Re: [PHP] Code Review PLEASE !!!

2004-04-05 Thread Jochem Maas 
always do serverside - that the only secure option -
use clientside (in addition) as a favour to the user to avoid repeated 
page requested to fill the form in correctly. (or in order to rearrange 
data before submitting to server)

Matthew Oatham wrote:

Yes I agree I need some validation, dunno whether to do server or client
side validation. I don't think the fleet_id example will be a problem though
as this is retrieved from the database where the field is an int.
Thanks for your feedback

Matt
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_query problem with multi dim arrays

2004-04-05 Thread Jochem Maas 
user curly braces around your arrays in the string e.g:
$sql = INSERT INTO x VALUES ({$_SESSION['add']['name']} ;
oh, and unless add  name are actually constants you should always wrap 
them in single quotes. (php will covert the non-exstent constant into a 
string a issue an E_NOTICE + its overhead)

Richard Harb wrote:

Tuesday, April 6, 2004, 1:21:52 AM, you wrote:


hi...
i cant cut and paste my exact mysql query because it takes the ''
stuff out doubles the $'s and the ,'s in the whole thing (dont know
why but anyways...)...


i have a query that goes something like this:
mysql_query(insert into $GuestbookTable values(NULL,
'$_SESSION[add][date]', '$_SESSION[add][name]',
$_SESSION[add][email]..);


the problem i get is using the multi dimentional arrays to insert
text and stuff all i actually get when i echo the query or do a real
insert is:


echoed it would be something like:
insert into rnjresort.guestbook values(NULL, 'array([add]),
'array([add])', 'array([add])', ...


any idea what the problem is here? do i have the '' in the wrong
places?? i know that works on single dimention arrays but doubled?


Well, then again you can still write your query as:

$sql = INSERT INTO table (field1, field2, ..., fieldn)
$sql .=  VALUES (' . $ar['index1']['index2'][$i] . ' .
 ,' . $ar['index1']['index2'][$i] . ';

or some such ... close/open the strings in between :)

HTH

Richard


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] [solved][PHP] mysql_query problem with multi dim arrays

2004-04-05 Thread Andy B 
 $sql = INSERT INTO x VALUES ({$_SESSION['add']['name']} ;

 oh, and unless add  name are actually constants you should always wrap
 them in single quotes. (php will covert the non-exstent constant into a
 string a issue an E_NOTICE + its overhead)

well that got me on the right track... actually it goes like this:
since php expands the multi dimentional array to its text value (whatever
that variable holds in it) with the {} around it there is no need for '' in
it anywhere... the only thing about the mysql_query deal when using {}
around a varname is you have to have '' around the whole set:
'{$array[index1][index2]}' for mysql will turn out like 'test2' in the
expanded query string


tnx for the help on that

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] assigning NULL to a variable

2004-04-05 Thread Andy B 
how would you assign NULL to a variable if its original value is ? otherwise leave 
it with its value...

the form im working on has a date field called date on the form itself. that date 
will get turned into $_SESSION[add][date] on the next page...
i want it so if the person filling out the form didnt leave a date (left date field 
blank) then it should be NULL so the mysql table will insert the current date...

so far i have this code:
if(empty($_SESSION['add']['date'])){
$_SESSION['add']['date']=NULL//or should it = FALSE??
}
//if its already filled do nothing else to it 

is there a better way to do this than this way?

Re: [PHP] cURL upload meter

2004-04-05 Thread Raditha Dissanayake 

By upload meter do you mean a progress bar which can tell a user how
much of a large upload has been processed thus far?
As far as I understand it PHP cannot access raw POST data so this cannot
be done with PHP alone.
 

Thanks for the mention pablo. megaupload does indeed get a little help 
from perl.

There exists a set of perl/php scripts at
http://www.raditha.com/php/progress.php which does exactly this.
HTH.

Pablo

 



--
Raditha Dissanayake.
-
http://www.radinks.com/print/upload.php
SFTP, FTP and HTTP File Upload solutions 

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] PHP has a bug...?

2004-04-05 Thread Stephen Craton 
I was making a parabola grapher and I was testing out some values. Part of
the script is to take the variable b and multiply it was negative one, then
multiply by 2 times a. I entered a test value where a equals 1, b equals 0,
and c equals 0. The result told me that -1 times 0 is -0.

 

Here's the code I'm using:

 

$x = (-1 * $b) / (2 * $a);

if($x == -0) {

$x = 0;

}

 

I've fixed it for now by putting the if statement, but I'm not sure why it's
giving me -0.

 

Thanks,

Stephen Craton

http://www.melchior.us

 

 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Problem with script halting

2004-04-05 Thread David Robley 
[EMAIL PROTECTED] (Nathan Croker) wrote in
news:[EMAIL PROTECTED]: 

 Thank you for your reply.
 
 Yes the user has permission to execute chmod since when I access the
 server using an FTP Client it works perfectly.
 
 - Nathan Croker
 
 (amazing as a result of one post, I get 6 different spam emails within
 several minutes of posting!)
 - Original Message -
 From: John Holmes [EMAIL PROTECTED]
 To: Nathan Croker [EMAIL PROTECTED]
 Cc: [EMAIL PROTECTED]
 Sent: Sunday, April 04, 2004 5:12 PM
 Subject: Re: [PHP] Problem with script halting
 
 
 Nathan Croker wrote:

  Can anyone tell me why the following line of code halts my entire
  script (anything after it is not processed).
 
  ftp_chmod($conn, 0777, $to);
 
  All other ftp commands in the script work perfectly. I've tried
  replacing '0777' with 777, 1777, in and out of s, but it still
  halts the script, there is nothing after the command to halt the
  execution of the script either. echoing something directly before
  it will appear, but echoing something directly after it does not. 

 The command is probably failing or hanging on the FTP server. Are you
 sure the user you're connecting with has permission to execute chmod?

 ---John Holmes...

As John has said, are you sure that the user you are connecting as - ie the 
user that Apache runs as - has permissions on the ftp server. It is very 
probable that you are connecting as another user.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP]

2004-04-05 Thread David Robley 
[EMAIL PROTECTED] (Nunners) wrote in
news:[EMAIL PROTECTED]: 

 I've got a series of functions which return a list in an array.  How
 can I create an empty array?  Or do I need to check it's a valid array
 before I use it?
 
 Cheers
 James

This may be helpful:

http://uk.php.net/manual/en/language.types.array.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: allowed memory size of

2004-04-05 Thread David Robley 
[EMAIL PROTECTED] (Mathias brito) wrote in 
news:[EMAIL PROTECTED]:

 Hello, I made a script that make a backup of the
 entire site with the PHPZip lib. It's works well with
 small sites, but when the size grow, i receive the
 following message:
 
 Fatal error: Allowed memory size of 1048680 bytes
 exhausted at (null):0 (tried to allocate 170685 bytes)
 in /srv/www/htdocs/zip/pclzip.lib.php on line 2386
 
 What it mean, and what can i do to fix it...

http://www.php.net/manual/en/configuration.directives.php and look for 
memory_limit

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] detecting type of field from $_POST ?

2004-04-05 Thread adwinwijaya 
Hi ..
   i just wonder, is there any  way to detecting the type of field
   (like textarea, button, radio, etc) from $_REQUEST / $_POST ?

   I need to detect that all .. because I want to put a script that
   will remove html tag (with htmlspecialchars() function) ... and
   the problem happen when I use input that produce array (like
   multiple checkbox will produce an array in $_POST).

   Is there any way to do this ?

   thank you

-- 
Best regards,
 adwinwijaya  mailto:[EMAIL PROTECTED]

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP 4.3.4, Apache w/ mod_ssl Compile Help

2004-04-05 Thread trlists 
On 5 Apr 2004 [EMAIL PROTECTED] wrote:

 When doing apachectl startssl I get:
 
 [Mon Apr  5 12:19:53 2004] [warn] Loaded DSO libexec/libphp4.so
 uses plain Apache 1.3 API, this module might crash under EAPI!
 (please recompile it with -DEAPI)

Sorry, I just realized there is a separate php-install list.  I will 
repost this there.

--
Tom

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] detecting type of field from $_POST ?

2004-04-05 Thread Chris Shiflett 
--- adwinwijaya [EMAIL PROTECTED] wrote:
i just wonder, is there any  way to detecting the type of field
(like textarea, button, radio, etc) from $_REQUEST / $_POST ?

Nope.

I need to detect that all .. because I want to put a script that
will remove html tag

You should filter all POST data, regardless of type. The reason is the
same as why you cannot distinguish them - only name/value pairs are
returned. Don't assume your HTML can restrict the type of data that a user
can send.

Hope that helps.

Chris

=
Chris Shiflett - http://shiflett.org/

PHP Security - O'Reilly
 Coming Fall 2004
HTTP Developer's Handbook - Sams
 http://httphandbook.org/
PHP Community Site
 http://phpcommunity.org/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

<    1   2