[PHP] MultiSelect List Box in PHP

[Andy B]

Hi.

I was just wondering where I can find info on how to use a MultiSelect List
Box with PHP? I need to use it with MYSQL 5.0.0, PHP 4.3.9, and windows XP
sp2.

Any help/leads would be greatly appreciated.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] mailparse or imap* ?

[Per Jessen]

I need functions to parse an email and I've been using mailparse sofar.  Works
pretty well, except it has a couple of shortcomings - will only retrieve last
of the Received:-headers, does not decode quoted-printable body-parts, does not
decode RFC2047-encoded filenames in COntent-Disposition. 
So I've been having a closer at imap* - but it's just not very clear if imap*
will for instance deal with a single email available as a string?

mailparse does exactly what I need, except the shortcomings listed are becoming
a problem.

any suggestions? (other than fixing mailparse :-)


-- 
Per Jessen, Zurich
Let your spam stop here -- http://www.spamchek.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] mysql_select_db error

[Steven James Samuel Stapleton]

Relevant information:
Windows XP Pro SP2
PHP 5.0.2
MySQL 4.0.21-nt
command line (not server-side)
mysql_select_db returns no errors, and does not result in a mysql_error(), 
however, later queries result in errors suggesting that the switch failed:


//I'm having problems with mysql_select_db("DBNAME", resource) and
$test = mysql_query("use DBNAME", $resource);
//This results in no errors (I checked to make sure a true value was 
returned,
//and made sure mysql_errno() returned 0).
if(!$test || mysql_errno())
{
 die("Error selecting DB");
}

//next, I'll make a query:
mysql_query("create table foo ( bar int, morebar int )", $resource);
if(mysql_errno())
{
 die(mysql_error());
}
//I get
//No Database Selected

There appear to be quite a few related/similar posts, but I can't find any 
that address this particular variant of the problem, which are solved.

Thanks
-Jim Stapleton 

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Gawd I hate those useless error messages...

[-{ Rene Brehmer }-]

At 15:56 29-10-2004, Richard Davey wrote:
Hello -{,
Friday, October 29, 2004, 3:28:39 PM, you wrote:
RB> since this is the test-server, I run with all errors, alerts, and messages
RB> on, but isn't there someway to make PHP just a little more helpful when
RB> this happens ???
Use an IDE that high-lights typos like this for you? Before it even
gets are far as PHP debugging it? Zend Studio for example would do
this (it did it to me several times this morning!)
Thanks ... will look into it :)
Rene
--
Rene Brehmer
aka Metalbunny
If your life was a dream, would you wake up from a nightmare, dripping of 
sweat, hoping it was over? Or would you wake up happy and pleased, ready to 
take on the day with a smile?

http://metalbunny.net/
References, tools, and other useful stuff...
Check out the new Metalbunny forums at http://forums.metalbunny.net/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php.ini Path at Runtime

[Chris]

Err, I'm not sure how useful this info would be, you may know this 
already, but that wasn't evident in your post.

The Apache 2 php module has a PHPIniDir directive. If you're using 1.3 
it may be possible to compile that feature into it with a minimum of 
fuss, though I wouldn't even have a clue about that.

Chris
Chris Shiflett wrote:
Does anyone know whether there is a way to specify the path of php.ini
within httpd.conf or something similar? There is an environment variabled
named PHPRC that is almost useful enough, but it must exist within the
environment used to start Apache (e.g., using SetEnv in httpd.conf won't
work - the description of putenv() sounds much the same).
I am basically looking for an elegant method of specifying the path to the
php.ini to use when starting Apache, much like how I can specify the path
to httpd.conf with the -f flag:
/usr/local/apache/bin/httpd -f /path/to/httpd.conf
Thanks.
Chris
 

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php.ini Path at Startup

[Jonel Rienton]

I misread your question, thought you were referring to the same 
discussion about the php as cgi :-)

regards,
Jonel
--
I not know English well, but I know 7 computer languages.
On Oct 30, 2004, at 4:05 PM, Chris Shiflett wrote:
--- Jonel Rienton <[EMAIL PROTECTED]> wrote:
There was a very recent discussion about this, look up the
archive from the past week or 2.
If you're referring to the responses to this question:
http://marc.theaimsgroup.com/?l=php-general&m=109907804615206&w=2
then it's a different issue. If you're not, maybe you can elaborate. 
I've
been active on this list for years, and I don't recall seeing the 
answer
to this question. :-)

I'm thinking it's because there isn't a way, and if this is the case, I
want to add it (or convince someone smarter than me to add it).
Just to clarify the question, I want to be able to start Apache and
specify which php.ini I want PHP to use, much like how I can with
httpd.conf:
/usr/local/apache/bin/httpd -f /path/to/httpd.conf
Chris
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] image files - upload and managment

[Jason Wong]

On Saturday 30 October 2004 23:06, Robby Russell wrote:

> > I understand the argument regarding a future change in thumbnail sizes.
> > However, generating thumbnails on a filesystem of images is something
> > that is easily scripted and can be performed on an as-needed basis.
> > (ImageMagick is great for this sort of thing, and scripts in PHP using
> > GD could also be used.)
>
> As I can do when I want it to be a thumbnail. Infact, in PostgreSQL, I
> can use plPHP, plPerl, psycopg, etc and perform these tasks within
> database functions. This isn't an issue at all.

So the point (still) is why generate each request on the fly?

> Also, Gallery 2, is moving to a database backend, one would wonder why
> that would be a good move, considering the sole purpose of gallery is to
> display images.

Moving to a database backend is a good move on the part of Gallery because the 
current version uses flat files to store its data. However are you certain 
that the database backend is also used to store the pictures themselves? 
AFAICT this is not the case and pictures are still stored in the file system.

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
--
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
--
/*
 Earth Army Recruiting Center: What are you, chicken? Buk buk buk! 
*/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Security: Forms and displaying invalid data

[Manuel Lemos]

Hello,
On 10/30/2004 07:35 PM, Rjc wrote:
I have a form, that takes user input, and was wondering what are your 
thoughts of redisplaying user input back on the page after validation 
has failed.

Eg. they have to enter a date in format: '-mm-dd'
and they enter: . etc. or anything for that matter.
Although that would prob be too long for the field, but you get the idea.
How do other people out there tend to handle this? As it only affects 
the user that post the data if anything is malicious.

Some options that I have come up with are:
1. Displaying previous data (or empty field) for example if user is 
editing something.
2. Just displaying exactly what they entered again on the screen.
3. Stripping out certain undesirable characters before displaying.
I think you should always display exactly what the user entered but also 
never avoid doing server side validation before accepting a form with 
invalid values.

The only situation that I recommend discarding invalid values is when 
you pass context values (like for instance the id of a database field 
being edited) through an hidden field. If the field was hidden, it would 
not make much sense to tell the user that the value in the hidden field 
is invalid. An attacker already knows that the spoofed value is not 
valid. There is no point in bringing that up.

Anyway, if you expect a date, always use common methods like regular 
expressions to validate the accepted formats.

You may want to take a look at this forms generation and validation 
class that comes with several examples of how to validate all sorts of 
fields types and only accept the form until all that is submittted is valid.

It even comes with a plug-in that implements a custom date field made of 
several real fields that validates dates for you, including delimiting 
time ranges.

http://www.phpclasses.org/formsgeneration
--
Regards,
Manuel Lemos
PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/
PHP Reviews - Reviews of PHP books and other products
http://www.phpclasses.org/reviews/
Metastorage - Data object relational mapping layer generator
http://www.meta-language.net/metastorage.html
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Security: Forms and displaying invalid data

[Graham Cossey]

> -Original Message-
> From: rjc [mailto:[EMAIL PROTECTED]
> Sent: 30 October 2004 23:35
> To: [EMAIL PROTECTED]
> Subject: [PHP] Security: Forms and displaying invalid data
>
>
> I have a form, that takes user input, and was wondering what are your
> thoughts of redisplaying user input back on the page after validation
> has failed.
>
[snip]
>
> Some options that I have come up with are:
> 1. Displaying previous data (or empty field) for example if user is
> editing something.
> 2. Just displaying exactly what they entered again on the screen.
> 3. Stripping out certain undesirable characters before displaying.

Personally I get really pd off when a form errors and does not return
any of my original entries, especially the larger ones. However, I
understand not re-displaying any 'sensitive' entries such as passwords,
security phrases etc. as they can aid the 'hackers'.

I would not strip out anything you won't accept as you could be giving clues
to the unscrupulous users as to what you will and won't accept.

Graham

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] image files - upload and managment

[Robby Russell]

On Sat, 2004-10-30 at 22:30 +, Matthew Weier O'Phinney wrote:
> * Robby Russell <[EMAIL PROTECTED]>:
> > On Sat, 2004-10-30 at 02:43 -0700, Jaskirat Singh wrote:
> > > App needs to allow users to upload pictures. (jpg and gif),
> > > needs to create thumbnails of those pictures
> > > and to store thumbnails and full pictures.
> > > 
> > > App needs to manage all those files - can be as much as 20K plus
> > > images.
> > > 
> > > I think image file size, file type and image dimensions restrictions
> > > should be easy to handle by using $_FILES array and  getimagesize
> > > function.
> > > 
> > > The issues that I am thinking of and need suggestions about are
> > > 
> > > 1) Storage and retrieval -  File system sounds like a better choice
> > > over database. We are talking about 20 thousand plus pictures.
> >
> > I would do it in the database (PostgreSQL in my case). The speed isn't
> > going to be much slower if you keep things optimized. You can even cache
> > your images if necessary on the filesystem (for high traffic images).
> 
> I have difficulty believing retrieving an image from a database will
> have similar speed performance as simply grabbing it from the
> filesystem... and if you're seeing a need to cache images on the
> filesystem anyways, that's certainly already an argument against it.
> 

I tend to stick as much in the database with strict restraints. I know
that in my database, an image cannot be deleted unless several rules are
met. In the filesystem, a number of things could accidently delete the
wrong file. I treat my images as another piece of data and that data is
kept there by constraints.  

> > > 2) Thumbnails - Should I create those once and save it in a file when
> > > the image is uploaded for the first time. Looks like a faster option
> > > than creating them every time on the fly.
> >
> > I just recently finished working on a project where I knew that would
> > automatically create a thumbnail version of each image on upload... but
> > then I realized that I might one day want to change the default
> > thumbnail sizes.. so what I did was have it create a thumbnail on the
> > fly from the database. (this way I can control the thumbnail size in the
> > future). The speed difference was hardly noticed. I have done what I
> > mentioned above and am now caching images that get loaded frequently. 
> 
> Thumbnailing on the fly may have decent performance, but it *is* slower
> than simply serving up an image. If you doubt that, try surfing from a
> T1 connection some time (dial-up users may not notice the extra time
> required to generate the image, but those on broadband will). In
> addition, if you generate a thumbnail every time the image is requested,
> you're making your server do extra work -- even if you're caching
> oft-requested images.
> 
> I understand the argument regarding a future change in thumbnail sizes.
> However, generating thumbnails on a filesystem of images is something
> that is easily scripted and can be performed on an as-needed basis.
> (ImageMagick is great for this sort of thing, and scripts in PHP using
> GD could also be used.)
> 

As I can do when I want it to be a thumbnail. Infact, in PostgreSQL, I
can use plPHP, plPerl, psycopg, etc and perform these tasks within
database functions. This isn't an issue at all. 

Here are a few reasons why storing in the DB can be more useful. 

http://www.oracle.com/technology/products/intermedia/htdocs/why_images_in_database.html

Also, Gallery 2, is moving to a database backend, one would wonder why
that would be a good move, considering the sole purpose of gallery is to
display images. 

-Robby

-- 
/***
* Robby Russell | Owner.Developer.Geek
* PLANET ARGON  | www.planetargon.com
* Portland, OR  | [EMAIL PROTECTED]
* 503.351.4730  | blog.planetargon.com
* PHP/PostgreSQL Hosting & Development
*--- Now supporting PHP5 ---
/


signature.asc
Description: This is a digitally signed message part

Re: [PHP] php.ini Path at Startup

[Marek Kilimajer]

Chris Shiflett wrote:
--- Jonel Rienton <[EMAIL PROTECTED]> wrote:
There was a very recent discussion about this, look up the
archive from the past week or 2.

If you're referring to the responses to this question:
http://marc.theaimsgroup.com/?l=php-general&m=109907804615206&w=2
then it's a different issue. If you're not, maybe you can elaborate. I've
been active on this list for years, and I don't recall seeing the answer
to this question. :-)
I'm thinking it's because there isn't a way, and if this is the case, I
want to add it (or convince someone smarter than me to add it).
Just to clarify the question, I want to be able to start Apache and
specify which php.ini I want PHP to use, much like how I can with
httpd.conf:
/usr/local/apache/bin/httpd -f /path/to/httpd.conf
Chris
I think this should work:
PHPRC=/etc/php-2.ini /usr/local/apache/bin/httpd -f /path/to/httpd.conf
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Security: Forms and displaying invalid data

[rjc]

I have a form, that takes user input, and was wondering what are your 
thoughts of redisplaying user input back on the page after validation 
has failed.

Eg. they have to enter a date in format: '-mm-dd'
and they enter: . etc. or anything for that matter.
Although that would prob be too long for the field, but you get the idea.
How do other people out there tend to handle this? As it only affects 
the user that post the data if anything is malicious.

Some options that I have come up with are:
1. Displaying previous data (or empty field) for example if user is 
editing something.
2. Just displaying exactly what they entered again on the screen.
3. Stripping out certain undesirable characters before displaying.

Thanks,
Rob
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] image files - upload and managment

[Matthew Weier O'Phinney]

* Robby Russell <[EMAIL PROTECTED]>:
> On Sat, 2004-10-30 at 02:43 -0700, Jaskirat Singh wrote:
> > App needs to allow users to upload pictures. (jpg and gif),
> > needs to create thumbnails of those pictures
> > and to store thumbnails and full pictures.
> > 
> > App needs to manage all those files - can be as much as 20K plus
> > images.
> > 
> > I think image file size, file type and image dimensions restrictions
> > should be easy to handle by using $_FILES array and  getimagesize
> > function.
> > 
> > The issues that I am thinking of and need suggestions about are
> > 
> > 1) Storage and retrieval -  File system sounds like a better choice
> > over database. We are talking about 20 thousand plus pictures.
>
> I would do it in the database (PostgreSQL in my case). The speed isn't
> going to be much slower if you keep things optimized. You can even cache
> your images if necessary on the filesystem (for high traffic images).

I have difficulty believing retrieving an image from a database will
have similar speed performance as simply grabbing it from the
filesystem... and if you're seeing a need to cache images on the
filesystem anyways, that's certainly already an argument against it.

> > 2) Thumbnails - Should I create those once and save it in a file when
> > the image is uploaded for the first time. Looks like a faster option
> > than creating them every time on the fly.
>
> I just recently finished working on a project where I knew that would
> automatically create a thumbnail version of each image on upload... but
> then I realized that I might one day want to change the default
> thumbnail sizes.. so what I did was have it create a thumbnail on the
> fly from the database. (this way I can control the thumbnail size in the
> future). The speed difference was hardly noticed. I have done what I
> mentioned above and am now caching images that get loaded frequently. 

Thumbnailing on the fly may have decent performance, but it *is* slower
than simply serving up an image. If you doubt that, try surfing from a
T1 connection some time (dial-up users may not notice the extra time
required to generate the image, but those on broadband will). In
addition, if you generate a thumbnail every time the image is requested,
you're making your server do extra work -- even if you're caching
oft-requested images.

I understand the argument regarding a future change in thumbnail sizes.
However, generating thumbnails on a filesystem of images is something
that is easily scripted and can be performed on an as-needed basis.
(ImageMagick is great for this sort of thing, and scripts in PHP using
GD could also be used.)

> > 3) Security issues - I believe I must have a world writable "666"
> > permissions directory to keep images as users of the web app are
> > uploading them. Does that create any security holes in my application?

Depends on if you're on your own server or a shared host. One thing you
can do even on a shared host is to make one directory 777 and then have
PHP create directories within that; however, as noted by somebody else
previously, someone else on the shared host could be malicious then and
write over those directories.

If you're on your own server or a dedicated host, give read and write
permissions only to the web server and one or two groups.

> The database will help you add a nice layer of security.

If the OP is on a shared host, that is one of the rare instances I'd
suggest putting uploaded information into a database -- and only if
there's a liklihood of other clients on the server being malicious.
However, in a shared host environment, if a user *does* do something
malicious, you can usually complain to the service provider and get
compensation.


-- 
Matthew Weier O'Phinney   | mailto:[EMAIL PROTECTED]
Webmaster and IT Specialist   | http://www.garden.org
National Gardening Association| http://www.kidsgardening.com
802-863-5251 x156 | http://nationalgardenmonth.org

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php.ini Path at Startup

[Chris Shiflett]

--- Jonel Rienton <[EMAIL PROTECTED]> wrote:
> There was a very recent discussion about this, look up the
> archive from the past week or 2.

If you're referring to the responses to this question:

http://marc.theaimsgroup.com/?l=php-general&m=109907804615206&w=2

then it's a different issue. If you're not, maybe you can elaborate. I've
been active on this list for years, and I don't recall seeing the answer
to this question. :-)

I'm thinking it's because there isn't a way, and if this is the case, I
want to add it (or convince someone smarter than me to add it).

Just to clarify the question, I want to be able to start Apache and
specify which php.ini I want PHP to use, much like how I can with
httpd.conf:

/usr/local/apache/bin/httpd -f /path/to/httpd.conf

Chris

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP in CGI ....php.in

[Jonel Rienton]

Hi,
where did you place your php.ini?
regards,
Jonel
--
I not know English well, but I know 7 computer languages.
On Oct 30, 2004, at 2:48 AM, Christian Ista wrote:

#!/usr/bin/php -c /path/to/php.ini
I tried this
#!/usr/local/lib/php -c php.ini
In the php.ini :
register_globals = on
but that's not work
Any idea ?
Christian,
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Using Google's API with PHP

[Chris Martin]

Rahul S. Johari wrote:
Ave,
Has anyone been able to successfully use the Google API with PHP here? I've
been trying different scripts and each one gives me a similar "Unexpected
T_Function" error. 

The other script from digitalpoint.com does run but it doesn't read my $q,
basically it displays all results from google.. It doesn't actually read my
query at all.
Any help would be appreciated.
Ave.
Rahul S. Johari
Coordinator, Internet & Administration
Informed Marketing Services Inc.
(518) 266-0909 x154
http://www.informed-sources.com
I've done this using the NuSOAP class.
http://www.chriscodes.com/google/
I have a simple source code example. You'll need to include NuSOAP, and 
to replace "Your Google License KEY" in the example with Your Google 
License KEY.

http://www.chriscodes.com/google/google.phps
There's a somple tutorial at:
http://www.devshed.com/c/a/PHP/Using-The-Google-Web-APIs-With-PHP/
--
Chris Martin
Web Developer
Open Source & Web Standards Advocate
http://www.chriscodes.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php.ini Path at Runtime

[Jonel Rienton]

There was a very recent discussion about this, look up the archive from
the past week or 2.

regards,
Jonel

> Does anyone know whether there is a way to specify the path of php.ini
> within httpd.conf or something similar? There is an environment
> variabled named PHPRC that is almost useful enough, but it must exist
> within the environment used to start Apache (e.g., using SetEnv in
> httpd.conf won't work - the description of putenv() sounds much the
> same).
>
> I am basically looking for an elegant method of specifying the path to
> the php.ini to use when starting Apache, much like how I can specify the
> path to httpd.conf with the -f flag:
>
> /usr/local/apache/bin/httpd -f /path/to/httpd.conf
>
> Thanks.
>
> Chris
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php


-- 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] php.ini Path at Runtime

[Chris Shiflett]

Does anyone know whether there is a way to specify the path of php.ini
within httpd.conf or something similar? There is an environment variabled
named PHPRC that is almost useful enough, but it must exist within the
environment used to start Apache (e.g., using SetEnv in httpd.conf won't
work - the description of putenv() sounds much the same).

I am basically looking for an elegant method of specifying the path to the
php.ini to use when starting Apache, much like how I can specify the path
to httpd.conf with the -f flag:

/usr/local/apache/bin/httpd -f /path/to/httpd.conf

Thanks.

Chris

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php compiler

[Curt Zirzow]

* Thus wrote Hodicska Gergely:
> If you see the output, it seems, that PHP evaluate first $b = 0, and 
> this is the problem.
> 
> > $a = 1 && $b = 0
> > PHP sees two expressions here:
> 
> After the precedence table the first thing should be evaluating 1 && $b, 
> so we get:
> $a = false = 0
> Which is not meaningful thing, and maybe this cause that the evaluating 
> of the statment is not in the right order.

&& takes precedence to the left operator's expression and compares
it to the right side, you really want;

$a = 1 && $b && $b = 0


In what ever case, your expression is rather unclear on what you
want to happen.  

if( 1 && $b ) {
  $a = 1;
  $b = 0;
)


Curt
-- 
Quoth the Raven, "Nevermore."

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Trouble with the ISAPI in PHP4

[George Hester]

If I am loading extensions in my php.ini file then this is what happens when I try try 
load the php4isapi.dll.
I go ahead and add it as an ISAPI filter the way it supposed to be done in IIS 5.  
Then I stop the IISAdmin
Service and restart it.  Then I start the Web Puublishing Service. This is where the 
issue arises.  If I am loading
extensions in my php.ini then I will get errors, "./extensions\php_gd2.dll not found " 
for example of course loading
the php_gd2.dll extension in my php.ini.  The specific dll is not the issue.  It 
happens with any extension I have
loaded in my php.ini upon starting the Web Publishing Service.  Any ideas how to fix 
this? 
Thanks.


-- 
George Hester
__

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] image files - upload and managment

[raditha dissanayake]

Robby Russell wrote:
On Sat, 2004-10-30 at 02:43 -0700, Jaskirat Singh wrote:
 

Hi People,
I am writing a web app on LAMP.
The app is sort of yellow pages where people can login and post
advertisments with pictures.
App needs to allow users to upload pictures. (jpg and gif),
needs to create thumbnails of those pictures
and to store thumbnails and full pictures.
App needs to manage all those files - can be as much as 20K plus
images.
I think image file size, file type and image dimensions restrictions
should be easy to handle by using $_FILES array and  getimagesize
function.
The issues that I am thinking of and need suggestions about are
1) Storage and retrieval -  File system sounds like a better choice
over database. We are talking about 20 thousand plus pictures.
   

I would do it in the database (PostgreSQL in my case). The speed isn't
going to be much slower if you keep things optimized. You can even cache
your images if necessary on the filesystem (for high traffic images).
 

Robby's post is full of usefull information however though I am a 
postgresql fan i beg to differ on this point. Speed is definitely going 
to be slower when you insert and retrieve from blob (bytea) fields in 
any database. That's probly why you  you think caching is needed for 
high traffic images  :-)

--
Raditha Dissanayake.

http://www.radinks.com/sftp/ | http://www.raditha.com/megaupload
Lean and mean Secure FTP applet with | Mega Upload - PHP file uploader
Graphical User Inteface. Just 128 KB | with progress bar.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] (Regex) not working, take a quick look at it plz?

[Jason Wong]

On Friday 29 October 2004 23:12, Ryan A wrote:

> I totally suck at RegEx (but am trying to learn), I got the following from
> the web, but its not working for me...
> can anyone spot what I am doing wrong or whats wrong please?

And what *exactly* is wrong?

What did you expect the code to do?

What did the code actually do?

Did you try debuggiong it yourself? print_r() or var_dump() everything.

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
--
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
--
/*
Rome wasn't burnt in a day.
*/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] image files - upload and managment

[Robby Russell]

On Sat, 2004-10-30 at 02:43 -0700, Jaskirat Singh wrote:
> Hi People,
> 
> I am writing a web app on LAMP.
> The app is sort of yellow pages where people can login and post
> advertisments with pictures.
> 
> App needs to allow users to upload pictures. (jpg and gif),
> needs to create thumbnails of those pictures
> and to store thumbnails and full pictures.
> 
> App needs to manage all those files - can be as much as 20K plus
> images.
> 
> I think image file size, file type and image dimensions restrictions
> should be easy to handle by using $_FILES array and  getimagesize
> function.
> 
> The issues that I am thinking of and need suggestions about are
> 
> 1) Storage and retrieval -  File system sounds like a better choice
> over database. We are talking about 20 thousand plus pictures.
> 

I would do it in the database (PostgreSQL in my case). The speed isn't
going to be much slower if you keep things optimized. You can even cache
your images if necessary on the filesystem (for high traffic images).

> 2) Thumbnails - Should I create those once and save it in a file when
> the image is uploaded for the first time. Looks like a faster option
> than creating them every time on the fly.
> 

I just recently finished working on a project where I knew that would
automatically create a thumbnail version of each image on upload... but
then I realized that I might one day want to change the default
thumbnail sizes.. so what I did was have it create a thumbnail on the
fly from the database. (this way I can control the thumbnail size in the
future). The speed difference was hardly noticed. I have done what I
mentioned above and am now caching images that get loaded frequently. 

> 3) Security issues - I believe I must have a world writable "666"
> permissions directory to keep images as users of the web app are
> uploading them. Does that create any security holes in my application?
> 

The database will help you add a nice layer of security.

> 4) Any thing else related to image uploads that one might need to take
> care of. Are there any tutorials on image upload issues.
> 

an example:
http://blog.planetargon.com/index.php?/archives/26_Uploading_images_into_PostgreSQL.html

and here is how you can display the images from the db. I am also using
mod_rewrite so that it looks like it's coming from the filesystem, for
example:

mydomain.com/images/mypic.jpg actually
calls ./image.php?filename=mypic.jpg

http://blog.planetargon.com/index.php?/archives/27_Displaying_image_from_PostgreSQL_large_object_with_PHP.html


hth,

-Robbyu

-- 
/***
* Robby Russell | Owner.Developer.Geek
* PLANET ARGON  | www.planetargon.com
* Portland, OR  | [EMAIL PROTECTED]
* 503.351.4730  | blog.planetargon.com
* PHP/PostgreSQL Hosting & Development
*--- Now supporting PHP5 ---
/


signature.asc
Description: This is a digitally signed message part

Re: [PHP] image files - upload and managment

[Jason Wong]

On Saturday 30 October 2004 09:43, Jaskirat Singh wrote:

> 1) Storage and retrieval -  File system sounds like a better choice
> over database. We are talking about 20 thousand plus pictures.

Using a file system is usually the better choice. With the quantity of files 
you're handling it might be wise to implement some kind of directory hashing. 
For example having several thousand files in a single directory using 
ext2/ext3 file system results in very poor performance.

> 2) Thumbnails - Should I create those once and save it in a file when
> the image is uploaded for the first time. Looks like a faster option
> than creating them every time on the fly.

Definitely much faster to create it once (probably on upload) and store it 
rather than create on the fly each time. 

> 3) Security issues - I believe I must have a world writable "666"
> permissions directory to keep images as users of the web app are
> uploading them. Does that create any security holes in my application?

If you're on a shared-host there's really not much you can do to keep your 
files really (or even fairly) safe from your 'host mates'. What you can do is 
largely limited by how the system was configured. Storing files in the 
database can potentially add a layer of protection. If security is a concern 
then you should shell out the extra for a dedicated host.

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
--
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
--
/*
I am more bored than you could ever possibly be.  Go back to work.
*/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] standard ini settings

[Jason Wong]

On Saturday 30 October 2004 09:06, Reinhart Viane wrote:
> Can someone point me out the best ini settings?
> Which are nowadays used as standards when scripts are writte?
>
> I wanna make sure the codes i (try to) write meet this standards

The file 'php.ini-recommended' which is included in the source tarball has 
reasonably sane settings which you can use as a starting point to tweak to 
your satisfaction.

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
--
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
--
/*
There cannot be a crisis next week.  My schedule is already full.
  -- Henry Kissinger
*/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session and validation

[Jason Wong]

On Saturday 30 October 2004 10:27, Stuart Felenstein wrote:
> --- Chris Shiflett <[EMAIL PROTECTED]> wrote:
> > --- Stuart Felenstein <[EMAIL PROTECTED]> wrote:
> > > I had this thread going yesterday. Then basically
> > > think it reached a stalemate.
> >
> > I think you need to try to simplify your code to the
> > most basic example
> > that demonstrates the problem. By doing this, you'll
> > achieve one of two
> > things:
> >
> > 1. Figure out the problem yourself.
> > 2. Generate a perfect example that we can use to
> > better understand your
> > problem and suggest a solution.
>
> Yes, this is exactly what I did and why I dredged up
> this topic again:
>
> Here is the example:

In my reply to your 'dead' thread I suggested you concoct a barest minimum 
example.

Which means:

> //Check to make sure user didnt exceed 5 selections
> if (count($industry) > 5) {
> echo "you have selected too many industries";

No need to check for more than 5, just more than 1 would be sufficient for 
proof of concept.

> ?>  Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
--
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
--
/*
"If you ever want to get anywhere in politics, my boy, you're going to
have to get a toehold in the public eye."
*/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php compiler

[Klaus Reimer]

Hodicska Gergely wrote:
Oke, but && has a higher precedence. The "right " associativity has 
sense when all the operand has the same precedence.
I think the precedence of left and right associative operands can't be 
compared. The switch between associativities already separates the 
expression (if it could be explained this way). So you have to handle 
"left-evaluated" expressions and "right-evaluated" expressions 
separately. That's why "$b = 0" and "1 && $b" are evaluated separately.

The PHP manual gives a fine example: "Note:  Although ! has a higher 
precedence than =, PHP will still allow expressions similar to the 
following: if (!$a = foo()), in which case the output from foo() is put 
into $a."

And that's because "=" is "right" and "!" is "non-associative".
--
Bye, K  (FidoNet: 2:240/2188.18)
[A735 47EC D87B 1F15 C1E9  53D3 AA03 6173 A723 E391]
(Finger [EMAIL PROTECTED] to get public key)


signature.asc
Description: OpenPGP digital signature

Re: [PHP] php compiler

[Hodicska Gergely]

"=" has a "right " associativity. This is well explained on the page you 
Oke, but && has a higher precedence. The "right " associativity has 
sense when all the operand has the same precedence.

Felho
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php compiler

[Hodicska Gergely]

If you see the output, it seems, that PHP evaluate first $b = 0, and 
this is the problem.

> $a = 1 && $b = 0
> PHP sees two expressions here:
After the precedence table the first thing should be evaluating 1 && $b, 
so we get:
$a = false = 0
Which is not meaningful thing, and maybe this cause that the evaluating 
of the statment is not in the right order.

Felho
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php compiler

[Klaus Reimer]

Hodicska Gergely wrote:
$a = 1 && $b = 0
PHP sees two expressions here:
After the precedence table the first thing should be evaluating 1 && $b, 
so we get:
$a = false = 0
Which is not meaningful thing, and maybe this cause that the evaluating 
of the statment is not in the right order.
"=" has a "right " associativity. This is well explained on the page you 
think I have not read. See Example 15-1. "$b = 0" is evaluated first and 
the "1 && $b" is evaluated after that.

Everything else would make no sense. "(1 && $b) = 0" is not a valid 
expression and throws an error.

--
Bye, K  (FidoNet: 2:240/2188.18)
[A735 47EC D87B 1F15 C1E9  53D3 AA03 6173 A723 E391]
(Finger [EMAIL PROTECTED] to get public key)


signature.asc
Description: OpenPGP digital signature

Re: [PHP] php compiler

[Klaus Reimer]

Hodicska Gergely wrote:
 > It outputs this: false bool(false) int(0)
Yes, this the right output.
And this output is absolutely correct. Your condition gives new values 
to $a and $b because you use "=" and not "==". So you do this:
Maybe you never read this:
http://hu2.php.net/manual/en/language.operators.php#language.operators.precedence 
The result is not so obvious. There sould some internal behavior which 
cause this.
I don't see the problem. The behaviour of your code matches the
precendences in my opinion:
$a = 1 && $b = 0
PHP sees two expressions here:
$a = 1 && $b   (because && has higher priority than =)
and
$b = 0;
So the condition resolves to "1 && 0" while $a is set to false and $b is
set to 0;
So where is the problem?
--
Bye, K  (FidoNet: 2:240/2188.18)
[A735 47EC D87B 1F15 C1E9  53D3 AA03 6173 A723 E391]
(Finger [EMAIL PROTECTED] to get public key)


signature.asc
Description: OpenPGP digital signature

Re: [PHP] php compiler

[Hodicska Gergely]

> It outputs this: false bool(false) int(0)
Yes, this the right output.
> And this output is absolutely correct. Your condition gives new values
> to $a and $b because you use "=" and not "==". So you do this:
Maybe you never read this:
http://hu2.php.net/manual/en/language.operators.php#language.operators.precedence
The result is not so obvious. There sould some internal behavior which
cause this.
Felho
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php compiler

[Hodicska Gergely]

> Use == instead of = in the if condition.
Thx, I know the difference. The exapmle use willfuly =.
Felho
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php compiler

[Marek Kilimajer]

Marek Kilimajer wrote:
Mike wrote:
You're assigning values in your test.
Use == instead of = in the if condition.
hmm, but he should not get what he gets anyways:
$a = 1 - evaluates to true, continue
$b = 0 - evaluates to false, so the whole if() condition is false, jump 
to else and print:
ok, precedence :)
false
1
0
He gets:
true
false
0
I get (php-5.0.2):
false
false
0
Or am I missing something?
=M
-Original Message-
From: Hodicska Gergely [mailto:[EMAIL PROTECTED] Sent: 
Saturday, October 30, 2004 9:50 AM
To: [EMAIL PROTECTED]
Subject: [PHP] php compiler

Hi!
$a = 0;
$b = 1;
if ($a = 1 && $b = 0) {
echo 'true ';
var_dump($a);
var_dump($b);
} else {
echo 'false ';
var_dump($a);
var_dump($b);
}
Runing this we get: "true bool(false) int(0)"
After the precedence table the first step could be evaluating the &&, 
but not this is what happen.

Can someone exactly explain how PHP process the condition?
THX in advance,
Felho

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php compiler

[Marek Kilimajer]

Mike wrote:
You're assigning values in your test.
Use == instead of = in the if condition.
hmm, but he should not get what he gets anyways:
$a = 1 - evaluates to true, continue
$b = 0 - evaluates to false, so the whole if() condition is false, jump 
to else and print:

false
1
0
He gets:
true
false
0
I get (php-5.0.2):
false
false
0
Or am I missing something?
=M
-Original Message-
From: Hodicska Gergely [mailto:[EMAIL PROTECTED] 
Sent: Saturday, October 30, 2004 9:50 AM
To: [EMAIL PROTECTED]
Subject: [PHP] php compiler

Hi!
$a = 0;
$b = 1;
if ($a = 1 && $b = 0) {
echo 'true ';
var_dump($a);
var_dump($b);
} else {
echo 'false ';
var_dump($a);
var_dump($b);
}
Runing this we get: "true bool(false) int(0)"
After the precedence table the first step could be evaluating the &&, 
but not this is what happen.

Can someone exactly explain how PHP process the condition?
THX in advance,
Felho
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Command Line Script

[- Edwin -]

Hi,

On Sat, 30 Oct 2004 09:42:13 -0400
"Steve Douville" <[EMAIL PROTECTED]> wrote:

> >
> > If you want to stick with PHP, you're better off using an
> > ssh key, so that you're not prompted for the password.
> >
> 
> Ahh, okay thanks. If anyone can point me to some useful
> docs, I'd appreciate it. I've been looking on google but
> not really sure what's right and what's not.

Try this:
  http://www.google.com/search?q=ssh+no+password

I think the first one is the one you're looking for :)

Anyway, just try the other links on the page as well...

HTH,

-- 
- E - copperwalls was here ;)
"There is going to be a resurrection." - Acts 24:15

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php compiler

[Klaus Reimer]

Hodicska Gergely wrote:
$a = 0;
$b = 1;
if ($a = 1 && $b = 0) {
echo 'true ';
var_dump($a);
var_dump($b);
} else {
echo 'false ';
var_dump($a);
var_dump($b);
}
Runing this we get: "true bool(false) int(0)"
Are you sure you posted the example correctly? It outputs this: false 
bool(false) int(0)

And this output is absolutely correct. Your condition gives new values 
to $a and $b because you use "=" and not "==". So you do this:

$b = 0;
$a = 1 && $b;
The condition checks the value of $a (which is false) and so you land in 
the else branch and that's why $b is int(0) and $a is bool(false)

I think you want this:
if ($a == 1 && $b == 0)
--
Bye, K  (FidoNet: 2:240/2188.18)
[A735 47EC D87B 1F15 C1E9  53D3 AA03 6173 A723 E391]
(Finger [EMAIL PROTECTED] to get public key)


signature.asc
Description: OpenPGP digital signature

RE: [PHP] php compiler

[Mike]

You're assigning values in your test.

Use == instead of = in the if condition.

=M

-Original Message-
From: Hodicska Gergely [mailto:[EMAIL PROTECTED] 
Sent: Saturday, October 30, 2004 9:50 AM
To: [EMAIL PROTECTED]
Subject: [PHP] php compiler

Hi!

$a = 0;
$b = 1;
if ($a = 1 && $b = 0) {
echo 'true ';
var_dump($a);
var_dump($b);
} else {
echo 'false ';
var_dump($a);
var_dump($b);
}

Runing this we get: "true bool(false) int(0)"

After the precedence table the first step could be evaluating the &&, 
but not this is what happen.

Can someone exactly explain how PHP process the condition?

THX in advance,
Felho

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] localeconv

[Klaus Reimer]

Hi,
I just noticed an annoying issue with locales in PHP and I'm not sure if 
this behaviour is intended or it's a bug.

I'm doing the following:
setlocale(LC_ALL, 'de_DE');
$l = localeconv();
printf("Decimal point: %s\n", $l['decimal_point']);
printf("Thousands sep: %s\n", $l['thousands_sep']);
This should output a "," as decimal point and a "." as thousands 
separator but it does only output the standard characters (A dot as 
decimal point and nothing as thousands_sep).

My de_DE locale is properly set up. All other data returned by 
localeconv is correct (EUR currency, Euro currency symbol, monetary 
decimal point and monetary thousand separator and so on). Only the 
decimal_point and thousands_sep is not working.

Also interesting is that printf("%.2f", 123.45) correctly outputs 
"123,45". So PHP IS using a comma as decimal point but why does it not 
show up in localeconv()?

I tried exactly the same code in C on the same machine and this is 
working perfectly:

#include 

int main(int argc, char *argv[])
{
struct lconv *l;

setlocale(LC_ALL, "de_DE");
l = localeconv();
printf("Decimal point: %s\n", l->decimal_point);
printf("Thousands sep: %s\n", l->thousands_sep);
return 0;
}
This outputs correct german decimal point and thousands separator.
Is there a reason for this misbehaviour of PHP? Or is it a bug? I 
encounter this with PHP 5.0.2 and 4.3.9.

--
Bye, K  (FidoNet: 2:240/2188.18)
[A735 47EC D87B 1F15 C1E9  53D3 AA03 6173 A723 E391]
(Finger [EMAIL PROTECTED] to get public key)
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] php compiler

[Hodicska Gergely]

Hi!
$a = 0;
$b = 1;
if ($a = 1 && $b = 0) {
echo 'true ';
var_dump($a);
var_dump($b);
} else {
echo 'false ';
var_dump($a);
var_dump($b);
}
Runing this we get: "true bool(false) int(0)"
After the precedence table the first step could be evaluating the &&, 
but not this is what happen.

Can someone exactly explain how PHP process the condition?
THX in advance,
Felho
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Command Line Script

[Steve Douville]

>
> If you want to stick with PHP, you're better off using an ssh key, so that
> you're not prompted for the password.
>

Ahh, okay thanks. If anyone can point me to some useful docs, I'd appreciate
it. I've been looking on google but not really sure what's right and what's
not.

Thanks,
Steve

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Session and validation

[Graham Cossey]

[snip]
>
> Here is the example:
>
> testarray (page1)
> //Start the session
> 
> //Check for the array on submit
> if ( empty( $_SESSION['l_industry'] ) ) {
> $_SESSION['l_industry']=array();
> }

$industry = $_POST['industry']; // ??

> //Check to make sure user didnt exceed 5 selections
> if (count($industry) > 5) {
> echo "you have selected too many industries";
>   exit;
> }

So, if this is the result of a form submission how are you getting the POST
variables?
How/where is $industry being set? I appears that you are assuming that
variables are 'maintained' within a script, they are not. You have to
remember that although you are running the same script it is not the same
'instance' of the script as a request/response has occurred. You MUST pass
and retrieve SESSION/POST/GET variables if you intend to use them in your
script.

$_SESSION['x'] = $_POST['x'];
$_SESSION['y'] = $_POST['y'];
etc etc...

> ?>
>  //Redirect to results page if user stayed in 5 option
> //range
> if ($_SERVER["REQUEST_METHOD"] == "POST") {
>  Header("Location:
> http://www...com/TAresults.php";);
> }

You do not appear to have set the SESSION variables before redirecting to
the next page.

> ?> Transitional//EN"
> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
> 
> 
> 
> Untitled Document
> 
> 
>
> 
>  cellpadding="2" cellspacing="2">
>   
>  action="">

Not sure about this... have you used action="$PHP_SELF" ?

>multiple="multiple" id="industry[]">
>  "Please Select"))) {echo "SELECTED";}
> ?>>Accounting
>  "Please Select"))) {echo "SELECTED";}
> ?>>Entertainment
>  "Please Select"))) {echo "SELECTED";}
> ?>>label
>  "Please Select"))) {echo "SELECTED";} ?>>Advertising
> 
>  "Please Select"))) {echo "SELECTED";} ?>>Customer
> Service
>  "Please Select"))) {echo "SELECTED";} ?>>Informatin
> Technology
>   
>value="Submit">
> 
>   
> 
> 
> 
>
> TAresults (page2):
>
> 
> if ( empty( $_SESSION['l_industry'] ) ) {
> $_SESSION['l_industry']=array();
> }
>
> if ( is_array( $_REQUEST['LurkerIndustry'] ) ) {
> $_SESSION['l_industry'] = array_unique(
> array_merge( $_SESSION['l_industry'],
>  $_REQUEST['LurkerIndustry'] )
> );
> }
> ?>
>  Transitional//EN"
> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
> http://www.w3.org/1999/xhtml";>
> 
> 
> Untitled Document
> 
>
> 
>  echo "The time is"."";
> echo $industry['0']."";
> echo $industry['1']."";
> echo $industry['2']."";
> echo $industry['3']."";
> echo $industry['4']."";
> echo $industry['5']."";
> echo $industry['6']."";
> echo $industry['7']."";
> echo $industry['8']."";
> echo $industry['9']."";
> echo $industry['10']."";
> echo $industry['11']."";

Sorry, I cannot see where $industry is being set. This may just need

$industry = $_SESSION['industry'];

>
> ?>
>  unset($l_industry);
> ?>
> 
> 
>
> The results here, are whether the check passes or not
> the variables never echo.
> If I set action on page 1 to TAresults.php , then they
> echo out fine.
>
> Stuart
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Session and validation

[Stuart Felenstein]

--- Graham Cossey <[EMAIL PROTECTED]> wrote:

> So, if this is the result of a form submission how
> are you getting the POST 
> variables?
> How/where is $industry being set? I appears that you
> are assuming that
> variables are 'maintained' within a script, they are
> not. You have to
> remember that although you are running the same
> script it is not the same
> 'instance' of the script as a request/response has
> occurred. You MUST pass
> and retrieve SESSION/POST/GET variables if you
> intend to use them in your
> script.
> 
Yes, I see your point about the instance changing. I
made the change and set session = post prior to the
redirect and it's working proper.

Now, I will need to go back and try my other scripts
to see if this holds up in them.  I thought I already
tried , but a fresh start may help.

Stuart

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session and validation

[Stuart Felenstein]

--- Chris Shiflett <[EMAIL PROTECTED]> wrote:

> --- Stuart Felenstein <[EMAIL PROTECTED]> wrote:
> > I had this thread going yesterday. Then basically
> > think it reached a stalemate.
> 
> I think you need to try to simplify your code to the
> most basic example
> that demonstrates the problem. By doing this, you'll
> achieve one of two
> things:
> 
> 1. Figure out the problem yourself.
> 2. Generate a perfect example that we can use to
> better understand your
> problem and suggest a solution.
> 
Yes, this is exactly what I did and why I dredged up
this topic again:

Here is the example:

testarray (page1)
//Start the session
 5) {
echo "you have selected too many industries";
exit;
}
?>
http://www...com/TAresults.php";);
}
?>http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>



Untitled Document





  

  
>Accounting
>Entertainment
>label
>Advertising

>Customer
Service
>Informatin
Technology
  
  

  




TAresults (page2):


http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
http://www.w3.org/1999/xhtml";>


Untitled Document



";
echo $industry['0'].""; 
echo $industry['1'].""; 
echo $industry['2'].""; 
echo $industry['3'].""; 
echo $industry['4'].""; 
echo $industry['5'].""; 
echo $industry['6'].""; 
echo $industry['7'].""; 
echo $industry['8'].""; 
echo $industry['9'].""; 
echo $industry['10'].""; 
echo $industry['11']."";

?>




The results here, are whether the check passes or not
the variables never echo. 
If I set action on page 1 to TAresults.php , then they
echo out fine.

Stuart

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] image files - upload and managment

[Jaskirat Singh]

Hi People,

I am writing a web app on LAMP.
The app is sort of yellow pages where people can login and post
advertisments with pictures.

App needs to allow users to upload pictures. (jpg and gif),
needs to create thumbnails of those pictures
and to store thumbnails and full pictures.

App needs to manage all those files - can be as much as 20K plus
images.

I think image file size, file type and image dimensions restrictions
should be easy to handle by using $_FILES array and  getimagesize
function.

The issues that I am thinking of and need suggestions about are

1) Storage and retrieval -  File system sounds like a better choice
over database. We are talking about 20 thousand plus pictures.

2) Thumbnails - Should I create those once and save it in a file when
the image is uploaded for the first time. Looks like a faster option
than creating them every time on the fly.

3) Security issues - I believe I must have a world writable "666"
permissions directory to keep images as users of the web app are
uploading them. Does that create any security holes in my application?

4) Any thing else related to image uploads that one might need to take
care of. Are there any tutorials on image upload issues.


Thanks and HAND.

Jas

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] standard ini settings

[Reinhart Viane]

Can someone point me out the best ini settings?
Which are nowadays used as standards when scripts are writte?
 
I wanna make sure the codes i (try to) write meet this standards
 
Thx
 
  _  

Reinhart Viane 
  [EMAIL PROTECTED] 
Domos || D-Studio 
Graaf Van Egmontstraat 15/3 -- B 2800 Mechelen -- tel +32 15 44 89 01 --
fax +32 15 43 25 26 


STRICTLY PERSONAL AND CONFIDENTIAL 
This message may contain confidential and proprietary material for the
sole use of the intended 
recipient.  Any review or distribution by others is strictly prohibited.
If you are not the intended 
recipient please contact the sender and delete all copies.

 

RE: [PHP] Re: Bug-Tracking-System in PHP ?

[Reinhart Viane]

Hmmm
No email support??

When a bug is posted, updated, a bug note is added, etc everyone who
subscribed to this 'topic' will receive a email on it
We use it in our firm and it works like a charm :)

-Original Message-
From: Michelle Konzack [mailto:[EMAIL PROTECTED] 
Sent: vrijdag 29 oktober 2004 16:51
To: [EMAIL PROTECTED]
Subject: [PHP] Re: Bug-Tracking-System in PHP ?


Am 2004-10-29 09:48:32, schrieb Reinhart Viane:
> Dunno if this is ok:
> http://www.mantisbt.org/

Nice features and 1.0 support postgresql
(can not use MySQL because some tools conflicts with postgresql)

Unfortunatly no E-Mail support...
:-(

Greetings
Michelle

-- 
Linux-User #280138 with the Linux Counter, http://counter.li.org/ 
Michelle Konzack   Apt. 917  ICQ #328449886
   50, rue de Soultz MSM LinuxMichi
0033/3/8845235667100 Strasbourg/France   IRC #Debian (irc.icq.com)

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session and validation

[Chris Shiflett]

--- Stuart Felenstein <[EMAIL PROTECTED]> wrote:
> I had this thread going yesterday. Then basically
> think it reached a stalemate.

I think you need to try to simplify your code to the most basic example
that demonstrates the problem. By doing this, you'll achieve one of two
things:

1. Figure out the problem yourself.
2. Generate a perfect example that we can use to better understand your
problem and suggest a solution.

> I'm wondering has anyone setup forms using session variables
> and validation.

Yes, this is very, very common. :-)

> Validation where the validating is done on the same page, and
> the redirected on success?

This is also very, very common.

> Let me ask though if I setup just a validation page,
> then on success I'm still doing a redirect (cause it's
> a multi page form)
> 
> Or if I validate on the next page and there is an
> error, I redirect back, but then I also have to
> consider how the error is going to get printed on the
> first page.

How you design this is subjective, but my opinion is that redirects are
only handy when you want to avoid the user's browser asking whether to
resubmit a POST request when they're using the history mechanism, as I
describe here:

http://www.phpmag.net/itr/online_artikel/psecom,id,637,nodeid,114.html

Aside from that case (which is your case if you're using the POST method),
I prefer to include the appropriate module rather than redirecting the
user. It seems silly for them to request a resource only to be told to go
somewhere else to find it. If we know where it is, why not just return it?
That's the basis of my opinion. :-)

Hope that helps.

Chris

=
Chris Shiflett - http://shiflett.org/

PHP Security - O'Reilly HTTP Developer's Handbook - Sams
Coming January 2004 http://httphandbook.org/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Session and validation

[Jason Barnett]

Maybe that is my problem , that session variables will
get blown away when the validations are run in the
same page.  Shouldn't be right ?
A session variable will last the lifetime of the session... it's a php.ini 
setting.  Session variables should remain in the session store until it is 
collected by the garbage collector.

Let me ask though if I setup just a validation page,
then on success I'm still doing a redirect (cause it's
a multi page form)
Not sure what the question was here?
Or if I validate on the next page and there is an
error, I redirect back, but then I also have to
consider how the error is going to get printed on the
first page. 
You can store an error message in a session variable.  On the first page do your 
error output like you normally would, just check this session variable to see if 
there's an error.

In addition to this, you can put some javascript on the first page to validate 
on the client's side.  You shouldn't rely on this, but it can cut down on trips 
to the server with bad input.

Anyone ?
Stuart
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP in CGI ....php.in

[Christian Ista]

> #!/usr/bin/php -c /path/to/php.ini

I tried this

#!/usr/local/lib/php -c php.ini

In the php.ini :
register_globals = on

but that's not work

Any idea ?

Christian, 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php