
To: [EMAIL PROTECTED]
Subject: [PHP-DB] imagecreatefromjpeg()


I am using PHP 4.1

 

Why would the php function imagecreatefromjpeg() not be recognized?

 

Fatal error: Call to undefined function: imagecreatefromjpeg() in
C:\Program Files\Apache Group\Apache2\htdocs\Inventory\updateitem.php on
line 77

 

-Matthew Perry

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP-DB] imagecreatefromjpeg()

[Bastien Koert]

Have you enabled the gd library? If windows, have you copied the php_gd2.dll 
to the c:/windows/ folder?

bastien
From: "Perry, Matthew (Fire Marshal's Office)" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: [PHP-DB] imagecreatefromjpeg()
Date: Fri, 22 Oct 2004 13:45:02 -0500
I am using PHP 4.1

Why would the php function imagecreatefromjpeg() not be recognized?

Fatal error: Call to undefined function: imagecreatefromjpeg() in 
C:\Program
Files\Apache Group\Apache2\htdocs\Inventory\updateitem.php on line 77


-Matthew Perry
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-DB] imagecreatefromjpeg()

[Perry, Matthew (Fire Marshal's Office)]

I am using PHP 4.1

 

Why would the php function imagecreatefromjpeg() not be recognized?

 

Fatal error: Call to undefined function: imagecreatefromjpeg() in C:\Program
Files\Apache Group\Apache2\htdocs\Inventory\updateitem.php on line 77

 

-Matthew Perry

RE: [PHP-DB] How to send a SID in a security way

[Andre Matos]

I had thought about this idea to storage the session information in a
database. However, what's happening if a user just closes the browser
without logout from the application or if the browser crashes. The session
will be in the database and the user is gone. How to track this?

Thanks.

Andre

--
Andre Matos
[EMAIL PROTECTED] 
-Original Message-
From: Bastien Koert [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 22, 2004 1:22 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: [PHP-DB] How to send a SID in a security way

What about writing a function that will store some of those required 
variables into a db. Then on the second site, open a link to the first db 
and query for those values that you need?

bastien


>From: "Andre Matos" <[EMAIL PROTECTED]>
>To: "'Matt M.'" <[EMAIL PROTECTED]>
>CC: <[EMAIL PROTECTED]>
>Subject: RE: [PHP-DB] How to send a SID in a security way
>Date: Fri, 22 Oct 2004 12:59:00 -0400
>
>Hi Matt,
>
>I am trying to solve my problem to have one browser accessing two different
>applications (each one in a different window) where each application has 
>its
>own and unique sessionID. I really don't want to use cookie because I will
>need that the user enable the option "accept cookies" in the browser.
>
>However, I am afraid to pass the sessionID on the URL because someone can
>cat it.
>
>I am using currently using SSL.
>
>Can you see any solution for my problem?
>
>Thanks.
>
>--
>Andre Matos
>[EMAIL PROTECTED]
>
>-Original Message-
>From: Matt M. [mailto:[EMAIL PROTECTED]
>Sent: Friday, October 22, 2004 12:35 PM
>To: Andre Matos
>Cc: [EMAIL PROTECTED]
>Subject: Re: [PHP-DB] How to send a SID in a security way
>
> > How can I send a SID (SessionID) in a security way from one page to
>another?
> > Is it "security" to do this?
>
>not sure what exactly you want.  You could just use cookies, dont
>allow it to be in form fields or query strings.
>
>you could use ssl.
>
>--
>PHP Database Mailing List (http://www.php.net/)
>To unsubscribe, visit: http://www.php.net/unsub.php
>
>--
>PHP Database Mailing List (http://www.php.net/)
>To unsubscribe, visit: http://www.php.net/unsub.php
>

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP-DB] How to send a SID in a security way

[Norland, Martin]

I'm sorry - but performing a slight bastardization of Achems Razor is
the best way to solve this dilemma.

You have two web-based php applications that you have written yourself,
and you have a single user (and browser) who wants to access those
applications.  The applications reside on the same web server, and as
far as I have gathered - there is no intention to change that.

The solution is simple - or at least straightforward - at the top of
your scripts, pull in your 'local session' from the $_SESSION variable -
and make sure all writes go back out to the same location.  You still
only have one session, but you have two (or more) distinct namespaces
within that session, one for each application, which you use to refer to
that applications variables.

It will mean rewriting anywhere you're referencing these variables - but
your only other real alternative is to serve each application up from a
different webhost.  You'd do best to write your applications to be
'cautious' with $_SESSION anyways, and only pollute discrete parts of
it, because that way you can easily use other peoples code that works
similarly.

(e.g. if I write my application and name it "cool_stuff" and only write
to $_SESSION['cool_stuff'] - then we don't have to worry about
overwriting one anothers $_SESSION['username'])

$app_name = "cool_stuff";
$username = $_SESSION[$app_name]['username'];

  Any solution you come up with today should definitely scale to 3 or
more applications, otherwise you'll just have to rewrite 2 (or more!)
solutions later on down the line.

- Martin Norland, Database / Web Developer, International Outreach x3257
The opinion(s) contained within this email do not necessarily represent
those of St. Jude Children's Research Hospital.


-Original Message-
From: Bastien Koert [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 22, 2004 12:22 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: [PHP-DB] How to send a SID in a security way


What about writing a function that will store some of those required 
variables into a db. Then on the second site, open a link to the first
db 
and query for those values that you need?

bastien


>From: "Andre Matos" <[EMAIL PROTECTED]>
>To: "'Matt M.'" <[EMAIL PROTECTED]>
>CC: <[EMAIL PROTECTED]>
>Subject: RE: [PHP-DB] How to send a SID in a security way
>Date: Fri, 22 Oct 2004 12:59:00 -0400
>
>Hi Matt,
>
>I am trying to solve my problem to have one browser accessing two 
>different applications (each one in a different window) where each 
>application has its own and unique sessionID. I really don't want to 
>use cookie because I will need that the user enable the option "accept 
>cookies" in the browser.
>
>However, I am afraid to pass the sessionID on the URL because someone 
>can cat it.
>
>I am using currently using SSL.
>
>Can you see any solution for my problem?
>
>Thanks.
>
>--
>Andre Matos
>[EMAIL PROTECTED]
>
>-Original Message-
>From: Matt M. [mailto:[EMAIL PROTECTED]
>Sent: Friday, October 22, 2004 12:35 PM
>To: Andre Matos
>Cc: [EMAIL PROTECTED]
>Subject: Re: [PHP-DB] How to send a SID in a security way
>
> > How can I send a SID (SessionID) in a security way from one page to
>another?
> > Is it "security" to do this?
>
>not sure what exactly you want.  You could just use cookies, dont allow

>it to be in form fields or query strings.
>
>you could use ssl.
>
>--
>PHP Database Mailing List (http://www.php.net/)
>To unsubscribe, visit: http://www.php.net/unsub.php
>
>--
>PHP Database Mailing List (http://www.php.net/)
>To unsubscribe, visit: http://www.php.net/unsub.php
>

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP-DB] How to send a SID in a security way

[Bastien Koert]

What about writing a function that will store some of those required 
variables into a db. Then on the second site, open a link to the first db 
and query for those values that you need?

bastien

From: "Andre Matos" <[EMAIL PROTECTED]>
To: "'Matt M.'" <[EMAIL PROTECTED]>
CC: <[EMAIL PROTECTED]>
Subject: RE: [PHP-DB] How to send a SID in a security way
Date: Fri, 22 Oct 2004 12:59:00 -0400
Hi Matt,
I am trying to solve my problem to have one browser accessing two different
applications (each one in a different window) where each application has 
its
own and unique sessionID. I really don't want to use cookie because I will
need that the user enable the option "accept cookies" in the browser.

However, I am afraid to pass the sessionID on the URL because someone can
cat it.
I am using currently using SSL.
Can you see any solution for my problem?
Thanks.
--
Andre Matos
[EMAIL PROTECTED]
-Original Message-
From: Matt M. [mailto:[EMAIL PROTECTED]
Sent: Friday, October 22, 2004 12:35 PM
To: Andre Matos
Cc: [EMAIL PROTECTED]
Subject: Re: [PHP-DB] How to send a SID in a security way
> How can I send a SID (SessionID) in a security way from one page to
another?
> Is it "security" to do this?
not sure what exactly you want.  You could just use cookies, dont
allow it to be in form fields or query strings.
you could use ssl.
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DB] How to send a SID in a security way

[Jason Wong]

On Saturday 23 October 2004 01:00, Bart Baaten wrote:

> The session ID will always remain inside the session as long as you're in
> the session. http://www.php.net/manual/en/function.session-id.php
> You don't have to 'send' it, it's already there.

And to 'stay in the session', the session id has to be propagated from page to 
page whether by cookies, URL or form. In other words you *have* to send it 
one way or another.

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
--
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-db
--
/*
Eating chocolate is like being in love without the aggravation.
*/

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP-DB] How to send a SID in a security way

[Bart Baaten]

The session ID will always remain inside the session as long as you're in
the session. http://www.php.net/manual/en/function.session-id.php
You don't have to 'send' it, it's already there.
Hope this helps...

-Original Message-
From: Matt M. [mailto:[EMAIL PROTECTED] 
Sent: vrijdag 22 oktober 2004 18:35
To: Andre Matos
Cc: [EMAIL PROTECTED]
Subject: Re: [PHP-DB] How to send a SID in a security way

> How can I send a SID (SessionID) in a security way from one page to
another?
> Is it "security" to do this?

not sure what exactly you want.  You could just use cookies, dont
allow it to be in form fields or query strings.

you could use ssl.

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-DB] Re: sending e-mails

[pete M]

phpmailer.sourceforge.net
Miguel Guirao wrote:
Hi!!
 
I have a script in PHP that should send an e-mail from a specific e-mail
account, let's say   [EMAIL PROTECTED]
to a customer's e-mail account, using the smtp_mail.inc class of PHP.
But, Do I need to authenticate first in order to send the e-mail? If so,
how?
 
Best Regards,
 
Miguel Guirao
Servicios Datacard
www.SIASA.com.mx
 

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP-DB] How to send a SID in a security way

[Andre Matos]

Hi Matt,

I am trying to solve my problem to have one browser accessing two different
applications (each one in a different window) where each application has its
own and unique sessionID. I really don't want to use cookie because I will
need that the user enable the option "accept cookies" in the browser.

However, I am afraid to pass the sessionID on the URL because someone can
cat it.

I am using currently using SSL.

Can you see any solution for my problem?

Thanks.

--
Andre Matos
[EMAIL PROTECTED] 

-Original Message-
From: Matt M. [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 22, 2004 12:35 PM
To: Andre Matos
Cc: [EMAIL PROTECTED]
Subject: Re: [PHP-DB] How to send a SID in a security way

> How can I send a SID (SessionID) in a security way from one page to
another?
> Is it "security" to do this?

not sure what exactly you want.  You could just use cookies, dont
allow it to be in form fields or query strings.

you could use ssl.

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DB] How to send a SID in a security way

[Matt M.]

> How can I send a SID (SessionID) in a security way from one page to another?
> Is it "security" to do this?

not sure what exactly you want.  You could just use cookies, dont
allow it to be in form fields or query strings.

you could use ssl.

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-DB] How to send a SID in a security way

[Andre Matos]

Hi List,

How can I send a SID (SessionID) in a security way from one page to another?
Is it "security" to do this?

Thanks for any help in advance.

Andre

--
Andre Matos
[EMAIL PROTECTED] 

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DB] Cookies with databases

[Bastien Koert]

Run the setcookie code, and open the folder where your browser stores its 
cookies. Look for your cookie and see it whats in it is what you expect. 
Another suggestions is to echo out the code before you execute it to see if 
the values you expected are there

echo "setcookie ('USERcookie', "$user");";
Bastien

From: "Jason T. Davidson" <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: [PHP-DB] Cookies with databases
Date: Thu, 21 Oct 2004 22:38:02 -0500
Bastien-
I took out the quotes (as I noticed after the fact that I didn't need them) 
however this did not help.

"is the user cookie set"  This I do not know as I am trying to test this on 
that second page.  I get nothing, so I am assuming that it isn't set, 
however the first one $cid is working just fine, but it's variable doesn't 
come from a database.

--
Jason Davidson
Bastien Koert wrote:
Hi Jason,
1. I don't think you need the quotes around the values.
2. is the user cookie set?
bastien

From: "Jason T. Davidson" <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: [PHP-DB] Cookies with databases
Date: Wed, 20 Oct 2004 19:54:54 -0500
I am trying to set a cookie with a value from a database.  Here is my 
script:



//Table Name
$main_tbl = "MAIN"
?>

if($Message == "NoAccess"){
echo("You do not have access to that 
page!\n");
include ("staff_code/admin_links.php");
}
if($check[PASSWORD] != $_REQUEST[password]){
header("Location:staff_login.php?Message=Invalid");
}
if(($check[PASSWORD] == $_REQUEST[password]) AND ($check[USER] == 
"A")) {
include ("staff_code/admin_links.php");
$user = $check[USER];
}
else{
include ("staff_code/controller_links.php");
}
?>

Then on the second page it is reading the cookies, but it will display 
the CIDcookie, but not the USERcookie.  Here is the script on the second 
page:




ZMP ARTCC:  Staff To Do List






ZMPs Staff TO Do 
List






Completed 
Tasks


Date Finished
Task
Status


  10-13-04
  DLH SOP (new)
  Awaiting finish of other 
projects
  

  10-18-04
  ZMP Policies
  "
  






Tasks Awaiting VATUSA 
Approval


  Date Sent
  Task
  Status


  10-09-04
  LNK SOP (new)
  Awaiting approval
  

  10-19-04
  M98 SOP
  Awaiting Approval
  

  10-19-04
  General SOP
  Awaiting Approval
  




So I am assuming that somewhere in my first page that my cookie isn't 
actually gettting set properly.  I have tried many varitites and can't 
find any help sections on cookies from a database.  Any help would be 
appreciated!

--
Jason Davidson
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP-DB] Logging Into A MySQL (Web) Database

[Alex Egberink]

Hi,
I don't post much, because not  very busy with php, but did send it with a 
reply to all. Only my mail was not accepted ( html format :P )

>> return mail :
Hi. This is the qmail-send program at pb1.pair.com.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<[EMAIL PROTECTED]>:
ezmlm-reject: fatal: Sorry, I don't accept messages of MIME Content-Type 
'text/html' (#5.2.3)

--- Below this line is a copy of the message.
>> This was my answer:
start at http://www.lug.udel.edu/articles/php_mysql/sessions.php
regards,
alex
At 11:55 22-10-2004, Graham Cossey wrote:
Probably an off-list posting.
That's the problem of just using 'Reply' instead of 'Reply to All' on this
list. Other lists I subscribe to always only ever have the list email
address when replying, which in my opinion is a better way of doing things.
[snip]
>
> Ok, who is Alex?
>
> If you are following to a thread, you should stay in it. You started a
> new thread and can't assume that we know where your train of thought is
> coming from.
>
> -Robby
>
[snip]
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP-DB] Logging Into A MySQL (Web) Database

[Graham Cossey]

Probably an off-list posting.

That's the problem of just using 'Reply' instead of 'Reply to All' on this
list. Other lists I subscribe to always only ever have the list email
address when replying, which in my opinion is a better way of doing things.

[snip]
>
> Ok, who is Alex?
>
> If you are following to a thread, you should stay in it. You started a
> new thread and can't assume that we know where your train of thought is
> coming from.
>
> -Robby
>
[snip]


-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php