Re: [PHP] Date Q
On Friday 10 May 2002 13:14, Jason Soza wrote: > Thanks for the code, but I already have: > $result = mysql_query("SELECT * FROM table"); select *, min(datefield) as mindate, max(datefield) as maxdate from table; Should work. > It's been my general understanding that querying twice in one script is > bad. How do I incorporate your code into my script w/o querying again? Nothing inherently bad about that. After all if you can't do it in one query, what's to stop you using two or more? -- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * /* Great American Axiom: Some is good, more is better, too much is just right. */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Web hoster solution?
Good day, A friend of mine has been asked to set up a simple website for a third party, which will be used by visitors to order products. She has been programming for a little while now, but, she doesn't have much experience with other web hosting companies (and neither do I, really). I know that some hosters provide "shopping cart" programs with their packages, which would probably make things much easier. She's also willing to try to install something PHP-ish (or even in ASP) if that's not an option. The site wouldn't have a lot of visitors- 1000 a month, tops, so there isn't much need for a lot of bandwidth. And, other than this purchasing interface, their needs are pretty basic, so a low cost is probably the most important thing. What would people here recommend? I know that this question has been asked before, but her needs are a little bit simpler than the average PHP'er on this list. =) Thanks, Darren Gamble Planner, Regional Services Shaw Cablesystems GP 630 - 3rd Avenue SW Calgary, Alberta, Canada T2P 4L4 (403) 781-4948 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Adding up values
On Friday 10 May 2002 14:27, Miguel Cruz wrote: > There's really not much to it. The intval of '-' is 0, so it doesn't cause > any problems. > > $numbers = file('path/logfile.txt'); > $total = 0; > foreach ($numbers as $num) $total += intval($num); Or use array_sum(): $numbers = file('path/logfile.txt'); $total = array_sum($numbers); -- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * /* "What if" is a trademark of Hewlett Packard, so stop using it in your sentences without permission, or risk being sued. */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Array usage affecting server
Hi. When a database query is done and the results are put into an array, what are the resources used? I name all arrays differently and was wondering how it would affect the performance of the server if many people connected with many arrays being full. I am assuming the array gets 'dropped' when you connect to another page but if I keep on the same page using PHP_SELF? Basically I am just trying to find out what is the best way of using arrays without using all the servers resources. Thanks Kevin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Getting the HTML Name Value in Forms(newbie)
ok, i have the following script HTML File --- Your name: You email: Product1 Product2 --- End HTML Form --- Ok, its just a simple purchase script for a free online game.. I know how to get the value of the thing via $Prod1 or $Prod2.. however this form is emailed, so how can i get it to list the product's Name (name="") field? I've looked around and can't work out how to do this. Theres 800 items at the moment and i don't want to have to type out all the names, just get the names on the ones selected.. Can someone help? Regards, Daniel Maddern -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP builds
Hi all, I need some opinions, what are some good modules to build into PHP? I'm starting a hosting service (properly) Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Adding up values
There's really not much to it. The intval of '-' is 0, so it doesn't cause any problems. $numbers = file('path/logfile.txt'); $total = 0; foreach ($numbers as $num) $total += intval($num); miguel On Fri, 10 May 2002, Liam MacKenzie wrote: > another real basic question, how would I add up all the numbers in a log > file in this format? > > Start log file > > > 6353 > 3309 > 294 > 762 > 6443 > 6353 > 3309 > - > - > - > - > - > - > 294 > 762 > 6353 > 6443 > 3309 > - > - > - > - > - > - > - > - > 294 > 867 > 859 > 7695 > 97 > 49 > - > - > - > - > > --- > end log file > > > how can I add all the numbers without having those dashes causing a problem? > > cheers, > Liam > > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] php_register_variable()
Hello! I need some help with subj function. I execute that function before php_execute_script() but variables seems to be not available within my script. How can I register variable from the C program (/sapi/cli) to see it available in the script ? -- Regards, Serguei I. Ivantsov
[PHP] Adding up values
Hey all, another real basic question, how would I add up all the numbers in a log file in this format? Start log file 6353 3309 294 762 6443 6353 3309 - - - - - - 294 762 6353 6443 3309 - - - - - - - - 294 867 859 7695 97 49 - - - - --- end log file how can I add all the numbers without having those dashes causing a problem? cheers, Liam -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Date Q
if you insist in using your existing loop, try this (in pseudo-code) min_date = some really large date (31-Dec-2100 maybe?) max_date = some really small date (01-Jan-1970 maybe?) while (row = fetch(result)) { if (curr_date > max_date) max_date = curr_date if (curr_date < min_date) min_date = curr_date ... // other code here } same logic can be used for numbers, strings, etc, etc. -Original Message- From: Miguel Cruz [mailto:[EMAIL PROTECTED]] Sent: Friday, May 10, 2002 3:13 PM To: Jason Soza Cc: [EMAIL PROTECTED] Subject: RE: [PHP] Date Q On Thu, 9 May 2002, Jason Soza wrote: > Thanks for the code, but I already have: > $result = mysql_query("SELECT * FROM table"); > > And I use while ($row = mysql_fetch_array($result)) along with extract($row) > to get my data. > > It's been my general understanding that querying twice in one script is bad. > How do I incorporate your code into my script w/o querying again? What's bad is using more database queries than you need. If you need to know two different things, query twice. miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: why doesn't $books[$val][display] show the value
On 9 May 2002 at 15:25, Philip Hallstrom wrote: > It has to do with precedence (I think). When inside a double quoted > string PHP evalutes "$books[$val]" *first* and doesn't catch that > there's more to it... > > You can do this: > > $html.= " Yaddda yadda " . $books[$val][display]; > > And I think this (or something close to it): > > $html.= " Yaddda yadda {$books[$val][display]}"; Yes, I remember someone writing about "how good" it was to do that: $html.= " Yaddda yadda " . $books[$val][display]; personally I hate it :) ... I use Template::Toolkit in Perl and I never muck about with html anything in my Perl. Someone once showed a template system in PHP but it required more than I was willing to try to do on my virtual server (had to install some Pear stuff on my local linux box and move it to my freebsd virtual server and hope :) Anyhow, thanks for the clues .. here is what I'm finding now: http://www.php.net/manual/fi/language.operators.string.php On the above page someone mentions what you do as well: > "your choice is {$array['user']['choice']}" odd thought that he single quoted the key names. I would have thought not since everything was in double quotes. Superflous? or necessary? Odd, imho. He also talks about better to single quote keys than double quote owing to bypassing the need to parse between the single quotes. He says: > Generally programmers are better to use ' when ' is applicable to > avoid parse overhead. For example, use $array['item'] rather than > $array["item"]. Your script will be executed a bit faster. I find leads here: http://www.php.net/manual/en/language.types.string.php#language.types. string.parsing Where I see this example (in complex syntax section): > // This is wrong for the same reason > // as $foo[bar] is wrong outside a string. > echo "This is wrong: {$arr[foo][3]}"; there is no wrong reason above that example. Note the single quote for the literal. I myself prefer{} and I'll single quote all literals contained therein. And then this is a nice page which kind of goes over the problem. I've got a dense head and don't fully understand it all. http://www.zend.com/zend/tut/using-strings.php Just following up with comments and links in case someone else gets bothered by this (got me for about 15 minutes before I just did what I did to get it to work) Peter -- http://www.readbrazil.com/ Answering Your Questions About Brazil -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Bandwidth monitoring {!?}
On Fri, 10 May 2002, Liam MacKenzie wrote: > I was wondering if anyone knows of a system that will keep track of the > amount of bandwidth a site has used. > For example, someone has webspace, but is limited to 1 gig of data transfer. > Someone downloads a 500M file off their site, so they've obviously got 500M > left. > > Is there a script that can monitor this? It should be recorded in the web server logs. miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Date Q
On Thu, 9 May 2002, Jason Soza wrote: > Thanks for the code, but I already have: > $result = mysql_query("SELECT * FROM table"); > > And I use while ($row = mysql_fetch_array($result)) along with extract($row) > to get my data. > > It's been my general understanding that querying twice in one script is bad. > How do I incorporate your code into my script w/o querying again? What's bad is using more database queries than you need. If you need to know two different things, query twice. miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Date Q
Thanks for the code, but I already have: $result = mysql_query("SELECT * FROM table"); And I use while ($row = mysql_fetch_array($result)) along with extract($row) to get my data. It's been my general understanding that querying twice in one script is bad. How do I incorporate your code into my script w/o querying again? -Original Message- From: Jason Wong [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 09, 2002 8:59 PM To: [EMAIL PROTECTED] Subject: Re: [PHP] Date Q On Friday 10 May 2002 13:02, Jason Soza wrote: > If I have a MySQL field full of dates and other info, and my PHP script > displays all this, how would I isolate the min and max in the date field? > Like I want to print something like: > > Information, from 01-03-2001 through 01-03-2002 > > If someone could give me an example or point me to the manual section that > describes this, that'd be great. Thanks! select min(datefield) as mindate, max(datefield) as maxdate from table; -- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * /* QOTD: The only easy way to tell a hamster from a gerbil is that the gerbil has more dark meat. */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Date Q
On Friday 10 May 2002 13:02, Jason Soza wrote: > If I have a MySQL field full of dates and other info, and my PHP script > displays all this, how would I isolate the min and max in the date field? > Like I want to print something like: > > Information, from 01-03-2001 through 01-03-2002 > > If someone could give me an example or point me to the manual section that > describes this, that'd be great. Thanks! select min(datefield) as mindate, max(datefield) as maxdate from table; -- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * /* QOTD: The only easy way to tell a hamster from a gerbil is that the gerbil has more dark meat. */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Bandwidth monitoring {!?}
Hi all, I was wondering if anyone knows of a system that will keep track of the amount of bandwidth a site has used. For example, someone has webspace, but is limited to 1 gig of data transfer. Someone downloads a 500M file off their site, so they've obviously got 500M left. Is there a script that can monitor this? Cheers, Liam -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Date Q
If I have a MySQL field full of dates and other info, and my PHP script displays all this, how would I isolate the min and max in the date field? Like I want to print something like: Information, from 01-03-2001 through 01-03-2002 If someone could give me an example or point me to the manual section that describes this, that'd be great. Thanks! Jason Soza -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Destroying Sessions
> if ($VerifyPasword[ContactID] = $_SESSION['ContactID']) > > This statement is /always/ true if $_SESSION['ContactID'] is non-zero, or > non-empty. > > If your code is copy-and-paste then the error is most likely because you used > a single 's' in $VerifyPasword[ContactID]. And also is better to single-quote > your array indices (see manual on arrays for reason): GOD SAVE THE QUEEEN!!! You're my hero!! Remind me to buy you a box of chocolates Yes, I haven't confirmed this, but the code is copy & paste, so you are right. It's a freaking spelling mistake, and no, in after three days of battling with this specific loop - I have not noticed it. *makes a eye test appointment to go for new glasses* Thanks a MILION!!! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] passing variables between php forms
On Friday 10 May 2002 07:41, baldey_uk wrote: > Hi sorry to annoy you AGAIN, but i cant seem to get it working i think > its something to do with the order that i put things in: > > > #end of html and start of php script > > > #Take the Variables from enterdetails.php that are posted from an html form > > $firstname=$_POST['txtFirstName']; > > $lastname=$_POST['txtLastName']; > > $email=$_POST['txtEmail']; > > $quantity=$_POST['txtJars']; > > $order_value=sprintf('%.2f', floatval($_POST['txtJars'])*7.0); > > echo ''; > > ?>php > > # end of php script back into html > > Are your details correct? > > method="post"> > > > action="updateaddress.php" method="post"> value="No "> > > > > If i put the echo or INPUT type outside of the php script this works, but > obviously just returns a string '.$quantity.' and not waht the variable > $quantity holds. This is extremely confusing. How do i get this php > variable to be passed to the HTML so it can be posted I thought the way i > have it the echo would make the variable testvar available to the browser, > and then i would be able to retrieve it by $_POST[testvar]; or > $_POST[$testvar]; in either the confirm.php or updateaddress.php that the > html posts to? Your form element is outside the form so is invalid and ignored by the browser. What you need is something like: And similarly for the second form. But I hope you're only doing this as a test. If you're implementing some kind on online shopping thing then including the value of goods ordered on a form and relying on that value when someone posts the form is a VERY BAD thing. When the form is posted you should always re-calculate the value based on item and quantity. -- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * /* Every country has the government it deserves. -- Joseph De Maistre */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Destroying Sessions
On Friday 10 May 2002 10:52, Steve Buehler wrote: > Nokeep writing to the list. Next time, you might actually Good idea. [snip] > >What baffles me, is > > > > while ($VerifyPassword = mysql_fetch_array($PasswordCheckSQL)) { > > // Compare UserIDs > > if ($VerifyPasword[ContactID] = $_SESSION['ContactID']) { > > $_SESSION['Authenticated'] = "True"; > > $AuthenticationFailure = "False"; > > } else { > > $_SESSION['Authenticated'] = "False"; > > $AuthenticationFailure = "True"; > > } > > > >Works ($VerifiyPassword[ContactID] comes out of a MySQL Lookup, > >$_SESSION['ContactID'] was previously, also looked up via a MySQL Query). > >However, from what I understand in the documentation, in this case, the if > >statement should be '==' in which case, it doesn't work ?!?!?!?!?!?!? > > This is exactly what I am talking about, and why it is so confusing. > > Everywhere, I use either a double =, or triple = in the if statements, > > with a ! to use the is "not" true... Only in this specific statement, > > the only way I can get it to work, was with a single =. Now what makes > > that if statement so special over the others, that this one requires a > > single = and not a double like all the other hundreds I have in my code? What is confusing you is that the single equal sign /seems/ to work and is masking the real error(s) in your code. if ($VerifyPasword[ContactID] = $_SESSION['ContactID']) This statement is /always/ true if $_SESSION['ContactID'] is non-zero, or non-empty. If your code is copy-and-paste then the error is most likely because you used a single 's' in $VerifyPasword[ContactID]. And also is better to single-quote your array indices (see manual on arrays for reason): $VerifyPassword['ContactID'] -- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * /* QOTD: "A child of 5 could understand this! Fetch me a child of 5." */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] gobbling replace
On Thu, May 09, 2002 at 11:39:34PM -0400, Analysis & Solutions wrote: > On Thu, May 09, 2002 at 03:17:09PM -0400, Josh & Valerie McCormack wrote: > > > 6 123 123 123 123 123 123 John Smith 456 456 456 456 4 > > The odd replacement is due to the itterations for each record in the csv file Pardon me, I meant to say "field" rather than "record." --Dan -- PHP classes that make web design easier SQL Solution | Layout Solution | Form Solution sqlsolution.info | layoutsolution.info | formsolution.info T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] gobbling replace
On Thu, May 09, 2002 at 03:17:09PM -0400, Josh & Valerie McCormack wrote: > I'm doing a str_replace (same thing happens with ereg and preg) and when > the pattern is found it's erasing everything after it and doing a > strange replace, too. > > I'm using a seven column CSV (new_data.csv) where the first [0] column > is first name and the second [1] is last name. This is what I'm trying > to search for, and replace with with some characters on either side. So > it will find John Smith and replace it with 123 John Smith 456. > > Here's the file I"m trying to do the replaces in (text.txt): > 1 This is a test of the templating program. > 2 Here's hoping it's working. > 3 > 4 > 5 > 6 John Smith > 7 > 8 Peter Lem > 9 > 10 Shawn Adams > > Here's the program: > 1 2 $row = 1; > 3 $fp = fopen("new_data.csv", "r"); > 4 while ($data = fgetcsv ($fp, 1000, ",")) { > 5 $num = count ($data); > 6 $row++; > 7 for ($c=0; $c < $num; $c++) { > 8 $text = fopen("text.txt", "r"); > 9 $merged = fopen("merged_text.html", "w"); > 10 $filecontents = fread($text,filesize("text.txt")); > 11 $fullname = $data[0] . ' ' . $data[1]; > 12 $newfullname = "123 " . $fullname . " 456"; > 13 $new_filecontents = str_replace($fullname, > $newfullname, $filecontents); > 14 fwrite($merged,$new_filecontents); > 15 fclose ($merged); > 16 fclose ($text); > 17 copy("merged_text.html", "text.txt"); > 18 } > 19 } > 20 fclose ($fp); > 21 ?> > > by the way, I know it's horribly ugly to open and close the file in the > loop like that, but when it was outside the loop no changes were saved. Put ALL of the fopen()'s AND fread()'s before the while loop. Put ALL of the fwrite()'s AND (unnecessary) fclose()'s after the end of the while loop. The only thing you should be doing inside the loop is searching/replacing. The while aspect will automaticall bring up the next names to be searching for. That for loop shouldn't be there... > Here's the ouput (merged_text.html): > 1 This is a test of the templating program. > 2 Here's hoping it's working. > 3 > 4 > 5 > 6 123 123 123 123 123 123 John Smith 456 456 456 456 4 The odd replacement is due to the itterations for each record in the csv file caused by mistakenly using that for loop. Ditch it. Enjoy, --Dan -- PHP classes that make web design easier SQL Solution | Layout Solution | Form Solution sqlsolution.info | layoutsolution.info | formsolution.info T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Destroying Sessions
> I am not an expert at PHP / MySQL. To me it would sound like the > one = is assigning the $VerifyPasword[ContactID] whatever is in > $_SESSION['ContactID'] which would mean that the else part would never be > executed. Honestly though, there is a lot that I don't know. I know very I can't really agree with that (Although, you are more than likely right It just sounds fishy for me that you can set two variables to the same value inside a if statement, when a if statement is in fact there to rather compare information - sort of, like a read-only state for the variables?)... I'll keep my code here, and add / remove some debugging, and just let you and the other's see what is actually going on here in regards to what information the variables is actually caring and comparing... Just to clarify myself above... if ($var1 = $var2) { . In my crazy head, I see $var1 and $var2 to be in a sort of "read-only" state inside the () of the if statement. For a if statement to be able to change the values in that instance, would be wrong for me. Afterall, the logic of a if statement does go something in the lines of "if value equals value then execute this, else, execute that" etc etc etc There's nothing in that logic of setting or changing any values ? Back to the matter at hand tho... while ($VerifyPassword = mysql_fetch_array($PasswordCheckSQL)) { echo "Session: " . $_SESSION['ContactID'] . ", DataBase: " . $VerifyPassword[ContactID]; // In the browser, they are both returned as 1 // Both the session and contact IDs are looked up from the same database, through two // different functions, they are the number from a auto_increment columb in a table. And yes // there is only one row in the table currently, the original selection is done via a WHERE // claues, and because there is only one row, both the $_SESSION and $VerifiyPassword // should thus return the same row number (auto_increment) because there is only one // row in the table? // Compare UserIDs if ($VerifyPasword[ContactID] = $_SESSION['ContactID']) { $_SESSION['Authenticated'] = "True"; $AuthenticationFailure = "False"; // In this example, the if statement will exit here (which is where it should exit) } else { $_SESSION['Authenticated'] = "False"; $AuthenticationFailure = "True"; } // Now let's look at how I understand the if statement to be, and what happens. This is now, // after I have confirmed above with the echo, that the two variables are in fact the same... if ($VerifyPassword[ContactID] == $_SESSION['ContactID']) { echo "they are the same"; } else { echo "if statement lied, and reported them as not being the same"; // statement exists here. } if (($VerifyPassword[ContactID]) == ($_SESSION['ContactID'])) { echo "they are the same"; } else { echo "if statement lied, and reported them as not being the same"; // statement exists here. } if (!($VerifyPassword[ContactID] == $_SESSION['ContactID'])) { echo "they are not the same"; // statement exists here. } else { echo "the same"; } // Now, I force the data to not be the same... $_SESSION['ContactID'] = "1000"; if ($VerifyPassword[ContactID] == $_SESSION['ContactID']) { echo "if statement lied, and reported them as being the same"; // Statement exists here. } else { echo "they are not the same"; } What, on heavens name, is going on here :P I'm not going to ditch PHP or anything like that, I know that it definately is something that I am doing wrong. The problem is, I don't know what I'm doing wrong. 99.99% if all my statements used in my PHP applications, uses == or === (if I know 100% that I am comparing data of the same type). This one specific one, refuses to operate :-( And it's starting to annoy me now very much to say the least :-( -- me -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Destroying Sessions
Nokeep writing to the list. Next time, you might actually give the example like you did here so that, hopefully someone will be able to answer you better (I have a problem of not including enough myself). The first question, in itself, sounded like a basic question. I would be surprised if you didn't get a lot of heckling about it. I tried to keep my answer from sounding bad to you the first time because I have been there and still am there. Most of us have, but some won't admit it. Sometimes I forget it too. :) I am not an expert at PHP / MySQL. To me it would sound like the one = is assigning the $VerifyPasword[ContactID] whatever is in $_SESSION['ContactID'] which would mean that the else part would never be executed. Honestly though, there is a lot that I don't know. I know very little compared to how much I don't know. So I will also post this to the list and hopefully someone will know the answer to this. At 08:09 PM 5/9/2002, "Chris Knipe" <[EMAIL PROTECTED]> wrote: >I don't want to keep flooding the mailing lists now with my crap, and I do >hope you don't mind me emailing you privately, but these if statements are >annoying to say the lease. > > >From what I read on php.net (as well as on various other documents for other >languages like C, and Perl), I am using if statements correctly - syntax >wise at least. > >What baffles me, is > > while ($VerifyPassword = mysql_fetch_array($PasswordCheckSQL)) { > // Compare UserIDs > if ($VerifyPasword[ContactID] = $_SESSION['ContactID']) { > $_SESSION['Authenticated'] = "True"; > $AuthenticationFailure = "False"; > } else { > $_SESSION['Authenticated'] = "False"; > $AuthenticationFailure = "True"; > } > >Works ($VerifiyPassword[ContactID] comes out of a MySQL Lookup, >$_SESSION['ContactID'] was previously, also looked up via a MySQL Query). >However, from what I understand in the documentation, in this case, the if >statement should be '==' in which case, it doesn't work ?!?!?!?!?!?!? This >is exactly what I am talking about, and why it is so confusing. Everywhere, >I use either a double =, or triple = in the if statements, with a ! to use >the is "not" true... Only in this specific statement, the only way I can >get it to work, was with a single =. Now what makes that if statement so >special over the others, that this one requires a single = and not a double >like all the other hundreds I have in my code? > >:) Thanks. > >-- >me > > >- Original Message - >From: "Steve Buehler" <[EMAIL PROTECTED]> >To: "Chris Knipe" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> >Sent: Thursday, May 09, 2002 11:04 PM >Subject: Re: [PHP] Destroying Sessions > > > > Best bet is to go to any book store that carries programming books and >pick > > up a book on PHP. There are so many different things that you need to >know > > that nobody can mention them all here. The other option is to go to > > http://www.php.net and read everything the site has. > > $var = $value > > assigns $value to the variable $var. > > $var == $value > > tests to see if $var and $value are equal. > > > > Steve > > > > At 07:00 PM 5/8/2002, Chris Knipe wrote: > > >Nevermind > > > > > >For it sorted... Does anyone have any reference to any documentation on > > >how to use if statements properly? > > > > > >I know this sounds silly now, but when exactly do you use $var = $value, >or > > >$var == $value, and all the other operators? > > > > > >I'd really like to read up on this if someone can point me to a good > > >reference... I'm having the same type of situations with Perl as well... > > >Maybe it's just be who is stupid here... But hey, I'm trying :) > > > > > >-- > > >me > > > > > > > > >- Original Message - > > >From: "Chris Knipe" <[EMAIL PROTECTED]> > > >To: <[EMAIL PROTECTED]> > > >Sent: Thursday, May 09, 2002 1:43 AM > > >Subject: [PHP] Destroying Sessions > > > > > > > > > > Hi all, > > > > > > > > Need some more help here unfortunately. This time, I did check the > > >manual, > > > > and well, I'm not to sure what I'm doing wrong... > > > > > > > > From a global (shared) script, I start a session > > > > > > > > > > > > > > > > I register session data, and use them throughout the site > > > > > > > > > > > > > > > > Now, how on earth do I destroy that session? > > > > > > > > > > > include('../include/functions.inc'); > > > > session_unset(); > > > > $_SESSION = array(); > > > > session_destroy(); > > > > header ("Location: /index.php"); > > > > ?> > > > > > > > > I've tried all of that, to no prevail, the session remains, and my >values > > > > registered in $_SESSION['whatever'] still remains?? > > > > > > > > Any help / pointers, much needed and appreciated. > > > > > > > > -- > > > > me > > > > > > > > > > > > > > > > -- > > > > PHP General Mailing List (http://www.php.net/) > > > > To unsubscribe, visit: h
RE: [PHP] Genus who came up with "Self Destruct Code" & "Copy Pro tection"
> Obviously most coders are in the middle ground. > They are not writing "the killer app of all time" > but is of significant value. I don't know what > people on here are charging but I can't add $2880 > a year to my overhead for the zend encoder. Plus > add $1875 per cpu for the zend accelerator for > each project. My personal opinion is that your code is either worth "protecting" or it's not. If it's worth "protecting" then that protection comes at a price. Sorry, commercial reality time here. If you are going to operate on a commercial basis then you have commercial decisions to make. This is one of them. > So you're bidding for a project and the guy asks, > "Let me get this straight, you're charging me more > then everyone else and I won't be able to edit the > code?" I think you would simply pricing yourself > out of the market. If that's what you're going to do then yes. Ask yourself what people like ISC (the people who do bind and sendmail do to make a living - after all they have seriously commercial quality products available for free) or people like RedHat (who give away their linux distro for nix if you want to download it, or pay a small fee to whatever company downloads it and sells CD-R burns of the iso's). People can, and do, make money giving away their code. When you figure out how they are doing it, and the philosophy behind it, then maybe that will ease these fears. I can pretty much guarantee that if you come up with a "killer app" in php that no matter how protected it is you will not be the only one with a version of "killer app" for long. Someone else will come along and write something similar - if that person does it open source then there's also a fair chance it will end up being better than your product due to shear weight of numbers contributing to it. In the end all this, and more, are your decisions. Of course, if you choose not to do this commercially then it's a whole different setup with different goals and so on. For the record, I pretty much release what I do to anyone who wants it. Not that my efforts are of a standard that they are worth all that much per se - they are often fairly specific to the project at hand and not overly portable (in their released format). I do have one intranet application under development for my own business that may well end up with a strong commercial basis but it will never be a single product but part of a much larger package my business is currently planning. Even then, the code associated with that project may end up open sourced in some way. Let's face it, there's even a move to replicate the zend encoder in open source. As has already been said, there also has to be a level of trust between you and your client(s) if you are going to do business with them. If your clients see you as overly paranoid about your work they may end up not wanting to deal with you anyway. If you're that paranoid about losing control of your work offer it on a "complete solution" basis - either you host it on a machine that they have no "back end" access to or you provide the hardware as well as the software and have it locked out in such a way that the code is not easily "stolen". Although, even here you'll sooner or later be compromised I would think. CYA, Dave -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Array loop help
Can someone offer any help with the code below? I have a cookie that is set and is separated by pipes (|). For each segment, I have to look up the id in a text file. I can loop through the cookie and get each segment, but when I open the text file and loop through it, it only matches the first segment. Any help is appreciated. "; } } fclose($fd); } ?> Thanks Chris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] multiple db, multiple table join
This really isn't a PHP question at all. Anyway, you just need to give nicknames to multiple instances of the same table (here I use e1 and e2). Something like... select order_id, e1.last_name, e2.last_name from tools.orders, hr.emp_master e1, hr.emp_master e2 where orders.emp_id=e1.emp_id and orders.approved_by=e2.emp_id; miguel On Thu, 9 May 2002, Dan Vande More wrote: > Good evening all, > I have a strange situation which I cannot think myself out of. To make > it simple my db looks like this > (hr db, emp_master table) > ++---+ > | emp_id | last_name | > ++---+ > | 1 | smith | > | 3 | wesson| > | 4 | doe | > | 6 | clinton | > | 7 | bush | > ++---+ > (tools db, orders table) > ++-+-+ > | order_id | emp_id |approved_by | > ++-+-+ > | 1 | 1| 6 | > | 2 | 4| 7 | > | 3 | 3| 4 | > | 4 | 7| 3 | > | 5 | 6| 1 | > ++-+-+ > I want my query results to be similiar to this: > if I'm selecting all, this is what I want: > 1 smith clinton > 2 doe bush > 3 wesson doe > 4 bush wesson > 5 clintonsmith > It seems so easy, but I've tried hard and cannot get it to work I've > been going along the lines (changed several times) of > Select tools.orders.order_id, hr.emp_master.last_name as ordered_by, > hr.emp_master.last_name as approved_by from tools.orders, hr.emp_master > where ((tools.orders.emp_id=hr.emp_master.emp_id) and > (tools.orders.approved_by=hr.emp_master.emp_id)) > > (I hope I wrote that right, it was freehand, not in db) > Thank you for any direction you can give me! > Dam > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Genus who came up with "Self Destruct Code" & "Copy Pro tection"
Obviously most coders are in the middle ground. They are not writing "the killer app of all time" but is of significant value. I don't know what people on here are charging but I can't add $2880 a year to my overhead for the zend encoder. Plus add $1875 per cpu for the zend accelerator for each project. So you're bidding for a project and the guy asks, "Let me get this straight, you're charging me more then everyone else and I won't be able to edit the code?" I think you would simply pricing yourself out of the market. -Original Message- From: David Freeman [mailto:[EMAIL PROTECTED]] Sent: May 9, 2002 5:24 PM To: [EMAIL PROTECTED] Subject: RE: [PHP] Genus who came up with "Self Destruct Code" & "Copy Pro tection" > I was talking in general. The BBS was simply an example to > make things clearer. I am *not* developing a BB system! > If you want you can think of a immaginary tool that makes > a website load twice as fast, need the half web > space and makes the website look nicer, of course at lower OK, if you're producing something with a significant commercial value then spring for the dollars to pay for zend encoder and use it. Seems like some people want it both ways - my code is different and unique and has commercial value in and of itself but I'm not prepared to spend real dollars to protect it, I want free code to do that. I suspect that many people in this situation have an overly high opinion of their code and, in reality, there are open source or free alternatives that do much the same (albeit elegant and easily customisable or whatever) and, as such, not worth spending the money on zend. CYA, Dave -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Multiple File Download
Miguel, Thanks for following up. I got the zip functions all working last night. I deconstructed a zip file created by ZipIt and was able to discover where the PHP class was going wrong. Basically, there is a segment called 'data descriptor' that was being written into the file without the proper bit flag set. I posted a brief message on the Zend site on the zip file article stating what I found. I still have some testing to do to make sure this is all going to work out, but it looks very promising. Thanks for offering your help! Steven J. Walker Walker Effects www.walkereffects.com [EMAIL PROTECTED] On Thursday, May 9, 2002, at 02:19 PM, Miguel Cruz wrote: > Any luck? I started playing with it but then ran into the fact that we > don't have the gz functions compiled into our PHP. Before I really dug > in, > thought I'd check whether you got it working. > > miguel > > On Tue, 7 May 2002, Steven Walker wrote: > >> Miguel, >> >> That is very nice of you! I found the zip class on the Zend website: >> http://www.zend.com/codex.php?id=696&single=1 >> >> and here is an article pertaining to zip file creation: >> http://www.zend.com/zend/spotlight/creating-zip-files3.php >> >> When I try to open the php created zip file with Stuffit Expander, I >> get >> the following message: >> "Unknown zip header format encountered. This operation cannot >> continue." >> >> However, Zipit opens the archive fine. If I resave the archive from >> Zipit, then Stuffit will read it without error. So far I have compared >> the two files (the one created by php, and the one saved from Zipit). >> The basic compressed data matches, but there definitely is a difference >> in header structures. >> >> I have downloaded the zip file format specs, but am still pulling my >> hair out trying to figure out what all the different parts are. I am >> not >> accustomed to working with hex data, so that to is making it hard. >> >> I appreciate you taking the time to help! Thank you! >> >> >> On Tuesday, May 7, 2002, at 12:39 PM, Miguel Cruz wrote: >> >>> Is it possible it's just a MIME type thing? Let me know how to find >>> the >>> class you're using and I'll try to play with it this afternoon. >>> >>> miguel >>> >>> On Tue, 7 May 2002, Steven Walker wrote: You are right. I am testing this out now using a zip class I got through the Zend website. However, Stuffit Expander does not like the zip files created by php. I am able to open the zip archive through Zipit just fine, and Stuffit Expander opens the Zipit files ok. So now I am trying to figure out how to modify the php zip class to make a zip archive that Stuffit will read. Any thoughts? On Tuesday, May 7, 2002, at 11:39 AM, Miguel Cruz wrote: > On Tue, 7 May 2002, Steven Walker wrote: >> Does anyone know a way to download multiple files with a php >> script? I >> have 26 software products that can be purchased individually and I >> want >> to make the download process easier. I have looked into dynamically >> creating zip files, but it is problematic for Mac users (which >> account >> for a large part of my user base). > > Are you sure it's a problem for your Mac users? Stuffit Expander, > which > has come with all Macs for a while now and which is pretty much an > essential tool for everyone, handles zip files just fine. > > miguel > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > >>> >> >> >> > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] multiple db, multiple table join
Good evening all, I have a strange situation which I cannot think myself out of. To make it simple my db looks like this (hr db, emp_master table) ++---+ | emp_id | last_name | ++---+ | 1 | smith | | 3 | wesson| | 4 | doe | | 6 | clinton | | 7 | bush | ++---+ (tools db, orders table) ++-+-+ | order_id | emp_id |approved_by | ++-+-+ | 1 | 1| 6 | | 2 | 4| 7 | | 3 | 3| 4 | | 4 | 7| 3 | | 5 | 6| 1 | ++-+-+ I want my query results to be similiar to this: if I'm selecting all, this is what I want: 1 smith clinton 2 doe bush 3 wesson doe 4 bush wesson 5 clintonsmith It seems so easy, but I've tried hard and cannot get it to work I've been going along the lines (changed several times) of Select tools.orders.order_id, hr.emp_master.last_name as ordered_by, hr.emp_master.last_name as approved_by from tools.orders, hr.emp_master where ((tools.orders.emp_id=hr.emp_master.emp_id) and (tools.orders.approved_by=hr.emp_master.emp_id)) (I hope I wrote that right, it was freehand, not in db) Thank you for any direction you can give me! Dam
Re: [PHP] passing variables between php forms
What exactly goes wrong? Indeed, you _should_ have $_POST["testvar"] available in the next page... The only problem I see is that you first echo the input and only then do you start the forms... which is an HTML problem, not a PHP one. Bogdan baldey_uk wrote: >Hi sorry to annoy you AGAIN, but i cant seem to get it working i think >its something to do with the order that i put things in: > > >#end of html and start of php script > > >#Take the Variables from enterdetails.php that are posted from an html form > >$firstname=$_POST['txtFirstName']; > >$lastname=$_POST['txtLastName']; > >$email=$_POST['txtEmail']; > >$quantity=$_POST['txtJars']; > >$order_value=sprintf('%.2f', floatval($_POST['txtJars'])*7.0); > >echo ''; > >?>php > ># end of php script back into html > >Are your details correct? > >method="post"> > > >action="updateaddress.php" method="post">value="No "> > > > >If i put the echo or INPUT type outside of the php script this works, but >obviously just returns a string '.$quantity.' and not waht the variable >$quantity holds. This is extremely confusing. How do i get this php variable >to be passed to the HTML so it can be posted I thought the way i have it >the echo would make the variable testvar available to the browser, and then >i would be able to retrieve it by $_POST[testvar]; or $_POST[$testvar]; in >either the confirm.php or updateaddress.php that the html posts to? > >Yet again thanks in advance for any help. > >Confused > >Cheers From > >baldey_uk > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] DOMXML in 4.2.0 problems
I'm trying to get DOMXML to work with PHP4.2.0. I've compiled with --with-dom and phpinfo() says it's there: DOM/XML enabled libxml Version 2.4.18 HTML Support enabled XPath Support enabled XPointer Support enabled The following program though doesn't seem to work: $xmlstring='a valid xml document here'; $domdoc=xmldoc($xmlstring); $root=$doc->document_element(); <--- throw error I get an error regarding the call to DomDocument->document_element(). Also I'm forced to use xmldoc() instead of the newer domxml_open_mem() because it is also not recognized. What am I missing? thanks in advance, Thalis -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] DOMXML......aaaahhhhhhhh!!!!!!!!!!!!!!!!!!!!!!!!!!!
Im tearing my hair out over how buggy DOMXML is! Im trying to get my Hosting provider to update to PHP 4.2 cause I hear alot of memory leaks for DOMXML are dealt with in this versioncan anyone who has 4.2 confirm or deny this?? Thanking you all in advance Jarrad Kabral -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] passing variables between php forms
Hi sorry to annoy you AGAIN, but i cant seem to get it working i think its something to do with the order that i put things in: #end of html and start of php script '; ?>php # end of php script back into html Are your details correct? If i put the echo or INPUT type outside of the php script this works, but obviously just returns a string '.$quantity.' and not waht the variable $quantity holds. This is extremely confusing. How do i get this php variable to be passed to the HTML so it can be posted I thought the way i have it the echo would make the variable testvar available to the browser, and then i would be able to retrieve it by $_POST[testvar]; or $_POST[$testvar]; in either the confirm.php or updateaddress.php that the html posts to? Yet again thanks in advance for any help. Confused Cheers From baldey_uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] External authentication and PHP_AUTH_PW containing plaintext password
The code is pretty obvious in sapi/apache/mod_php4.c in the init_request_info() function. On Thu, 9 May 2002, Lenny Miceli wrote: > I've tried to search the archives/bug reports/faq's and didn't find any > definitive answers on the security issue dealing with the plain text password > being kept in PHP_AUTH_PW even when you use external authentication. Since > it seems like the developers haven't answered any of the bug reports related > to this issue, what has anyone done to remove this security issue of being > able to grab user's passwords. It seems in an older version of php you > could (to quote the older manual): > > [Begin quote] > Note however that the above does not prevent someone who controls a > non-authenticated URL from stealing passwords from authenticated URL's on the > same server. The PHP_AUTH_VARS define in php.h can be undefined to make sure > that these variables will never be set and thus disable anybody from using > mod_php to try to steal passwords. > [End quote] > > Since it seems that variable (PHP_AUTH_VARS) doesn't exist any longer an > admin can't use that method any longer. Can someone please mail me what they > modified in the code or configured to disable this *feature* of external > passwords being kept in PHP_AUTH_PW. I do NOT mind at all disabling PHP > authentication entirely since we only use external authentication. > > Please mail me directly since I'm not on this list. > > Thanks for your time, > Lenny Miceli > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] register_globals in php4
On Thu, 9 May 2002, Kevin Stone wrote: >> If register_globals is off, then you'll get $_GET['id'] = 3 and >> $_GET['sex'] = female. It's then up to you to make sure those are okay. >> But at least $id and $sex won't get set until you explicitly set them in >> your code. > > Hmm. No offense Miguel, but I don't believe turning Registered Globals off > will have any effect on security. If all programmers were perfect, very few security mechanisms would be necessary. But they aren't, so things like this just make it a little bit easier to create secure software. miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: why doesn't $books[$val][display] show the value
It has to do with precedence (I think). When inside a double quoted string PHP evalutes "$books[$val]" *first* and doesn't catch that there's more to it... You can do this: $html.= " Yaddda yadda " . $books[$val][display]; And I think this (or something close to it): $html.= " Yaddda yadda {$books[$val][display]}"; On Thu, 9 May 2002, Peter J. Schoenster wrote: > Hi, > > I've got an array like the following: > > $books = array( > "1572316217" => array( > category=> 'tech', > display => 'Steve McConnell\'s Software Project >Survival Guide', > href=> > 'http://www.amazon.com/exec/obidos/ASIN/1572316217/readbrazil07-20', > title => 'Steve McConnell\'s Software Project >Survival Guide', > width => '71', > height => '90', > src => >'/images/1572316217.01.TZZZ.jpg', > vspace => '3', > alt => 'Steve McConnell\'s Software >Project Survival Guide', > hspace => '3', > comments=> "", > ), > > $books = $AfiliateLinkBuilder->get_books(); > srand ((float) microtime() * 1000); > $rand_keys = array_rand ($books, 2); > > while (list ($key, $val) = each ($rand_keys)) { > $display = $books[$val][display]; > > Why do I have to do this: > $display = $books[$val][display]; > > rather than > > $html.= " Yaddda yadda $books[$val][display]"; > > $books[$val][display] in the double quotes only shows display. I > thought that within double quotes I don't use double quotes for > elements ... ? What's the rule on this. I could do the above in Perl. > > Thanks, > > Peter > > > -- http://www.readbrazil.com/ > Answering Your Questions About Brazil > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] register_globals in php4
- Original Message - From: "Miguel Cruz" <[EMAIL PROTECTED]> To: "Patrick Hsieh" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, May 09, 2002 11:52 AM Subject: Re: [PHP] register_globals in php4 > On Fri, 10 May 2002, Patrick Hsieh wrote: > > php4.1 recommends to set register_globals=off in php.ini to make php > > more strict. My question is, if I turn off register_globals, what will > > happen if any malicious user just try to modify the variable values in > > the url? Say, > > > > http://www.domain.com/xxx.php?id=3&sex=female > > > > Does it work if user just change the value in the URL directly and send > > the url directly to web server? > > > > How can we avoid the malicious attack by directly http GET/POST with > > modified parameter values to make possible system error or compromise? > > If register_globals is off, then you'll get $_GET['id'] = 3 and > $_GET['sex'] = female. It's then up to you to make sure those are okay. > But at least $id and $sex won't get set until you explicitly set them in > your code. > > miguel > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php Hmm. No offense Miguel, but I don't believe turning Registered Globals off will have any effect on security. Turning Registered Globals off just provides a more strict environment for coding. Example.. If the url were http://www.dom.com/index.php?password=xuUaB67sf .. is no more or less secure than.. > > How can we avoid the malicious attack by directly http GET/POST with > > modified parameter values to make possible system error or compromise? Security in this regard has everything to do with ensuring that the input you're recieving is what you expect. Some good tips would be to define maximum string lengths, check for legal variable types, and look for invalid characters. If something doesn't look right then you simply don't allow the request to proceed. Example.. $max_len) return FALSE; elseif (gettype($str) != "string") return FALSE; elseif (eregi(/whatever you think might be invalid/, $str)); return FALSE; else return TRUE; } if (validate($password)) { echo $password; } else { echo "INVALID INPUT"; exit; } ?> Generally speaking this will be more than adequate. But if you want to get serious then you can record a timestamp and IP/domain for every transaction on your website then auto-block any user spamming your system. For example, if someone is trying out passwords over and over again, after 3 consecutive tries your system could block the transaction and print out a warning. After 3 batches of 3 consecutive tries the system could block the user and email you a notice. But becuase this user information can be faked the most sophisticated systems.. the ones that corporations install behind their firewalls and cost $20,000 for the installation alone, actually record and analyze patterns of behavior using neural net software. -Kevin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] why doesn't $books[$val][display] show the value
Hi, I've got an array like the following: $books = array( "1572316217" => array( category=> 'tech', display => 'Steve McConnell\'s Software Project Survival Guide', href=> 'http://www.amazon.com/exec/obidos/ASIN/1572316217/readbrazil07-20', title => 'Steve McConnell\'s Software Project Survival Guide', width => '71', height => '90', src => '/images/1572316217.01.TZZZ.jpg', vspace => '3', alt => 'Steve McConnell\'s Software Project Survival Guide', hspace => '3', comments=> "", ), $books = $AfiliateLinkBuilder->get_books(); srand ((float) microtime() * 1000); $rand_keys = array_rand ($books, 2); while (list ($key, $val) = each ($rand_keys)) { $display = $books[$val][display]; Why do I have to do this: $display = $books[$val][display]; rather than $html.= " Yaddda yadda $books[$val][display]"; $books[$val][display] in the double quotes only shows display. I thought that within double quotes I don't use double quotes for elements ... ? What's the rule on this. I could do the above in Perl. Thanks, Peter -- http://www.readbrazil.com/ Answering Your Questions About Brazil -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] register_globals in php4
- Original Message - From: "Patrick Hsieh" <[EMAIL PROTECTED]> > Hello list, > > php4.1 recommends to set register_globals=off in php.ini to make php > more strict. My question is, if I turn off register_globals, what will > happen if any malicious user just try to modify the variable values in > the url? Say, The variables will get passed just like normal. You have no way of telling if the values actually came from a form or if the user manipulated the data. This goes for GET, POST, and COOKIE data. > How can we avoid the malicious attack by directly http GET/POST with > modified parameter values to make possible system error or compromise? You can't stop it. The user can send anything to your site. It's up to you to validate the data and make sure it's what it's supposed to be. At least with register_globals = off, when you use $_GET["var"], you know it's coming from the URL (or a GET form). Same thing with _POST, _SESSION, and _COOKIE, etc. You know where the data should be coming from. You still have to validate it. W/o register globals, you just use $var and have no idea where it's coming from. You may think it's coming from a posted form, but the user actually passed it in the url. Or, you use $var2, not expecting it to come from the user at all, but the user passes it in the URL and it overwrites $var2. register_globals isn't always "bad". It just allows for more errors and holes with it on if you're not careful. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] External authentication and PHP_AUTH_PW containing plain text password
I've tried to search the archives/bug reports/faq's and didn't find any definitive answers on the security issue dealing with the plain text password being kept in PHP_AUTH_PW even when you use external authentication. Since it seems like the developers haven't answered any of the bug reports related to this issue, what has anyone done to remove this security issue of being able to grab user's passwords. It seems in an older version of php you could (to quote the older manual): [Begin quote] Note however that the above does not prevent someone who controls a non-authenticated URL from stealing passwords from authenticated URL's on the same server. The PHP_AUTH_VARS define in php.h can be undefined to make sure that these variables will never be set and thus disable anybody from using mod_php to try to steal passwords. [End quote] Since it seems that variable (PHP_AUTH_VARS) doesn't exist any longer an admin can't use that method any longer. Can someone please mail me what they modified in the code or configured to disable this *feature* of external passwords being kept in PHP_AUTH_PW. I do NOT mind at all disabling PHP authentication entirely since we only use external authentication. Please mail me directly since I'm not on this list. Thanks for your time, Lenny Miceli -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Is there any way to change the process user (logon user) for a running script??
I have come across a situation where I need to temporarly change the user profile in the middle of a script. I would prefer to do this than to change ownership of files to allow the script to be able to read them. I don't know whose files I will be reading when the script runs, however I need to be able to read files from /home/*/Mail on a user by user basis. Is this possible?? Jeff Means CIO for PicoTech.NET -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: multi-dimensional array
You can't set an array subscript using an array; it should be a numerical value or a string. What you want to do is $division[$div_id] = $array; Better yet, try: $divison[$div_id] = mysql_fetch_array($result, MYSQL_ASSOC); J Steve Buehler wrote: > I am trying to learn some new things in the hopes that it would help me > with my mysql/PHP programming. The following code gives me an error: " > Warning: Illegal offset type in z.php on line 25 ". > > $result=mysql_query("SELECT * FROM division"); > while(($row=mysql_fetch_object($result))){ > $div_id=$row->div_id; > $array=array("sub1" => $row->sub1, > "sub1d" => $row->sub1d, > "sub2" => $row->sub2, > "sub2d" => $row->sub2d, > "sub3" => $row->sub3, > "sub3d" => $row->sub3d, > "sub4" => $row->sub4, > "sub4d" => $row->sub4d, > "sub5" => $row->sub5, > "sub5d" => $row->sub5d, > "game_length" => $row->game_length); > // The following is the line 25 > $division[$div_id][$array]=array(); > } > > What I am trying to do is to be able to later call > $division[$div_id][sub5] > etc... I sure hope that this can be done. If not, I will just have to > stick with temporary tables. > > Thanks > Steve -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] problems with
> a table with several contents, and I have a form on every > row, the problem is that the form is to big, so the tab le > looks ugly, I tried with everything I could come up with, The tags imply a break which adds space vertically. It's contrary to doing good html and will most likely cause errors in an html validator but about the only way I've found to get around it is to bury your somewhere that the implied break won't do anything. If you're using a table then between the and or between and is a pretty good place. CYA, Dave -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Genus who came up with "Self Destruct Code" & "Copy Pro tection"
> I was talking in general. The BBS was simply an example to > make things clearer. I am *not* developing a BB system! > If you want you can think of a immaginary tool that makes > a website load twice as fast, need the half web > space and makes the website look nicer, of course at lower OK, if you're producing something with a significant commercial value then spring for the dollars to pay for zend encoder and use it. Seems like some people want it both ways - my code is different and unique and has commercial value in and of itself but I'm not prepared to spend real dollars to protect it, I want free code to do that. I suspect that many people in this situation have an overly high opinion of their code and, in reality, there are open source or free alternatives that do much the same (albeit elegant and easily customisable or whatever) and, as such, not worth spending the money on zend. CYA, Dave -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Solved:->Simple array question (Walker,Cruz)
Hey guys, Just wanted to let you know Thanks for the help and solving my problem. I posted that mail and 10 minutes later i got my answer...are these guys (Matthew walker,Miguel cruz) helpful or what? Helpful,kind people,quick answers this list is great, but its only the people who make the listand a thumbs up to you people. -Ryan. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] multi-dimensional array
Line 25 looks like this: $division[$div_id][$array]=array(); The first subscript to division is $div_id, which is fine. The second one is $array, which is an array. That doesn't make any sense. Array keys have to be strings or numbers. You'd have to create a separate array at each subscript of $division[$div_id] ... foreach ($array as $k => $v) $division[$div_id][$k] = array(); miguel On Thu, 9 May 2002, Steve Buehler wrote: > I am trying to learn some new things in the hopes that it would help me > with my mysql/PHP programming. The following code gives me an error: " > Warning: Illegal offset type in z.php on line 25 ". > > $result=mysql_query("SELECT * FROM division"); > while(($row=mysql_fetch_object($result))){ > $div_id=$row->div_id; > $array=array("sub1" => $row->sub1, > "sub1d" => $row->sub1d, > "sub2" => $row->sub2, > "sub2d" => $row->sub2d, > "sub3" => $row->sub3, > "sub3d" => $row->sub3d, > "sub4" => $row->sub4, > "sub4d" => $row->sub4d, > "sub5" => $row->sub5, > "sub5d" => $row->sub5d, > "game_length" => $row->game_length); > // The following is the line 25 > $division[$div_id][$array]=array(); > } > > What I am trying to do is to be able to later call $division[$div_id][sub5] > etc... I sure hope that this can be done. If not, I will just have to > stick with temporary tables. > > Thanks > Steve > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Multiple File Download
Any luck? I started playing with it but then ran into the fact that we don't have the gz functions compiled into our PHP. Before I really dug in, thought I'd check whether you got it working. miguel On Tue, 7 May 2002, Steven Walker wrote: > Miguel, > > That is very nice of you! I found the zip class on the Zend website: > http://www.zend.com/codex.php?id=696&single=1 > > and here is an article pertaining to zip file creation: > http://www.zend.com/zend/spotlight/creating-zip-files3.php > > When I try to open the php created zip file with Stuffit Expander, I get > the following message: > "Unknown zip header format encountered. This operation cannot > continue." > > However, Zipit opens the archive fine. If I resave the archive from > Zipit, then Stuffit will read it without error. So far I have compared > the two files (the one created by php, and the one saved from Zipit). > The basic compressed data matches, but there definitely is a difference > in header structures. > > I have downloaded the zip file format specs, but am still pulling my > hair out trying to figure out what all the different parts are. I am not > accustomed to working with hex data, so that to is making it hard. > > I appreciate you taking the time to help! Thank you! > > Steven J. Walker > Walker Effects > www.walkereffects.com > [EMAIL PROTECTED] > > On Tuesday, May 7, 2002, at 12:39 PM, Miguel Cruz wrote: > > > Is it possible it's just a MIME type thing? Let me know how to find the > > class you're using and I'll try to play with it this afternoon. > > > > miguel > > > > On Tue, 7 May 2002, Steven Walker wrote: > >> You are right. I am testing this out now using a zip class I got > >> through > >> the Zend website. However, Stuffit Expander does not like the zip files > >> created by php. I am able to open the zip archive through Zipit just > >> fine, and Stuffit Expander opens the Zipit files ok. So now I am trying > >> to figure out how to modify the php zip class to make a zip archive > >> that > >> Stuffit will read. > >> > >> Any thoughts? > >> > >> > >> On Tuesday, May 7, 2002, at 11:39 AM, Miguel Cruz wrote: > >> > >>> On Tue, 7 May 2002, Steven Walker wrote: > Does anyone know a way to download multiple files with a php > script? I > have 26 software products that can be purchased individually and I > want > to make the download process easier. I have looked into dynamically > creating zip files, but it is problematic for Mac users (which > account > for a large part of my user base). > >>> > >>> Are you sure it's a problem for your Mac users? Stuffit Expander, > >>> which > >>> has come with all Macs for a while now and which is pretty much an > >>> essential tool for everyone, handles zip files just fine. > >>> > >>> miguel > >>> > >>> > >>> -- > >>> PHP General Mailing List (http://www.php.net/) > >>> To unsubscribe, visit: http://www.php.net/unsub.php > >>> > >>> > >> > >> > > > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] multi-dimensional array
I am trying to learn some new things in the hopes that it would help me with my mysql/PHP programming. The following code gives me an error: " Warning: Illegal offset type in z.php on line 25 ". $result=mysql_query("SELECT * FROM division"); while(($row=mysql_fetch_object($result))){ $div_id=$row->div_id; $array=array("sub1" => $row->sub1, "sub1d" => $row->sub1d, "sub2" => $row->sub2, "sub2d" => $row->sub2d, "sub3" => $row->sub3, "sub3d" => $row->sub3d, "sub4" => $row->sub4, "sub4d" => $row->sub4d, "sub5" => $row->sub5, "sub5d" => $row->sub5d, "game_length" => $row->game_length); // The following is the line 25 $division[$div_id][$array]=array(); } What I am trying to do is to be able to later call $division[$div_id][sub5] etc... I sure hope that this can be done. If not, I will just have to stick with temporary tables. Thanks Steve
Re: [PHP] Destroying Sessions
Best bet is to go to any book store that carries programming books and pick up a book on PHP. There are so many different things that you need to know that nobody can mention them all here. The other option is to go to http://www.php.net and read everything the site has. $var = $value assigns $value to the variable $var. $var == $value tests to see if $var and $value are equal. Steve At 07:00 PM 5/8/2002, Chris Knipe wrote: >Nevermind > >For it sorted... Does anyone have any reference to any documentation on >how to use if statements properly? > >I know this sounds silly now, but when exactly do you use $var = $value, or >$var == $value, and all the other operators? > >I'd really like to read up on this if someone can point me to a good >reference... I'm having the same type of situations with Perl as well... >Maybe it's just be who is stupid here... But hey, I'm trying :) > >-- >me > > >- Original Message - >From: "Chris Knipe" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Sent: Thursday, May 09, 2002 1:43 AM >Subject: [PHP] Destroying Sessions > > > > Hi all, > > > > Need some more help here unfortunately. This time, I did check the >manual, > > and well, I'm not to sure what I'm doing wrong... > > > > From a global (shared) script, I start a session > > > > > > > > I register session data, and use them throughout the site > > > > > > > > Now, how on earth do I destroy that session? > > > > > include('../include/functions.inc'); > > session_unset(); > > $_SESSION = array(); > > session_destroy(); > > header ("Location: /index.php"); > > ?> > > > > I've tried all of that, to no prevail, the session remains, and my values > > registered in $_SESSION['whatever'] still remains?? > > > > Any help / pointers, much needed and appreciated. > > > > -- > > me > > > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > >-- >PHP General Mailing List (http://www.php.net/) >To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] simple array question (Am a Newbie kindly excuse.)
echo join (',', $a1); On Fri, 10 May 2002, r wrote: > Here is the code: > $a1[]="ryan1"; > $a1[]="ryan1.2"; > $a1[]="ryan2"; > $a1[]="ryan2.1.1.1.1.1"; > $a1[]="ryan3"; > $a1[]="ryan3.2"; > reset($a1); > > print("Tesing arrays:"); > while(list($aa1,$aa2) = each ($a1)) > { > print($aa2 . ","); > } > > ?> > > Which gives out the output: > Tesing arrays: > ryan1, > ryan1.2, > ryan2, > ryan2.1.1.1.1.1, > ryan3, > ryan3.2, > > my question/problem is simply this: how do i stop the last comma from > coming? miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] simple array question (Am a Newbie kindly excuse.)
Try this: "); for($i=0; $i < count($a1); $i++) { { echo($a2[$i]); if ($i != (count($a1) - 1)) { echo ","; } } ?> Matthew Walker Senior Software Engineer ePliant Marketing -Original Message- From: r [mailto:[EMAIL PROTECTED]] Sent: Friday, May 10, 2002 3:19 AM To: [EMAIL PROTECTED] Subject: [PHP] simple array question (Am a Newbie kindly excuse.) Greetings my PHP people. Will do things a bit backwork code first and what i want as that seems the easiest way to explain Here is the code: "); while(list($aa1,$aa2) = each ($a1)) { print($aa2 . ","); } ?> Which gives out the output: Tesing arrays: ryan1, ryan1.2, ryan2, ryan2.1.1.1.1.1, ryan3, ryan3.2, my question/problem is simply this: how do i stop the last comma from coming? because originally instead of giving the output to the browser i want it to "feed" it to a hidden form field, which i enter into the database Yeah yeah yeah, wipe the tears of laugher from your eyes and remember, you too were once a newbie. :-o) This list is great and i know i will get not one answer but many, thank you in advance. -Ryan A. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.351 / Virus Database: 197 - Release Date: 4/19/2002 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] simple array question (Am a Newbie kindly excuse.)
Greetings my PHP people. Will do things a bit backwork code first and what i want as that seems the easiest way to explain Here is the code: "); while(list($aa1,$aa2) = each ($a1)) { print($aa2 . ","); } ?> Which gives out the output: Tesing arrays: ryan1, ryan1.2, ryan2, ryan2.1.1.1.1.1, ryan3, ryan3.2, my question/problem is simply this: how do i stop the last comma from coming? because originally instead of giving the output to the browser i want it to "feed" it to a hidden form field, which i enter into the database Yeah yeah yeah, wipe the tears of laugher from your eyes and remember, you too were once a newbie. :-o) This list is great and i know i will get not one answer but many, thank you in advance. -Ryan A. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Nitpicking - PHP 4.2.0 for windows says version is 4.1.2
Interesting that you mention that, when I do PHP-CLI > test.html I get Version 4.2.0 ... which is the CGI version Built April 20 2002 However my web server (I run it as an SAPI module) has: "Apache/1.3.20 (Win32) PHP/4.2.0 running..." in the console window and gives me Version 4.1.2, Build Mar 10 2002... On Thu, 09 May 2002 21:09:12 +0100 Chris Hewitt wrote: > Garth, > > You might have two versions (cgi and module)? > > Chris > > Garth Dahlstrom wrote: > > >Anyone notice this... when you do a > > >phpinfo(); > >?> > > > >you get "PHP Version 4.1.2", while my apache window > >says "Apache/1.3.20 (Win32) PHP/4.2.0 running..." > > > >-G > > > > > > > > Northern.CA ===-- http://www.northern.ca Canada's Search Engine -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] fsockopen, and remaining data in buffer
Hello Guys! I'm having troubles with not knowing the amount of data which is waiting to be received in the buffer for a specific socket I can use fsockopen, establish a connection, and write to the socket, I can read from the socket just fine as well. The trouble I'm running into is illustrated in this example Eg: Open a socket to an ftp site (port 21). I can expect a banner from EG: the ftp server, but this is not always the case. if there is a EG: banner it is usually only one line, but this is not always the case. EG: I can then fputs($fp, 'user anonymous'.chr(10)); After that fputs I EG: can expect one line to be in the buffer. I then fputs($fp, 'pass EG: [EMAIL PROTECTED]'.chr(10)); There can then be anything from 0 to EG: (lots) of bytes in the buffer, spanning multiple lines. I want to be able to pull all of the waiting information out of the socket, process it, and then proceed - not knowing the amount of data to expect. A while( $data=fgets($fp, ) ) works, but either a) hangs when there is no more data to receive, or b) times the socket out when a socket timeout on the file pointer is used, or c) is VERY unreliable when the socket is set to non-blocking mode. I've tried using $var=socket_get_status($fp), but then $var['unread_bytes'] is always 0 or null... Am I missing something? The development server is running slackware 8, kernel 2.4.18, apache-1.3.24, and php 4.2 I'll send sample code if asked, Thanks in advance for the help! - -- Demitrious S. Kelly -- Eagle Networks - - -- Demitrious S. Kelly -- Eagle Networks -
Re: [PHP] Re: error-catching
On Thu, 9 May 2002, Gert Mellak wrote: >> If you just want to hide the error message, there's nothing wrong with >> using @. > > ok, it's a new point of view... I've always thought that this is bad > programming style! It's bad if you're using it to hide errors rather than fixing them. If you have another reliable way of catching the same errors, then it's fine. miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: how to send spaces in the url
Might I suggest using PHP's urlencode() to encode the string, and Javascript's function unescape()? Matthew Walker Senior Software Engineer ePliant Marketing -Original Message- From: Kevin Stone [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 09, 2002 11:37 AM To: [EMAIL PROTECTED] Subject: Re: [PHP] Re: how to send spaces in the url LOL! A standard!? In Javascript!? You must be joking. :-) Nope. But it's not difficult. You simply have to access the url string with 'document.location.href', parse out the values individually and replace the space placeholders. Can't remember what the exact javascript function would be.. I think it's 'string.replace' or something like that. I'm certain a quick search.will reveal exactly what you need. -Kevin - Original Message - From: "Pushkar Pradhan" <[EMAIL PROTECTED]> To: "Kyle Gibson" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, May 09, 2002 10:24 AM Subject: Re: [PHP] Re: how to send spaces in the url > Thanks to all who responded. > I think I should have mentioned that I am trying to send these vars. in > the url to a javascript pg. thus won't have access to php on the other > side (i.e. I want to keep it this way for speed). > So as Kyle suggested to replace the " " is the only way? This is fine but > isn't there something standard for this? > > What you could do is think of some random sequence of characters, say > > |-| and use that for a space. > > > > Then, on the receiving script, just remember to use > > str_replace("|-|"," ",$HTTP_SERVER_VARS["QUERY_STRING"]) > > > > > > If you don't have access to the receiving script, then you'll need to > > use "%20". > > > > > > -Kyle > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > -Pushkar S. Pradhan > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.351 / Virus Database: 197 - Release Date: 4/19/2002 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] gobbling replace
I'm doing a str_replace (same thing happens with ereg and preg) and when the pattern is found it's erasing everything after it and doing a strange replace, too. I'm using a seven column CSV (new_data.csv) where the first [0] column is first name and the second [1] is last name. This is what I'm trying to search for, and replace with with some characters on either side. So it will find John Smith and replace it with 123 John Smith 456. Here's the file I"m trying to do the replaces in (text.txt): 1 This is a test of the templating program. 2 Here's hoping it's working. 3 4 5 6 John Smith 7 8 Peter Lem 9 10 Shawn Adams Here's the program: 1 by the way, I know it's horribly ugly to open and close the file in the loop like that, but when it was outside the loop no changes were saved. Here's the ouput (merged_text.html): 1 This is a test of the templating program. 2 Here's hoping it's working. 3 4 5 6 123 123 123 123 123 123 John Smith 456 456 456 456 4 Thanks for your help! Josh -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Nitpicking - PHP 4.2.0 for windows says version is 4.1.2
Anyone notice this... when you do a you get "PHP Version 4.1.2", while my apache window says "Apache/1.3.20 (Win32) PHP/4.2.0 running..." -G -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] A pen pal system with Photo upload feature
This might help you: http://www.phpbuilder.com/columns/william19990908.php3?page=1 Tyler Longren Captain Jack Communications [EMAIL PROTECTED] www.captainjack.com - Original Message - From: "Thomas Edison Jr." <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, May 09, 2002 12:23 PM Subject: [PHP] A pen pal system with Photo upload feature > Hi, > > I've already built in a penpal system. Now i want to > add a feature which allows user to upload his/her > image. When other user's search for penpals, the > photos should appear next to the record's details. > > Can anyone guide me towards such a script/tutorial? > > I'm using mySQL as my backend, on an Apache Web Server > on Linux. > > Thanks, > T. Edison jr. > > > > = > Rahul S. Johari (Director) > ** > Abraxas Technologies Inc. > Homepage : http://www.abraxastech.com > Email : [EMAIL PROTECTED] > Tel : 91-4546512/4522124 > *** > > __ > Do You Yahoo!? > Yahoo! Shopping - Mother's Day is May 12th! > http://shopping.yahoo.com > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: include text from a html-file online
Andreas Indahl <[EMAIL PROTECTED]> schrieb in im Newsbeitrag: [EMAIL PROTECTED] > I want to include text from a html-file that is online at another website. > To be more precise: I want to include my seti-stats from > http://setiathome.ssl.berkeley.edu/ on my own homepage. Can I do this with > PHP? certainly... just use the fopen-function and use the URL as the filename. You handle it the same way as a normal text-file. Here's the link to the php-function: http://www.php.net/manual/en/function.fopen.php Greetings, Gert. I'm still confused - but on a much higher level... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] error-catching
Gert, to prevent PHP to output any error messages, you can prefix the expression with @, i.e. $db = @mysql_connect( $host, $user, $password) or die ('Sorry, server is down!'); Greetings, Herb - Original Message - From: "Gert Mellak" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, May 09, 2002 4:00 PM Subject: [PHP] error-catching > Hi! > > When I open a database connection and i. e. the db-server is down, > I get a very long, long error message telling me that the server is down. > > What I want to do is just echo a text, i. e. "DB-Server down" and leave out > the error message. > > Does anyone have an idea how to manage this? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] include text from a html-file online
I want to include text from a html-file that is online at another website. To be more precise: I want to include my seti-stats from http://setiathome.ssl.berkeley.edu/ on my own homepage. Can I do this with PHP? Sincerely Andreas Indahl -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: error-catching
use or die ("DB-server down"); at the end of you line. "Gert Mellak" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]... > Hi! > > When I open a database connection and i. e. the db-server is down, > I get a very long, long error message telling me that the server is down. > > What I want to do is just echo a text, i. e. "DB-Server down" and leave out > the error message. > > Does anyone have an idea how to manage this? > > I'd be grateful for any information! > > TIA, > > Gert. > [EMAIL PROTECTED] > http://mellak.com > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: error-catching
J Smith <[EMAIL PROTECTED]> schrieb in im Newsbeitrag: [EMAIL PROTECTED] > > You can write your own error handlers using set_error_handler(). Then, > depending on the error code, you can decide whether you should display the > error message, email it to you, log it, whatever. > > http://www.php.net/manual/en/function.set-error-handler.php thank you very much! this seems to be what I was looking for! > > If you just want to hide the error message, there's nothing wrong with using > @. ok, it's a new point of view... I've always thought that this is bad programming style! Thank you for your hints! Gert. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: error-catching
You can write your own error handlers using set_error_handler(). Then, depending on the error code, you can decide whether you should display the error message, email it to you, log it, whatever. http://www.php.net/manual/en/function.set-error-handler.php If you just want to hide the error message, there's nothing wrong with using @. J Gert Mellak wrote: >> $db_connect = mysql_connect($db_server, $db_user, $db_pass) or > die('Couldn't >> connect to database'); >> >> $db_open = mysql_select_db($db_name, $db_connect) or die('Couldn't select >> database'); > > well, I tried this out and if the mysql-server is down, I get the > "Warning: Unable to connect to mysql-server"-stuff. > > The only way I've found was to connect by @mysql_connect - but that's not > the fine style, yeah? > > Gert. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP --> HTML
On Thursday 09 May 2002 1:23 pm, Dan Hardiker wrote: > You could also use some form of spider to go through your website. These > are usually aimed at downloading a website to your local machine, or for > mass caching. > This should have the effect your after with minimum fuss and no rewriting > of the .php scripts (or need to write another tool). do a google for HTTRACK, very impressed with the sites we've had to cache locally matt -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] A pen pal system with Photo upload feature
You may also use blobs to store the images in the database. That may induce some major slowdown for large numbers of images. I would suggest going with a directory structure on the filesystem, managing the structure from PHP and allowing no more that 100 images per directory. For example: -- ($count_limit-1)) { $dir++; mkdir($image_path.$dir); $im=0; } // Ok, got the final image path - let's store it $image_path.=$dir.$im; // The file upload field is expected to be "image" if (is_uploaded_file($_POST["image"]) { copy($_POST["image"],$image_path) } mysql_run_query("insert into entries set image_path=\"$dir$im\""); ?> -- This is obviously just the skeleton of the upload page, but I hope it's explicit enough to start things going... Bogdan Jason Soza wrote: >Couldn't you just add a column to your MySQL table where the image name >would be stored, then when you display your query results in your >script, just put something like: > >echo ""; > >Seems easy enough. > >Jason Soza > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] register_globals in php4
On Fri, 10 May 2002, Patrick Hsieh wrote: > php4.1 recommends to set register_globals=off in php.ini to make php > more strict. My question is, if I turn off register_globals, what will > happen if any malicious user just try to modify the variable values in > the url? Say, > > http://www.domain.com/xxx.php?id=3&sex=female > > Does it work if user just change the value in the URL directly and send > the url directly to web server? > > How can we avoid the malicious attack by directly http GET/POST with > modified parameter values to make possible system error or compromise? If register_globals is off, then you'll get $_GET['id'] = 3 and $_GET['sex'] = female. It's then up to you to make sure those are okay. But at least $id and $sex won't get set until you explicitly set them in your code. miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] register_globals in php4
Hello list, php4.1 recommends to set register_globals=off in php.ini to make php more strict. My question is, if I turn off register_globals, what will happen if any malicious user just try to modify the variable values in the url? Say, http://www.domain.com/xxx.php?id=3&sex=female Does it work if user just change the value in the URL directly and send the url directly to web server? How can we avoid the malicious attack by directly http GET/POST with modified parameter values to make possible system error or compromise? -- Patrick Hsieh <[EMAIL PROTECTED]> GPG public key http://pahud.net/pubkeys/pahudatpahud.gpg -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] date comparison again
Thank you Miguel! I was missing the /86400 and it works much better now :) On Thu, 9 May 2002, Miguel Cruz wrote: > On Wed, 8 May 2002, Scott St. John wrote: > > Sorry to be so thick this morning, but I have a unix time stamp in my MS > > Sql server that is the date, plus 60 days to expire a password. I want to > > take today's date and compare to the two to see: > > 1)How many days until the password expires > > 2)If the password already expired then force a password change. > > > > I am missing something I am sure because I am not getting the answer I am > > looking for with this code: > > > > $expirePass = strtotime("now"); <-todays date > > $myPassword = ("1026047985");<-from the MS Sql field > > > > $itexpires = ($expirePass - $myPassword); > > $daysleft = intval(($mypassword - now()) / 86400)); > > miguel > -- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] date comparison again
On Wed, 8 May 2002, Scott St. John wrote: > Sorry to be so thick this morning, but I have a unix time stamp in my MS > Sql server that is the date, plus 60 days to expire a password. I want to > take today's date and compare to the two to see: > 1)How many days until the password expires > 2)If the password already expired then force a password change. > > I am missing something I am sure because I am not getting the answer I am > looking for with this code: > > $expirePass = strtotime("now"); <-todays date > $myPassword = ("1026047985");<-from the MS Sql field > > $itexpires = ($expirePass - $myPassword); $daysleft = intval(($mypassword - now()) / 86400)); miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: how to send spaces in the url
LOL! A standard!? In Javascript!? You must be joking. :-) Nope. But it's not difficult. You simply have to access the url string with 'document.location.href', parse out the values individually and replace the space placeholders. Can't remember what the exact javascript function would be.. I think it's 'string.replace' or something like that. I'm certain a quick search.will reveal exactly what you need. -Kevin - Original Message - From: "Pushkar Pradhan" <[EMAIL PROTECTED]> To: "Kyle Gibson" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, May 09, 2002 10:24 AM Subject: Re: [PHP] Re: how to send spaces in the url > Thanks to all who responded. > I think I should have mentioned that I am trying to send these vars. in > the url to a javascript pg. thus won't have access to php on the other > side (i.e. I want to keep it this way for speed). > So as Kyle suggested to replace the " " is the only way? This is fine but > isn't there something standard for this? > > What you could do is think of some random sequence of characters, say > > |-| and use that for a space. > > > > Then, on the receiving script, just remember to use > > str_replace("|-|"," ",$HTTP_SERVER_VARS["QUERY_STRING"]) > > > > > > If you don't have access to the receiving script, then you'll need to > > use "%20". > > > > > > -Kyle > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > -Pushkar S. Pradhan > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php