[PHP] Re: Ive lost a zero somewhere
You could use number_format.. $f = 25.50 * 3 $s = number_format($f,2,'.',NULL); Lang Richard Cook wrote: I have a problem with the following when i multiply for example 25 . 50 * 3 i get 76 . 5 how would i get PHP to recognise the last 0 ie make it 76 . 50 Any ideas? Regards R -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Input Validation of $_SESSION values
On Thursday 06 November 2003 13:36, Chris Shiflett wrote: For example, if you store your sessions in a database, it's pretty trivial for another user to write a PHP script that allows him/her to navigate the filesystem, searching for your database access credentials. After all, if Apache/PHP can read the file that contains this information, then it's fair game for anyone else on the same server. With your database access credentials, it's pretty easy to manipulate session data. Apache hosts can minimise this problem by hardcoding the mysql access credentials into the VirtualHost containers. If security is super important to you, hopefully you can afford a dedicated server. Absolutely. -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- /* 24. You can do this patch with the system up... --Top 100 things you don't want the sysadmin to say */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] anyway to return more than one value?
On Thursday 06 November 2003 10:58, Robert Cummings wrote: It ABSOLUTELY amazes me how this list is so cyclic. Every couple of weeks or so the exact same questions rotate back to the head of the already been answered, but someone needs to ask it again list. Sure they get a wee bit of a rewording-- for instance what is better OOP or procedural? or What are the real advantages using classes? And when do you think they should be used? Anyways, just pointing out something I notice over and over again. That's why one should point these people to RTFM, or STFA, or STFW. But some people can get upset if your answer doesn't includes quotes from the manual, the archives or wherever. Most likely these same people enjoy reading the same questions week after week. (Note _reading_, not answering). -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- /* God is a comic playing to an audience that's afraid to laugh. */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] [Newbie Guide] For the benefit of new members
= This message is for the benefit of new subscribers and those new to PHP. Please feel free to add more points and send to the list. == 1. If you have any queries/problems about PHP try http://www.php.net/manual/en first. You can download a copy and use it offline also. Please also try http://www.php.net/manual/faq.php to get answers to frequently answered questions about PHP (added by Christophe Chisogne). 2. Try http://www.google.com next. Searching for php YOUR QUERY may fetch you relevant results within the first 10 results, if you are lucky. 3. There is a searchable archive of the mailing list discussion at http://phparch.com/mailinglists. Many of the common topics are discussed repeatedly, and you may get answer to your query from the earlier discussions. For example: One of the repeatedly discussed question in the list is Best PHP editor. Everyone has his/her favourite editor. You can get all the opinions by going through the list archives. If you want a chosen list try this link : http://phpeditors.linuxbackup.co.uk/ (contributed by Christophe Chisogne). 4. Just put the following code into a file with a .php extension and access it through your webserver: ?php phpinfo(); ? This will display tons of info if php is enabled, or, it will ask you to download a file if php is NOT enabled. (contributed by Teren) 5. If you are stuck with a script and do not understand what is wrong, instead of posting the whole script, try doing some research yourself. One useful trick is to print the variable/sql query using print or echo command and check whether you get what you expected. After diagnosing the problem, send the details of your efforts (following steps 1, 2 3) and ask for help. 6. PHP is a server side scripting language. Whatever processing PHP does takes place BEFORE the output reaches the client. Therefore, it is not possible to access the users' computer related information (OS, screen size etc) using PHP. You need to go for JavaScript and ask the question in a JavaScript list. (You can access information SENT by the user's browser while requesting pages from your server. You can get the details about browser, OS etc as reported by this request. - contributed by Wouter van Vliet) 7. Provide a clear descriptive subject line. Avoid general subjects like Help!!, A Question etc. Especially avoid blank subjects. 8. When you want to start a new topic, open a new mail composer and enter the mailing list address [EMAIL PROTECTED] instead of replying to an existing thread and replacing the subject and body with your message. 9. It's always a good idea to post back to the list once you've solved your problem. People usually add [SOLVED] to the subject line of their email when posting solutions. By posting your solution you're helping the next person with the same question. [contribued by Chris W Parker] 10. Ask smart questions http://catb.org/~esr/faqs/smart-questions.html [contributed by Jay Blanchard) Hope you have a good time programming with PHP. Best regards, -- Integrated Management Tools for leather industry -- http://www.leatherlink.net Ma Siva Kumar, BSG LeatherLink (P) Ltd, Chennai - 600106 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] High bandwidth application tips
On Wed, Nov 05, 2003 at 05:17:29PM -0800, Chris W. Parker wrote: : : One thing you can do to make loops faster is the following: (yes I've : posted this in the past!!) : : Unoptimized: : : $upperlimit = 100; : : for($i = 0;$i $upperlimit; $++) : { : // your stuff : } : : Optimized: : : $upperlimit = 100; : $i = -1; : : while(++$i $upperlimit) : { : // your stuff : } Still, doing a greater-than or less-than comparison is a bit slow. You could try this: $upperlimit = 100; while ($up-- != 0) { // your stuff } -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Ive lost a zero somewhere
On Thu, Nov 06, 2003 at 03:03:35AM -, Richard Cook wrote: : : when i multiply for example 25 . 50 * 3 i get 76 . 5 how would i get : PHP to recognise the last 0 ie make it 76 . 50 What's with the extra spaces before and after your decimal points? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] php executable and environmental variables
Hello all, I am trying to implement a simple web server (in Java) and I want to add php support. For the moment I do a Process p = Runtime.getRuntime().exec(php /path/to/php/file), I grab the output, seperate headers from body and send it back to the client. For simple php pages this thing works fine. But (obviously) it does not work for pages requiring parameters. So my question is what exactly the php executable searches for in the environment? Which are the (CGI???) variables I'll have to set so that it will process POST and GET correctly? Tnx in advance, Tom. -- Klein bottle for sale... inquire within. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Input Validation of $_SESSION values
[snip] ... Short of any severe bugs in PHP's core, there is no way for a user of your Web application to modify session data ... [/snip] It seems that statement is not completely correct considering the topic discussed in the paper 'Session Fixation Vulnerability in Web-based Applications' (http://secinf.net/uplarticle/11/session_fixation.pdf). I am also interested in the session security issue so any comments on that publication are welcome. hth, Boyan -- Chris Shiflett wrote: --- Pablo Gosse [EMAIL PROTECTED] wrote: In all honesty I don't know enough about how one would go about attempting to hack the values of a session other than through hacking into the session files, so if anyone has any input on this please pass it along. Well, you basically hit the nail on the head (which means you're right, in case that phrase makes no sense to anyone). Short of any severe bugs in PHP's core, there is no way for a user of your Web application to modify session data. This data can be modified by you (so users can potentially modify session data if you have a flaw in your logic, notably $_SESSION['foo'] = $_GET['foo']), or by physical access to the session data store (/tmp, a database, or whatever). So, as far as writing PHP goes, concern yourself with ensuring all data is filtered prior to being stored in the session. A strict naming convention can help here. As far as the environment goes, there are of course many more factors, but you basically want to protect your session data store as you would personal user data or anything else like that. Hope that helps. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php executable and environmental variables
On Thu, Nov 06, 2003 at 11:11:13AM +0200, Tom Diamond wrote: : : I am trying to implement a simple web server (in Java) and I want to add : php support. For the moment I do a Process p = : Runtime.getRuntime().exec(php /path/to/php/file), I grab the output, : seperate headers from body and send it back to the client. For simple : php pages this thing works fine. But (obviously) it does not work for : pages requiring parameters. : So my question is what exactly the php executable searches for in the : environment? Which are the (CGI???) variables I'll have to set so that : it will process POST and GET correctly? POST and GET variables come through via the web server. Since your PHP script is getting invoked at the command line, it does not get these variables. So you'll have to find another way to pass these variables. Maybe via a bunch of command-line switches? Or an external, session-ish data store? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] MySQL Password Function
Hi, I am trying to make my site more secure, can anyone suggest a tutorial on using the mySQL password function with PHP. I can't find anything through google... Thanks for your help -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Site Security
Dan Joseph [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi, I have created a site that allows users to schedule staff, make appointments etc. Users must log in to use the site and the users data is held in the Users table of the MySQL database. However, due to the nature of the site I need to make sure it is 110% secure against hacks etc. Now I know this isn't actually possible but I would appreciate any advice on how I can get it as secure as possible, I have no experience on this aspect of web development. Turn off register globals. Validate all form posts for bogus data. Check that the cookie hasn't been changed with bad characters malliciously. Things like that. Try and break into the site w/o logging in. We paid for a security audit from a company called @stake (www.atstake.com). If you can afford it, I'd contract someone to audit you. -Dan Joseph Thanks for your reply, why would it be necessary to turn off register globals? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Job Vacancy
Hi my company (the one I work for I mean) are looking for a Junior Web Developer. They are based in Berkshire, and would ideally like someone with 1-2 years experience. Skills to include: a firm grasp of HTML and JavaScript, experience of server-side scripting (any flavour, but ASP / PHP preferred). Nice to haves include XML/XSL, MySQL or SQL Server, graphical skills etc... Salary depending on experience - please state expectations. Please drop me a line with your CV if interested - note - you must be living in the area already, and willing to start ASAP. We cannot sponsor any working visa's or the like. Many thanks! ian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Strange problem with dbase_add_record
Hi, i'm doing the following operation: I'm reading multiple rows from a database then writing each row into a dbf file using dbase_add_record. I'm having the following problem : - some rows are beeing written other or not to the dbf file (sometimes). - if i repeat the operation all the rows are beeing written to the dbf file Why is the same operation sometimes working some other times not working !!! ? Thx in advance for any suggestions. __ Do you Yahoo!? Protect your identity with Yahoo! Mail AddressGuard http://antispam.yahoo.com/whatsnewfree -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] File creation date.
Hi, I want to write a PHP function for delete the files in a directory older than 1800 seconds. Is there any function for it ? If not ... How may I obtain the creation date of a file in PHP ? Greetings. --- Carles Xavier Munyoz Baldó [EMAIL PROTECTED] http://www.unlimitedmail.net/ --- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Input Validation of $_SESSION values
From: Boyan Nedkov [EMAIL PROTECTED] [snip] ... Short of any severe bugs in PHP's core, there is no way for a user of your Web application to modify session data ... [/snip] It seems that statement is not completely correct considering the topic discussed in the paper 'Session Fixation Vulnerability in Web-based Applications' (http://secinf.net/uplarticle/11/session_fixation.pdf). I am also interested in the session security issue so any comments on that publication are welcome. No, the statement is still correct. The paper discusses how malicious users could possibly set the SESSION_ID to a predetermined value and then hijack the session because they know it's value. They still cannot directly change session variables that your script is creating. In order to combat session fixation, use the session_regenerate_id() function: http://us2.php.net/manual/en/function.session-regenerate-id.php ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] XML and PHP
Hi! I've been looking at the XML-parserfunctions in the manual, and they seems nice enough. But I'm currently in a project where there is need to read from, write to and edit in XML-files, in some smart way. Our ISP is supporting the following: xml XML Support active XML Namespace Support active EXPAT Version 1.95.6 I suppose the answer to my questions lies in the expath-part, but where do I start, where can I read more about the above expat and which is the best approach for me in this project? We're going to import som data from Navision, XML-formatted, to postgresql, and meanwhile documents are edited they are, until finished, going to be saved as xml-documents on the server. Sincerely Victor -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] File creation date.
From: Carles Xavier Munyoz Baldó [EMAIL PROTECTED] I want to write a PHP function for delete the files in a directory older than 1800 seconds. Is there any function for it ? Start here: http://us2.php.net/manual/en/ref.filesystem.php ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Input Validation of $_SESSION values
Yes, you are right, it was my misunderstanding, sorry guys. Anyway, hope that posting was useful concerning the subject of the discussion. Boyan -- CPT John W. Holmes wrote: From: Boyan Nedkov [EMAIL PROTECTED] [snip] ... Short of any severe bugs in PHP's core, there is no way for a user of your Web application to modify session data ... [/snip] It seems that statement is not completely correct considering the topic discussed in the paper 'Session Fixation Vulnerability in Web-based Applications' (http://secinf.net/uplarticle/11/session_fixation.pdf). I am also interested in the session security issue so any comments on that publication are welcome. No, the statement is still correct. The paper discusses how malicious users could possibly set the SESSION_ID to a predetermined value and then hijack the session because they know it's value. They still cannot directly change session variables that your script is creating. In order to combat session fixation, use the session_regenerate_id() function: http://us2.php.net/manual/en/function.session-regenerate-id.php ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Source code
I have two questions. 1. Is it possible to download the entire PHP site so that i can learn from the source code at my liesure. I know that source code of PHP can be accessible through CVS but is there any anonymous FTP or a zip file download ?? 2. How can i implement the new feature (installed in search page of PHP) on my site. I have gone through the source but i didn't understand anything. I hope it is ok to implement the same on my site since it is open source. Thnx. Thanks Regards, ___ PHPLover Göd döësn't pläy dícë. - Älbërt Ëínstëín -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Website to fax
Hello friends. I am trying to make a restaurant website where we can order on the net. However, since the waiters cannot watch emails, I want to convert the mail() messages from the webpage to a fax using an appropriate gateway. We want one gateway to server many web sites. Is there such a possibility? If yes, can someone please tell me how to start? Thanks Denis -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Website to fax
Won't converting it to a printer be simpler and cheaper? Hello friends. I am trying to make a restaurant website where we can order on the net. However, since the waiters cannot watch emails, I want to convert the mail() messages from the webpage to a fax using an appropriate gateway. We want one gateway to server many web sites. Is there such a possibility? If yes, can someone please tell me how to start? Thanks Denis -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Randum Ian [EMAIL PROTECTED] CBDagency Web Consultant http://www.cbdagency.com DancePortalGlobal Webmaster http://www.danceportalglobal.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Website to fax
See here: http://www.adslguide.org.uk/reviews/2003/q4/efax.asp For an e-mail to fax gateway service review. Mark -Original Message- From: Randum Ian [mailto:[EMAIL PROTECTED] Sent: 06 November 2003 12:31 To: menezesd Cc: php-general Subject: Re: [PHP] Website to fax Won't converting it to a printer be simpler and cheaper? Hello friends. I am trying to make a restaurant website where we can order on the net. However, since the waiters cannot watch emails, I want to convert the mail() messages from the webpage to a fax using an appropriate gateway. We want one gateway to server many web sites. Is there such a possibility? If yes, can someone please tell me how to start? Thanks Denis -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Randum Ian [EMAIL PROTECTED] CBDagency Web Consultant http://www.cbdagency.com DancePortalGlobal Webmaster http://www.danceportalglobal.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Website to fax
[snip] I am trying to make a restaurant website where we can order on the net. However, since the waiters cannot watch emails, I want to convert the mail() messages from the webpage to a fax using an appropriate gateway. We want one gateway to server many web sites. Is there such a possibility? If yes, can someone please tell me how to start? [/snip] php|a just had an article about printing with PHP, the way that you access a fax server is by 'printing' to it. I don't remember which issue at the moment, but you can find out at http://www.phparchitect.com/ As far as a gateway server...uhm, a web server is capable (usually) of hosting several web sites. Go to start with http://www.apache.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: XML and PHP
http://www.zend.com/zend/art/parsing.php http://www.zend.com/zend/tut/tutbarlach.php in fact a google search for php,xml, expat, tutorial pete Victor spång arthursson wrote: Hi! I've been looking at the XML-parserfunctions in the manual, and they seems nice enough. But I'm currently in a project where there is need to read from, write to and edit in XML-files, in some smart way. Our ISP is supporting the following: xml XML Support active XML Namespace Support active EXPAT Version 1.95.6 I suppose the answer to my questions lies in the expath-part, but where do I start, where can I read more about the above expat and which is the best approach for me in this project? We're going to import som data from Navision, XML-formatted, to postgresql, and meanwhile documents are edited they are, until finished, going to be saved as xml-documents on the server. Sincerely Victor -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] File creation date.
Carles -- ...and then Carles Xavier Munyoz Baldó said... % % Hi, Hi! % I want to write a PHP function for delete the files in a directory older than % 1800 seconds. % Is there any function for it ? Not directly. I wouldn't build this into a web script, either (though if you're simply planning to write your system script in php that's fine). I'd run it with cron (say every 20 minutes) no matter what language I used to write it. % % If not ... % How may I obtain the creation date of a file in PHP ? There is a stat() function which should do you nicely. % % Greetings. HTH HAND :-D -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, Science and Health http://justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! pgp0.pgp Description: PGP signature
Re: [PHP] Website to fax
yes, but we plan to route the faxes based on the zip code to various outlets in the city. Thanks Denis Randum Ian [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Won't converting it to a printer be simpler and cheaper? Hello friends. I am trying to make a restaurant website where we can order on the net. However, since the waiters cannot watch emails, I want to convert the mail() messages from the webpage to a fax using an appropriate gateway. We want one gateway to server many web sites. Is there such a possibility? If yes, can someone please tell me how to start? Thanks Denis -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Randum Ian [EMAIL PROTECTED] CBDagency Web Consultant http://www.cbdagency.com DancePortalGlobal Webmaster http://www.danceportalglobal.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] File creation date.
From: Carles Xavier Munyoz Baldó [EMAIL PROTECTED] I want to write a PHP function for delete the files in a directory older than 1800 seconds. Is there any function for it ? Read this thread, too: http://www.phparch.com/mailinglists/msg.php?a=701737s=Mike+Migurski+findsp=1 If you can get your hands on a September issue of php|architect, I had a paragraph about this in my Tips 'n Tricks column. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MySQL Password Function
Hi, it's very simple intead of using insert into users set userPassword='123'; you say insert into users set userPassword=password('123'); Shaun wrote: Hi, I am trying to make my site more secure, can anyone suggest a tutorial on using the mySQL password function with PHP. I can't find anything through google... Thanks for your help -- Raditha Dissanayake. http://www.radinks.com/sftp/ | http://www.raditha/megaupload/ Lean and mean Secure FTP applet with | Mega Upload - PHP file uploader Graphical User Inteface. Just 150 KB | with progress bar. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] php function - netmask validity check
hi, while using ipman php script and come accross this problem... function ip_mask_valid($mask) { $maskroot = (int)sqrt(abs(ip2long($mask))); return ( (float)$maskroot == sqrt(abs(ip2long($mask))) ); } this function is not returning true/successfull output when say given 255.255.254.0 netmask. pls assist. rgds, -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MySQL Password Function
From: Raditha Dissanayake [EMAIL PROTECTED] From: Shaun I am trying to make my site more secure, can anyone suggest a tutorial on using the mySQL password function with PHP. I can't find anything through google... it's very simple intead of using insert into users set userPassword='123'; you say insert into users set userPassword=password('123'); And the column type should be CHAR(16) or VARCHAR(16), as the result of PASSWORD() is always 16 characters. Oh, and this will do almost NOTHING to make your site more secure. Why do you think it will? ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Building PHP source for Linux / Unix.
Hi, Compiling stuff from source is one of the fun things that you get to do on linux. As with most things it takes a while to aquire the taste though. The best place to start usually is the README and INSTALL scripts that you tend to find with almost everything distributed as source. You will also find ./configure --help to be quite usefull. Before you compile PHP you might want to try your hand and apache, which is a lot easier to compile and which you need anyway (unless you plan to run comand line only) have fun. Ananth Kesari wrote: Hi, I am a beginner to building PHP source code for Linux / Unix. I am looking for a document that takes me through a step-by-step guidelines of doing this. Can someone point to a link for this? Thanks, Ananth. -- Raditha Dissanayake. http://www.radinks.com/sftp/ | http://www.raditha/megaupload/ Lean and mean Secure FTP applet with | Mega Upload - PHP file uploader Graphical User Inteface. Just 150 KB | with progress bar. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] preg_replace ^M
Hello i try to replace a string in a file but if i have linefeeds in the string the output file after the replacement has ^M carachters in in if the $replacements[] = test; has no \n in it all is OK $fp = fopen (draft.html, r); $incont = fread ($fp,filesize(draft.html)); fclose ($fp); $patterns[] = /\[CONTENT\]/; $replacements[] = test\nout; $content = preg_replace ($patterns,$replacements,$incont); $fp = fopen (out.html,w); fputs ($fp, $content); fclose($fp); draft.html looks like: form method=post [CONTENT] /form the out put get ugly ^M form method=post ^M SERAVS toro^M ^M /form^M BR/Torsten -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MySQL Password Function
Hi, Oh, and this will do almost NOTHING to make your site more secure. Why do you think it will? ---John Holmes... You are partly right about this we had a nice flame war about this very issue couple of weeks ago on the jabber lists. Anyone interested in the nitty gritty can google on the jabber archives. I still use the password() function whenever i can cause i only have to type in about 10 keystrokes anyhow, the reason is that it will keep other users of the database from accidentaly seeing passwords that they shouldn't. Since this is one way hashes it cannot be decoded. Almost any argument that applies for/against /etc/password would apply to mysql password() as well. -- Raditha Dissanayake. http://www.radinks.com/sftp/ | http://www.raditha/megaupload/ Lean and mean Secure FTP applet with | Mega Upload - PHP file uploader Graphical User Inteface. Just 150 KB | with progress bar. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sessions within new windows
Windows update doesn't fix the problem. I keep my system updated 100% of the time. I no one has mentioned getting it to work on Windows XP. That is what I am using, Windows XP Professional. Maybe the problem is confined to XP. Here is the EXACT IE version that I am using: 6.0.2800.1106.xpsp2.030422-1633 I have a few other machine in the building that have other Versions of M$ Windows on them, I will give those a try and let you know how it goes. -Original Message- From: olinux [mailto:[EMAIL PROTECTED] Sent: Thursday, November 06, 2003 12:48 AM To: Pablo Gosse; [EMAIL PROTECTED] Subject: RE: [PHP] Sessions within new windows If, as Chris wrote, this is indeed a feature/bug of IE, then it must be configurable somewhere, though I'm lost as to where that might be. Does anyone have any ideas how this could be controlled via IE's settings? I've experienced a similar problem on a php based system I use. I don't know what their code looks like. I think its an IE issue though - windows update always fixes the problem for me. http://windowsupdate.microsoft.com olinux __ Do you Yahoo!? Protect your identity with Yahoo! Mail AddressGuard http://antispam.yahoo.com/whatsnewfree -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] High bandwidth application tips
Excellent tips. I think I'm really going to have to polish my sql skills for this task. Any good tools for benchmarking sql queries? -Original Message- From: Wouter van Vliet [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 05, 2003 7:06 PM To: 'Luis Lebron'; 'Jay Blanchard'; 'Marco Tabini'; [EMAIL PROTECTED] Cc: 'Php-General (E-mail)' Subject: RE: [PHP] High bandwidth application tips That depends on the moment this emailing is sent, and how. If you do it at night, when there's less visitors (assuming you run a site mostly meant for ppl in 'your own country'), there's no real need to get a second server to to this. I fourth the thing about database access. As long as you realize that reading from disk isn't the fastest thing around either. Make sure you reduce the number of files to be read to as little as possible. And output with something like readfile() to prevent the files being loaded into memory. Some other things to think about (not only for the sake of performance, but also readability): * Use elseif or switch as much as possible rather than if statements One time I had this script somebody else wrote. About 1000 lines, a complete CMS in one file. It if'ed on simple $_GET vars about 10 times, by opening a new if statement each and every time. After I changed this to if ($_GET['p'] == 'one') { .. } elseif ($_GET['p'] == 'two') { .. }; and so on the script became TWO SECONDS faster. Switch { case 'one': ... }; was not an option here, cuz there were more advanced expressions to be evaluated. * Unset when not used anymore If you load a large amount of data in a variable that exists untill the end of your script but is used only untill a point higher, call unset($Var); to free some memory * Only code what is neccisery (still can't spell that word :D) Logically, do not write something in 5 lines what can be done in 1. And only create temp vars if you really need them. Usually this is when you use it's value more than once. On the same hand, only call a function as much as you need to. One time I found this in some code that reached me: $ID = Array(1, 5, 3, 7, 3, 9); $i = 1; while($i = count($ID)) { $query = SELECT * FROM table WHERE id = '.$ID[$i].'; $result = mysql_query($query); $value = mysql_fetch_array($result); /* .. Do stuff with $value .. */ } I optimized it to: $IDs = Array(1, 5, 3, 7, 3, 9); $ResultSet = mysql_query('SELECT * FROM table WHERE id IN ('.join(',', $IDs).')'); while($value = mysql_fetch_assoc($ResultSet)) { /* .. Do stuff with $value .. */ } Don't think I have to explain why the second version is quite faster. Let me know if some of my lines were of any value to you.. Or anybody else ;) Wouter -Original Message- From: Luis Lebron [mailto:[EMAIL PROTECTED] Sent: Wednesday 05 November 2003 21:12 To: 'Jay Blanchard'; Marco Tabini; [EMAIL PROTECTED] Cc: Luis Lebron; Php-General (E-mail) Subject: RE: [PHP] High bandwidth application tips One of the things I have suggested to the customer is offloading some of the work to a different server. For example, he wants to email a weekly message to all the users with information on records that match their search criteria. I suggested setting up a second server that handles this and other admin function while the main server takes care of the users. Does this sound like a good idea? thanks, Luis -Original Message- From: Jay Blanchard [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 05, 2003 2:10 PM To: Marco Tabini; [EMAIL PROTECTED] Cc: Luis Lebron; Php-General (E-mail) Subject: RE: [PHP] High bandwidth application tips [snip] limit the number of times you need to hit the database. I second Chris on this. [/snip] I third that. The problem can become especially apparent in large databases containing millions of records. Other than that just code cleanly and document, document, document.
Re: [PHP] preg_replace ^M
Those are \r characters from dos newline (\r\n). Generally they are not harmful and many editors can work with them without problems (vim). You can use some utility commands to convert to or from dos or unix newlines. Torsten Rosenberger wrote: Hello i try to replace a string in a file but if i have linefeeds in the string the output file after the replacement has ^M carachters in in if the $replacements[] = test; has no \n in it all is OK $fp = fopen (draft.html, r); $incont = fread ($fp,filesize(draft.html)); fclose ($fp); $patterns[] = /\[CONTENT\]/; $replacements[] = test\nout; $content = preg_replace ($patterns,$replacements,$incont); $fp = fopen (out.html,w); fputs ($fp, $content); fclose($fp); draft.html looks like: form method=post [CONTENT] /form the out put get ugly ^M form method=post ^M SERAVS toro^M ^M /form^M BR/Torsten -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] High bandwidth application tips
From: Luis Lebron [EMAIL PROTECTED] Excellent tips. I think I'm really going to have to polish my sql skills for this task. Any good tools for benchmarking sql queries? If you've been following the Load Stress Tool thead, this program: http://jakarta.apache.org/jmeter/index.html was mentioned. The web site mentions that it can be used to also benchmark SQL queries through JDBC. Seems very useful indeed... :) ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MySQL Password Function
From: Raditha Dissanayake [EMAIL PROTECTED] Oh, and this will do almost NOTHING to make your site more secure. Why do you think it will? You are partly right about this we had a nice flame war about this very issue couple of weeks ago on the jabber lists. Anyone interested in the nitty gritty can google on the jabber archives. I still use the password() function whenever i can cause i only have to type in about 10 keystrokes anyhow, the reason is that it will keep other users of the database from accidentaly seeing passwords that they shouldn't. Since this is one way hashes it cannot be decoded. Almost any argument that applies for/against /etc/password would apply to mysql password() as well. True, true. I actually use MD5() for the same reason, but, really, if someone has access to the database to read the hashes, odds are they have access to the rest of the database and your code. So what are you protecting really? In my eyes, it's just another tool to keep honest people honest... ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] preg_replace ^M
Hello Those are \r characters from dos newline (\r\n). Generally they are not harmful and many editors can work with them without problems (vim). You can use some utility commands to convert to or from dos or unix newlines. But i'm working under Linux. I made a test with HTML Template IT and addBlockfile and thats the same. i fetched the content with tpl-get() and wrote it to a file the same form method=post action=^M ^M ^M hr Tmbp ^M ^M /form^M BR/Torsten -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] preg_replace ^M
From: Torsten Rosenberger [EMAIL PROTECTED] i try to replace a string in a file but if i have linefeeds in the string the output file after the replacement has ^M carachters in in Some text editors will display \r as ^M. So, if you're file uses \r\n as the newline, you'll see these ^M at the end of each line. Using a different text editor or adjusting the properties of the one you've got should fix this. Either way, they shouldn't be visible on the actual PHP/HTML page when viewed over the web. this is an editor issue, not a PHP one, really. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] preg_replace ^M
From: Torsten Rosenberger [EMAIL PROTECTED] Those are \r characters from dos newline (\r\n). Generally they are not harmful and many editors can work with them without problems (vim). You can use some utility commands to convert to or from dos or unix newlines. But i'm working under Linux. Doesn't matter... I made a test with HTML Template IT and addBlockfile and thats the same. So that program is writing \r\n as the newline instead of just \n. It's still just your editor that's displaying the ^M. Maybe you should get a new editor. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] High bandwidth application tips
Yes, a filesystem hit is a filesystem hit .. And yes, be worried about the number of GIF files you serve. Less is always better in this. What I meant in my advice about the readfile() function is that it makes a big deal of a difference whether a file is sent directly to the client, or first also read in the momory of you php file. Just try it. - Make a file with about 1 lines (or more, just to make the difference measurable by a regular watch. - make two php scripts -1. ?php readfile('/path/file.txt'); ? -2. ?php $fd = fopen('/path/file.txt', 'r'); $Buffer = fread($fd, filesize('/path/file.txt'); print $Buffer; ? - Notice the difference in speed and lines of code. Creating indexes on columns that appear in your WHERE clauses can drastically increase performance when hitting the database. Be sure to read your database documentation on creating indexes. Yes, this is true. But please be aware of the fact that INSERTS on tables with indexes are in fact slower. Just as UPDATES on indexed columns. Also, if you have a query like: SELECT column1, column2, column3 FROM tablename WHERE column4 = 'foo' AND column5 = 'bar'; Having an index on just column4 or just column5 doesn't do any good. You will need a index on BOTH columns alter table `tablename` add index name (column4, column5) I think the syntax would be. Gosh, this is getting more and more interesting.. (seriously) Wouter -Original Message- From: olinux [mailto:[EMAIL PROTECTED] Sent: Thursday 06 November 2003 07:28 To: [EMAIL PROTECTED] Subject: RE: [PHP] High bandwidth application tips [snip] I fourth the thing about database access. As long as you realize that reading from disk isn't the fastest thing around either. Make sure you reduce the number of files to be read to as little as possible. And output with something like readfile() to prevent the files being loaded into memory. [/snip] A filesystem hit is a filesystem hit whether your requesting a php file or an image for a button. If you are worried about filesystem hits then shouldn't you also be worried about uneccessarily using GIF's etc. in your page layouts. Likewise cleaning up bloated HTML code and properly using CSS can cut down page filesizes dramatically, saving bandwidth for the server and clients. If users are potentially using dialup, cutting 20K off your pages will make them a lot happier than shaving a couple tenths of a second off the backend processes. (not saying you should not be performance focused on the backend as well.) olinux __ Do you Yahoo!? Protect your identity with Yahoo! Mail AddressGuard http://antispam.yahoo.com/whatsnewfree -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] preg_replace ^M
So that program is writing \r\n as the newline instead of just \n. It's still just your editor that's displaying the ^M. Maybe you should get a new editor. i use vim and the input file don't have \r\n they look normal in vim after the preg_replace in php then they have the ^M BR/Torsten -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Concerning number_format()
I'm using an example straight from the manual on the php site that doesn't seem to work. $price = 1234.567890; $price = number_format($price, 2, '.', ''); echo $price; Returns 1234.567890 Should return 1234.57 correct? Thanks, Ed -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Concerning number_format()
[snip] $price = 1234.567890; $price = number_format($price, 2, '.', ''); echo $price; Returns 1234.567890 Should return 1234.57 correct? [/snip] Use a new variable to hold the modified information $price = 1234.567890; $newPrice = number_format($price, 2, '.', ''); echo $newPrice; -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Concerning number_format()
Duh. Yeah, works like a charm. Thanks, Ed On Thu, 6 Nov 2003, Jay Blanchard wrote: [snip] $price = 1234.567890; $price = number_format($price, 2, '.', ''); echo $price; Returns 1234.567890 Should return 1234.57 correct? [/snip] Use a new variable to hold the modified information $price = 1234.567890; $newPrice = number_format($price, 2, '.', ''); echo $newPrice; -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] High bandwidth application tips
Hi all, I do have a question about optimizing the php for large applications. Many applications group the functions in files (eg. functions.inc.php) or build classes, and these files/classes are called with 'require' or 'include' on the top of each main file. What would be the speed penalty if we have to include many files or if these functions containter files are over 100k in size. I know the php engine will parse them too. Are any tips to follow when using many functions? Thanks, Radu From: Luis Lebron [EMAIL PROTECTED] Excellent tips. I think I'm really going to have to polish my sql skills for this task. Any good tools for benchmarking sql queries? If you've been following the Load Stress Tool thead, this program: http://jakarta.apache.org/jmeter/index.html was mentioned. The web site mentions that it can be used to also benchmark SQL queries through JDBC. Seems very useful indeed... :) ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Site Security
Shaun [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Dan Joseph [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi, I have created a site that allows users to schedule staff, make appointments etc. Users must log in to use the site and the users data is held in the Users table of the MySQL database. However, due to the nature of the site I need to make sure it is 110% secure against hacks etc. Now I know this isn't actually possible but I would appreciate any advice on how I can get it as secure as possible, I have no experience on this aspect of web development. Turn off register globals. Validate all form posts for bogus data. Check that the cookie hasn't been changed with bad characters malliciously. Things like that. Try and break into the site w/o logging in. We paid for a security audit from a company called @stake (www.atstake.com). If you can afford it, I'd contract someone to audit you. -Dan Joseph Thanks for your reply, why would it be necessary to turn off register globals? How could a cookie be changed maliciously? We use sessions anyway so this isn't an issue but I am curious to know :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Concerning number_format()
$price = number_format( (int) $price, 2, '.', ''); Ed Curtis wrote: I'm using an example straight from the manual on the php site that doesn't seem to work. $price = 1234.567890; $price = number_format($price, 2, '.', ''); echo $price; Returns 1234.567890 Should return 1234.57 correct? Thanks, Ed -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] binary or text file
I'm doing a bit of data recovery using php as the scripting language.. Is there a way to determine is a file is binary or text ? all the files are recovered but the file names do not have extensions ! eg chkdsk.exe would be dgfhgj5767363874 as a file name pete -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] preg_replace ^M
Torsten, et al -- ...and then Torsten Rosenberger said... % % So that program is writing \r\n as the newline instead of just \n. It's % still just your editor that's displaying the ^M. Maybe you should get a new % editor. % i use vim Good :-) % % and the input file don't have \r\n they look normal in vim % after the preg_replace in php then they have the ^M I suspect that you have a DOS format file which, after replacement, has a line with only \n (no \r) which makes it a UNIX format file -- with lots of extra \r chars in there. Open your source file with vim. Type :set fileformat and hit return and see what it says (my bet is 'dos'). Type :set fileformat=unix :wq! and then run your script again and check the output (my bet is no more ^M chars). % % BR/Torsten HTH HAND :-D -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, Science and Health http://justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! pgp0.pgp Description: PGP signature
Re: [PHP] preg_replace ^M
Torsten Rosenberger wrote: ^M carachters in in Classical pblm of representing end of line in text files between OS: windows uses \r\n aka CRNL *nixuses \n aka NL (newline) mac uses \r aka CR (carriage return) Good text editors dont care (win: wordpad, not notepad) and can convert while reading/writing (emacs, vim, etc). --not sur for mac way. Use hex editor to know for sure what is 'the' newline char. \r is 0D in hex \n is 0A in hex $ hexdump -C file.txt | head -20 In your case, the src file contains \r\n or the file is written in text mode on a windows server, most probably. $fp = fopen (draft.html, r); $incont = fread ($fp,filesize(draft.html)); (...) $fp = fopen (out.html,w); fputs ($fp, $content); the out put get ugly ^M With files _in_text_mode_ (see flags of fopen), the \n char in PHP is virtual : following OS, PHP version, it can be written as \r, \r\n or \n. Either use non portable t flag on windows to make transparent \r\n -- \n translations, or better always use files in _binary_ mode and choose yourself your eol char (\n is simpler). The latter will improve portability. See php official doc http://www.php.net/manual/en/function.fopen.php FYI: Perl also use a 'virtual' \n char, and that can cause problems. Most of Internet protocols use \r\n as line separators, and sending only \n is asking for trouble soon or later... See perlport(1) Specific info for vim: :help dos-file-formats vim -b file.txt (read in binary mode, eol is always \n) :set ff=dos (read any, write \r\n) :set ff=unix (read dos, write \n) Not using emacs often enough to provide same info. Someone here ? It also does right things automatically, but dont know shortcuts or functions to alter that correct behavirou ;-) Hope it helps, Christophe -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] binary or text file
Pete -- ...and then pete M said... % % I'm doing a bit of data recovery using php as the scripting language.. How interesting. That's certainly a new twist. % % Is there a way to determine is a file is binary or text ? % all the files are recovered but the file names do not have extensions ! You could use file(1) to check. It looks at the first few bytes of a file and compares them against a table (usually in /etc/magic). % % eg chkdsk.exe would be dgfhgj5767363874 as a file name Of course, this implies that you're on a Windows box, which means getting your hands on file() would require a bit more work (but should go well with cygwin). % % pete HTH HAND :-D -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, Science and Health http://justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! pgp0.pgp Description: PGP signature
Re: [PHP] Re: Input Validation of $_SESSION values
--- Boyan Nedkov [EMAIL PROTECTED] wrote: ... Short of any severe bugs in PHP's core, there is no way for a user of your Web application to modify session data ... It seems that statement is not completely correct considering the topic discussed in the paper 'Session Fixation Vulnerability in Web-based Applications' (http://secinf.net/uplarticle/11/session_fixation.pdf). Without reading that paper, I can guess that it explains session fixation. This method of attack does not negate the above statement. It is still your Web application that modifies the session data. A user can trick your application in many different ways, but this is no different than: $_SESSION['foo'] = $_GET['foo']; Right there is a security vulnerability, and the user was able to modify session data, but not without your help. This is the point. Consider a hypothetical situation where all of the data in the session is valid. Now, the user's next visit is to a page that begins like this (substitute appropriate code for is this valid): ? if ($_GET['foo'] is valid data) { $foo = $_GET['foo']; } else { $foo = $_SESSION['foo']; } This is not a security vulnerability, nor does it present a risk (except for the slight risk that your is valid data is broken). This is basically the point. In general, session data is safe, simply because it is data from the server and not data from the client. That's an important difference, and it is something you can leverage to increase the security of your applications. Hope that helps. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: XML and PHP
2003-11-06 kl. 13.42 skrev pete M: http://www.zend.com/zend/art/parsing.php http://www.zend.com/zend/tut/tutbarlach.php in fact a google search for php,xml, expat, tutorial Well, interesting articles but not really what I was searching for. I'm rather looking for something like the parser in Flash, which can open nodes like parent.nextsiebling.nextsibling Anyone have an idea? Sincerely Victor -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] High bandwidth application tips
--- Luis Lebron [EMAIL PROTECTED] wrote: Any good tools for benchmarking sql queries? This may not directly answer your question, but I find the mytop utility very helpful for seeing what is happening with a MySQL server. It's available here: http://jeremy.zawodny.com/mysql/mytop/ Another thing you can do is configure MySQL to log slow queries, and configure slow queries to be more and more critical, so that you can focus on the queries that would make the biggest difference. Sorry fi you're not using MySQL, since I'm assuming you are. :-) Of course, I still think that avoiding database calls as much as possible is a good thing. Hope that helps. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Site Security
--- Shaun [EMAIL PROTECTED] wrote: How could a cookie be changed maliciously? Cookies are sent by the client, so hopefully that alone illustrates the danger. A cookie's value is not guaranteed to be whatever you asked the client to set. The legitimate users of your site will likely be using a browser that adheres to your wishes, but those who try to attack your application will most assuredly not. If there is any way that an alternate value for the cookie can benefit the attacker in any way, you can be assured that someone will eventually find out. Hope that helps. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] BTML 2.0 released!!!
Okay, i am happy that BTML 2.0 is released(finally) It is also known as BTML Template Edition. The 3 files(the parser, a simple template and a test BTML-file) btmltpl.php --- ?php function tpl2html($title, $images, $text, $tplfile = simple.tpl, $links = ) { $tpldata = file_get_contents($tplfile); $trans = array('%title%' = $title, '%text%' = $text, '%images%' = $images, '%links%' = $links); $html = strtr($tpldata, $trans); return $html; } function parseTags($file) { /* readfile... here */ $filedata = file_get_contents($file); $tag_match =(!bttag=(\w*)\s*(.*?)\s*/bttag!is); preg_match_all($tag_match, $filedata, $matches); for ($i=0; $i count($matches[0]); $i++) { $tagname = $matches[1][$i]; $tag['tagname'] = $tagname; $tag['value'] = $matches[2][$i]; $tags[] = $tag; } return $tags; } include_once template.php; $filename = $_GET['name']; $bttags = parseTags($filename); // echo HTMLHEAD; foreach($bttags as $tag) { switch($tag['tagname']) { case 'title': $title = $tag['value']; // echo TITLE . $tag['value'] . /TITLE/HEADBODY; // echo H1 . $tag['value'] . /h1br; break; case 'heading': $completetext .= h1 . $tag['value'] . /h1br; // echo H1 . $tag['value'] . /h1br; break; case 'image': if (!empty($tag['value'])) { // echo IMG SRC=\ . $tag['value'] . \; $images .= IMG SRC=\ . $tag['value'] . \br; } break; case 'text': // echo nl2br($tag['value']); $completetext .= nl2br($tag['value']); break; case 'nl': // echo br\n; $completetext .= br; break; case 'template': $templatefile = $tag['value']; break; case 'link': $links .= a href= . $tag['value'] . . $tag['value'] . /abr } } // echo /body/html; if (empty($templatefile)) { echo tpl2html($title, $images, $completetext); } else { echo tpl2html($title, $images, $completetext, $templatefile); } ? --- simple.tpl --- HTML HEADTITLE%title%/TITLE/HEAD BODY centerh1%title%/h1/centerbr hr %text%brbr Images: br %images% /BODY /HTML --- And test.btm --- bttag=title Welcome to BTML page v1! /bttag bttag=text Welcome to my BTML page!!! This is an experimentally version of HTML!!! brBye!!! /bttag bttag=nl /bttag bttag=heading Bye /bttag --- Hope that you like it and please tell me wat you think of it, Bas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Source code
PHPLover wrote: I have two questions. 1. Is it possible to download the entire PHP site so that i can learn from the source code at my liesure. I know that source code of PHP can be accessible through CVS but is there any anonymous FTP or a zip file download ?? 2. How can i implement the new feature (installed in search page of PHP) on my site. I have gone through the source but i didn't understand anything. I hope it is ok to implement the same on my site since it is open source. Do you want the source used to compile php? That's available in the downloads section of the web site. Or are you talking about the code they wrote to build the site? Look at the bottom right of any page on php's site, and you'll see a link for 'Show Source'. -- By-Tor.com It's all about the Rush http://www.by-tor.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MySQL Password Function
Shaun wrote: Hi, I am trying to make my site more secure, can anyone suggest a tutorial on using the mySQL password function with PHP. I can't find anything through google... Thanks for your help Not that this would make your site more secure (well, I guess it would be more secure than plain text), but just use it in your query INSERT INTO someDB.someTable ( username, password ) VALUES ( '{$username}', PASSWORD('{$password}'); -- By-Tor.com It's all about the Rush http://www.by-tor.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MySQL Password Function
John Nichel [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Shaun wrote: Hi, I am trying to make my site more secure, can anyone suggest a tutorial on using the mySQL password function with PHP. I can't find anything through google... Thanks for your help Not that this would make your site more secure (well, I guess it would be more secure than plain text), but just use it in your query INSERT INTO someDB.someTable ( username, password ) VALUES ( '{$username}', PASSWORD('{$password}'); -- By-Tor.com It's all about the Rush http://www.by-tor.com Thank you for your replies, can i just confirm that the user uses the encrypted version of the password or the originally inserted version to login? Thanks for your help -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Source code
1. Is it possible to download the entire PHP site so that i can learn from the source code at my liesure. I know that source code of PHP can be accessible through CVS but is there any anonymous FTP or a zip file download? Not to my knowledge. If you don't like using CVS, you can always browse the source here: http://cvs.php.net/cvs.php/phpweb Of course, someone else could do a simple CVS checkout for you or something. But, I don't see why CVS isn't sufficient for what you're wanting. Hope that helps. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MySQL Password Function
Shaun wrote: John Nichel [EMAIL PROTECTED] wrote in message snip Not that this would make your site more secure (well, I guess it would be more secure than plain text), but just use it in your query INSERT INTO someDB.someTable ( username, password ) VALUES ( '{$username}', PASSWORD('{$password}'); -- By-Tor.com It's all about the Rush http://www.by-tor.com Thank you for your replies, can i just confirm that the user uses the encrypted version of the password or the originally inserted version to login? Thanks for your help Yes, you can. But by the time it has reached the MySQL server, it has passed from the client to your server via plain text, and to my understanding (I may be wrong here), MySQL's built in password function isn't all that secure. For better security, I would suggest a combination of https and md5, or write a custom encryption function. -- By-Tor.com It's all about the Rush http://www.by-tor.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] High bandwidth application tips
I guess there is a configuration option in my.cnf for logging slow queries? Luis -Original Message- From: Chris Shiflett [mailto:[EMAIL PROTECTED] Sent: Thursday, November 06, 2003 9:11 AM To: Luis Lebron; 'Wouter van Vliet'; 'Jay Blanchard'; 'Marco Tabini'; [EMAIL PROTECTED] Cc: 'Php-General (E-mail)' Subject: RE: [PHP] High bandwidth application tips --- Luis Lebron [EMAIL PROTECTED] wrote: Any good tools for benchmarking sql queries? This may not directly answer your question, but I find the mytop utility very helpful for seeing what is happening with a MySQL server. It's available here: http://jeremy.zawodny.com/mysql/mytop/ Another thing you can do is configure MySQL to log slow queries, and configure slow queries to be more and more critical, so that you can focus on the queries that would make the biggest difference. Sorry fi you're not using MySQL, since I'm assuming you are. :-) Of course, I still think that avoiding database calls as much as possible is a good thing. Hope that helps. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp
RE: [PHP] High bandwidth application tips
--- Luis Lebron [EMAIL PROTECTED] wrote: I guess there is a configuration option in my.cnf for logging slow queries? There, or you can pass it in as a command line argument when you start the server. Here is a good URL for more information: http://www.mysql.com/doc/en/Slow_query_log.html You can keep decreasing the value of long_query_time as you improve your queries. Hope that helps. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP's own perl2exec converter?
Hi, I am looking for the PHP-equivalent of Perl's perl2exec (script to binary converter). Where can I find this? Thanks in advance, Guillaume Dupuis -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP's own perl2exec converter?
[snip] I am looking for the PHP-equivalent of Perl's perl2exec (script to binary converter). Where can I find this? [/snip] http://www.priadoblender.com/index.php?layout=maincslot_1=2 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] High bandwidth application tips
Luis, et al -- ...and then Luis Lebron said... % % One of the things I have suggested to the customer is offloading some of the % work to a different server. For example, he wants to email a weekly message ... % Does this sound like a good idea? If you can afford more servers, it's almost always good :-) In addition, if you're going to be sending high volumes of mail, it's very probably a good idea. I recently coded up some parts of a marketing/fan site for promoting music groups, video games, and such (surf over to killswitcharmy.com and/or didofans.com if you're interested). One thing we do is send template-driven personalized (== one message per person) bulk mail to our members. With some casual tuning, I managed to get this quad-Xeon box with 1G RAM and hw-mirrored SCSI drives down to about 120ms per message injection, or 30K/hr, but then they have to get off of the box. We're currently seeing a bottleneck in the mail queue as messages try to get to other machines, have to wait to retry, and so on -- and it blocks normal mail like our admin messages and the verification emails for new subscribers. Since we're at the mercy of the world's connectivity, it doesn't matter whether we queue up a batch in the middle of the night or any other time; even though 80% of our emails will make it out within a couple of hours at most, on a 55K mailing that leaves 11K still hanging around having to be retried (often repeatedly), and it takes a while to get through those to send out a fresh email. We're currently playing with setting up two separate queues so that all of the bulk mail (both initial and retries) is handled separately, and at low priority, while the rest of the mail is handled by the normal queue (which will also get some hi-perf tuning), but that still leaves bounces to be handled in the normal incoming stream (fortunately we can process things very fast, even if the rest of the world can't, so that's not so terribly bad). It would be easier to just have a bulk mail machine to handle all of that traffic and then the normal machine could handle subscriptions and admin messages with ease, but the client won't pay an additional monthly fee for a separate mail box. % % thanks, % % Luis HTH HAND keep us posted :-) :-D -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, Science and Health http://justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! pgp0.pgp Description: PGP signature
Re: [PHP] High bandwidth application tips
Eugene, et al -- ...and then Eugene Lee said... % ... % % Still, doing a greater-than or less-than comparison is a bit slow. % You could try this: % % $upperlimit = 100; % while ($up-- != 0) % { Hey, that's pretty slick. And does that reduce to while ($up--) as can be done in C? [I always forget return codes and what is true versus false :-] TIA HAND :-D -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, Science and Health http://justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! pgp0.pgp Description: PGP signature
RE: [PHP] PHP's own perl2exec converter?
Thanks Jay, but I omitted that it was for Linux. Any others? -Original Message- From: Jay Blanchard [mailto:[EMAIL PROTECTED] Sent: Thursday, November 06, 2003 11:36 AM To: Guillaume Dupuis; [EMAIL PROTECTED] Subject: RE: [PHP] PHP's own perl2exec converter? [snip] I am looking for the PHP-equivalent of Perl's perl2exec (script to binary converter). Where can I find this? [/snip] http://www.priadoblender.com/index.php?layout=maincslot_1=2 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] BTML 2.0 released!!!
Bas mailto:[EMAIL PROTECTED] on Thursday, November 06, 2003 7:21 AM said: Okay, i am happy that BTML 2.0 is released(finally) You need to get a website and post a link to the site instead of posting a giant email with code that's not even indented and probably wrapped in some places. -- Don't like reformatting your Outlook replies? Now there's relief! http://home.in.tum.de/~jain/software/outlook-quotefix/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] OT-Javascript Question
Hi everyone, I know this is off topic, but I was hoping someone could explain this to me. It may be something with php, not sure though. I have this exact code on a regular html file and it works fine, copy paste to php file, and it doesn't work. script language=JavaScript src=handler.js/script *snip* input type=text name=10_Accounting_Unit size=1 maxlength=1 value={$_SESSION['10_Accounting_Unit']} onKeyUp=movefocus(10_Accounting_Unit,11_Accounting_Unit,1); and the movefocus function is basically justif 10_Accounting_Unit.length == 1 11_Accounting_Unit.focus; of course it's a function, and the variables are used.. etc.. but I was just wondering why this doesn't work on my php page. Thanks, Jake
Re: [PHP] OT-Javascript Question
--- Jake McHenry [EMAIL PROTECTED] wrote: input type=text name=10_Accounting_Unit size=1 maxlength=1 value={$_SESSION['10_Accounting_Unit']} onKeyUp=movefocus(10_Accounting_Unit,11_Accounting_Unit,1); This looks like you're trying to go in and out of PHP mode without using ?...?, ?php...?, etc. Try something like this: input type=text name=accounting_unit value=? echo $_SESSION['accounting_unit']; ? / Hope that helps. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] anyway to return more than one value?
Robert Cummings mailto:[EMAIL PROTECTED] on Wednesday, November 05, 2003 6:59 PM said: It ABSOLUTELY amazes me how this list is so cyclic. Do you think this list is more so than any other list? I'm on a few and it seems to be the same way everywhere. Unfortunately I don't think there's anyway to stop it. alas... And to the thread hijacker I'd suggest you use Google, and search the php archives at http://www.phparch.com/mailinglists/. Chris. -- Don't like reformatting your Outlook replies? Now there's relief! http://home.in.tum.de/~jain/software/outlook-quotefix/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] upload_tmp_dir has no value... could that be the problem?
All, Trying to run an upload script. ?php if ($userfile==none) { echo Problem: no file uploaded; exit; } if (move_uploaded_file($userfile,..$userfile_name)) echo your file was loaded successfully; } else { echo nope; exit; } ? Looks like the problems is in the if (move_uploaded_file.. line also a look at the configuration of PHP4.1.2 shows no value for upload_tmp_dir Any hints? Jason -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MySQL Password Function
On Thu, 6 Nov 2003 09:09:57 -0500, you wrote: True, true. I actually use MD5() for the same reason, but, really, if someone has access to the database to read the hashes, odds are they have access to the rest of the database and your code. So what are you protecting really? Many people use the same password over multiple sites. A database/OS bug could expose the user table without exposing the rest of the machine. If you have the plaintext password you can impersonate the user and modify data. I would be /very/ uncomfortable if I found that a site I use for anything meaningful stored passwords as plaintext. If nothing else, it's a litmus test of how seriously they take security. (agree about using md5() (sha1() is even better) not password(), though - nobody should be using password(), as the manual points out: http://www.mysql.com/doc/en/Miscellaneous_functions.html) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] OT-Javascript Question
Yes, I'm not going in and out of php, the entire html output is php... echo EndHTML html code EndHTML; So I can't do this then? Thanks, Jake - Original Message - From: Chris Shiflett [EMAIL PROTECTED] To: Jake McHenry [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Thursday, November 06, 2003 12:16 PM Subject: Re: [PHP] OT-Javascript Question --- Jake McHenry [EMAIL PROTECTED] wrote: input type=text name=10_Accounting_Unit size=1 maxlength=1 value={$_SESSION['10_Accounting_Unit']} onKeyUp=movefocus(10_Accounting_Unit,11_Accounting_Unit,1); This looks like you're trying to go in and out of PHP mode without using ?...?, ?php...?, etc. Try something like this: input type=text name=accounting_unit value=? echo $_SESSION['accounting_unit']; ? / Hope that helps. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] OT-Javascript Question
Will I have to change my entire page format? As I said, right now it's all being echo'd Jake - Original Message - From: Chris Shiflett [EMAIL PROTECTED] To: Jake McHenry [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Thursday, November 06, 2003 12:16 PM Subject: Re: [PHP] OT-Javascript Question --- Jake McHenry [EMAIL PROTECTED] wrote: input type=text name=10_Accounting_Unit size=1 maxlength=1 value={$_SESSION['10_Accounting_Unit']} onKeyUp=movefocus(10_Accounting_Unit,11_Accounting_Unit,1); This looks like you're trying to go in and out of PHP mode without using ?...?, ?php...?, etc. Try something like this: input type=text name=accounting_unit value=? echo $_SESSION['accounting_unit']; ? / Hope that helps. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] $HTTP_Referer
Hi, am a newbie as of yesterday. Can't figure out how to get the $HTTP_Referer (own domain) of the page entering my form (html), convert it into a variable which is later passed on to my formmailer.php for the $subject variable. xy.html ---form.html--formmailer.php want the $HTTP_Referer or HTTP_URI, file only, (of xy.html) --to be forwarded to form.html, --to be converted in a variable, --which is passed on to formmailer.php, which will use it as subject. Would appreciate your know-how! Jo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] $HTTP_Referer
On Thursday, November 06, 2003 10:31 AM, Josephin wrote: snip xy.html ---form.html--formmailer.php want the $HTTP_Referer or HTTP_URI, file only, (of xy.html) --to be forwarded to form.html, --to be converted in a variable, --which is passed on to formmailer.php, which will use it as subject. /snip Hi Josephin. Simply use $_SERVER['HTTP_REFERER'] to populate a hidden field in your form. So, input type=hidden name=referrer value=?php echo $_SERVER['HTTP_REFERER']; ? Cheers, Pablo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] $HTTP_Referer
--- Josephin [EMAIL PROTECTED] wrote: am a newbie as of yesterday. Welcome! Can't figure out how to get the $HTTP_Referer (own domain) of the page entering my form (html), convert it into a variable which is later passed on to my formmailer.php for the $subject variable. xy.html ---form.html--formmailer.php want the $HTTP_Referer or HTTP_URI, file only, (of xy.html) --to be forwarded to form.html, --to be converted in a variable, --which is passed on to formmailer.php, which will use it as subject. Well, in PHP, you can use $_SERVER['HTTP_REFERER']. However, unless your Web server is configured to treat form.html as a PHP script (which I seriously doubt is the case), you will not have access to this information at that point. So, you can't do what you're describing wihout the original POST request (xy.html - form.html) being to a PHP resource rather than an HTML one. Hope that helps. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Send data Header Response
I would like submit a form to a page, do some processing on that page, then if need be, return to the referrer but also send the submitted data along with it... and data is coming from a POST form, not a GET. I tried header('location:'.$referrer.'?data'.$_POST); or something to that effect... If I can't do this, what options do I have? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sessions within new windows
On Thursday, November 06, 2003 5:51 AM, Donald wrote: I no one has mentioned getting it to work on Windows XP. That is what I am using, Windows XP Professional. Maybe the problem is confined to XP. Here is the EXACT IE version that I am using: 6.0.2800.1106.xpsp2.030422-1633 Hi Donald. I just tried this in XP Professional on IE 6.0 and it worked fine, both via a javascript function and a standard link with the target set to _blank. Anyone else have any idea why this would be happening? Cheers, Pablo -Original Message- From: olinux [mailto:[EMAIL PROTECTED] Sent: Thursday, November 06, 2003 12:48 AM To: Pablo Gosse; [EMAIL PROTECTED] Subject: RE: [PHP] Sessions within new windows If, as Chris wrote, this is indeed a feature/bug of IE, then it must be configurable somewhere, though I'm lost as to where that might be. Does anyone have any ideas how this could be controlled via IE's settings? I've experienced a similar problem on a php based system I use. I don't know what their code looks like. I think its an IE issue though - windows update always fixes the problem for me. http://windowsupdate.microsoft.com olinux __ Do you Yahoo!? Protect your identity with Yahoo! Mail AddressGuard http://antispam.yahoo.com/whatsnewfree -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Send data Header Response
--- Jonathan Villa [EMAIL PROTECTED] wrote: I would like submit a form to a page, do some processing on that page, then if need be, return to the referrer but also send the submitted data along with it... and data is coming from a POST form, not a GET. I tried header('location:'.$referrer.'?data'.$_POST); or something to that effect... If I can't do this, what options do I have? $_POST is an array. You can serialize it, if you want to send it as one variable, or you can send each POST variable as a separate URL variable. Hope that helps. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Send data Header Response
Thanks... but that is something I wanted to avoid. If I put each POST var into the url, then it's as if I used a GET method type... If I serialize the array and pass it back in the URL, I get admin.login.php?data=a%3A3%3A%7Bs%3A8%3A%22username%22%3Bs%3A0%3A%22%22%3Bs%3A3%3A%22pwd%22%3Bs%3A7%3A%22asdfsad%22%3Bs%3A5%3A%22login%22%3Bs%3A5%3A%22login%22%3B%7D after it's been urlencoded...and it still displays the values of the fields... On Thu, 2003-11-06 at 14:17, Chris Shiflett wrote: --- Jonathan Villa [EMAIL PROTECTED] wrote: I would like submit a form to a page, do some processing on that page, then if need be, return to the referrer but also send the submitted data along with it... and data is coming from a POST form, not a GET. I tried header('location:'.$referrer.'?data'.$_POST); or something to that effect... If I can't do this, what options do I have? $_POST is an array. You can serialize it, if you want to send it as one variable, or you can send each POST variable as a separate URL variable. Hope that helps. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Send data Header Response
Thanks, I'll look into that. On Thu, 2003-11-06 at 14:31, CPT John W. Holmes wrote: From: Jonathan Villa [EMAIL PROTECTED] I would like submit a form to a page, do some processing on that page, then if need be, return to the referrer but also send the submitted data along with it... and data is coming from a POST form, not a GET. I tried header('location:'.$referrer.'?data'.$_POST); Can you send the data back to the referrer as GET data (in the URL)? If you must POST it back to the referrer, then you'll need cURL or search the archives for a function called posttohost() (not a core php function, btw). ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sessions within new windows
--- Pablo Gosse [EMAIL PROTECTED] wrote: Hi Donald. I just tried this in XP Professional on IE 6.0 and it worked fine, both via a javascript function and a standard link with the target set to _blank. Anyone else have any idea why this would be happening? No, but it would really be nice if anyone that experiences this could capture the HTTP transaction(s) that illustrate the behavior more definitively. Ethereal (http://www.ethereal.com/) can help with this. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Replacing text on page, but not in img tags
Lets say im trying to replace every occurance of 'hello' with 'bhi/b'. heres a sample page html hello there! /html This would simply change to html bhi/b there! /html but what if it had an img? html hello there! img src=hello.jpg alt=well hello there /html It would then be, html bhi/b there! img src=bhi/b.jpg alt=well bhi/b there /html It would then be completely jacked up. Not only would it do the wrong img, but the tag in general would be screwed be cause of the bold tag. So what can I do? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Send data Header Response
From: Jonathan Villa [EMAIL PROTECTED] I would like submit a form to a page, do some processing on that page, then if need be, return to the referrer but also send the submitted data along with it... and data is coming from a POST form, not a GET. I tried header('location:'.$referrer.'?data'.$_POST); Can you send the data back to the referrer as GET data (in the URL)? If you must POST it back to the referrer, then you'll need cURL or search the archives for a function called posttohost() (not a core php function, btw). ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] restricting text fill on a text area
Here is what I want to do, but I have no idea if it is possible: I want to set up a sized div on my page and be able to fill it with text from a text file. Easy enough, but I want to be able to 'sense' when the text area fills, no matter what size text the browser has set. I don't really want to use the scroll bars as they don't render well, IMO. What I would prefer to do is to have the text fill the area in question and then throw up a next page button, or something of the like. I can see that I would have to parse out the text word by word, wait for the overflow and then have that position be the beginning of the next page. Can anyone see how/whether this would be possible? -- Ian Truelsen Email: [EMAIL PROTECTED] AIM: ihtruelsen Homepage: http://www.ihtruelsen.dyndns.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] To format a number
Hi, I have a little problem. I have a number for example 5 and I would it transform in 5,00. I tried with round() but it doesn't add the numbers after comma with an interger number. Does some funtion that make this exist? Thanks
[PHP] Multiple Image Uploads
Can someone help me with this? I've been trying to get it to work all day :( http://codedump.phpfreaks.com/viewcode.php?id=2061 Jay Fitzgerald, Design Director - Certified Professional Webmaster (CPW-A) - Certified Professional Web Designer (CPWDS-A) - Certified Professional Web Developer (CPWDV-A) - Certified E-Commerce Manager (CECM-A) - Certified Small Business Web Consultant (CWCSB-A) Bayou Internet - http://www.bayou.com Toll Free: 888.30.BAYOU (22968) Vox: 318.338.2034 / Fax: 318.338.2506 E-Mail: [EMAIL PROTECTED] ICQ: 38823829 / AIM: bayoujf / MSN: bayoujf / Yahoo: bayoujf -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Compile on Mac OS X --with-java?
Has anyone managed to get PHP to compile on Mac OS X with the --with-java flag in the configure command? I've tried it with PHP 4.3.2, 4.3.3, and 4.3.4, all without any luck. I'm using Mac OS X Server 10.2.8, with Java 1.4.1. I've tried ./configure --with-mysql --with-apxs --with-xml --with-java=/Library/Java/Home and ./configure --with-mysql --with-apxs --with-xml --with-java When I run make, it dies with: make: *** [ext/java/java.lo] Error 1 I can build just fine if I configure with: ./configure --with-mysql --with-apxs --with-xml Looking over the output from make, it looks like the trouble starts here: /Users/admin/Desktop/php-4.3.3/ext/java/java.c:39:24: JavaVM/jni.h: No such file or directory The only jni.h files I could find are: /Developer/Java/Headers/vm-jni.h /System/Library/Frameworks/JavaVM.framework/Versions/1.3.1/Headers/jni.h /System/Library/Frameworks/JavaVM.framework/Versions/A/Headers/jni.h My knowledge of how Apple set up java gets a bit fuzzy at this point. http://developer.apple.com/documentation/Java/Conceptual/Java131Development/ overview/chapter_2_section_5.html helps a bit, but clearly we're moving beyond just a simple install here. Any ideas? Anybody have success with this? Thanks, Karl -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] restricting text fill on a text area
From: Ian Truelsen [EMAIL PROTECTED] I want to set up a sized div on my page and be able to fill it with text from a text file. Easy enough, but I want to be able to 'sense' when the text area fills, no matter what size text the browser has set. Client side issue, not PHP. Ask on a Javascript list. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sessions within new windows
I am downloading ethereal and I will post my findings. -Original Message- From: Chris Shiflett [mailto:[EMAIL PROTECTED] Sent: Thursday, November 06, 2003 2:31 PM To: Pablo Gosse; Donald Tyler; [EMAIL PROTECTED] Subject: RE: [PHP] Sessions within new windows --- Pablo Gosse [EMAIL PROTECTED] wrote: Hi Donald. I just tried this in XP Professional on IE 6.0 and it worked fine, both via a javascript function and a standard link with the target set to _blank. Anyone else have any idea why this would be happening? No, but it would really be nice if anyone that experiences this could capture the HTTP transaction(s) that illustrate the behavior more definitively. Ethereal (http://www.ethereal.com/) can help with this. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] To format a number
From: [EMAIL PROTECTED] I have a number for example 5 and I would it transform in 5,00. I tried with round() but it doesn't add the numbers after comma with an interger number. Does some funtion that make this exist? You mean some function that'll format a number? Hmmm... number_format() ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] OT-Javascript Question
I got everything working now. For some reason when I put it inside php, it wouldn't work with my variables with the numbers in front (1_Accounting_Unit) so I renamed all of them with the number at the end and they work fine. Jake - Original Message - From: Chuck Vose [EMAIL PROTECTED] To: Jake McHenry [EMAIL PROTECTED] Sent: Thursday, November 06, 2003 3:30 PM Subject: Re: [PHP] OT-Javascript Question You're fine to echo the whole thing, but remember that php happens before the page is ever created (server side as opposed to client side) whereas javascript happens after the page is finished loading on the client computer. So the javascript can't run in the middle of a php script because the php is being loaded on the server. Chris has it right, you just have to plan on php inputting variable and the like by embedding ?php ? tags inside the javascript statements, without the echo's. If you want to keep your echo's you may be having a problem with ' and s. Quotes unfortunately have meaning in both php and javascript so you may have to pass the javascript quotes in with a \ in front so the php's echo doesn't interpret them as an escape into phpland. (by which I mean using \ and \' inside the echo's) Hope this helps you a little. Love, Chuck Vose -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sessions within new windows
Well that's bizarre. I change it back to opening the new windows so that I can go test it on some other machines, and now it works on this machine!? Makes no sense... -Original Message- From: Chris Shiflett [mailto:[EMAIL PROTECTED] Sent: Thursday, November 06, 2003 2:31 PM To: Pablo Gosse; Donald Tyler; [EMAIL PROTECTED] Subject: RE: [PHP] Sessions within new windows --- Pablo Gosse [EMAIL PROTECTED] wrote: Hi Donald. I just tried this in XP Professional on IE 6.0 and it worked fine, both via a javascript function and a standard link with the target set to _blank. Anyone else have any idea why this would be happening? No, but it would really be nice if anyone that experiences this could capture the HTTP transaction(s) that illustrate the behavior more definitively. Ethereal (http://www.ethereal.com/) can help with this. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Replacing text on page, but not in img tags
[snip] It would then be completely jacked up. Not only would it do the wrong img, but the tag in general would be screwed be cause of the bold tag. So what can I do? [/snip] Skip the image tag by using regex. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] fopen url
Hi, I'm trying to read a URL. this works: fopen( http://www.google.com;) this does not work: fopen( http://news.google.com;) If the URL does not start with www, then fopen writes and error message that says success and returns false. What's up with that? Can you help? I'm using PHP 4.2.2. Thanks John -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php