Re: [PHP] Problem using return from a class.
On Wednesday 09 February 2005 01:33, Ben Edwards (lists) wrote: Maybe you should post a bit of code to illustrate your problem ;) I'me just doing:- return $radio_html; as the last line of the method. If I do echo $radio_html; The condense of the variable gets outputted. I could post the method here but its a bit long. You only need to post concise code that illustrates your problem, a one liner to return a value is all the that your method needs. -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- New Year Resolution: Ignore top posted posts -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Apache 2.0.52, PHP 5.03, FreeBSD 4.10 memory problems
[snip] Hope everybody else is sending this guy read receipts? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Using
Richard Lynch wrote: Jochem Maas wrote: Dan Trainor wrote: Hello, all - Being still fairly new to PHP, I thought I'd ask a few more questions and get on to the right track here, developing correct coding habits before I start to teah myself incorrect habits. 7. let others review your code if you can (that's not an invite to post your complete codebase to the list ;-). Hm. It *MIGHT* be an interesting forum somewhere/somehow to have a Code Review site/forum/list for the express purpose of people posting code, and tons of it, for critique... I think such a place would be cool but If you let everyone upload their code then everyone would be sitting around waiting for their own code to be reviewed - I think that the reviews should be by invitation ('hey Richard fancy showing the world your new XXX?'), 1 codebase to be reviewed at a time, with a lead reviewer who acts as moderator. for those of you from the UK... kind of like Blue Peter meets PHP. I cannot count the number of times I've seen code like this: /** foo (void) : function foo * Does foo and returns the result **/ function foo(){ /* Insert spaghetti code here */ } Hello?! What *GOOD* does that documentation do? What always seems to be missing, to me, is the nuts and bolts of how to write GOOD documentation. I actually meant that you should add comments into the meat of the code. yes, start of each function with a description. BUT ALSO explain every friggin' loop so to speak... not just what it does, but how it does it and possibly why. Richard is correct, I think, in saying that adding fancy Doc cruft to make your code look 'professional'... nothing wrong with fancy documentation/comments - just make sure you fill them with something. with the hope of not getting laughed at here is a function I use quite often to save myself from constant isset() checks on request vars. okay so its 'fancy' documentation, but it really explains what it does - and yes it takes 5-6 times as much text to explain what it does than it does to write t. /** * getGP() * * this function will return the value of a GET or POST var that corresponds to the * variable name pasted, if nothing is found NULL is returned. contents of POST array * takes precendence over the contents of the GET array. You can specify a value as second argument * which will be returned if the GP var *does not* exist; a third parameter can be given to * which will act as the return value if the GP *does* exist - the limitation is that the parameter cannot be * used to return a literal NULL; but I suggest that this would probably be a silly thing to do in practice * * @var string $v // the name of GP variable whose value to return * @var mixed $r // value to return if the GP variable was not set * @var mixed $t // value to return if the GP variable was set (i.e. override the value from GP) * * @return mixed */ function getGP($v = '', $r = null, $t = null) { if (!empty($v)) { if (isset($_GET[$v])) { $r = (!is_null($t)) ? $t: $_GET[$v]; } if (isset($_POST[$v])) { $r = (!is_null($t)) ? $t: $_POST[$v];} } return $r; } Anybody got a good reference to something like Documentation Rules such as: Any jargon or technical term being discussed cannot be used as the description of the term. IE, no self-referential definitions. (see example above) I'd really like to be able to recommend a reference of this nature to Beginners. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] perl's Config::Ini File Module equivalent in PHP
Hi All, I just wanted to know if there is an equivalent of Perl's Config::Ini = Module in PHP Thanks, Nikhil. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Using
Jochem Maas wrote: Richard Lynch wrote: Jochem Maas wrote: Dan Trainor wrote: Hello, all - Being still fairly new to PHP, I thought I'd ask a few more questions and get on to the right track here, developing correct coding habits before I start to teah myself incorrect habits. 7. let others review your code if you can (that's not an invite to post your complete codebase to the list ;-). Hm. It *MIGHT* be an interesting forum somewhere/somehow to have a Code Review site/forum/list for the express purpose of people posting code, and tons of it, for critique... I think such a place would be cool but If you let everyone upload their code then everyone would be sitting around waiting for their own code to be reviewed - I think that the reviews should be by invitation ('hey Richard fancy showing the world your new XXX?'), 1 codebase to be reviewed at a time, with a lead reviewer who acts as moderator. for those of you from the UK... kind of like Blue Peter meets PHP. I cannot count the number of times I've seen code like this: /** foo (void) : function foo * Does foo and returns the result **/ function foo(){ /* Insert spaghetti code here */ } Hello?! What *GOOD* does that documentation do? What always seems to be missing, to me, is the nuts and bolts of how to write GOOD documentation. I actually meant that you should add comments into the meat of the code. yes, start of each function with a description. BUT ALSO explain every friggin' loop so to speak... not just what it does, but how it does it and possibly why. Richard is correct, I think, in saying that adding fancy Doc cruft to make your code look 'professional'... nothing wrong with fancy documentation/comments - just make sure you fill them with something. with the hope of not getting laughed at here is a function I use quite often to save myself from constant isset() checks on request vars. okay so its 'fancy' documentation, but it really explains what it does - and yes it takes 5-6 times as much text to explain what it does than it does to write t. /** * getGP() * * this function will return the value of a GET or POST var that corresponds to the * variable name pasted, if nothing is found NULL is returned. contents of POST array * takes precendence over the contents of the GET array. You can specify a value as second argument * which will be returned if the GP var *does not* exist; a third parameter can be given to * which will act as the return value if the GP *does* exist - the limitation is that the parameter cannot be * used to return a literal NULL; but I suggest that this would probably be a silly thing to do in practice * * @var string $v // the name of GP variable whose value to return * @var mixed $r // value to return if the GP variable was not set * @var mixed $t // value to return if the GP variable was set (i.e. override the value from GP) * * @return mixed */ function getGP($v = '', $r = null, $t = null) { if (!empty($v)) { if (isset($_GET[$v])) { $r = (!is_null($t)) ? $t: $_GET[$v]; } if (isset($_POST[$v])) { $r = (!is_null($t)) ? $t: $_POST[$v];} } return $r; } Anybody got a good reference to something like Documentation Rules such as: Any jargon or technical term being discussed cannot be used as the description of the term. IE, no self-referential definitions. (see example above) I'd really like to be able to recommend a reference of this nature to Beginners. I appreciate all the input that I've gotten from all the list members. I think I've come to the conclusion that leaves me exactly where I was prior to asking the question. The determination to split inline code from included files is left strictly up to the programmer him/herself, and there is no rule of thumb to any of this, except in cases where painfully obvious. I thank you all for your time. I'll continue to monitor this list for many months to come. Thanks -dan trainor -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] ability to use extract to $this vars in a class
Guillermo Rauch wrote: If i understand you correctly, you want to extract all the keys and generate class members with them.. // Define class test class test { // We pass an array to the constructor function __construct( $arr ) { foreach($arr as $key = $val ) { $this-{$key} = $val; } // For this example, i print the structure of the object print_r($this); } } $tests = array( 'hi' = 'bye', 'hey' = 'ho', 'lets' = 'go'); $test = new test($tests); I forgot in the previous message to mention that if the member exists, it will be overriden. In addition, you shouldn't use this, as you don't have control over the accessing to the vars. Instead, you should store them in a previously defined array (for example private $_vars; ) another way to control access: class test { private function __construct() {} function __get($var, $val) { $r = (isset($this-$var)) ? isset($this-$var : null; return $r; } function __set($var, $val) { // do some magic here } public static function make($arr) { $t = new test; foreach($arr as $key = $val ) { $t-$key = $val; } return $t; } } $t = test::make(array('one' = '1', 'two' = '2')); -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] perl's Config::Ini File Module equivalent in PHP
Hi, http://uk2.php.net/function.parse-ini-file On Wed, 9 Feb 2005 14:57:33 +0530, Nikhil M [EMAIL PROTECTED] wrote: Hi All, I just wanted to know if there is an equivalent of Perl's Config::Ini = Module in PHP Thanks, Nikhil. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] perl's Config::Ini File Module equivalent in PHP
Hi All, I just wanted to know if there is an equivalent of Perl's Config::Ini = Module in PHP Try parse_ini_file() in the manual... Mikey -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Fatal Error Handling
Hi, I have a set of functions which are potentially dangerous in terms of memory hogging, and need to protect from memory overflow - this is I want to detect when the memory overflow occurs. The manual says that eval() will return false on a fatal error, so I thought I could do something like the following, where it would produce a O for each itteration, and when it failed (memory overflow) it would continue and echo the last line. What I get however is this attached to the end. Any advice would be gratefully recieved (and perhaps, the documentation on eval updating if it can not catch all fatal errors) #! /usr/bin/php ?php $y = 0; $str = ; $code = '$str .= $str . .; return true;'; $x = TRUE; while($x != FALSE){ $x = eval($code); echo O; $y ++; } echo \n $y it's \n\n . $str; ? run: $ ./intellirun2.php OO Fatal error: Allowed memory size of 8388608 bytes exhausted (tried to allocate 4194305 bytes) in /home/jt/work2/sms/web/stats/intellirun2.php(8) : eval()'d code on line 1 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] FTP script and project
[snip] I'm in need of some fully functional stand-alone php FTP scripts, I've searched the web, have downloaded a couple but they don't work. While this looks valid and appears to be uploading the file, no file is ever saved other than a temporary file that vanishes as soon as the file has completed uploading. [/snip] Have you RTFM? http://us2.php.net/manual/en/features.file-upload.php contains an example or two and explains that the temp file disappears and that you should use http://us2.php.net/manual/en/function.move-uploaded-file.php Sorry you don't have time to figure it out. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: stream_set_timeout() stream_get_meta_data() etc...
Quoting Al [EMAIL PROTECTED]: Darn, I left out an important function, the fread(). Code snip should be: $fp= fopen(http://www.anything.com/foo.html, 'rb'); if(!fp) {do something different} stream_set_timeout($fp, 2); $contents= fread($fp, 20); $status= stream_get_meta_data($fp); if($status[timed_out] {do something}; It appears to me there is a basic logic problem. The script must get past the fread() function before it gets to the stream_get_meta_data($fp). But, it hangs up on fread() and the script times out. Set the stream to non-blocking mode (stream_set_blocking). Now all read functions will return instantly, regardless if any data came through. You can test whether you got back anything by checking the returned data. If you now read from the non-blocked stream in a cycle, you will have no dead times and you will always retain control. Only now can you rely on comparing time() with a control value set before entering the cycle and decide to abort if a number of seconds has passed. stream_set_timeout() will be pretty much superfluous at this point and may even hinder your reading from the stream. Important tip: in a non-blocking cycle you MUST have an usleep() somewhere. Otherwise that cycle will consume 100% CPU while it runs. An usleep(1000) will suffice, adjust as needed. -- Romanian Web Developers - http://ROWD.ORG -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Storing CCN's Again...
Richard Lynch wrote: Tony Di Croce wrote: First I should say that I have NO plans to store CCN's on my site, but I do have a related question: Right now I accept CC info from a posted form and then from a PHP script submit that to authorize.net... Is their any way to get PHP to clean up any remnants of any variables that might be in memory after a script is run? IE, is their a way to get PHP to overwrite the memory used by variables at the termination of a script? I wasn't worried about this before but I think the paranoia regarding CCN's on this site has gotten to me... Better safe than sorry! I don't think there is any way to do this... There may be an external library one could compile into PHP, and maybe one could then write their script do scrub their data... Even so, what about $_POST and $_GET and whatever temporary C strings/structs that PHP uses internally to store data. You may want to look at the Hardened PHP site, and see what they've got -- If anybody has done this, they'd be the ones. You could also ask them what they think of the idea from a feasibility stand-point and how useful it would be. I suspect that you'd have to do it at a much lower level than your PHP script, though, to be useful. If I can manage to read your script variables, I can also manage to read the PHP source code's C variables, so scrubbing just the $cc in PHP won't be enough. You'd also need to consider page faults and swap space while you're at it. Scrubbing your RAM does no good at all if the data got swapped to disk and the Bad Guy can read that. There's a low-level C function to force memory to *NOT* get swapped... I forget its name, but run cdrecord as non-root and you'll run into right quick-like, as I did the other night :-) I think, perhaps, though, that this is all going beyond what would be considered expected practice at this juncture in history. As I said earlier, anybody skilled enough to fish in your RAM to get credit card numbers, is probably skilled enough to get them much easier than that. That doesn't mean this won't change tomorrow, if PHP provides an interface to that low-level C function for your variables, or the Hardened PHP guys decided to implement this sort of stuff. Perhaps running Hardened PHP would be a good step to consider for a server handling CC numbers. Even if it's not feasible/needed to scrub RAM today, I'm guessing they'd be the first to implement it if it was feasible/needed. YMMV IANAL NAIAA Amazon store Credit Card Number in their databases. Are we saying that someone could hack into their database server and steal the numbers? Or have Amazon gone far enough to protect their data? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Storing CCN's Again...
Amazon store Credit Card Number in their databases. Are we saying that someone could hack into their database server and steal the numbers? Or have Amazon gone far enough to protect their data? -- I supose they use a similar tactic as i have, and have a two way encryption method. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Shared variable
Hello. Is there any oppertunity to create varaibles that can accessed by more than one instances? I need a way to communicate between many php-instances. It can be, that they are not active to the same time. Is there any way without using a file or a database? Mario -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Student Suspended Over PHP use.
I just ran across this interesting article from awhile back. Pretty funny http://bbspot.com/News/2000/6/php_suspend.html Topeka, KS - High school sophomore Brett Tyson was suspended today after teachers learned he may be using PHP. A teacheroverheard him say that he was using PHP, and as part of our Zero-Tolerance policy against drug use, he was immediately suspended. No questions asked, said Principal Clyde Thurlow. We're not quite sure what PHP is, but we suspect it may be a derivative of PCP, or maybe a new designer drug like GHB. Parents are frightened by the discovery of this new menace in their children's school, and are demanding the school do something. We heard that he found out about PHP at school on the internet. There may even be a PHP web ring operating on school grounds, said irate parent Carol Blessing. School is supposed to be teaching our kids how to read and write. Not about dangerous drugs like PHP. In response to parental demands the school has reconfigured its internet WatchDog software to block access to all internet sites mentioning PHP. Officials say this should prevent any other students from falling prey like Brett Tyson did. They have also stepped up locker searches and brought in drug sniffing dogs. Interviews with students suggested thatPHP use is wide spread around the school, but is particularly concentrated in the geeky nerd population. When contacted by BBspot.com, Brett Tyson said, I don't know what the hell is going on dude, but this suspension gives me more time for fraggin'. Yee haw! PHP is a hypertext preprocessor, which sounds very dangerous. It is believed that many users started by using Perl and moved on to the more powerful PHP. For more information on how to recognize if your child may be using PHP please visit http://www.php.net. HTC Disclaimer: The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you.
RE: [PHP] Shared variable
[snip] Is there any oppertunity to create varaibles that can accessed by more than one instances? I need a way to communicate between many php-instances. It can be, that they are not active to the same time. Is there any way without using a file or a database? [/snip] No, in this case you must use either a file or a database. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Student Suspended Over PHP use.
Aha I knew you guys were up to something Cheers Alberto Brea :-) -Original Message- From: Bosky, Dave [EMAIL PROTECTED] To: php-general@lists.php.net Date: Wed, 9 Feb 2005 08:53:24 -0500 Subject: [PHP] Student Suspended Over PHP use. I just ran across this interesting article from awhile back. Pretty funny http://bbspot.com/News/2000/6/php_suspend.html Topeka, KS - High school sophomore Brett Tyson was suspended today after teachers learned he may be using PHP. A teacher overheard him say that he was using PHP, and as part of our Zero-Tolerance policy against drug use, he was immediately suspended. No questions asked, said Principal Clyde Thurlow. We're not quite sure what PHP is, but we suspect it may be a derivative of PCP, or maybe a new designer drug like GHB. Parents are frightened by the discovery of this new menace in their children's school, and are demanding the school do something. We heard that he found out about PHP at school on the internet. There may even be a PHP web ring operating on school grounds, said irate parent Carol Blessing. School is supposed to be teaching our kids how to read and write. Not about dangerous drugs like PHP. In response to parental demands the school has reconfigured its internet WatchDog software to block access to all internet sites mentioning PHP. Officials say this should prevent any other students from falling prey like Brett Tyson did. They have also stepped up locker searches and brought in drug sniffing dogs. Interviews with students suggested that PHP use is wide spread around the school, but is particularly concentrated in the geeky nerd population. When contacted by BBspot.com, Brett Tyson said, I don't know what the hell is going on dude, but this suspension gives me more time for fraggin'. Yee haw! PHP is a hypertext preprocessor, which sounds very dangerous. It is believed that many users started by using Perl and moved on to the more powerful PHP. For more information on how to recognize if your child may be using PHP please visit http://www.php.net. HTC Disclaimer: The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you.
Re: [PHP] Shared variable
SHM On Wednesday 09 February 2005 14:51, Mario Stiffel wrote: Hello. Is there any oppertunity to create varaibles that can accessed by more than one instances? I need a way to communicate between many php-instances. It can be, that they are not active to the same time. Is there any way without using a file or a database? Mario -- Best regards, Bostjan Skufca system administrator Domenca d.o.o. Phone: +386 4 5835444 Fax: +386 4 5831999 http://www.domenca.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Student Suspended Over PHP use.
PHP is bad Mkay. I just ran across this interesting article from awhile back. Pretty funny http://bbspot.com/News/2000/6/php_suspend.html http://bbspot.com/News/2000/6/php_suspend.html Topeka, KS - High school sophomore Brett Tyson was suspended today after teachers learned he may be using PHP. A teacher overheard him say that he was using PHP, and as part of our Zero-Tolerance policy against drug use, he was immediately suspended. No questions asked, said Principal Clyde Thurlow. We're not quite sure what PHP is, but we suspect it may be a derivative of PCP, or maybe a new designer drug like GHB. php_logoParents are frightened by the discovery of this new menace in their children's school, and are demanding the school do something. We heard that he found out about PHP at school on the internet. There may even be a PHP web ring operating on school grounds, said irate parent Carol Blessing. School is supposed to be teaching our kids how to read and write. Not about dangerous drugs like PHP. In response to parental demands the school has reconfigured its internet WatchDog software to block access to all internet sites mentioning PHP. Officials say this should prevent any other students from falling prey like Brett Tyson did. They have also stepped up locker searches and brought in drug sniffing dogs. Interviews with students suggested that PHP use is wide spread around the school, but is particularly concentrated in the geeky nerd population. When contacted by BBspot.com, Brett Tyson said, I don't know what the hell is going on dude, but this suspension gives me more time for fraggin'. Yee haw! PHP is a hypertext preprocessor, which sounds very dangerous. It is believed that many users started by using Perl and moved on to the more powerful PHP. For more information on how to recognize if your child may be using PHP please visit http://www.php.net http://www.php.net . HTC Disclaimer: The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Weighted Lists
Hi, I've been fascinated by Flickr's, del.icio.us and other sites' usage of these Weighted Lists. It's simple but effective and I really want to use it for a project I'm doing. So I had a look at Nick Olejniczak's plugin for Wordpress (available here: www.nicholasjon.com) but am struggling to understand the logic behind it. What I need is to dump all words (taken from the DB) from just one column into an array. Filter out common words (the,a,it,at,you,me,he,she etc), then calculate most frequent words to provide the weighted list. Has anyone attempted this? Thanks for any insights -- Will The Corridor of Uncertainty http://www.cricket.mailliw.com/ - Sanity is a madness put to good use - -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How do I collect the keywords a user entered when searching for my site
Hello, My original post: I want to write some code that will retrieve the keywords entered in a search engine that were used to find my site. I found this article [1] was a solution that I successfully implemented. [1] http://www.ilovejackdaniels.com/php/google-style-keyword-highlighting/ Tim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Secure system calls -- how
On Wed, 09 Feb 2005 05:42:21 +0100, Niels [EMAIL PROTECTED] wrote: So my question is: Is sudo the best solution? It all comes down to the fact that to do certain tasks you require elevated permissions above and beyond what your web server user has as it runs the web server. There are many options, but sudo is specifically written to achivieve secure temporary elevated permissions. If you roll your own solution you will arrive at the same end result, an application that raises permissions. I see no reason to invent a new wheel. You may, I don't know. -- Greg Donald Zend Certified Engineer http://destiney.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Shared variable
Mario Stiffel wrote: Is there any oppertunity to create varaibles that can accessed by more than one instances? I need a way to communicate between many php-instances. It can be, that they are not active to the same time. Is there any way without using a file or a database? http://php.net/shmop -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Multi-Page Forms
I have a form which is too long to be useful displayed on one page. I have it broken up into 7 sections. All 7 are generated by the same PHP source file, from data in a database. When the user updates a section they can submit it and go to the next section, or submit it and finish (return to a higher-level page). There is also a navigation form at the top that lets them jump from any section to any other, and uses JavaScript to prompt if they try to jump without having saved changes they made to the page. All of this is working fine. What's bothering me here is that when the user is done editing the data I use their input to regenerate a style sheet (the form allows them to customize the appearance of a web page for their customers). That's expensive -- relatively speaking -- in server load so I'd rather do it only once, when they're really done. But right now I do it every time they submit any page -- i.e. whenever any of the seven pages is submitted, the generation code runs. I don't see any simple way to let them jump around between pages, yet for me to know when they are truly finished with all the data. Of course I can give the required instructions -- after you are done you have to click submit to save all the data but I bet that those won't be read and the users will jump around, fail to save, and then complain that their changes are getting lost. Any thoughts on the design issues here? Thanks, -- Tom -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] phpBB alternatives?
Yes, please read that page again. It had nothing to do with the phpBB software itself, but with the AWstats that run on their server. The vulnerabilities that phpBB a few months back had were quickly patched. The phpBB community is huge and offer fantastic support. Other alternatives include vBulletin or YaBB. Too bad the same reaction that hosting providers are have toward phpBB don't take place in the real world when a Microsoft product vulnerability is exploited. From the recent update at phpbb.com: ... It is actually quite fustrating at present that some hosting providers are asking or forcing their customers to remove installs of phpBB 2.0.11 due to the loss of phpbb.com. As I say above, our best available information right now is that phpBB was not to blame. ... Equally it's annoying to see some people posting the same old highlighting exploit claiming their 2.0.11 board was hacked via it. Again unless my team and indeed our other teams, heck large sections of our community, are all lying to me that vulnerability was fixed in 2.0.11. Sites running .11 and claiming (or thier hosts claiming) to have been attacked using it should take a close look at other applications they have installed. phpBB is not alone in being exploited, all the major boards can be if you don't update as new releases are made. Equally users should ensure the relevant highlighting fix is indeed present. Over the years we've dealt with thousands of users who say they've patched something (be it an exploit or bug) but upon examination we've discovered the problem code is still there. Equally hosts should look at their own systems. Are you running awstats if so have you updated? Do you regularly update your OS and particularly the kernel (if appropriate) as fixes are released? Are your users running old versions of other PHP/Perl/etc. software? Have you set appropriate permissions on key folders such as /tmp and /var/tmp? Is your webserver running with as few permissions as possible? Just because we overlooked something doesn't mean you should! ... On Feb 8, 2005, at 7:16 PM, Tony Di Croce wrote: Due to the recent vulnerabilities discovered in phpBB and the content of this page: http://www.phpbb.com/ I have decided to consider other options for my forum needs... Does anyone have any reccomendations for a PHP based forum software? -- Send REAL USPS letters from the Web! http://www.quickymail.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Storing CCN's Again...
[EMAIL PROTECTED] wrote: Amazon store Credit Card Number in their databases. Are we saying that someone could hack into their database server and steal the numbers? YES! Wasn't PayPal widely publicized as a victim of such an event? Why would you think Amazon would be any better/safer? No system is unbeatable. So somebody *could* break in. You can be damn sure they work really hard to avoid that. Or have Amazon gone far enough to protect their data? How far is far enough? I supose they use a similar tactic as i have, and have a two way encryption method. I suppose they do a LOT more than that. They might, just as an example, have a network setup like this: Seg 1Seg 2 Seg 3 Internet --- Public Servers --- CC Processing Servers --- CC Storage Servers Where Seg 1 and Seg 2 and Seg 3 are all on: Completely different sub-networks Completely different network cards Completely different routers, hubs, switches Completely different color-coded network cables . . . And, of course, they use two-way encryption of the data that *IS* on the CC Servers, so while the secret decoder ring is on the CC Processing Server, you'd have to break into CC Processing, get the ring, break into CC Storage, and then apply the ring from CC Processing to the data in CC Storage. Is this starting to sound like an Adventure Game or what? They then severely restrict the source code and network access that can work with Seg 3, with an EXTREMELY limited API, internal documented, security audited, clean-room access, armed guards on all hardware setup, etc Instead of breaking into CC Storage with your secret decoder ring from CC Processing, you can maybe find a flaw in the API of Seg 3, and sniff out encrypted data to apply the ring, or even catch it after they decrypted it. The point is, you have to work much harder at it because of the segmented architecture. By adding an additional layer between the CC Processing and the CC Storage, they reduce risk significantly. All the CC machines (Processing and Storage) are in the armed guard locked storage room for physical access to be severely curtailed. Duh. But the CC Storage machines have an additional layer of software/network blocks with severely limited software/network access to the CC Storage area. I'm not claiming they *DO* have this, but I'll bet whatever they do have, it's at least that complicated, if not more so. Or, even more likely, Amazon doesn't store the number! They let the BANK that provides their CC processing services store the numbers. So then the BANK has this kind of setup. Whatever. This is just a description of what was explained to me on this very same list several years ago as *ONE* industry-standard way to store CC Numbers for later retrieval. I'm not an expert, and may easily have left out some (okay a lot) of crucial details. If you're storing CC Numbers with *JUST* the 2-way encryption, maybe you're doing it wrong. I dunno for sure, but *I* think so. Go hire a professional security audit and find out. YMMV IANAL NAIAA -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Fatal Error Handling
James Taylor wrote: So finally quit that music thing and got a real job? :-) [Sorry. I'm sure you've heard them all, but I couldn't resist...] I have a set of functions which are potentially dangerous in terms of memory hogging, and need to protect from memory overflow - this is I want to detect when the memory overflow occurs. The manual says that eval() will return false on a fatal error, so I thought I could do something like the following, where it would produce a O for each itteration, and when it failed (memory overflow) it would continue and echo the last line. What I get however is this attached to the end. Any advice would be gratefully recieved (and perhaps, the documentation on eval updating if it can not catch all fatal errors) #! /usr/bin/php ?php $y = 0; $str = ; $code = '$str .= $str . .; return true;'; $x = TRUE; while($x != FALSE){ $x = eval($code); echo O; $y ++; } echo \n $y it's \n\n . $str; ? run: $ ./intellirun2.php OO Fatal error: Allowed memory size of 8388608 bytes exhausted (tried to allocate 4194305 bytes) in /home/jt/work2/sms/web/stats/intellirun2.php(8) : eval()'d code on line 1 You may or may not have some success by preceding the eval with a @ and/or using http://php.net/error_reporting and/or using http://php.net/set_error_handler to trap the error. If you are using PHP 5, a try/catch block may also be useful to consider. I suspect that eval() DOES return false, once you get the error_reporting under control instead of relying on the rather crude default error handling. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] reading/writing files outside of web root
Jason Wong wrote: On Wednesday 09 February 2005 02:31, Richard Lynch wrote: Phil Ewington - 43 Plc wrote: For some reason user_prefs will not open for read/write even when I tested it under apache.apache and chmod'd to 755, perhaps because /home is owned by root? Something went wrong with this test. You SHOULD have been able to read/write that file in PHP, assuming 'apache' is the user PHP runs as. Use http://php.net/phpinfo to confirm that it really *IS* 'apache' user that's running apache/php. It *will* fail if apache has no access to $HOME! I stand corrected. In addition to read/write access to the file itself, Apache must have at least eXecute (directory listing) permission to the directory containing that file. /home being owned by root is not the issue -- But if it's not something the apahce user can 'ls /home' and get the contents of, then you've got a problem. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Secure system calls -- how
Niels wrote: Jennifer Goodie wrote: Should web applications have access to areas on the file system that the apache user doesn't? I personally only allow my web applications access to certain areas on purpose and set my permissions to accomplish this. If I need to be a user other than nobody to do something I don't want my web applications doing it. Of course, I work in an environment where I have root access to dedicated servers and a sysadmin that listens to what I want, so your experience may be different. I admittedly do not have a lot of experience getting around the problems caused by shared hosting. This particular php application manages users and has to update their passwords, move their files around and more. And it manages hardware also, with similar problems. And it has to run several scripts and programs that controls the network. So I need a secure way of doing those things. And yes, I can get root access or make whatever scheme of permissions and sudos I want -- or maybe something with Linux security modules, but I don't really know anything about those. I'm running the program on an intranet on a dedicated server, but probably with internet access to the application some time in the future. So my question is: Is sudo the best solution? Don't take the wrong but you're probably not really skilled enough (yet) to do what you want to do... sudo is probably the best solution, but you've got a long row to hoe before you could safely implement all the features you describe... That said, if you mostly trust everybody on your Intranet, and if you're willing to put off the Internet access for a long, indefinite time period, you'd be okay if you can prod your users to report oddities and errors, and if you do a TON of security reading between now and the day when you put it live on the Internet. If you don't trust your Intranet users, do this on a development machine that only you can access until you're way way way more comfy with sudo and Linux security in general. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] phpBB alternatives?
Give them all a trial run and see which one you like: http://www.opensourcecms.com/ -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Fatal Error Handling
Richard Lynch wrote: James Taylor wrote: So finally quit that music thing and got a real job? :-) [Sorry. I'm sure you've heard them all, but I couldn't resist...] /me adds Richard Lynch onto the list of those who must die when the revolution comes... I have a set of functions which are potentially dangerous in terms of memory hogging, and need to protect from memory overflow - this is I want to detect when the memory overflow occurs. The manual says that eval() will return false on a fatal error, snip snip You may or may not have some success by preceding the eval with a @ and/or using http://php.net/error_reporting and/or using http://php.net/set_error_handler to trap the error. Ok, using the @ that would get rid of the error message agreed, but it still crashes the script (as a fatal error would and should). I took the code from set_error_handler and that does not seem to work in this instance - if I called the function with trigger_error then yes, it was ok, but the memory fail still caused the crash. Please note here, I dont really want to have to use eval - it is a null function in this situation, it only seemed (from the manual) provide a solution to my issue. Removing the eval (replacing the entire loop with a simple while(true){ $str .= $str . .; } ) which undoubtly would crash after ten or so loops, does not throw my exception on the fatal error! There are other possible solutions which we may end up implementing which include a success monitor, ie each run enteres into a database a start and a end and then at some other time, another script can check for scripts that have started but not ended (ie crashed) and provide analysis, alerts and fixes for. If you are using PHP 5, a try/catch block may also be useful to consider. I am not (alas). I suspect that eval() DOES return false, once you get the error_reporting under control instead of relying on the rather crude default error handling. With error handling as normal, can it handle a fatal error? My issue is not it would not report a fatal error, it does not continue with the script. The last issue I am worried about is scope - if I have run out of memory, then what can I do - I seem to have issues running commands which go over this limit during the command (irrelevant of their end memory usage). Supposing I had enough memory to run the set_ini function and increase my memory limit, then I would be able to execute any command to roll back (transaction wise) the program execution so far, and email/notify/whatever. This is irellevant if a success orientated monitoring method is implemented. James Taylor -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Fatal Error Handling
On Wed, 9 Feb 2005 08:21:25 -0800 (PST), Richard Lynch [EMAIL PROTECTED] wrote: James Taylor wrote: So finally quit that music thing and got a real job? :-) [Sorry. I'm sure you've heard them all, but I couldn't resist...] I have a set of functions which are potentially dangerous in terms of memory hogging, and need to protect from memory overflow - this is I want to detect when the memory overflow occurs. The manual says that eval() will return false on a fatal error, so I thought I could do something like the following, where it would produce a O for each itteration, and when it failed (memory overflow) it would continue and echo the last line. What I get however is this attached to the end. Any advice would be gratefully recieved (and perhaps, the documentation on eval updating if it can not catch all fatal errors) #! /usr/bin/php ?php $y = 0; $str = ; $code = '$str .= $str . .; return true;'; $x = TRUE; while($x != FALSE){ $x = eval($code); echo O; $y ++; } echo \n $y it's \n\n . $str; ? run: $ ./intellirun2.php OO Fatal error: Allowed memory size of 8388608 bytes exhausted (tried to allocate 4194305 bytes) in /home/jt/work2/sms/web/stats/intellirun2.php(8) : eval()'d code on line 1 You may or may not have some success by preceding the eval with a @ and/or using http://php.net/error_reporting and/or using http://php.net/set_error_handler to trap the error. If you are using PHP 5, a try/catch block may also be useful to consider. I suspect that eval() DOES return false, once you get the error_reporting under control instead of relying on the rather crude default error handling. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php I think a try catch block wouldn't be enough, as most functions throw warning messages instead exceptions. You should set a custom error handler and throw the exception by yourself, if you want to. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Apache 2.0.52, PHP 5.03, FreeBSD 4.10 memory problems
I definetly amIRRITATING! - Original Message - From: Mikey [EMAIL PROTECTED] To: php-general@lists.php.net Sent: Wednesday, February 09, 2005 6:10 AM Subject: RE: [PHP] Apache 2.0.52, PHP 5.03, FreeBSD 4.10 memory problems [snip] Hope everybody else is sending this guy read receipts? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: [users@httpd] Favorite Linux Distribution
And if you question the political motivations jfgi for osama bin linux. On Wed, 9 Feb 2005 17:22:47 +, Rory Browne [EMAIL PROTECTED] wrote: In all my years of attending Church I never once heard anyone discussing Linux. Must be a denominational thing. Dear Brethren, As a follower of st iGNUtious I am troubled by the spiritual blindness I see evident in the comment I see here before me. Did not the prophet RMS teach the true path? And yet now you have backsliden. Go ye therfore to www.gnu.org and you will once more be walking along the path of rightiousness. PS: I didn't write that, someone else did at http://www.kuro5hin.org/story/2001/8/21/15457/2473 -- Greg Donald Zend Certified Engineer http://destiney.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: stream_set_timeout() stream_get_meta_data() etc...
Many thanks to Richard and Skippy. Skippy: Your suggestion to set non-blocking mode (stream_set_blocking) was the magic key to success. Here is the code I ended up with, I left some test stuff included so anyone who may need it has a good start. $fp= fopen($file, 'rb' ); if (!$fp) {die (Failed to open $file, errors: $errstr ($errno)br\n); }//end if stream_set_blocking($fp, FALSE ); $html= ''; $chunk= ''; $start= time(); while (!feof($fp)){ sleep($interval); $chunk= fread($fp, 1); //chunks, packets are limited anyhow $length= strlen($chunk); if($length)== 0){echo div style=\color:blue\Read zero bytes/div;} $html .= $chunk; echo divAt . date(h:s) . $length bytes read/div; ob_flush(); if (time() - $start $timelimit){echo(divstyle= \color:red\Timeout!/div\n); break;} }//end while Putting the sleep() first thing helps everything get started better. Seems as if fread() needs a little time after fopen(). ob_flush() is neat. It forces the client browser to render progress. I've always been told you can't make a progress bar or list with php. Well here it is, at least it works with IE6 and Mozilla. Skippy wrote: Quoting Al [EMAIL PROTECTED]: Darn, I left out an important function, the fread(). Code snip should be: $fp= fopen(http://www.anything.com/foo.html, 'rb'); if(!fp) {do something different} stream_set_timeout($fp, 2); $contents= fread($fp, 20); $status= stream_get_meta_data($fp); if($status[timed_out] {do something}; It appears to me there is a basic logic problem. The script must get past the fread() function before it gets to the stream_get_meta_data($fp). But, it hangs up on fread() and the script times out. Set the stream to non-blocking mode (stream_set_blocking). Now all read functions will return instantly, regardless if any data came through. You can test whether you got back anything by checking the returned data. If you now read from the non-blocked stream in a cycle, you will have no dead times and you will always retain control. Only now can you rely on comparing time() with a control value set before entering the cycle and decide to abort if a number of seconds has passed. stream_set_timeout() will be pretty much superfluous at this point and may even hinder your reading from the stream. Important tip: in a non-blocking cycle you MUST have an usleep() somewhere. Otherwise that cycle will consume 100% CPU while it runs. An usleep(1000) will suffice, adjust as needed. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Prevent browser back...
This is probably something that comes up every so often and it's generally related to PHP scripts, however I have a different setup and am now trying to figure out what to do. On our company site, we have a section that clients use to upload files to us through a Java applet. The way I have it setup is basically through 3 separate pages: login.php, upload.php, and thankyou.php. And people go through those pages in sequence. After uploading a file (through upload.php where the applet resides) they get redirected to thankyou.php. However, by hitting the back button, they can easily go back to the upload one, but I need to prevent that from happening. I know I can't disable the back button, or clean out someone's browser history, so I'm looking for other ways, server-side perhaps, that I can implement to prevent someone from reloading the upload.php page and try to upload another file (which will generate an error because the Java applet still has the old data in its variables. This is just the way it works.) Can I rely on referrers on upload.php to see where a hit came from? Or should I redirect to an interim page that simply redirects again to the thankyou.php one (which won't stop someone from hitting back twice, but it's just an extra thing.) What (other) ways have people found that works? -- A -- W | I haven't lost my mind; it's backed up on tape somewhere. + Ashley M. Kirchner mailto:[EMAIL PROTECTED] . 303.442.6410 x130 IT Director / SysAdmin / Websmith . 800.441.3873 x130 Photo Craft Laboratories, Inc.. 3550 Arapahoe Ave. #6 http://www.pcraft.com . . .. Boulder, CO 80303, U.S.A. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Apache 2.0.52, PHP 5.03, FreeBSD 4.10 memory problems
Wil Hitchman wrote: I definetly amIRRITATING! - Original Message - From: Mikey [EMAIL PROTECTED] To: php-general@lists.php.net Sent: Wednesday, February 09, 2005 6:10 AM Subject: RE: [PHP] Apache 2.0.52, PHP 5.03, FreeBSD 4.10 memory problems [snip] Hope everybody else is sending this guy read receipts? Not me. I asked him to turn them off...noticed that a few other people did too. Sent a receipt to flood him, and they were still on, so now his email address has been added to 'badmailfrom'. Maybe the rejection emails he gets will strike a nerve. ;) -- John C. Nichel ÜberGeek KegWorks.com 716.856.9675 [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Prevent browser back...
[snip] Can I rely on referrers on upload.php to see where a hit came from? Or should I redirect to an interim page that simply redirects again to the thankyou.php one (which won't stop someone from hitting back twice, but it's just an extra thing.) What (other) ways have people found that works? -- A Off the top off my head, but you could set a session var in the thankyou page and some logic in the upload page that prevents the applet code from displaying if that session var is set... HTH, Mikey -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Prevent browser back...
Ashley M. Kirchner wrote: snip I know I can't disable the back button, or clean out someone's browser history, so I'm looking for other ways, server-side perhaps, that I can implement to prevent someone from reloading the upload.php page and try to upload another file (which will generate an error because the Java applet still has the old data in its variables. This is just the way it works.) Can I rely on referrers on upload.php to see where a hit came from? Or should I redirect to an interim page that simply redirects again to the thankyou.php one (which won't stop someone from hitting back twice, but it's just an extra thing.) What (other) ways have people found that works? Set a session variable when the upload is done. Check for the existance of this variable before allowing the 'upload' portion of your to execute if ( ! isset ( $_SESSION['upload'] ) ) { // do your upload stuff $_SESSION['upload'] = true; } else { // don't allow it to upload echo ( Sorry, you've already uploaded. ); } -- John C. Nichel ÜberGeek KegWorks.com 716.856.9675 [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Prevent browser back...
[snip] I know I can't disable the back button, or clean out someone's browser history, so I'm looking for other ways, server-side perhaps, that I can implement to prevent someone from reloading the upload.php page and try to upload another file (which will generate an error because the Java applet still has the old data in its variables. This is just the way it works.) [/snip] I know of no server-side mechanism for diabling the back button. Maybe you could use a cookie? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Weighted Lists
* W Luke [EMAIL PROTECTED]: I've been fascinated by Flickr's, del.icio.us and other sites' usage of these Weighted Lists. It's simple but effective and I really want to use it for a project I'm doing. So I had a look at Nick Olejniczak's plugin for Wordpress (available here: www.nicholasjon.com) but am struggling to understand the logic behind it. What I need is to dump all words (taken from the DB) from just one column into an array. Filter out common words (the,a,it,at,you,me,he,she etc), then calculate most frequent words to provide the weighted list. Has anyone attempted this? Funny you should mention this -- I'm working on something like this right now for work. Basically, you need to: * define a list of common words to skip * define weighting (I weight items in a title and in text differently, for instance -- usually you weight by which field you're using); store weighting in an associative array * define a weights array (associative array of word = score) * separate all text from the column into words (build a words array) * loop over the words array * skip if the word is a common word * increment word element in weights array by the weight The sticky issues are: what is a word (you'll need to build a regexp for that), and how will you weight words (usually by field). Once you have all this, you populate a database table for use as a reverse lookup. For a good example of how to do this (in perl), see: http://www.perl.com/lpt/a/2003/09/25/searching.html -- Matthew Weier O'Phinney | WEBSITES: Webmaster and IT Specialist | http://www.garden.org National Gardening Association| http://www.kidsgardening.com 802-863-5251 x156 | http://nationalgardenmonth.org mailto:[EMAIL PROTECTED] | http://vermontbotanical.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Prevent browser back...
You can try an open/close window function, or my personal favorite is just a couple of pages that use the meta-refresh to jump people to a new page and dump them through a couple which they would never see, normally 2 is enough to stop someone from doing it (as well as a logout and making them login again). HTH, Robert Ashley M. Kirchner is quoted as saying on 2/9/2005 1:05 PM: This is probably something that comes up every so often and it's generally related to PHP scripts, however I have a different setup and am now trying to figure out what to do. On our company site, we have a section that clients use to upload files to us through a Java applet. The way I have it setup is basically through 3 separate pages: login.php, upload.php, and thankyou.php. And people go through those pages in sequence. After uploading a file (through upload.php where the applet resides) they get redirected to thankyou.php. However, by hitting the back button, they can easily go back to the upload one, but I need to prevent that from happening. I know I can't disable the back button, or clean out someone's browser history, so I'm looking for other ways, server-side perhaps, that I can implement to prevent someone from reloading the upload.php page and try to upload another file (which will generate an error because the Java applet still has the old data in its variables. This is just the way it works.) Can I rely on referrers on upload.php to see where a hit came from? Or should I redirect to an interim page that simply redirects again to the thankyou.php one (which won't stop someone from hitting back twice, but it's just an extra thing.) What (other) ways have people found that works? -- A -- Robert Sossomon, Business and Technology Application Technician 4-H Youth Development Department 200 Ricks Hall, Campus Box 7606 N.C. State University Raleigh NC 27695-7606 Phone: 919/515-8474 Fax: 919/515-7812 [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: [users@httpd] Favorite Linux Distribution
In all my years of attending Church I never once heard anyone discussing Linux. Must be a denominational thing. Dear Brethren, As a follower of st iGNUtious I am troubled by the spiritual blindness I see evident in the comment I see here before me. Did not the prophet RMS teach the true path? And yet now you have backsliden. Go ye therfore to www.gnu.org and you will once more be walking along the path of rightiousness. PS: I didn't write that, someone else did at http://www.kuro5hin.org/story/2001/8/21/15457/2473 -- Greg Donald Zend Certified Engineer http://destiney.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Primer for working with arrays
I need a really good primer for working with arrays in PHP and with MySQL. I can do what I need to do without them right now, but I would really like to get arrays figured out. Any have some good ones? Thanks! Robert -- Robert Sossomon, Business and Technology Application Technician 4-H Youth Development Department 200 Ricks Hall, Campus Box 7606 N.C. State University Raleigh NC 27695-7606 Phone: 919/515-8474 Fax: 919/515-7812 [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Fatal Error Handling
James Taylor wrote: Richard Lynch wrote: James Taylor wrote: Ok, using the @ that would get rid of the error message agreed, but it still crashes the script (as a fatal error would and should). I took the code from set_error_handler and that does not seem to work in this instance - if I called the function with trigger_error then yes, it was ok, but the memory fail still caused the crash. I think it's still going to die on you... ?php ini_set('memory_limit', '32K'); ini_set('error_reporting', 0); echo Memory Limit: , ini_get('memory_limit'), \n; echo Memory Used: , memory_get_usage(), \n; function error_handler($error, $message, $file, $line){ echo Error ($error) in $file:$line - $message\n; return true; } set_error_handler('error_handler'); trigger_error(Test, E_USER_NOTICE); $str = str_repeat('a', 1024); while (true){ echo '.'; flush(); $str .= $str; } echo \nMade it!\n; ? -bash-2.05b$ php test.php Content-type: text/html X-Powered-By: PHP/4.3.10 Memory Limit: 32K Memory Used: 13432 Error (1024) in /www/l-i-e.com/web/test.php:12 - Test -bash-2.05b$ Note a complete lack of Made it nor an error message trapped by my error handler when the RAM runs out. :-( Looks like the Memory limit is hard-coded and won't trigger an error handler nor will it give you any chance to catch it. You *DO* have access to memory_get_usage, so you could check on your memory available to find out what's going on... There are other possible solutions which we may end up implementing which include a success monitor, ie each run enteres into a database a start and a end and then at some other time, another script can check for scripts that have started but not ended (ie crashed) and provide analysis, alerts and fixes for. Looks like you're stuck with this. With error handling as normal, can it handle a fatal error? My issue is not it would not report a fatal error, it does not continue with the script. I think maybe not -- but maybe only specific errors exhibit this feature. Memory limit and Time limit could be weird enough to need it. You could try some other fatal errors to see. The last issue I am worried about is scope - if I have run out of memory, then what can I do - I seem to have issues running commands which go over this limit during the command (irrelevant of their end memory usage). Supposing I had enough memory to run the set_ini function and increase my memory limit, then I would be able to execute any command to roll back (transaction wise) the program execution so far, and email/notify/whatever. This is irellevant if a success orientated monitoring method is implemented. I think you would be well-served to figure out where the RAM is going, and making sure it's what it should be at various junctures. Maybe you're trying to patch symptoms instead of debugging the true problem. Just a thought. You could also maybe file this as a bug, after searching the bugs database to see if it's a known issue, or even a feature -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] File upload, suid directory and temporary dir
Hi, I am trying to make upload files to belong to the ftp user of the website and not the apache user. As i run in module i tried to do this: 1/ create a temp dir on the website outside the documentroot, chown the temp dir to my ftp user and allow the group to write,, put the same group as the webserver on the tmp dir too. 2/ then chmod u+s it (so with suid on the directory) and at the end i put my upload_tmp_dir setting to this directory. I was quite sure it would solve the issue BUT ... (there is allway a BUT... ;) when i run the simple script at php.net it gives me this output : -- File is valid, and was successfully uploaded. Here is some more debugging info:Array ( [userfile] = Array ( [name] = afnic-adherent-200x80.gif [type] = image/gif [tmp_name] = /var/tmp/php2L6xR7 [error] = 0 [size] = 17710 ) ) You see : [tmp_name] = /var/tmp/php2L6xR7 and the file belong to the apache user... not the ftp one :( So really i wonder if anyone found a solution to this problem, or can explain me why this setup fails ? Best regards, Ghislain. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Upgrade PHP 4.3.4 to PHP 5.0.3 (Windows 2k IIS5), I recieve a Blank Page and Session errors
Hi, I'm trying to upgrade the PHP version of my dev enviroment. After installing PHP5 I've just recieve a blank page. I activated the error log of PHP and recieve a couple of errors like this one: [09-Feb-2005 13:38:20] PHP Notice: Undefined index: sitedesc in c:\Inetpub\wwwroot\Inpae\admin\lib\headerFooter.php on line 40 All related to $_SESSION, like the values are not set (sitedesc is one of the indexes of the variable $_SESSION) I have in the session values of the php.ini this? session Session Support enabled Registered save handlers files user sqlite Registered serializer handlers php php_binary wddx Directive Local Value Master Value session.auto_start Off Off session.bug_compat_42 On On session.bug_compat_warn On On session.cache_expire 180 180 session.cache_limiter nocache nocache session.cookie_domain no value no value session.cookie_lifetime 0 0 session.cookie_path / / session.cookie_secure Off Off session.entropy_file no value no value session.entropy_length 0 0 session.gc_divisor 1000 1000 session.gc_maxlifetime 1440 1440 session.gc_probability 1 1 session.hash_bits_per_character 5 5 session.hash_function 0 0 session.name PHPSESSID PHPSESSID session.referer_check no value no value session.save_handler files files session.save_path c:\PHP\sessiondata\ c:\PHP\sessiondata\ session.serialize_handler php php session.use_cookies On On session.use_only_cookies Off Off session.use_trans_sid 0 0 Can anyone help me? I've tryed also the CGI and the ISAPI configuration, both give me the same problem. Also I tried to debug my PHP with Zend and recieve this errors: Notice: C:\Inetpub\wwwroot\Inpae\lib\include.php line 15 - Undefined index: SCRIPT_NAME Notice: C:\Inetpub\wwwroot\Inpae\lib\include.php line 15 - Undefined index: PATH_TRANSLATED Debug Warning: C:\Inetpub\wwwroot\Inpae\lib\include.php line 3 - main(/config.php) [a href='function.main'function.main/a]: failed to open stream: No such file or directory Compile Error: C:\Inetpub\wwwroot\Inpae\lib\include.php line 3 - main() [a href='function.require'function.require/a]: Failed opening required '/config.php' (include_path='.;c:\php5\pear') Thanks a lot Fabian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Primer for working with arrays
Robert Sossomon mailto:[EMAIL PROTECTED] on Wednesday, February 09, 2005 10:50 AM said: I need a really good primer for working with arrays in PHP and with MySQL. I can do what I need to do without them right now, but I would really like to get arrays figured out. Any have some good ones? Yes. The manual. http://www.php.net/types.array HTH! Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Secure system calls -- how
Hi! Richard Lynch wrote: Don't take the wrong but you're probably not really skilled enough (yet) to do what you want to do... You're right, but we all have to start somewhere. And I don't take the wrong, I appreciate your answer. sudo is probably the best solution, Well, it's the only one that has been suggested. but you've got a long row to hoe before you could safely implement all the features you describe... That said, if you mostly trust everybody on your Intranet, and if you're willing to put off the Internet access for a long, indefinite time period, you'd be okay if you can prod your users to report oddities and errors, and if you do a TON of security reading between now and the day when you put it live on the Internet. If you don't trust your Intranet users, do this on a development machine that only you can access until you're way way way more comfy with sudo and Linux security in general. Right. Fortunately I'm not alone on this project, and the others might know more about this. I just want to present the best solution to the team, and to implement it in my program. There are 4 obvious ways the users could abuse the elevated privileges: 1) By directly doing something with my program, such as deleting a user. This is not possible without the correct set of permissions. I hope. I've taken great care of this point and controlling rights for user groups is implemented deeply in the program. There are many checks done for this kind of thing. If you don't have specific permission, you can't do it. So this method relies on my abilities as a php programmer, and this possible weakness is inherent to all programs everywhere. 2) By exploiting an error in the system, such as PHP, Apache, MySQL or the file system. These things are partly out of my reach, but there are some things I can do to make them more difficult. Such as NOT running Apache as root, which would be an easy way of solving my current problem. But this is where your good point enters the picture: I simply don't know enough about attack vectors and how to counter them. Just how could a weakness in MySQL be exploited and what can I do about it? The best I can think of is to keep reading and to apply all the common sense and critical thinking I can manage. 3) Session hijacking. I've implemented all the good security advice I've been able to find. I can't really do much more than that. 4) The easiest way to do damage is, as always, by social engineering, getting hold of somebody's password and such. One of the things I've asked for is articles and tutorials, but there apparently aren't any on this subject. I can find many on validating user input, securing sessions and that kind of thing. But not this, no howto make php run useradd safely. I've seen many other people have problems with this, but no tutorials are to be found. Thank you very much for your answer, Niels -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Primer for working with arrays
[snip] I need a really good primer for working with arrays in PHP and with MySQL. I can do what I need to do without them right now, but I would really like to get arrays figured out. Any have some good ones? [/snip] http://www.php.net/array -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Prevent browser back...
Ashley M. Kirchner wrote: This is probably something that comes up every so often and it's generally related to PHP scripts, however I have a different setup and am now trying to figure out what to do. On our company site, we have a section that clients use to upload files to us through a Java applet. The way I have it setup is basically through 3 separate pages: login.php, upload.php, and thankyou.php. And people go through those pages in sequence. After uploading a file (through upload.php where the applet resides) they get redirected to thankyou.php. However, by hitting the back button, they can easily go back to the upload one, but I need to prevent that from happening. Since you can't stop them from going there, stop them from uploading again. You can store an http://php.net/uniqid or http://php.net/md5 as a token in their form (or Java data) and when they do an upload, compare their token to the tokens already used up -- Putting them in your database or with the upload filenames or... If you detect that, tell them that the Java is broken, and show them the first page to start over, I guess. Can I rely on referrers on upload.php to see where a hit came from? Not really. Or should I redirect to an interim page that simply redirects again to the thankyou.php one (which won't stop someone from hitting back twice, but it's just an extra thing.) What (other) ways have people found that works? I wouldn't rely on re-direction, as sooner or later somebody will hit Back or use the popup in Back to get to the page you're trying to keep them away from. Bottom Line: You can't keep them from getting to that page, so don't try. Let them get to that page and then deal with the data they send you sensibly -- by providing yourself enough information to deal with that info. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Primer for working with arrays
I need a really good primer for working with arrays in PHP and with MySQL. I can do what I need to do without them right now, but I would really like to get arrays figured out. Any have some good ones? http://www.php.net/array http://us4.php.net/mysql -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: stream_set_timeout() stream_get_meta_data() etc...
Al wrote: I've always been told you can't make a progress bar or list with php. Well here it is, at least it works with IE6 and Mozilla. A progress bar for download/transfer/processing can be done nicely, but not for, say, file upload. Unless you want to use this one which relies on JavaScript and pounds the hell out of your server with Refreshes to check the progress: http://pdoru.from.ro/ At which point, I'd wonder why one wouldn't just use JavaScript to do the updates and push data a chunk at a time somehow, so you can keep the math/percentage on the browser side where it belongs. Or you could just build a better browser, and maybe even draft a standard for same, that provides a progress bar for file upload. Wouldn't that be pleasant? -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] File upload, suid directory and temporary dir
ADNET Ghislain wrote: I am trying to make upload files to belong to the ftp user of the website and not the apache user. As i run in module i tried to do this: 1/ create a temp dir on the website outside the documentroot, chown the temp dir to my ftp user and allow the group to write,, put the same group as the webserver on the tmp dir too. 2/ then chmod u+s it (so with suid on the directory) and at the end i put my upload_tmp_dir setting to this directory. I was quite sure it would solve the issue BUT ... (there is allway a BUT... ;) when i run the simple script at php.net it gives me this output : -- File is valid, and was successfully uploaded. Here is some more debugging info:Array ( [userfile] = Array ( [name] = afnic-adherent-200x80.gif [type] = image/gif [tmp_name] = /var/tmp/php2L6xR7 [error] = 0 [size] = 17710 ) ) You see : [tmp_name] = /var/tmp/php2L6xR7 and the file belong to the apache user... not the ftp one :( So really i wonder if anyone found a solution to this problem, or can explain me why this setup fails ? Apache was still the user that created the file, and therefore it will belong to Apache until somebody does a 'chown' on the file. Only the superuser can 'chown' a file. Thus, you will need a sudo script of some kind to do the chown, or some way to let the FTP user create the file, then the Apache user's data to go in it. So, some options: 1. Write a cron job as root to chown ftp:ftp /var/tmp/php* This has the severe down-side of maybe someday changing stuff you *WANT* to be owned by Apache. 2. Let Apache move the files somewhere else, like, say: /var/to_ftp/ and then do #1 above. 3. When a file is uploaded, have PHP be able to execute a shell command that has the FTP user create a temp file, writable by Apache, and then Apache can copy its temp file to the FTP temp file by doing fopen/fwrite/fclose. It will still be owned by FTP user, but Apache can fill it up with whatever data it wants. You should add some serious sanity checking on the data when you READ these files, however, if you have untrusted users on the system. Or a routine audit/sweep of all these files to be SURE they are kosher, or... 4. Provide a shell script which allows the Apache user to chown *ONLY* files within /var/tmp, and *ONLY* files that start with 'php' and then Apache can chown the files to the FTP user. Don't give Apache free rein to chown any old file it wants! [shudder] 5. Easiest: Let Apache move_uploaded_file somewhere, and make it readable by FTP user. Have FTP user copy over files from the Apache storage space. When the FTP user creates the new file, it will be owned by the FTP user. Again, you want to put some controls/checks on this to be sure it's not abused. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Primer for working with arrays
Robert Sossomon wrote: I need a really good primer for working with arrays in PHP and with MySQL. I can do what I need to do without them right now, but I would really like to get arrays figured out. The PHP Cookbook (O'Reilly book) has this, both in the Arrays and Databases chapters. /Mattias -- More views at http://www.thorslund.us -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: [users@httpd] Favorite Linux Distribution
The Disguised Jedi wrote: Hello all - I've been a list member for a while, helped out some people, and asked some questions. But, today I have a completely off topic, but somewhat relevant question for y'all. What is your favorite Linux distribution? What would you recommend for my situation? Not sure what your situation is, but I'll answer anyways. I'm brand new to Linux. I'm just trying to learn how it works, but I think I'll catch on quick. I'm looking for the one with the most capability, and also one to run my development instance of Apache 2.0 on. I've been looking at either RedHat or Fedora. Is this a good choice? I'm truly drawing a blank, and I've searched Google, but never really found anything extremely useful. Please help me, an old Windows veteran, escape the Microsoft box! First off, do NOT go RedHat or Fedora. Both are abominations of Linuxdom and are as bloated as Windows. My recommendation for a good binary install distro is Slackware. Minimal set of tools installed for a base system so there is no bloat right off the bat. Gentoo is another good one, but rather more advanced the Slack although the tools are very well documented and once you learn them you'll never consider going to another distro. I really think Gentoo is that good. I use it myself for all my workstation and server needs. Good luck on finding one that suits you, though. Thanks a ton!! signature.asc Description: OpenPGP digital signature
Re: [PHP] Secure system calls -- how
Niels wrote: Richard Lynch wrote: One of the things I've asked for is articles and tutorials, but there apparently aren't any on this subject. I can find many on validating user input, securing sessions and that kind of thing. But not this, no howto make php run useradd safely. I've seen many other people have problems with this, but no tutorials are to be found. Perhaps the reason there is no article or tutorial is that it would be a book, not an article or tutorial :-) There are so MANY affected/related software system pieces that you can't do it justice in an article or tutorial, I suspect. The interaction between your scripts, the OS, PHP and every other script or piece of software on the system comes into play once you start granting special privileges to the PHP user. Here's a method you could easily miss: Create a JPEG that looks like a JPEG in its header, but has malevlolent PHP code in it. Then, upload that JPEG to your server as an avatar or whatever through some kind of file upload anywhere on the system. Then, surf to that image with variations on .php in the URL in an attempt to get PHP to execute that image as PHP code. This is exactly the kind of thing that *CAN* happen by successive small minor mistakes taken one at a time over years of a server build-up, none of which in and of themselves will be obvious as a problem, until too late. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Upgrade PHP 4.3.4 to PHP 5.0.3 (Windows 2k IIS5), I recieve a Blank Page and Session errors
Fabian I. Cuesta wrote: Hi, I'm trying to upgrade the PHP version of my dev enviroment. After installing PHP5 I've just recieve a blank page. I activated the error log of PHP and recieve a couple of errors like this one: [09-Feb-2005 13:38:20] PHP Notice: Undefined index: sitedesc in c:\Inetpub\wwwroot\Inpae\admin\lib\headerFooter.php on line 40 All related to $_SESSION, like the values are not set (sitedesc is one of the indexes of the variable $_SESSION) But when you first start a session, a totally NEW session, is $_SESSION['sitedoc'] initialized? I assume not. Your problem code looks something like this: ?php session_start(); if ($_SESSION['sitedoc']){ //whatever; } ? PHP is notifying you that there is NO session index named 'sitedoc' yet, but you're trying to read it and use the value -- the value that doesn't exist. You'll need to get in the habit of writing (and re-writing) code like this: ?php session_start(); if (isset($_SESSION['sitedoc']) $_SESSION['sitedoc']){ //whatever } ? You may also re-structure your code a bit if 'sitedoc' can take on several values, so it ends up being more like: ?php session_start(); if (isset($_SESSION['sitedoc'])){ if ($_SESSION['sitedoc'] == 'whatever'){ } elseif ($_SESSION['sitedocd'] == 'something else'){ } } ? The point is that you shouldn't be reading session variables that were never set to any value at all in the first place. Sure, PHP will initialize them to 0 or '' or false, but the point here is to catch typos where you have: if ($_SESSION['sietdoc']){ } else{ } If you RARELY expect 'sitedoc' to be a TRUE value, and you don't do a lot of unit testing, a typo bug like this could go undetected for a long time. The PHP Notice warns you about things like this by not notifying you when you try to read a variable that hasn't been set. Notice: C:\Inetpub\wwwroot\Inpae\lib\include.php line 15 - Undefined index: SCRIPT_NAME Notice: C:\Inetpub\wwwroot\Inpae\lib\include.php line 15 - Undefined index: PATH_TRANSLATED See above. Debug Warning: C:\Inetpub\wwwroot\Inpae\lib\include.php line 3 - main(/config.php) [a href='function.main'function.main/a]: failed to open stream: No such file or directory Compile Error: C:\Inetpub\wwwroot\Inpae\lib\include.php line 3 - main() [a href='function.require'function.require/a]: Failed opening required '/config.php' (include_path='.;c:\php5\pear') config.php is not in the same directory as your script, nor in the PEAR library. It is, probably, in Inpae\lib\ and you need to change your include_path setting in .htaccess or in the script or somewhere to have that directory in your include path. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Parsing pdf file
Hello, For a project of a customer i need to know if a pdf file contains special functions and buttons. Is there a way to parse a PDF file in php? Thank you very much Mirco Blitz -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Proof of concept
The sample is attached! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Parsing pdf file
For a project of a customer i need to know if a pdf file contains special functions and buttons. Is there a way to parse a PDF file in php? you might be able to find something at http://us3.php.net/pdf -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
AW: [PHP] Parsing pdf file
Hi, Sorry i don't really find something useful there. Greetings Mirco Blitz -Ursprüngliche Nachricht- Von: Matt M. [mailto:[EMAIL PROTECTED] Gesendet: Mittwoch, 9. Februar 2005 22:09 An: Mirco Blitz Cc: php-general@lists.php.net Betreff: Re: [PHP] Parsing pdf file For a project of a customer i need to know if a pdf file contains special functions and buttons. Is there a way to parse a PDF file in php? you might be able to find something at http://us3.php.net/pdf -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] mail() function
I can't seem to get the mail function to work. Is there a way to authenticate before sending mail, I believe this is my issue. Also in my php.ini file the parameter sendmail_path is empty. Is this a required parameter for sending mail? I'm using Windows/IIS. Thanks, Dave HTC Disclaimer: The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you.
Re: [PHP] mail() function
Bosky, Dave wrote: I can't seem to get the mail function to work. Is there a way to authenticate before sending mail, I believe this is my issue. No. Manuel will be along soon to tell you to look at the SMTP classes on phpclasses.org, though. ;) There are classes there that do this, so try them. Also in my php.ini file the parameter sendmail_path is empty. Is this a required parameter for sending mail? I'm using Windows/IIS. No, since you're not using sendmail on Windows. What are your SMTP settings in php.ini? -- ---John Holmes... Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/ php|architect: The Magazine for PHP Professionals www.phparch.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: [users@httpd] Favorite Linux Distribution
On Wed, 09 Feb 2005 11:30:07 -0600, Joseph A Nagy Jr [EMAIL PROTECTED] wrote: Gentoo is another good one, but rather more advanced the Slack although the tools are very well documented and once you learn them you'll never consider going to another distro. I really think Gentoo is that good. I agree. No other Linux distro can compare to Gentoo when it comes to the docs, howtos, and general community support. Gentoo solves the binary dependancy issues ( RPMs, yuck! ) Suse, RedHat, and Mandrake suffer from, and along the way create a 'no need to ever upgrade' scenario. Even FreeBSD my second favorite *nix distro recommends a clean install when moving from, say 4.10 to 5.3, but not Gentoo.. it's all progressive and inclusive. This past weekend I upgraded my friend's Gentoo box from 2004.0 to 2004.3 with no issues. etc-update took me a while to finish, but that was to be expected when you got 151 new conf files to merge. I use it myself for all my workstation and server needs. Good luck on finding one that suits you, though. Yeah, too bad there's no World of Warcraft for Linux. -- Greg Donald Zend Certified Engineer http://destiney.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Parsing pdf file
Hi, Sorry i don't really find something useful there. That is cos pdflib is for making pdfs and not parsing them. AFAIK you are on your own with parsing a pdf, or you may have to result to third party libraries. HTH, Mikey -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Parsing pdf file
did you try this? ?php $test = pdf2string(pathtoPDFfile); echo $test; # Returns a -1 if uncompression failed function pdf2string($sourcefile) { $fp = fopen($sourcefile, 'rb'); $content = fread($fp, filesize($sourcefile)); fclose($fp); # Locate all text hidden within the stream and endstream tags $searchstart = 'stream'; $searchend = 'endstream'; $pdfdocument = ; $pos = 0; $pos2 = 0; $startpos = 0; # Iterate through each stream block while( $pos !== false $pos2 !== false ) { # Grab beginning and end tag locations if they have not yet been parsed $pos = strpos($content, $searchstart, $startpos); $pos2 = strpos($content, $searchend, $startpos + 1); if( $pos !== false $pos2 !== false ) { # Extract compressed text from between stream tags and uncompress $textsection = substr($content, $pos + strlen($searchstart) + 2, $pos2 - $pos - strlen($searchstart) - 1); $data = @gzuncompress($textsection); # Clean up text via a special function $data = ExtractText($data); # Increase our PDF pointer past the section we just read $startpos = $pos2 + strlen($searchend) - 1; if( $data === false ) { return -1; } $pdfdocument = $pdfdocument . $data; } } return $pdfdocument; } function ExtractText($postScriptData) { while( (($textStart = strpos($postScriptData, '(', $textStart)) ($textEnd = strpos($postScriptData, ')', $textStart + 1)) substr($postScriptData, $textEnd - 1) != '\\') ) { $plainText .= substr($postScriptData, $textStart + 1, $textEnd - $textStart - 1); if( substr($postScriptData, $textEnd + 1, 1) == ']' ) // This adds quite some additional spaces between the words { $plainText .= ' '; } $textStart = $textStart $textEnd ? $textEnd : $textStart + 1; } return stripslashes($plainText); } ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Parsing pdf file
-Original Message- From: Matt M. [mailto:[EMAIL PROTECTED] Sent: 09 February 2005 21:39 To: Mirco Blitz Cc: php-general@lists.php.net Subject: Re: [PHP] Parsing pdf file did you try this? [huge snip] I stand corrected :-) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
AW: [PHP] Parsing pdf file
Thank you for that huge code. I will try. Greetings Mirco Blitz -Ursprüngliche Nachricht- Von: Matt M. [mailto:[EMAIL PROTECTED] Gesendet: Mittwoch, 9. Februar 2005 22:39 An: Mirco Blitz Cc: php-general@lists.php.net Betreff: Re: [PHP] Parsing pdf file did you try this? ?php $test = pdf2string(pathtoPDFfile); echo $test; # Returns a -1 if uncompression failed function pdf2string($sourcefile) { $fp = fopen($sourcefile, 'rb'); $content = fread($fp, filesize($sourcefile)); fclose($fp); # Locate all text hidden within the stream and endstream tags $searchstart = 'stream'; $searchend = 'endstream'; $pdfdocument = ; $pos = 0; $pos2 = 0; $startpos = 0; # Iterate through each stream block while( $pos !== false $pos2 !== false ) { # Grab beginning and end tag locations if they have not yet been parsed $pos = strpos($content, $searchstart, $startpos); $pos2 = strpos($content, $searchend, $startpos + 1); if( $pos !== false $pos2 !== false ) { # Extract compressed text from between stream tags and uncompress $textsection = substr($content, $pos + strlen($searchstart) + 2, $pos2 - $pos - strlen($searchstart) - 1); $data = @gzuncompress($textsection); # Clean up text via a special function $data = ExtractText($data); # Increase our PDF pointer past the section we just read $startpos = $pos2 + strlen($searchend) - 1; if( $data === false ) { return -1; } $pdfdocument = $pdfdocument . $data; } } return $pdfdocument; } function ExtractText($postScriptData) { while( (($textStart = strpos($postScriptData, '(', $textStart)) ($textEnd = strpos($postScriptData, ')', $textStart + 1)) substr($postScriptData, $textEnd - 1) != '\\') ) { $plainText .= substr($postScriptData, $textStart + 1, $textEnd - $textStart - 1); if( substr($postScriptData, $textEnd + 1, 1) == ']' ) // This adds quite some additional spaces between the words { $plainText .= ' '; } $textStart = $textStart $textEnd ? $textEnd : $textStart + 1; } return stripslashes($plainText); } ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: AW: [PHP] Parsing pdf file
Mirco Blitz wrote: Thank you for that huge code. I will try. Greetings Mirco Blitz -Ursprüngliche Nachricht- Von: Matt M. [mailto:[EMAIL PROTECTED] Gesendet: Mittwoch, 9. Februar 2005 22:39 An: Mirco Blitz Cc: php-general@lists.php.net Betreff: Re: [PHP] Parsing pdf file did you try this? ... Code worked fine for me as well, thanks for that extremely useful snippet! I ran it on a test .pdf document and it pulled everything out. plansIn fact, this snippet gives me almost exactly the missing functionality that I needed to work on a new project of mine!/plans -- Teach a man to fish... NEW? | http://www.catb.org/~esr/faqs/smart-questions.html STFA | http://marc.theaimsgroup.com/?l=php-generalw=2 STFM | http://www.php.net/manual/en/index.php STFW | http://www.google.com/search?q=php LAZY | http://mycroft.mozdev.org/download.html?name=PHPsubmitform=Find+search+plugins signature.asc Description: OpenPGP digital signature
[PHP] Foreach problem.
HI, I am really confused. I have an array, that looks like this: print_r($elementsarr) = Array ( [0] = knr [1] = subject [2] = title [3] = kat [4] = pages [5] = access [6] = dofile [7] = MAX_FILE_SIZE [8] = pdf [9] = dolink [10] = link [11] = erstam [12] = endless [13] = from [14] = until [15] = openbem [16] = history [17] = closedbem [18] = [19] = b [20] = br [21] = bw [22] = bay [23] = h [24] = hb [25] = hh [26] = mv [27] = n [28] = nw [29] = rp [30] = s [31] = sa [32] = sh [33] = sn [34] = t [35] = bund ) Now i try to work with this array in a foreach. foreach($elementsarr as $key=$tmp); { echo $key=$tmpbr; } Now the result of that is: 35=bund Ist not the first time i work with foreach. But it is the first time it just returns the last value. Do you have an idea why? Thank you very much Mirco Blitz -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Foreach problem.
HI, I am really confused. I have an array, that looks like this: print_r($elementsarr) = Array ( [0] = knr [1] = subject [2] = title [3] = kat [4] = pages [5] = access [6] = dofile [7] = MAX_FILE_SIZE [8] = pdf [9] = dolink [10] = link [11] = erstam [12] = endless [13] = from [14] = until [15] = openbem [16] = history [17] = closedbem [18] = [19] = b [20] = br [21] = bw [22] = bay [23] = h [24] = hb [25] = hh [26] = mv [27] = n [28] = nw [29] = rp [30] = s [31] = sa [32] = sh [33] = sn [34] = t [35] = bund ) Now i try to work with this array in a foreach. foreach($elementsarr as $key=$tmp); { echo $key=$tmpbr; } Now the result of that is: 35=bund Ist not the first time i work with foreach. But it is the first time it just returns the last value. Do you have an idea why? Thank you very much Mirco Blitz -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Foreach problem.
HI, I am really confused. I have an array, that looks like this: print_r($elementsarr) = Array ( [0] = knr [1] = subject [2] = title [3] = kat [4] = pages [5] = access [6] = dofile [snip] = s [31] = sa [32] = sh [33] = sn [34] = t [35] = bund ) Now i try to work with this array in a foreach. foreach($elementsarr as $key=$tmp); { echo $key=$tmpbr; } Now the result of that is: 35=bund The array that you are trying to use foreach on is a numerically indexed array (note the [0] = knr, etc) - this might explain your problem! Mikey -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: [users@httpd] Favorite Linux Distribution
On Wed, 09 Feb 2005 11:30:07 -0600, Joseph A Nagy Jr [EMAIL PROTECTED] wrote: The Disguised Jedi wrote: Hello all - I've been a list member for a while, helped out some people, and asked some questions. But, today I have a completely off topic, but somewhat relevant question for y'all. What is your favorite Linux distribution? What would you recommend for my situation? Not sure what your situation is, but I'll answer anyways. I'm brand new to Linux. I'm just trying to learn how it works, but I think I'll catch on quick. I'm looking for the one with the most capability, and also one to run my development instance of Apache 2.0 on. I've been looking at either RedHat or Fedora. Is this a good choice? I'm truly drawing a blank, and I've searched Google, but never really found anything extremely useful. Please help me, an old Windows veteran, escape the Microsoft box! First off, do NOT go RedHat or Fedora. Both are abominations of Linuxdom and are as bloated as Windows. My recommendation for a good binary install distro is Slackware. Minimal set of tools installed for a base system so there is no bloat right off the bat. Gentoo is another good one, but rather more advanced the Slack although the tools are very well documented and once you learn them you'll never consider going to another distro. I really think Gentoo is that good. I use it myself for all my workstation and server needs. Good luck on finding one that suits you, though. Thanks a ton!! I very much disagree. I am writing this on my Fedora Core 3 box and am very happy with it's 'bloat'. As a new convert form windows I am kinda used to everything being there at my fingertips. And in Fedora, everything is, except mp3 support which I added easily with synaptic (the apt gui). I know that I will outgrow this distro, and follow this thread because I am looking for in which direction to grow. But I am very glad that I found Fedora because SUSE, slack, and a few others were way too over my head to get started. I almost gave up. Tips: -If you need support for languages other than english, make sure that yor distro has it built in (Fedora has built in hebrew support for me). Adding it as a newbie is not easy. -Try a live CD beforehand, to check that your hardware will work. -Dont erase windows just yet! You'll know when it's time. Or more accuratly, you'll know that you haven't gotten to that point just yet! -make sure that your ISP will help you setup the internet. I had a real mess with mine, and even switched ISPs. The former ISP's tech support's first qestion was what windows version are you using and if the answer wasn't endorsed by redmont, well, you had no one to talk with! -linuxquestions.org forums! Dotan Cohen -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Foreach problem.
Since you didn't post how you created the array, I went ahead and (ugh!) did it myself. This works fine. ?php $elementsarr = Array ('knr', 'subject', 'title', 'kat', 'pages', 'access', 'dofile', MAX_FILE_SIZE, 'pdf', 'dolink', 'link', 'erstam', 'endless', 'from', 'until', 'openbem', 'history', 'closedbem', 'b', 'br', 'bw', 'bay', 'h', 'hb', 'hh', 'mv', 'n', 'nw', 'rp', 's', 'sa', 'sh', 'sn', 't', 'bund' ); print_r($elementsarr); foreach ($elementsarr as $k = $v) { echo $k = $v\n; } ? -- Teach a man to fish... NEW? | http://www.catb.org/~esr/faqs/smart-questions.html STFA | http://marc.theaimsgroup.com/?l=php-generalw=2 STFM | http://www.php.net/manual/en/index.php STFW | http://www.google.com/search?q=php LAZY | http://mycroft.mozdev.org/download.html?name=PHPsubmitform=Find+search+plugins signature.asc Description: OpenPGP digital signature
Re: [PHP] Foreach problem.
remove the semi-colon at after foreach(...) On Wed, 2005-02-09 at 14:22, Mirco Blitz wrote: HI, I am really confused. I have an array, that looks like this: print_r($elementsarr) = Array ( [0] = knr [1] = subject [2] = title [3] = kat [4] = pages [5] = access [6] = dofile [7] = MAX_FILE_SIZE [8] = pdf [9] = dolink [10] = link [11] = erstam [12] = endless [13] = from [14] = until [15] = openbem [16] = history [17] = closedbem [18] = [19] = b [20] = br [21] = bw [22] = bay [23] = h [24] = hb [25] = hh [26] = mv [27] = n [28] = nw [29] = rp [30] = s [31] = sa [32] = sh [33] = sn [34] = t [35] = bund ) Now i try to work with this array in a foreach. foreach($elementsarr as $key=$tmp); { echo $key=$tmpbr; } Now the result of that is: 35=bund Ist not the first time i work with foreach. But it is the first time it just returns the last value. Do you have an idea why? Thank you very much Mirco Blitz -- Regards, Matthew Fonda -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] $GLOBALS, any probolems?
Hi guys, is there any problems using $GLOBALS superglobal to carry all my global classes instances? For example: $GLOBALS['myclass'] = new myclass(); Regards, Bruno B B Magalhaes -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
AW: [PHP] Foreach problem.
Oh damn I am dumb thank you. That it was. -Ursprüngliche Nachricht- Von: Mikey [mailto:[EMAIL PROTECTED] Gesendet: Donnerstag, 10. Februar 2005 00:07 An: php-general@lists.php.net Betreff: RE: [PHP] Foreach problem. HI, I am really confused. I have an array, that looks like this: print_r($elementsarr) = Array ( [0] = knr [1] = subject [2] = title [3] = kat [4] = pages [5] = access [6] = dofile [snip] = s [31] = sa [32] = sh [33] = sn [34] = t [35] = bund ) Now i try to work with this array in a foreach. foreach($elementsarr as $key=$tmp); { echo $key=$tmpbr; } Now the result of that is: 35=bund The array that you are trying to use foreach on is a numerically indexed array (note the [0] = knr, etc) - this might explain your problem! Mikey -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: [users@httpd] Favorite Linux Distribution
On Thu, 10 Feb 2005 01:01:18 +0200, Dotan Cohen [EMAIL PROTECTED] wrote: I very much disagree. I am writing this on my Fedora Core 3 box and am very happy with it's 'bloat'. As a new convert form windows I am kinda used to everything being there at my fingertips. And in Fedora, everything is, except mp3 support which I added easily with synaptic (the apt gui). I know that I will outgrow this distro, and follow this thread because I am looking for in which direction to grow. But I am very glad that I found Fedora because SUSE, slack, and a few others were way too over my head to get started. I almost gave up. You realize Fedora is RedHat's test distro, right? It's where they test new stuff for their commercial offerings. In other words Fedora is forever in 'testing'. There will never be a final 'stable' release. You'll have to buy a copy of RedHat for that. As a new convert form windows I thought you might want to know. Join you local Linux user's group. Go to an install-fest. Grow. -- Greg Donald Zend Certified Engineer http://destiney.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mail() function
Hello, on 02/09/2005 07:31 PM John Holmes said the following: Bosky, Dave wrote: I can't seem to get the mail function to work. Is there a way to authenticate before sending mail, I believe this is my issue. No. Manuel will be along soon to tell you to look at the SMTP classes on phpclasses.org, though. ;) There are classes there that do this, so try them. Thank you for the introduction, John. ;-) Dave, as John mentioned the PHP mail() function does not know how to authenticate. You may want to try this class that comes with a wrapper function named smtp_mail(). It works like the mail function but lets you set the authentication credentials as you need. http://www.phpclasses.org/mimemessage You also need these: http://www.phpclasses.org/smtpclass http://www.phpclasses.org/sasl -- Regards, Manuel Lemos PHP Classes - Free ready to use OOP components written in PHP http://www.phpclasses.org/ PHP Reviews - Reviews of PHP books and other products http://www.phpclasses.org/reviews/ Metastorage - Data object relational mapping layer generator http://www.meta-language.net/metastorage.html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Multi-Page Forms
Hello, on 02/09/2005 01:38 PM [EMAIL PROTECTED] said the following: I have a form which is too long to be useful displayed on one page. I have it broken up into 7 sections. All 7 are generated by the same PHP source file, from data in a database. When the user updates a section they can submit it and go to the next section, or submit it and finish (return to a higher-level page). There is also a navigation form at the top that lets them jump from any section to any other, and uses JavaScript to prompt if they try to jump without having saved changes they made to the page. All of this is working fine. What's bothering me here is that when the user is done editing the data I use their input to regenerate a style sheet (the form allows them to customize the appearance of a web page for their customers). That's expensive -- relatively speaking -- in server load so I'd rather do it only once, when they're really done. But right now I do it every time they submit any page -- i.e. whenever any of the seven pages is submitted, the generation code runs. I don't see any simple way to let them jump around between pages, yet for me to know when they are truly finished with all the data. Of course I can give the required instructions -- after you are done you have to click submit to save all the data but I bet that those won't be read and the users will jump around, fail to save, and then complain that their changes are getting lost. Any thoughts on the design issues here? You may want to take a look at this class than handles multipage forms with pages either as wizard like (sequential access) or tabbed like (random access): http://www.phpclasses.org/multipageforms There is also this generates a single page using Javascript and DIVs to show you only part of the form at a time and links to switch to other pages: http://www.phpclasses.org/wizard -- Regards, Manuel Lemos PHP Classes - Free ready to use OOP components written in PHP http://www.phpclasses.org/ PHP Reviews - Reviews of PHP books and other products http://www.phpclasses.org/reviews/ Metastorage - Data object relational mapping layer generator http://www.meta-language.net/metastorage.html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] explanation
Hi, I looked everywhere for a nice explanation of this darn simple thing, but had no luck. I am working with some code made by a different person thats why i am running into these sorts of things. (yes, i am kinda newbie) I have a file named blah.php with this line: $B-var1 = name1; Then i have another file called result.php that has: require_once(blah.php); And then i want some code to display the name1. The problem is i have no idea how to deal with that -, what it means (object of some sort?) and how to get the value of that variable. Doing print ($var1) obviously doesnt work. Can someone please explain this to me? What does the - do? How to solve that problem above? Big thanks. Pag -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: [users@httpd] Favorite Linux Distribution
On Wed, 9 Feb 2005 17:42:10 -0600, Greg Donald [EMAIL PROTECTED] wrote: On Thu, 10 Feb 2005 01:01:18 +0200, Dotan Cohen [EMAIL PROTECTED] wrote: I very much disagree. I am writing this on my Fedora Core 3 box and am very happy with it's 'bloat'. As a new convert form windows I am kinda used to everything being there at my fingertips. And in Fedora, everything is, except mp3 support which I added easily with synaptic (the apt gui). I know that I will outgrow this distro, and follow this thread because I am looking for in which direction to grow. But I am very glad that I found Fedora because SUSE, slack, and a few others were way too over my head to get started. I almost gave up. You realize Fedora is RedHat's test distro, right? It's where they test new stuff for their commercial offerings. In other words Fedora is forever in 'testing'. There will never be a final 'stable' release. You'll have to buy a copy of RedHat for that. As a new convert form windows I thought you might want to know. Join you local Linux user's group. Go to an install-fest. Grow. -- Greg Donald Zend Certified Engineer http://destiney.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php I dont exacly agree with the statement: You realize Fedora is RedHat's test distro, right? I quote from fedora.redhat.com: The goal of The Fedora Project is to work with the Linux community to build a complete, general purpose operating system exclusively from free software Now, you are correct insofar as It is also a proving ground for new technology that may eventually make its way into Red Hat products (as quoted from the same page), however it appears to me that the focus is on creating a complete, general purpse operating system exclusively from free software. The fact that there are some bleeding-edge developments makes it no different from most other distros. In fact, as far I as I understand, being a 'newbie-distro' it should be rather stable. As far as my experience with it, it is extremly stable- more so than the XP that it replaced (that might not be saying much, though...). Join you local Linux user's group. I think I might just join me local Linux user's group. Dotan Cohen http://english-lyrics.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] explanation
On Wed, 09 Feb 2005 18:15:28 -0800 (PST), Pagongski [EMAIL PROTECTED] wrote: Hi, I looked everywhere for a nice explanation of this darn simple thing, but had no luck. I am working with some code made by a different person thats why i am running into these sorts of things. (yes, i am kinda newbie) I have a file named blah.php with this line: $B-var1 = name1; Then i have another file called result.php that has: require_once(blah.php); And then i want some code to display the name1. The problem is i have no idea how to deal with that -, what it means (object of some sort?) and how to get the value of that variable. Doing print ($var1) obviously doesnt work. Can someone please explain this to me? What does the - do? How to solve that problem above? - operator used to accsses the method and properties of an object Here B is an object and var1 is an member variable. do a print_r($B-var1); or print_r ($B); You will get the all information about this object like class name etc. zareef ahmed Big thanks. Pag -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Zareef Ahmed :: A PHP Developer in India ( Delhi ) Homepage :: http://www.zareef.net -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Student Suspended Over PHP use.
Maybe it's not People Hate Perl after all... Pot, Heroin, Pussy?!? I think I got suspended for at leat two of those on campus grounds at some point or another. Dotan On Thu, 10 Feb 2005 01:31:43 +1100 (EST), [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: PHP is bad Mkay. I just ran across this interesting article from awhile back. Pretty funny http://bbspot.com/News/2000/6/php_suspend.html http://bbspot.com/News/2000/6/php_suspend.html Topeka, KS - High school sophomore Brett Tyson was suspended today after teachers learned he may be using PHP. A teacher overheard him say that he was using PHP, and as part of our Zero-Tolerance policy against drug use, he was immediately suspended. No questions asked, said Principal Clyde Thurlow. We're not quite sure what PHP is, but we suspect it may be a derivative of PCP, or maybe a new designer drug like GHB. php_logoParents are frightened by the discovery of this new menace in their children's school, and are demanding the school do something. We heard that he found out about PHP at school on the internet. There may even be a PHP web ring operating on school grounds, said irate parent Carol Blessing. School is supposed to be teaching our kids how to read and write. Not about dangerous drugs like PHP. In response to parental demands the school has reconfigured its internet WatchDog software to block access to all internet sites mentioning PHP. Officials say this should prevent any other students from falling prey like Brett Tyson did. They have also stepped up locker searches and brought in drug sniffing dogs. Interviews with students suggested that PHP use is wide spread around the school, but is particularly concentrated in the geeky nerd population. When contacted by BBspot.com, Brett Tyson said, I don't know what the hell is going on dude, but this suspension gives me more time for fraggin'. Yee haw! PHP is a hypertext preprocessor, which sounds very dangerous. It is believed that many users started by using Perl and moved on to the more powerful PHP. For more information on how to recognize if your child may be using PHP please visit http://www.php.net http://www.php.net . HTC Disclaimer: The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Problem using return from a class.
On Wed, 9 Feb 2005 16:12:58 +0800, Jason Wong [EMAIL PROTECTED] wrote: On Wednesday 09 February 2005 01:33, Ben Edwards (lists) wrote: Maybe you should post a bit of code to illustrate your problem ;) I'me just doing:- return $radio_html; as the last line of the method. If I do echo $radio_html; The condense of the variable gets outputted. I could post the method here but its a bit long. You only need to post concise code that illustrates your problem, a one liner to return a value is all the that your method needs. All I woul post them would be 'retrun $radio_htlm' I will post the end of the method: if ( $columns == 0 ) { $radio_html .= $this-manditoryStar( $manditory ); } else { if ( $manditory ) { $radio_html .= trtd colspan=$columnsp class=NormalText font color=red size=+1 . */font You must select at least one option . /font/p/td/tr; } $radio_html .= /table; } $radio_html .= \n\n!--nend presenter.renderRadioReal--\n\n; // really nagst hack as rtturn not working echo $radio_html; return $radio_html; ++$index; } This works becouse I echo the varable, but not ideal. The method call is echo $object-method(...). If the return was working I would get the code returned twice, but I only get it returned once. without the 'nasty hack' I get nothing;(. Ben -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- New Year Resolution: Ignore top posted posts -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Ben Edwards - Bristol, UK, England WARNING:This email contained partisan views - dont ever accuse me of using the veneer of objectivity If you have a problem emailing me use http://www.gurtlush.org.uk/profiles.php?uid=4 (email address this email is sent from may be defunct) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Secure system calls -- how
Richard Lynch wrote: Perhaps the reason there is no article or tutorial is that it would be a book, not an article or tutorial :-) There are so MANY affected/related software system pieces that you can't do it justice in an article or tutorial, I suspect. Quite true. However, warnings about don't do this or that, an attacker may use this and so on are numerous, but advice on what to do about it is rarer. And this thing with system calls is a good example: I can find many warnings about not doing it, but not a single piece of advice about how to do it when it's actually necessary. The interaction between your scripts, the OS, PHP and every other script or piece of software on the system comes into play once you start granting special privileges to the PHP user. Here's a method you could easily miss: Create a JPEG that looks like a JPEG in its header, but has malevlolent PHP code in it. Then, upload that JPEG to your server as an avatar or whatever through some kind of file upload anywhere on the system. Then, surf to that image with variations on .php in the URL in an attempt to get PHP to execute that image as PHP code. True, and I do have file uploads for privileged users. I check the files, but how can I be sure? Your example is good, it's very easy to miss the problem with code in a file -- but where's the solution? This is exactly the kind of thing that *CAN* happen by successive small minor mistakes taken one at a time over years of a server build-up, none of which in and of themselves will be obvious as a problem, until too late. Good point, but that's a danger with all programs. Maybe this is a good reason to use tried-and-tested modules like PEAR -- but they can be faulty as well. My main point isn't that I want to be 100% certain nothing will ever go wrong with my program. That's quite unrealistic. But I'm looking for solutions to the problems everybody's pointing out. Thanks again, Niels -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP Development IDE's/Editors
I will apologise for this questions now, but everyone has to start somewhere. I am just starting out with PHP and wanted to know what development environments/editors that you guys are using for your PHP development. (On Windows) I know that you can use good ol Visual Notepad, but i was wondering if there was anything better out there. Thanks. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Development IDE's/Editors
Hello Darren, Thursday, February 10, 2005, 3:56:04 AM, you wrote: DL I am just starting out with PHP and wanted to know what DL development environments/editors that you guys are using for your DL PHP development. (On Windows) Zend Studio 4.0 (Beta) It's not cheap, but it does everything I need (and then some) for the development work I do every day. For HTML I still use Homesite + TopStyle. Best regards, Richard Davey -- http://www.launchcode.co.uk - PHP Development Services I am not young enough to know everything. - Oscar Wilde -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Development IDE's/Editors
Personally I use either emacs or kate. On Wed, 2005-02-09 at 19:56, Darren Linsley wrote: I will apologise for this questions now, but everyone has to start somewhere. I am just starting out with PHP and wanted to know what development environments/editors that you guys are using for your PHP development. (On Windows) I know that you can use good ol Visual Notepad, but i was wondering if there was anything better out there. Thanks. -- Regards, Matthew Fonda -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Parsing whois lookup information
Hello, For a project I need to parse whois domain lookup data. Have some one parsed these data in PHP? Please let me know where can I find them. I have already gone through google and couldn't find anything useful. There is one .NET library (http://www.hexillion.com/whois/) available, but it is charged. :((. So if someone can help me out it would be grateful. Thank you very much, Harish Rao K. Nous Infosystems This e-mail transmission may contain confidential or legally privileged information that is intended only for the individual(s) or entity(ies) named in the e-mail address. If you are not the intended recipient, please reply to the [EMAIL PROTECTED], so that arrangements can be made for proper delivery, and then please delete all copies and attachments.Any disclosure, copying, distribution, or reliance upon the contents of this e-mail, by any other than the intended recipients, is strictly prohibited. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Parsing whois lookup information
You might want to check out PEAR::Net_Whois http://pear.php.net/package/Net_Whois On Wed, 2005-02-09 at 20:13, Harish Rao K wrote: Hello, For a project I need to parse whois domain lookup data. Have some one parsed these data in PHP? Please let me know where can I find them. I have already gone through google and couldn't find anything useful. There is one .NET library (http://www.hexillion.com/whois/) available, but it is charged. :((. So if someone can help me out it would be grateful. Thank you very much, Harish Rao K. Nous Infosystems This e-mail transmission may contain confidential or legally privileged information that is intended only for the individual(s) or entity(ies) named in the e-mail address. If you are not the intended recipient, please reply to the [EMAIL PROTECTED], so that arrangements can be made for proper delivery, and then please delete all copies and attachments.Any disclosure, copying, distribution, or reliance upon the contents of this e-mail, by any other than the intended recipients, is strictly prohibited. -- Regards, Matthew Fonda -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Development IDE's/Editors
Personally I use either emacs or kate. Bah , phpeclipse.de It has its odd issues with file syncing with the sftp exporter and modification times but its rare. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] errors not reported
Hiya - My parse errors have disappeared from my development environment. Now whenever php cannot run a page, it just stops with a blank page in the browser and no clues. Running the same code on another server will give a fatal error class not found etc type output to the browser. Can someone help me with what other places error reporting (esp parse errors) is configured? What i did: check phpinfo() find which php.ini is being used edited that to set all error settings I could find to on. call error_reporting(E_ALL) in my scripts. but all to no avail! Gak! Are there any other apache settings or other system variables to check? /dc ___ David DC Collier mobile business creator [EMAIL PROTECTED] skype: d3ntaku http://www.pikkle.com +81 (0)90-7414-6107 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Development IDE's/Editors
notepad forever. but if you prefer syntax highlighting there is a freeware soft called notepad2. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php