Re: [PHP-DEV] Safe Mode Off

2002-12-21 Thread Mike Hall 
You don't... for that would be a profoundly stupid feature, defeating
the point of safe mode.

And I suspect [EMAIL PROTECTED] would be a better place for this
question

--- Original Message ---
From:"Shashwat Nagpal" <[EMAIL PROTECTED]>
To:  [EMAIL PROTECTED]
Date:Sat, 21 Dec 2002 14:37:58 +0530
Subject: [PHP-DEV] Safe Mode Off

how can i turn safe_mode on or off  from within the script...



-- 
PHP Development Mailing List 
To unsubscribe, visit: http://www.php.net/unsub.php




-- 
PHP Development Mailing List 
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-DEV] Mailparse extension

2002-11-19 Thread Mike Hall 
Is this going to be production stable in 4.3.0?

Cheers,

Mike

-- 
PHP Development Mailing List 
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DEV] strpos() suggestion

2002-11-13 Thread Mike Hall 
Why couldn't you just strrev() the string and then strpos() for it?

Mike

--- Original Message ---
From:Monte Ohrt <[EMAIL PROTECTED]>
To:  [EMAIL PROTECTED]
Date:13 Nov 2002 16:02:54 -0600
Subject: [PHP-DEV] strpos() suggestion

Hi,

I had a little problem to solve today, and couldn't find any easy way to
do it without some extra steps slicing things up.

What I wanted to do is take an arbitrary point in a string, and find the
position of the first '[' on the left of it, and the first ']' on the
right of it.

Finding the ']' was easy, I use strpos() to find the first occurance of
']' after my given point.

Finding '[' however is not so easy. strrpos() was my first guess, but it
does not work like strpos() at all. There is no optional third
parameter, and on an unrelated note it only works with a single
character, not a string. inconsistant ;-) My best solution was to slice
the string at my point, then get the position of '[' with strrpos().

I'm not sure of the most intuitive way to solve this. One way would be
to add a feature to strpos(); if you supply a negative third parameter,
it gives you the position of the first occurance to the _left_ of that
point. I'm not sure if the number should represent the position from the
end or beginning of the string. Another way, add a third parameter to
strrpos() to start at a given point from the end of the string.

I'd try submitting a patch, but I'm not sure of which way would be best,
and my C is a bit rusty, I'd probably do more damage than help ;-)

Thoughts?
Monte


-- 
PHP Development Mailing List 
To unsubscribe, visit: http://www.php.net/unsub.php




-- 
PHP Development Mailing List 
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DEV] hebrew patch for jewish calendar

2002-10-28 Thread Mike Hall 
I received the attachment... you sure it's his mailer playing up? ;-)

Mike

--- Original Message ---
From:Derick Rethans <[EMAIL PROTECTED]>
To:  moshe doron <[EMAIL PROTECTED]>
Date:Mon, 28 Oct 2002 14:37:05 +0100 (CET)
Subject: Re: [PHP-DEV] hebrew patch for jewish calendar

> On Mon, 28 Oct 2002, moshe doron wrote:
> 
> > i did it  (1.txt)
> 
> Still no attachment but everything inline. 
> Your mailer is apparently so braindead to include it inline. I want to 
> bet it's Outlook...
> 
> Derick

-- 
PHP Development Mailing List 
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DEV] short_open_tag

2002-10-17 Thread Mike Hall 

I would have no problem - as a user - with the removal of short_tags IF
 was allowed!! Because the http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-DEV] Re: session_register warnings

2002-10-11 Thread Mike Hall 

Now I'm not really anyone special - just another user, as it were, but I do
use the session module on a daily basis as part of my job. FWIW, I agree
with Sascha on this one. A user should be able to work with a session
variable in global scope all the time, or not at all. Not some mish-mash of
both.

As it stands at the moment (with register_globals off), variables can be
pulled into a session from global scope, but they cannot be pulled out again
from global scope - you have to use the $_SESSION array. I find this counter
intuative... if I can put them into a session that way, why can't I pull
them out again that way?

Mike


-- 
PHP Development Mailing List 
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DEV] PHP 4.2.3 release.

2002-09-04 Thread Mike Hall 

Beat me to it! :-)

- Original Message - 
From: "Rasmus Lerdorf" <[EMAIL PROTECTED]>
To: "Xavier Spriet" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, September 04, 2002 6:50 PM
Subject: Re: [PHP-DEV] PHP 4.2.3 release.


> This is not a bug.  Your syntax is wrong.  It should be:
> 
> fields[tech_id][]
> 
> -Rasmus




-- 
PHP Development Mailing List 
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DEV] PHP 4.2.3 release.

2002-09-04 Thread Mike Hall 

Would the  syntax work? That should give
an identical array, if I'm seeing what you're doing right.

Mike

- Original Message -
From: <[EMAIL PROTECTED]>
To: "Xavier Spriet" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, September 04, 2002 6:47 PM
Subject: Re: [PHP-DEV] PHP 4.2.3 release.


> Hey,
>
> did this ever work at all?
> AFAIK you can only use [] _once_ to denote it's an array.
>
> Derick
>
>





-- 
PHP Development Mailing List 
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DEV] Re: cgi and mod_php

2002-08-28 Thread Mike Hall 

I'm sure PHP 4.3.0 builds the CLI as well as any other SAPI you specify,
doesn't it?

- Original Message -
From: "George Schlossnagle" <[EMAIL PROTECTED]>
To: "Daniel Lorch" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
Sent: Wednesday, August 28, 2002 9:54 PM
Subject: Re: [PHP-DEV] Re: cgi and mod_php


> I think the point isn't that it's not scriptable, but that it would be
> nice if there was a 'canned' way of doing it.  I use the apache sapi and
> the cli, and it would be nice to be able to build them with a single
> make.  Clearly there are ways to build them both (easily), but it should
> be easy for a basic user to have it build multiple targets.  This is
> especially true with the cli, as there are abundant reasons to have it
> and one of the web-centric sapi's cohabitating on a system.



-- 
PHP Development Mailing List 
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DEV] serial port communication

2002-07-02 Thread Mike Hall 

As far as I know, nobody has looked at this before. So you'd be starting
from scratch.

- Original Message -
From: "Zac Hillier" <[EMAIL PROTECTED]>
To: "Mike Hall" <[EMAIL PROTECTED]>
Sent: Tuesday, July 02, 2002 9:40 AM
Subject: Re: [PHP-DEV] serial port communication


> Thanks for the reply, any idea where I could find more information?
>
> Zac
>
> - Original Message -
> From: "Mike Hall" <[EMAIL PROTECTED]>
> To: "Zac Hillier" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
> Sent: Tuesday, July 02, 2002 9:42 AM
> Subject: Re: [PHP-DEV] serial port communication
>
>
> > It's something I need to look into for a project I'm putting together at
> > work. I just haven't got the time at the moment to do it, sadly
> >



-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DEV] serial port communication

2002-07-02 Thread Mike Hall 

It's something I need to look into for a project I'm putting together at
work. I just haven't got the time at the moment to do it, sadly

-- Mike

--
"Zac Hillier" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> On the 20th May Mike Hall posted a message about communication with serial
> ports.
>
> I'm trying to research using php with a multi port serial card, can anyone
> tell me if this progressed, else is there anywhere I can look for further
> information?



-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DEV] Switching zlib.output_compression, bug #16109

2002-06-24 Thread Mike Hall 

Well write your own callback function for ob_start then! ;-)

> Perhaps. :)  But it seems you're missing the point.  Read here:
> 
> http://www.php.net/manual/en/function.session-start.php
> 
> Specifically, the second note:
> 
> Note: Use of zlib.output_compression is recommended rather than
> ob_gzhandler
> 
> zlib.output_compression != ob_start('ob_gzhandler')
> 
> 
> Which brings us back to the original point.  How does one go about
> enabling/disabling zlib.output_compression from within a script?
> ini_set('zlib...', 'On|Off') does not work.
> 





-- 
PHP Development Mailing List 
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-DEV] Switching zlib.output_compression, bug #16109

2002-06-24 Thread Mike Hall 

ob_start('ob_gzhandler');

Shouldn't this be on php-general by now? ;-)

> let me get this straight.. you can turn off output_buffering = on inside
> php?
>
> then whats the problem with zlib, just make it output_buffer, and AFTER
that
> check the ini value, weather to compress that data or not.. so it could be
> turned off runtime, or am i wrong?



-- 
PHP Development Mailing List 
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DEV] Switching zlib.output_compression, bug #16109

2002-06-24 Thread Mike Hall 

I never set it in the ini, only set it at runtime.

- Original Message - 
From: "Jaime Bozza" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: "'Mike Hall'" <[EMAIL PROTECTED]>
Sent: Monday, June 24, 2002 4:31 PM
Subject: RE: [PHP-DEV] Switching zlib.output_compression, bug #16109


> Ok, so...  Say you have php.ini that defaults zlib.output_compression to
> On?  How would you go about setting it to off inside the script that
> sends out an image?
> 
> Jaime Bozza




-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DEV] Switching zlib.output_compression, bug #16109

2002-06-24 Thread Mike Hall 

I simply don't use output compression for images

- Original Message -
From: "Jaime Bozza" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: "'Stefan Roehrich'" <[EMAIL PROTECTED]>; "'Mike Hall'"
<[EMAIL PROTECTED]>
Sent: Monday, June 24, 2002 4:11 PM
Subject: RE: [PHP-DEV] Switching zlib.output_compression, bug #16109


While this is, in fact, a Netscape-specific bug, it's a pain in that
there is no current easy workaround to disable zlib.output_compression
from the script.  Right now (tested with 4.1.2, so I can't say how it
works in 4.2.x or above) if I have:

ini_set('zlib.output_compression', 'Off');

in my script, it's ignored and still sends out the compressed data.  If
you don't like the browser detection on images, at least allow the
ability to be able to turn off zlib.output_compression from the script.


Jaime Bozza




-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DEV] Switching zlib.output_compression, bug #16109

2002-06-24 Thread Mike Hall 

I would venture that this is a bug in Netscape, not a bug in PHP and
therefore not PHP's responsibility to fix.
Netscape is reporting to PHP that it accepts zipped content, when it clearly
doesn't accept zipped images.

Mike

- Original Message -
From: "Stefan Roehrich" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, June 24, 2002 3:23 PM
Subject: [PHP-DEV] Switching zlib.output_compression, bug #16109


> Hello!
>
> There has been a bug report (#16109) about a bug in Netscape 4.79,
> which doesn't display images if Content-Encoding: gzip is used. After
> thinking about a browser detection config flag for zlib.output
> compression, at LinuxTag we discussed, that a more general solution
> would be better, that means switching off output compression for
> images and let it be possible to switch it off (or force it on) during
> script execution.
>
> So I implemented it this way:
>
> The headers for output compression are sent late, not in the zlib
> request init, but in the SAPI send_headers call, I think this is the
> latest possible time I can add it, so that it's possible to switch it
> off before that time. If you send a header("Content-Type: image/xxx")
> output compression is switched off, you can also switch it off via
> ini_set('zlib.output_compression', 'Off') (or force it on, if you use
> this call with 'On' after the image header was sent, but this only
> works, if it was globally enabled, you can't switch it on during
> script execution if the default says 'Off' (you need the output
> buffering, you also can't change the buffer size)).
>
> If output compression was disabled during the script, the compression
> handler simply does noething and no headers are added (so you can
> switch the setting only before the headers are sent).
>
> Because I'm no SAPI expert and I don't know, if there are some other
> effects, if I add the header in the send_headers call, I haven't
> commited it yet, see the attached patch. If nobody objects, I'll
> commit it in a few days.
>
>   Stefan
>
> --
> Stefan Röhrich   [EMAIL PROTECTED], [EMAIL PROTECTED]
>  http://www.roehri.ch/~sr/






> --
> PHP Development Mailing List 
> To unsubscribe, visit: http://www.php.net/unsub.php


-- 
PHP Development Mailing List 
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-DEV] Seeking Comments - Regarding header()

2002-06-24 Thread Mike Hall 

> Chris Shiflett wrote:
>
> > I have a few sites where I deliberately violate the HTTP spec in this
> > way to get around a bug in IE (I know, shame on me). I've been using
> > relative URLs in a "Location" header for years with no crashes that I
> > know of.
> >
> > There must be something unique in your configuration. Have you mentioned
> > this to the Apache guys?
> >
>
> I've seen this before too, but only on Windows.  I've never noticed the
> problem on Linux, Solaris, or BSD.

I had it on FreeBSD. It was particularly bad under SSL, but happened without
too.



-- 
PHP Development Mailing List 
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DEV] Seeking Comments - Regarding header()

2002-06-21 Thread Mike Hall 

> On Fri, Jun 21, 2002 at 10:48:33AM +0100, Mike Hall wrote :
> > You could hardly describe it as a bug if Apache crashes because you're
> > sending Headers that violate the spec, surely?
>
> Hmm  ... I'm not sure. I don't think apache should crash. but
> then how can you be sure it's apache who crashes and not php?
> If it's an apache crash it maybe can be missused too (though
> not remotely).

Well, if you send relative URLs in a Location: header, it causes
intermittent sig11's in Apache. Don't know if that is mod_php causing them,
or apache. But it does happen. I had that problem on GG.COM .. took me weeks
to track it down to relative location headers.

--Mike



-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DEV] Seeking Comments - Regarding header()

2002-06-21 Thread Mike Hall 

> On Fri, Jun 21, 2002 at 09:50:01AM +0100, Mike Hall wrote :
> > The HTTP/1.1 spec says that anything sent as a location header must be
an
> > absolute URI. Apache will sometimes segfault if you don't.
>
> Eh ?! If it is really apache which crashes, the apache group
> would surely be interested to know about this, don't you
> think ?
>
> Do you have a sample which reproduces this crash?

You could hardly describe it as a bug if Apache crashes because you're
sending Headers that violate the spec, surely?


-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DEV] Seeking Comments - Regarding header()

2002-06-21 Thread Mike Hall 

The HTTP/1.1 spec says that anything sent as a location header must be an
absolute URI. Apache will sometimes segfault if you don't.

If a specific redirect() function were to be implemented, would it be worth
examining the URL passed into the function to see if it is absolute (e.g. if
it contains '://') and if it isn't, making it absolute by adding
$_SEVER['HTTP_HOST']?

--Mike

- Original Message -
From: "Marcus Börger" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: "Chris Shiflett" <[EMAIL PROTECTED]>; "rasmus Lerdorf" <[EMAIL PROTECTED]>
Sent: Friday, June 21, 2002 9:42 AM
Subject: Re: [PHP-DEV] Seeking Comments - Regarding header()


What about a new function say redirect(url, response)
that also handles sessions automatically (you have to add
the session id to the url to keep it when coolies are disabled
by user?





-- 
PHP Development Mailing List 
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-DEV] Serial Extensions

2002-05-20 Thread Mike Hall 

Is there a PHP extension for communicating with serial ports? If not, would
there be interest in one should I develop it?

--Mike


-- 
PHP Development Mailing List 
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-DEV] Bug #13261 Updated: Restricting file system access

2001-09-12 Thread mike . hall 

ID: 13261
User updated by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: Open
Bug Type: Feature/Change Request
Operating System: Any
PHP Version: 4.0.6
New Comment:

Just to clarify, a method of specifying open_basedir dynamically would be nice. Sorry 
I didn't make that clear first time.

Previous Comments:


[2001-09-12 05:21:11] [EMAIL PROTECTED]

echo `ls /home`;

In a virtual host situation, this is very dangerous. On my own host - as an experiment 
- I was able to bring back a directory listing of any other site on the same box. I 
then did an fread() on his database abstraction script and read the passwords for his 
database. Then I logged into his MySQL database and was free to mess with his site.

It would be EXTREMELY useful to be able to limit the scope of the filesystem functions 
so they can only read files inside $DOCUMENT_ROOT. Although that wouldn't stop me from 
typing `cat /home/user/www/database.php`; and getting the same data. This really needs 
addressing, guys!





Edit this bug report at http://bugs.php.net/?id=13261&edit=1


-- 
PHP Development Mailing List 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP-DEV] Bug #13261: Restricting file system access

2001-09-12 Thread mike . hall 

From: [EMAIL PROTECTED]
Operating system: Any
PHP version:  4.0.6
PHP Bug Type: Feature/Change Request
Bug description:  Restricting file system access

echo `ls /home`;

In a virtual host situation, this is very dangerous. On my own host - as an
experiment - I was able to bring back a directory listing of any other site
on the same box. I then did an fread() on his database abstraction script
and read the passwords for his database. Then I logged into his MySQL
database and was free to mess with his site.

It would be EXTREMELY useful to be able to limit the scope of the
filesystem functions so they can only read files inside $DOCUMENT_ROOT.
Although that wouldn't stop me from typing `cat
/home/user/www/database.php`; and getting the same data. This really needs
addressing, guys!
-- 
Edit bug report at: http://bugs.php.net/?id=13261&edit=1


-- 
PHP Development Mailing List 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]