date:20050621

it's very easy to use and there's more documentation floating around than  
any other - which is always a good thing... =)
 
from a n00b's point of view!

[PHP] Re: How to print variable name and contents

2005-06-21 Thread nntp.charter.net

Bob and Ed and others,

Thanks for all the responses.  They really helped.

-- Gil 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Apache Webserver User Survey

2005-06-21 Thread Ian Holsman


wow you php bunch are a vocal lot.. ;-)
no other mailing list had a peep.

ok. let me try to answer the questions.. and apologies if I offend, it 
isn't the intention.



the answers your have given me are great (I wish u stuck them in the 
survey form, but no matter)


you've just given me 2 different reasons on 'why apache' then the 
previous poster.


you said:
stability & 'leanness'

he said:
performance & price.

Others have also mentioned other reasons like ease of configuration, 
modularity and so on.


The point is each of you are unique individuals with different reasons 
and experiences. If no one asks, we wouldn't know, we could just make a

gut choice .. which would most likely be wrong.

now..

why demographics..

have a look at http://www.biznix.org/surveys/ for a different picture
of apache's server usage stats. people in america in fortune 500 
companies use IIS more than people in 'the world' in global 500 
companies... so where you live does make a difference.


who knew?

as for how we could use this information.

I put the demographic in there to see what kind of person you are, and 
to see if there was any correlation between where you live and how you 
answered. ie.. people in Europe think documentation is a big issue, 
while the people in the USA are more concerned about performance. (this 
might be because the French documentation is really bad.. which would be 
interesting in itself no?).


BTW.. your IP# would have given me a whole lot of this information as 
well. I was just being polite (and lazy.. I didn't want to implement the 
same thing the php website does for it's download mirroring)


and to address your other concern.. why 'PHP'..
easy.. you guys use apache and IIS. PHP is so great it can run on both..
you guys have a *choice*..
If we didn't listen to what you guys say.. you wouldn't choose us next time.


mod_perl or .NET users don't have that choice.

if you do know a IIS mailing list, please feel free to mail me..
I really couldn't find any.



Kind regards
Ian Holsman.

Rene Brehmer wrote:

Documented research indicate that on Wed, 22 Jun 2005 10:58:12 +1000, Ian
Holsman wrote:



Greg Donald wrote:


On 6/21/05, Al <[EMAIL PROTECTED]> wrote:



Why bother.

http://news.netcraft.com/archives/web_server_survey.html


http://www.securityspace.com/s_survey/data/200504/index.html

http://www.securityspace.com/s_survey/data/man.200504/apachemods.html



These show that apache has 70% usage, but not why.



Because it's free and can do just about any HTTP need you might have on any
platform ever made ?

I tried using IIS, both the small one that comes with Windows 2000 Pro and
XP Pro, and the full version that comes with Windows 2000/2003 server, and
it is by far nowhere as lean or stable as Apache. ... And because IIS comes
with windows, and an awful lot of companies, for gawd knows what reason,
choose windows for their servers, it remains the only real alternative to
Apache.

But at any rate: Your survey might be better aimed at the Apache and IIS
user groups, rather than the PHP groups.

And personally, I don't like the demographical info in your survey. Unless
you're doing a localization project, I don't see the relevance in it. What
people use a webserver for in Timbuktu is generally the same as in Alaska,
the different local languages aside: Serving porn sites, news and reviews,
technical and not so technical references, and community sites (those four
things happen to be what about 70% of the web consists of).




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Apache Webserver User Survey

Documented research indicate that on Wed, 22 Jun 2005 10:58:12 +1000, Ian
Holsman wrote:

> Greg Donald wrote:
>> On 6/21/05, Al <[EMAIL PROTECTED]> wrote:
>> 
>>>Why bother.
>>>
>>>http://news.netcraft.com/archives/web_server_survey.html
>> 
>> http://www.securityspace.com/s_survey/data/200504/index.html
>> 
>> http://www.securityspace.com/s_survey/data/man.200504/apachemods.html
>> 
> 
> These show that apache has 70% usage, but not why.

Because it's free and can do just about any HTTP need you might have on any
platform ever made ?

I tried using IIS, both the small one that comes with Windows 2000 Pro and
XP Pro, and the full version that comes with Windows 2000/2003 server, and
it is by far nowhere as lean or stable as Apache. ... And because IIS comes
with windows, and an awful lot of companies, for gawd knows what reason,
choose windows for their servers, it remains the only real alternative to
Apache.

But at any rate: Your survey might be better aimed at the Apache and IIS
user groups, rather than the PHP groups.

And personally, I don't like the demographical info in your survey. Unless
you're doing a localization project, I don't see the relevance in it. What
people use a webserver for in Timbuktu is generally the same as in Alaska,
the different local languages aside: Serving porn sites, news and reviews,
technical and not so technical references, and community sites (those four
things happen to be what about 70% of the web consists of).

-- 
Rene Brehmer
aka Metalbunny

We have nothing to fear from free speech and free information on the
Internet, but pop-up advertising! 

http://metalbunny.net/
My little mess of things...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Apache Webserver User Survey

2005-06-21 Thread Greg Donald

On 6/21/05, Ian Holsman <[EMAIL PROTECTED]> wrote:
> These show that apache has 70% usage, but not why.
> 
> The survey is aimed to find out:
> - what people actually use (and how)

Most people use Apache.  How?  To serve web pages most likely.  There
are quite a few new projects using the Apache portable runtime that do
not necessarily serve up web pages however.

> - what kind of things they would like to see

In what respect?  Performance?  Price?

> - and what they want improved

I have no complaints.  Apache serves web pages just fine for me. 
There may be some people who want to use Apache2 in threading mode.

> and just because apache has a 70% market share today doesn't mean that
> it will have it in a year from now.

I suspect it will be 75% or possibly higher in the next year.  But I
make a living writing PHP, not looking into crystal balls, so I might
be wrong.

> just look at the netscape browser
> for an example on how fast you can fall from being the #1 to #0.

Right, but it was a commercial product that got the rug pulled out
from underneath it by a free product, IE.  Apache is already free, so
IIS can't really do much harm there.  Lighttpd may be one to watch
however: http://www.lighttpd.net/

-- 
Greg Donald
Zend Certified Engineer
MySQL Core Certification
http://destiney.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Apache Webserver User Survey

2005-06-21 Thread Ian Holsman


Greg Donald wrote:

On 6/21/05, Al <[EMAIL PROTECTED]> wrote:


Why bother.

http://news.netcraft.com/archives/web_server_survey.html



http://www.securityspace.com/s_survey/data/200504/index.html

http://www.securityspace.com/s_survey/data/man.200504/apachemods.html




These show that apache has 70% usage, but not why.

The survey is aimed to find out:
- what people actually use (and how)
- what kind of things they would like to see
- and what they want improved


and just because apache has a 70% market share today doesn't mean that 
it will have it in a year from now. just look at the netscape browser 
for an example on how fast you can fall from being the #1 to #0.


Regards
Ian.

ps.
I honestly do want some feedback good or bad. If you could spend the 10 
minutes it would be appreciated.


The link again
http://survey.zilbo.com/php.survey

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Apache Webserver User Survey

2005-06-21 Thread Greg Donald

On 6/21/05, Al <[EMAIL PROTECTED]> wrote:
> Why bother.
> 
> http://news.netcraft.com/archives/web_server_survey.html

http://www.securityspace.com/s_survey/data/200504/index.html

http://www.securityspace.com/s_survey/data/man.200504/apachemods.html


-- 
Greg Donald
Zend Certified Engineer
MySQL Core Certification
http://destiney.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Apache Webserver User Survey

2005-06-21 Thread Al


Why bother.

http://news.netcraft.com/archives/web_server_survey.html


Ian Holsman wrote:

Hi.

I am conducting a survey about what users want out of a webserver
and how the Apache webserver ranks as far as fulfilling those needs.

In order to get a better understanding of it, I thought I would ask
you guys what was important to you.

The survey should take about 10-15 minutes to complete.

http://survey.zilbo.com/php.survey

I wish I could say there was a prize being given away if you fill it 
out, but there isn't..


This is 'opensource' research.. I don't have a marketing budget ;-)



Thanks
Ian Holsman
[EMAIL PROTECTED]


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: resetting arrays

2005-06-21 Thread Al


in general, you should use "0" as your first key, not 1.  It'll save trouble.

array_values() will index from 0

$pos= 0;

unset($ses_basket_items[$pos])  //will remove the first item.


I. Gray wrote:

Thanks Al,

That's done it!

unset($ses_basket_items[$pos]); $ses_basket_items  = 
array_values($ses_basket_items) ;


They aren't big arrays so I suppose I shouldn't worry about exceeding 
memory limits - 
http://uk2.php.net/manual/en/function.array-values.php#36837  ?


My only problem now is that I can't seem to delete the first value of 
the array.


$basket is the item I want to delete from the array $baskitems

if (array_search($basket, $baskitems) != FALSE) {
$pos = array_search($basket, $baskitems);
unset($ses_basket_items[$pos]); $ses_basket_items  = 
array_values($ses_basket_items) ;

}





Al wrote:


I. Gray wrote:


Hi.

I am sure this is easy, but I can't get this work.  Is there not a 
php function that can do this?


I have an array- for example...
[1] => Yellow
[2] => Green
[3] => Purple
[4] => Blue
[5] => Red
[6] => Orange
[7] => Cyan

What happens, say if I delete [3] => Purple?  I get...

[1] => Yellow
[2] => Green
[4] => Blue
[5] => Red
[6] => Orange
[7] => Cyan

But what if I want to reset the numbers? Like...

[1] => Yellow
[2] => Green
[3] => Blue
[4] => Red
[5] => Orange
[6] => Cyan

I've tried this...

unset($ses_basket_items[$pos]); for ($ii=0; 
$ii(isset($ses_basket_items[$ii])) {$cc++; $arry_a[$cc] = 
$ses_basket_items[$ii]; }} $ses_basket_items = $arry_a;


where $pos is the position of the array I want to get rid of. 
$ses_basket_items is session variable, does that matter?


Please help.




array_values()


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Checking requested range


Neil Doody wrote:

Marek Kilimajer wrote:


Try http://pear.php.net/package/HTTP_Download



Cheers for that, I think I just found a reasonable method to do  a short 
term fix, though I might totally redesign my download application to 
support resumable download agents.  I looked on the HTTP 1.1 protocol 
and found the request headers used when requesting parts of a file is 
"Range:".


For now I put this at the top of my script :-

$headers = apache_request_headers();
foreach ($headers as $header => $value) {
  if (stristr($header, "range") != FALSE) { die; }


you might want to check for "Range:" (case-sensitive)
or "range:" (insensitive) instead...

"GET HTTP1.1 /rangerover.html"

but it may be a moot point.


}



Using the apache_request_headers to check for the range request and die 
if it recieves it, does it look reasonable to you?


possibly send out an appropriate header before you die()?
(that sounds weird :-)

e.g.

header("Status: 501 Not Implemented");

or

header("Status: 406 Not Acceptable");

I'm not sure which would be more correct, and you may need
to output additional headers to complement these.

more details:
http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] undefined mysql_connect() ???

2005-06-21 Thread Frank Whitsell



Sheesh, the electric power has just been off for almost an hour!

Here's the result of running "rpm -qa | grep -i php":

 php-4.3.9-3
 php-ldap-4.3.9-3
 php-pear-4.3.9-3

The o/s is Fedora Core 3, and I selected the Server installation, which also
automatically installed apache 2.0.52, php 4.3.9, and mysql 3.23.58, as I
wanted.  And those are all rpm's.

I've installed a number of redhat's, suse's, debian, etc, and never had this
problem...but I have never used (or installed) apache2 before.

The .php files execute fine.  That is, until I try to call the mysql_connect()
function.  Then I get the undefined-function error.

On apache1.3, the phpinfo() function shows the apache modules loaded, and that
shows that mod_php4 is loaded.  But on apache2, nothing is mentioned about php
in the list of loaded modules.

Nevertheless, if I add the LoadModule directive for php4 and restart apache2,
apache2 complains that the module is already loaded.  And it must be, because
otherwise, the .php files wouldn't execute.

It's almost as if apache2 is loading it's php module from some other source
that doesn't contain the mysql functions.  By "from some other source", I mean
that maybe it's not loading the libphp4.so that's in the apache2 modules
directory.

The httpd.conf file has the directive ServerRoot set to /etc/httpd, and the
modules all use the pathname "modules/".  Thus,
"/etc/httpd/modules/ should load the correct module.  But there is no
mention at all of "libphp4.so" in the httpd.conf file, or anywhere else I can
find.  In fact, a search for "php" in the httpd.conf file finds nothing.  I'm
really stumped.

 --frank--

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Apache Webserver User Survey

2005-06-21 Thread Ian Holsman


Hi.

I am conducting a survey about what users want out of a webserver
and how the Apache webserver ranks as far as fulfilling those needs.

In order to get a better understanding of it, I thought I would ask
you guys what was important to you.

The survey should take about 10-15 minutes to complete.

http://survey.zilbo.com/php.survey

I wish I could say there was a prize being given away if you fill it 
out, but there isn't..


This is 'opensource' research.. I don't have a marketing budget ;-)



Thanks
Ian Holsman
[EMAIL PROTECTED]

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Checking requested range

2005-06-21 Thread Neil Doody


Marek Kilimajer wrote:

Try http://pear.php.net/package/HTTP_Download


Cheers for that, I think I just found a reasonable method to do  a short 
term fix, though I might totally redesign my download application to support 
resumable download agents.  I looked on the HTTP 1.1 protocol and found the 
request headers used when requesting parts of a file is "Range:".


For now I put this at the top of my script :-

$headers = apache_request_headers();
foreach ($headers as $header => $value) {
  if (stristr($header, "range") != FALSE) { die; }
}



Using the apache_request_headers to check for the range request and die if 
it recieves it, does it look reasonable to you? 


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Checking requested range

2005-06-21 Thread Marek Kilimajer


Neil Doody wrote:
Is there anything in PHP which would allow me to check the requested range 
of bytes by an client?


Basically one of the download scripts I made some time ago got hit by a load 
of requests for a file, but the server was giving back "416 Requested Range 
Not Satisfiable".  I assume that the user is trying to use a download agent 
of some kind, but this was killing my server by soaking up all the memory 
with all these requests.  What I wanted to do was check this request and 
then drop the connection straight away, if it seems suspect, is this 
possible? 



Try http://pear.php.net/package/HTTP_Download

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: security question...??

Documented research indicate that on Tue, 21 Jun 2005 13:37:50 -0700,
"bruce" wrote:

> chris...
> 
> what you state is true at the extreme... but in the case of an client app, i
> could already extract information about the various apps that make up the
> client.. ie if, as in the case of IE, I was able to get information from the
> IE browser about various dlls that make up the browser. if these pieces of
> information correclt match what msoft would state should be there, then i
> could assume that the app was/is legitimate. 

BUT: That would mean that you can't take into account any plugins or
extensions the user might install. And the security leak you're afraid of
might not even be IN the browser program used. It might as well be a packet
sniffer on the outside of the user's firewall ...

> and here's why. while you may not give a damm, there will be a growing
> chorus of people who'll want to know that the developers/sites are doing
> everything they can to ensure the safety of the entire transaction. in fact,
> i'm willing to bet that somehting like what i've been discussing will be
> delivered, and promoted as a security/selling point...

I think it's more a matter of education and morale than anything else. You
can't take responsibility for all clients not screwing up their own system.
You just have to hope and trust, that when you tell your users to use this
and that browser, and take this and that precaution, that they actually do
it, and not install a whole bunch of crap that creates a security problem.

What you're asking for is basically a way to control what users do on their
own computers, and refuse them if you don't like what they've done. It's
not very short of invasion of privacy. Electronic Arts already do that with
their games (spy on your computer without your permission, and the refuse
you to play the game you legally paid for, because you have other legally
paid programs that they don't approve of).

What you can do however, is to develop an app that can run a security test
locally on the user's computer, and have that app sign off on the user
being safe enough for you to want to deal with him. And then force them to
regularly have to do that again. But I'm telling you, the more troublesome
you make it for your users to use your stuff, the more users you'll loose,
and fast. Mostly thanks to MS and Apple, computer users today know very
little about their computers, or how they work, or how they protect
themselves, and we teach them that they should all and anything that comes
their way. So it's continuingly limited what you can actually ask a
computer user to put up with, they'll just go somewhere else that's less
hazzlesome (that's the whole reason the majority use IE: It's there, it's
easy to use, it gets the job done, and it doesn't complain a whole lot).
The majority of end-users don't care, or know, or understand, simple
security precautions when it comes to network traffic.

Education and discipline is, in the end, the only means to achieve what you
want.

/rambling off
-- 
Rene Brehmer
aka Metalbunny

We have nothing to fear from free speech and free information on the
Internet, but pop-up advertising! 

http://metalbunny.net/
My little mess of things...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Returned mail: see transcript for details

2005-06-21 Thread MAILER-DAEMON

ALERT!

This e-mail, in its original form, contained one or more attached files that 
were infected with a virus, worm, or other type of security threat. This e-mail 
was sent from a Road Runner IP address. As part of our continuing initiative to 
stop the spread of malicious viruses, Road Runner scans all outbound e-mail 
attachments. If a virus, worm, or other security threat is found, Road Runner 
cleans or deletes the infected attachments as necessary, but continues to send 
the original message content to the recipient. Further information on this 
initiative can be found at http://help.rr.com/faqs/e_mgsp.html.
Please be advised that Road Runner does not contact the original sender of the 
e-mail as part of the scanning process. Road Runner recommends that if the 
sender is known to you, you contact them directly and advise them of their 
issue. If you do not know the sender, we advise you to forward this message in 
its entirety (including full headers) to the Road Runner Abuse Department, at 
[EMAIL PROTECTED]

The original message was received at Tue, 21 Jun 2005 18:14:48 -0400
from lists.php.net [179.157.19.160]

- The following addresses had permanent fatal errors -


- Transcript of session follows -
... while talking to 182.77.105.30:
>>> RCPT To:
<<< 550 MAILBOX NOT FOUND

file attachment: message.zip

This e-mail in its original form contained one or more attached files that were 
infected with the [EMAIL PROTECTED] virus or worm. They have been removed.
For more information on Road Runner's virus filtering initiative, visit our 
Help & Member Services pages at http://help.rr.com, or the virus filtering 
information page directly at http://help.rr.com/faqs/e_mgsp.html. 
-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: security question...??

Documented research indicate that on Tue, 21 Jun 2005 16:25:36 +0100,
"Shaw, Chris - Accenture" wrote:

> You could always use a IE exploit to crash the browser, if they are still
> requesting, you know they are not IE. ;)
> 
> Out of interest, what information are you planning on getting from the
> browser?
> 
> Why can you not use certificates?

Certificates only serve to verify the user as being who they say they are
(and in the other direction, verify that the server is who it claims to
be), they don't in any way do anything to ensure that the client browser is
in fact secure.

Rene

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: So many returned mail notices!



Documented research indicate that on Tue, 21 Jun 2005 20:14:59 +0200,
Jochem Maas wrote:

> Chris W. Parker wrote:
>> JB05UK 
>> on Tuesday, June 21, 2005 10:31 AM said:
>> 
>>>My point is if you dont like spam do something about it, clearly your
>>>too ignorant to understand.
>> 
>> When did I complain about spam? Go back to my original post, reread it,
>> think about it, then realize that I never complained about the messages.
>> I merely was asking if other people were receiving the same messages or
>> if there was something out of wack with my email servers.
>> 
>> Get a clue.
> 
> but Chris, clues are very expensive in England - not everyone can afford 
> them. ;-)

"But I thought Clue was a board game?"

#endsarcasm


-- 
Rene Brehmer
aka Metalbunny

We have nothing to fear from free speech and free information on the
Internet, but pop-up advertising! 

http://metalbunny.net/
My little mess of things...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] undefined mysql_connect() ???

frank,

did you install php/mysql as an RPM or from source? what OS are you using?

if you did the RPM (assuming redhat linux), do a rpm -qa | grep 'php' (or
maybe just php without the '')

tell me/the list what it says..

-bruce


-Original Message-
From: Frank Whitsell [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 21, 2005 1:59 PM
To: bruce
Cc: php-general@lists.php.net
Subject: RE: [PHP] undefined mysql_connect() ???



Thanks for your reply, Bruce.
I hadn't thought of running it from the command-line as a test.

Here is the entire code and the result (which was the same):

Script started on Tue 21 Jun 2005 03:49:17 PM CDT

 THE TEST CODE =
[EMAIL PROTECTED] tst]$ cat mysqltst.php


 THE RESULT =
[EMAIL PROTECTED] tst]$ php mysqltst.php
PHP Fatal error:  Call to undefined function:  mysql_connect() in
/home/flw/php/tst/mysqltst.php on line 2
Content-type: text/html
X-Powered-By: PHP/4.3.9

[EMAIL PROTECTED] tst]$ exit

Script done on Tue 21 Jun 2005 03:49:34 PM CDT

  --frank--

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: security question...??

2005-06-21 Thread Rory Browne

Even if you could pull it off technically, and I'd be very interested
if you did, considering that the most insecure browser out there, is
also the most commonly used. Ditto for OS.

If all you're concerned about is client image(which from the tone
seems to be the case), then you could simply exclude MSIE, by
rejecting it's UserAgent, or checking with JS for document.all, or
window.ActiveXObject, or some other MSIE specific object - sorry I'm
not a JS programmer.

On 6/21/05, Chris W. Parker <[EMAIL PROTECTED]> wrote:
> bruce 
> on Tuesday, June 21, 2005 1:38 PM said:
> 
> > what you state is true at the extreme... but in the case of an client
> > app, i could already extract information about the various apps that
> > make up the client.. ie if, as in the case of IE, I was able to get
> > information from the IE browser about various dlls that make up the
> > browser. if these pieces of information correclt match what msoft
> > would state should be there, then i could assume that the app was/is
> > legitimate.
> 
> Ok sure. But what you're not considering is that a malicious program
> could STILL intercept the request for identification from the server and
> send whatever information it wanted to, ultimately fooling your
> identification system. Your server could never know the difference.
> There's no way you, on the server end, could tell whether or not it was
> a malicious program answering your questions or a legitimate program
> answering your questions.
> 
> (This question is not supposed to be rude or sarcastic.) Have you ever
> heard of a rootkit? Consider the way a rootkit works in this situation.
> A rootkit hides itself from the user and the system so much so that it
> is undetectable while the OS (and itself) are loaded. The way to detect
> a rootkit is by scanning the system during a regular boot and then
> scanning the system again before the OS has had the chance to load the
> rootkit into memory. If there is a difference between the two scans,
> you're likely infected.
> 
> In fact a rootkit can take it one step further by knowing that a scan is
> being performed and return false information to the scanner so that when
> the next scan is performed (before the rootkit is loaded) it'll look as
> if nothing is going wrong.
> 
> Now how do you expect to determine that remotely?
> 
> > you're correct in stating that the existing methods don't permit this
> > kind of transactions to occur. however, i'm of the believe that over
> > time, they will.
> 
> I don't doubt that. But irregardless of this you're still not in the
> position to determine whether or not the information you are receiving
> is accurate. Ultimately you will have to trust that the information you
> are receiving is accurate and valid. The methods by which your server is
> fooled will increase along with the methods for accurately reporting the
> client's configuration is increased.
> 
> > and here's why. while you may not give a damm, there will be a
> > growing chorus of people who'll want to know that the
> > developers/sites are doing everything they can to ensure the safety
> > of the entire transaction. in fact, i'm willing to bet that somehting
> > like what i've been discussing will be delivered, and promoted as a
> > security/selling point...
> 
> I don't doubt this either. People will continue to blame everyone but
> themself until they are blue in the face. If people really want change
> they should put pressure on the manufacturer not the people providing
> services. I.e. People should stop buying Windows and move to another OS
> (until it's time to move away from that OS as well) until Microsoft gets
> it's act together. MS would have put out Windows 2020 a year ago if all
> of a sudden all their customers stopped purchasing their products.
> They'd get the picture for sure. All of MS's efforts would be put into
> making their product rock solid and not in adding feature after feature.
> 
> 
> Respectfully,
> Chris.
> 
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 
>

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: So many returned mail notices!

Documented research indicate that on Tue, 21 Jun 2005 18:31:17 +0100,
JB05UK wrote:

> Chris W. Parker wrote:
>> Your point is?
> 
> My point is if you dont like spam do something about it, clearly your 
> too ignorant to understand.

Clearly that comment alone indicates who's the real ignorant here...

-- 
Rene Brehmer
aka Metalbunny

We have nothing to fear from free speech and free information on the
Internet, but pop-up advertising! 

http://metalbunny.net/
My little mess of things...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] undefined mysql_connect() ???

2005-06-21 Thread Frank Whitsell



Thanks for your reply, Bruce.
I hadn't thought of running it from the command-line as a test.

Here is the entire code and the result (which was the same):

Script started on Tue 21 Jun 2005 03:49:17 PM CDT

 THE TEST CODE =
[EMAIL PROTECTED] tst]$ cat mysqltst.php 

$dbh = mysql_connect("localhost");
print "dbh=$dbh\n";
exit;
?>

 THE RESULT =
[EMAIL PROTECTED] tst]$ php mysqltst.php 
PHP Fatal error:  Call to undefined function:  mysql_connect() in /home/flw/php/tst/mysqltst.php on line 2

Content-type: text/html
X-Powered-By: PHP/4.3.9

[EMAIL PROTECTED] tst]$ exit

Script done on Tue 21 Jun 2005 03:49:34 PM CDT

 --frank--

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Checking requested range

2005-06-21 Thread Neil Doody

Is there anything in PHP which would allow me to check the requested range 
of bytes by an client?

Basically one of the download scripts I made some time ago got hit by a load 
of requests for a file, but the server was giving back "416 Requested Range 
Not Satisfiable".  I assume that the user is trying to use a download agent 
of some kind, but this was killing my server by soaking up all the memory 
with all these requests.  What I wanted to do was check this request and 
then drop the connection straight away, if it seems suspect, is this 
possible? 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Re: security question...??

bruce 
on Tuesday, June 21, 2005 1:38 PM said:

> what you state is true at the extreme... but in the case of an client
> app, i could already extract information about the various apps that
> make up the client.. ie if, as in the case of IE, I was able to get
> information from the IE browser about various dlls that make up the
> browser. if these pieces of information correclt match what msoft
> would state should be there, then i could assume that the app was/is
> legitimate.

Ok sure. But what you're not considering is that a malicious program
could STILL intercept the request for identification from the server and
send whatever information it wanted to, ultimately fooling your
identification system. Your server could never know the difference.
There's no way you, on the server end, could tell whether or not it was
a malicious program answering your questions or a legitimate program
answering your questions.

(This question is not supposed to be rude or sarcastic.) Have you ever
heard of a rootkit? Consider the way a rootkit works in this situation.
A rootkit hides itself from the user and the system so much so that it
is undetectable while the OS (and itself) are loaded. The way to detect
a rootkit is by scanning the system during a regular boot and then
scanning the system again before the OS has had the chance to load the
rootkit into memory. If there is a difference between the two scans,
you're likely infected.

In fact a rootkit can take it one step further by knowing that a scan is
being performed and return false information to the scanner so that when
the next scan is performed (before the rootkit is loaded) it'll look as
if nothing is going wrong.

Now how do you expect to determine that remotely?

> you're correct in stating that the existing methods don't permit this
> kind of transactions to occur. however, i'm of the believe that over
> time, they will.

I don't doubt that. But irregardless of this you're still not in the
position to determine whether or not the information you are receiving
is accurate. Ultimately you will have to trust that the information you
are receiving is accurate and valid. The methods by which your server is
fooled will increase along with the methods for accurately reporting the
client's configuration is increased.

> and here's why. while you may not give a damm, there will be a
> growing chorus of people who'll want to know that the
> developers/sites are doing everything they can to ensure the safety
> of the entire transaction. in fact, i'm willing to bet that somehting
> like what i've been discussing will be delivered, and promoted as a
> security/selling point...

I don't doubt this either. People will continue to blame everyone but
themself until they are blue in the face. If people really want change
they should put pressure on the manufacturer not the people providing
services. I.e. People should stop buying Windows and move to another OS
(until it's time to move away from that OS as well) until Microsoft gets
it's act together. MS would have put out Windows 2020 a year ago if all
of a sudden all their customers stopped purchasing their products.
They'd get the picture for sure. All of MS's efforts would be put into
making their product rock solid and not in adding feature after feature.


Respectfully,
Chris.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] text areas and line brakes

2005-06-21 Thread Joe Harman

$YOUR_VARIABLE_CONVERTED = nl2br($YOUR_VARIABLE);

On 6/21/05, Jason Barnett <[EMAIL PROTECTED]> wrote:
> http://php.net/manual/en/function.nl2br.php
> 
> --
> NEW? | http://www.catb.org/~esr/faqs/smart-questions.html
> STFA | http://marc.theaimsgroup.com/?l=php-general&w=2
> STFM | http://php.net/manual/en/index.php
> STFW | http://www.google.com/search?q=php
> 
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 
> 


-- 
Joe Harman
-
Do not go where the path may lead, go instead where there is no path
and leave a trail. - Ralph Waldo Emerson

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] undefined mysql_connect() ???

frank...

try creating a really simple php app that hist the mysql db, and run it from
the php/command line interface..

does it work properly??

-bruce


-Original Message-
From: Frank Whitsell [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 21, 2005 1:09 PM
To: php-general@lists.php.net
Subject: [PHP] undefined mysql_connect() ???



I would really appreciate any help anyone can give me if you know anything
about this problem:

I am getting an undefined function call error message from PHP when I call
mysql_connect().

That error message appears in the httpd error_log file when I try to connect
to
mysql.

The exact text of the error message is:

   [client 192.168.0.100] PHP Fatal error:  Call to undefined function:
   mysql_connect() in /var/www/html/lbl/mysql_globals.inc on line 19,
referer:
   http://linux4/demo/menu.php?DATABASE=labels

I just installed Fedora Core 3, which also installed apache 2.0.52, php
4.3.9,
and mysql 3.23.58.

I think that error message usually means that the php module did not get
loaded, but when I add the php4 LoadModule and AddType directives to
httpd.conf, apache complains that the php4 module is already loaded.

And indeed, it must be, because .php files load and execute okay!

As for MySQL, the phpinfo() page shows the following in the configure line
used
to build php:

   --with-mysql=share,/usr

And running the strings command on modules/libphp4.so shows that
mysql_connect
and other mysql functions are present.

So it would appear that php should be able to find the mysql libs, which are
in
/usr/lib/mysql.

PHP gives no other error messages.  I'm out of ideas.  Can anyone make any
suggestions?

TIA

--frank--

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Re: security question...??

chris...

what you state is true at the extreme... but in the case of an client app, i
could already extract information about the various apps that make up the
client.. ie if, as in the case of IE, I was able to get information from the
IE browser about various dlls that make up the browser. if these pieces of
information correclt match what msoft would state should be there, then i
could assume that the app was/is legitimate. 

you're correct in stating that the existing methods don't permit this kind
of transactions to occur. however, i'm of the believe that over time, they
will.

and here's why. while you may not give a damm, there will be a growing
chorus of people who'll want to know that the developers/sites are doing
everything they can to ensure the safety of the entire transaction. in fact,
i'm willing to bet that somehting like what i've been discussing will be
delivered, and promoted as a security/selling point...

IE, I'm Wells Fargo, our site will talk in a secure manner with the
following browsers... anybody else, we'll let you peruse, but we'd rather
not exchange sensitive information!!

looks like we'll have to agree to disagree...

peace..


-Original Message-
From: Chris W. Parker [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 21, 2005 10:21 AM
To: [EMAIL PROTECTED]; -{ Rene Brehmer }-;
php-general@lists.php.net
Subject: RE: [PHP] Re: security question...??


bruce 
on Monday, June 20, 2005 5:50 PM said:

> if you're going to be writing apps that deal with sensitive
> information, you better damm well give some thought as to how secure
> the client is, or even if the client is actually valid!

It's not possible to determine the validity of the client. Just give it
some good hard thought and you'll probably come to the correct
conclusion.

A client/server relationship is like two people talking through a wall.
You can hear my voice just fine and I can answer all the questions you
ask me correctly but still you can't see what I'm doing nor do you know
that I am who I am say I am.

We can even talk in a language that only the two of us can understand as
to prevent people from listening in. But you still wouldn't know if I
was transmitting that secret message to someone else willfully after I
received it. Nor would you know if someone was pointing a gun to my head
forcing me to tell them what we had just talked about.



Chris.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] undefined mysql_connect() ???


Frank Whitsell wrote:

I just installed Fedora Core 3, which also installed apache 2.0.52, php 
4.3.9,

and mysql 3.23.58.




All this installed with RPM's?  You'll need the php-mysql rpm.  Should 
be on your install CD's.


Or here if you don't have the CD's...

http://download.fedora.redhat.com/pub/fedora/linux/core/3/i386/os/Fedora/RPMS/

--
John C. Nichel
ÜberGeek
KegWorks.com
716.856.9675
[EMAIL PROTECTED]

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] undefined mysql_connect() ???

2005-06-21 Thread Frank Whitsell



I would really appreciate any help anyone can give me if you know anything
about this problem:

I am getting an undefined function call error message from PHP when I call
mysql_connect().

That error message appears in the httpd error_log file when I try to connect to
mysql.

The exact text of the error message is:

  [client 192.168.0.100] PHP Fatal error:  Call to undefined function:
  mysql_connect() in /var/www/html/lbl/mysql_globals.inc on line 19, referer:
  http://linux4/demo/menu.php?DATABASE=labels

I just installed Fedora Core 3, which also installed apache 2.0.52, php 4.3.9,
and mysql 3.23.58.

I think that error message usually means that the php module did not get
loaded, but when I add the php4 LoadModule and AddType directives to
httpd.conf, apache complains that the php4 module is already loaded.

And indeed, it must be, because .php files load and execute okay!

As for MySQL, the phpinfo() page shows the following in the configure line used
to build php:

  --with-mysql=share,/usr

And running the strings command on modules/libphp4.so shows that mysql_connect
and other mysql functions are present.

So it would appear that php should be able to find the mysql libs, which are in
/usr/lib/mysql.

PHP gives no other error messages.  I'm out of ideas.  Can anyone make any
suggestions?

TIA

--frank--

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] MySQLI, Class not found

Wow, I feel really stupid...
 

// create short variable   names
$searchtype=$_POST['searchtype'];
$searchtype=$_POST['searchterm'];

 
the third line should be $searchterm=$_POST['searchterm']
 
wow lol... I'd like to hope this wasn't the error all along - but atleast I  
fixed it LOL!
 
THANKS ALOT CATALIN!
 
I seriously appreciate your help man,
 
Clint

Re: [PHP] MySQLI, Class not found

 
In a message dated 6/21/2005 2:55:08 P.M. Central Standard Time,  
[EMAIL PROTECTED] writes:

error_reporting(E_ALL);


Well, with E_ALL on i get this error:
 
===
 Notice: Undefined variable: searchterm in  c:\wamp\www\books\results.php on 
line 18
You have not entered  search details. Please go back and try again. 
===
 
Obviously it's been defined in both scripts... =\
 
I would love to install Linux on this machine - but I won't lie - it scares  
the hell out of me lol
 
if I don't use num_rows what would you suggest? This is from a Tutorial in  
the Sams, PHP & MySQL Web Development - so I'm just going by their script  and 
don't want to continue until I get everything straightened out on my  side...
 
Thanks alot,
 
Clint

Re: [PHP] MySQLI, Class not found

2005-06-21 Thread Catalin Trifu

Hi,

One thing i see is the use of num_rows on mysqli_result class,
but num_rows is member or mysqli class and not mysqli_result.
Perhaps this call to num_rows corrupts the rest.
Other than that everything seems fine.
Perhaps you should consider linux :), much better choice for web server
anyway.
Try adding error_reporting(E_ALL); at the beginning of the script.
Btw! you should disable from php.ini the magic quotes; it's a real pain.

Catalin


[EMAIL PROTECTED] wrote:
> when i try it this way:
>  
>   
> // create short variable  names
> $searchtype=$_POST['searchtype'];
> $searchtype=$_POST['searchterm'];
>  
> $searchterm=trim($searchterm);
>  
> if (!$searchtype || !$searchterm)
> {
> echo 'You have not entered  search details. Please go back and try again.';
> exit;
> }
>  
> if  (!get_magic_quotes_gpc())
> {
> $searchtype=addslashes($searchtype);
> $searchterm=addslashes($searchterm);
> }
>  
> $db = new mysqli('localhost', 'root', 'root', 'bookorama');
>  
>  
>  
> if(mysqli_connect_errno())
> {
> echo 'Error: Could not connect to  the Database. Please try again later.';
> exit;
> }
>  
> $query = "select * from books where ".$searchtype." like  
> '%".$searchterm."%'";
> $result = $db->query($query);
>  
> $num_results = $result->num_rows;
>  
> echo 'Number of books found: '.$num_results.'';
>  
> for ($i=0; $i <$num_results; $i++)
> {
> $row =  $result->fetch_assoc();
> echo ''.($i+1).'.  Title: ';
> echo  htmlspecialchars(stripslashes($row['title']));
> echo  'Author: ';
> echo  stripslashes($row['author']);
> echo 'ISBN: ';
> echo  stripslashes($row['isbn']);
> echo 'Price: ';
> echo  stripslashes($row['price']);
> echo  '';
> }
> var_export($result);
> $result->free();
> $db->close();
>  
> ?>
>  
> It doesn't even try searching the database... it gives me  the:  'You have 
> not entered search details. Please go back and try  again. Error.
>  
> when i comment out the IF statement and add the  var_export($result) (just to 
> see what it happens) it gives me this  error:
>  
> ===
> Number of books found: false
> Fatal error: Call to a  member function free() on a non-object in 
> c:\wamp\www\books\results.php  on line 56 
> ===
>  
> the HTML code is:
>  
> ===
> 
> Choose Search  Type: 
> 
> Author
> Title
> ISBN
> 
> 
> Enter Search Term:
> 
> 
> 
> 
> 
>  
> maybe i'm just tired and not seeing something - but i've looked a thousand  
> times and i have no clue why it's doing this... searches on google prove 
> nothing  either.
>  
> Server Configuration 
> Apache version : Apache/1.3.33 (Win32) (WIN XP)  PHP version : 5.0.4  
> MySQL version :  
> 5.0.7-beta-nt - extension : mysqli
>  
> Thanks again,
>  
> Clint
> 
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: MYSQLI, Class not found?

no, that's been working fine. it's just the mysqli wasn't working with  MySQL 
4.1.12 - now i have 5.0.7 and it works - now i'm just getting a fatal  error 
using "free()".
 
Thanks,
 
Clint

Re: [PHP] MySQLI, Class not found

when i try it this way:
 
query($query);
 
$num_results = $result->num_rows;
 
echo 'Number of books found: '.$num_results.'';
 
for ($i=0; $i <$num_results; $i++)
{
$row =  $result->fetch_assoc();
echo ''.($i+1).'.  Title: ';
echo  htmlspecialchars(stripslashes($row['title']));
echo  'Author: ';
echo  stripslashes($row['author']);
echo 'ISBN: ';
echo  stripslashes($row['isbn']);
echo 'Price: ';
echo  stripslashes($row['price']);
echo  '';
}
var_export($result);
$result->free();
$db->close();
 
?>
 
It doesn't even try searching the database... it gives me  the:  'You have 
not entered search details. Please go back and try  again. Error.
 
when i comment out the IF statement and add the  var_export($result) (just to 
see what it happens) it gives me this  error:
 
===
Number of books found: false
Fatal error: Call to a  member function free() on a non-object in 
c:\wamp\www\books\results.php  on line 56 
===
 
the HTML code is:
 
===

Choose Search  Type: 

Author
Title
ISBN


Enter Search Term:





 
maybe i'm just tired and not seeing something - but i've looked a thousand  
times and i have no clue why it's doing this... searches on google prove 
nothing  either.
 
Server Configuration 
Apache version : Apache/1.3.33 (Win32) (WIN XP)  PHP version : 5.0.4  
MySQL version :  
5.0.7-beta-nt - extension : mysqli
 
Thanks again,
 
Clint

Re: [PHP] using require

Cima wrote:

hi all,

i have my web site working something like this: in every php script i have require(auth.php). this auth.php has my connection to my postgresql server and database along with some other stuff i need for the user to be authenticated to my web site. when i log on, this auth.php connects to the dbserver and checks if my username and password are stored and then i go to a home page. my connection is stored in $dbh.
what happens when i start moving through all these web pages (php scripts), each requires auth.php, with respect to the connection? is a new connection established for every web page i go into that uses my $dbh for querying purposes or is it the same connection i originally made when i first logged into the web site?

wtf happened to the wordwrap?! :-)

I can assume that you use the session, or whatever, to track someones 'logged
in' status?

And that you only check the credentials against the values in the DB when
someone
actually submits a login form?

Then there is no reason as such to create the DB connection on every request,
although you should consider that you may be connecting to the DB for other
data than just login credentials regardless of 'logged in' status.

Are you using a *_connect() function or a *_pconnect() function?
*_pconnect() creates a persistent connection (assuming your setup allows
it) - though there is no garantee that a request will use the same connection,
because there is no garantee that a specific webserver process/thread will
handle a given http request - each webserver process/thread (normally?) has
its own persistent connection to the DB.

any info will be highly appreciated!!

show us auth.php, if you can/may.
also try:

var_dump($dbh);

...in code to see what it contains on each request.

rgds,
Jochem

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] text areas and line brakes

2005-06-21 Thread Jason Barnett


http://php.net/manual/en/function.nl2br.php

--
NEW? | http://www.catb.org/~esr/faqs/smart-questions.html
STFA | http://marc.theaimsgroup.com/?l=php-general&w=2
STFM | http://php.net/manual/en/index.php
STFW | http://www.google.com/search?q=php

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] text areas and line brakes

2005-06-21 Thread Dotan Cohen

On 6/21/05, Sunny Boy <[EMAIL PROTECTED]> wrote:
> if someone writes something in a text box, how would I convert a line
> break in the text area to echo a ? I think i'll have to get the \n
> and convert it. can anyone tell me?
> 
> Thanks.
> 
> sunny
> 
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 
> 

$text=str_replace("\n", "", $text);

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Predictable-random array


Dotan Cohen wrote:

On 6/21/05, Jochem Maas <[EMAIL PROTECTED]> wrote:


Dotan Cohen wrote:










$items is a static file, that does not change over time. It just needs


that makes things easier :-)


to be output in a reproducable 'random' order for different purposes.
I looked over your suggested fuctions, but decided to try Marek's
simpler seed solution first. And it worked for what I need, so I will


indeed his is most to the point!


be going that route. But I very much appreciate your insight. Although
complicated, it presents a different way of solving the same problem.


the idea I proposed was more of a way to genericly (spelling?!?) hook in 
different
'random' ordering mechanisms - Marek's suggestion for ordering could be 
implemented
as a callback function in my example. e.g.

 $item) {
$keys[$k] = @$item{7};
}
asort($keys, SORT_LOCALE_STRING | SORT_STRING);
foreach ($keys as $k => $v) {
$items2[] = $items[$k];
}
return $items2;
}

function fixedShuffle1($items)
{
 static $fixedSeed = 384884;

 $keys = $items2 = array();
 // not sure whether seeding like this is a good idea
 // with regard to other, non-related code that relies
 // on the random generator... but anyway!
 foreach ($items as $k => $item) {
 $keys[] = $k;
 }
 srand( $fixedSeed );
 shuffle($keys);
 // srand( rand() ); // crap 'fix'?

 foreach ($keys as $k => $v) {
 $items2[] = $items[$k];
 }

 return $items2;
}

var_dump(permaRandom($items, "sortAlphaChar7Random"),
 permaRandom($items, "sortAlphaChar7Random"),
 permaRandom($items, "fixedShuffle1"),
 permaRandom($items, "fixedShuffle1"));

?>


That in itself is interesting. I intend to play with it a little when
I have some more time. Maybe I will find an advantage in your solution


there may be absolutely no advantage ;-)
I was mostly trying to cram as much learning material into the idea/example
as possible - kind of over engineering (in so far as you could call it 
engineering)
in order to show as many (hopefully) new ideas to who ever read it :-)

I'll be interested to know how you get on.

rgds,
Jochem


that I may need some day! Thank you.

Dotan
http://english-lyrics.com/
Song Lyrics


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] text areas and line brakes

2005-06-21 Thread Sunny Boy

if someone writes something in a text box, how would I convert a line 
break in the text area to echo a ? I think i'll have to get the \n 
and convert it. can anyone tell me?


Thanks.

sunny

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Predictable-random array

2005-06-21 Thread Dotan Cohen

On 6/21/05, Jochem Maas <[EMAIL PROTECTED]> wrote:
> Dotan Cohen wrote:
> > I've got an array $items which has about 200 entires. I want to print
> 
> it might be helpful to know where the array comes from.
> or maybe its a static definition to start with (nothing wrong with that as 
> such :-)
> does $items change over time? in what way?
> 
> > them out in random order, but as usual, I have a catch! I need to add
> > a 'key' so that if need be, I can always return to the same 'random'
> > order, like so:
> >
> > $items=predicatable_random($items, "qwerty");
> 
> the problem is persistence, if you want a random order that doesn't change
> then you have to create the random order, and then store an index for it
> somewhere. it may be feasable to either serialize the result and read it from 
> disk
> when needed, or store a list of keys (an index of sorts) in file/db and
> use that to perform an ordering as required.
> 
> >
> > so for each place that I need the items rearranged, I will replace
> > qwerty with a different string, and get a different 'random' order. I
> > haven't played around with it much as I stumbled into a brick wall
> > fairly early and can't get much going. Any ideas?
> >
> > I tried to play with usort, uksort, ksort, and various combinations
> > with shuffle. The 'randomization' can be based on qualities of each
> > string, such as 'sort alphebetically by the 7th character', so I
> 
> thats not random. maybe the 'key' you need to pass is
> a callback function whose job it is to produce a replicable
> (or random for that matter!) ordering somehow - depending on the
> complexity of the calculation and size of the dataset you may
> need to cache (look at http://php.net/mt_srand if you need predictable
> [psuedo]randomness without cacheing (using 'fixed' seeds), and check
> the usernotes on http://php.net/shuffle also). e.g:
> 
> $items = array(
>  /* |--char 7 */
>  "cherries",
>  "bananas",
>  "orangejuice",
>  "red apples",
>  "smelly fish",
>  "more bananas",
>  "ship full of bananas",
>  "tarantula",
>  "poisoned apple",
>  /* |--char 7 */
> );
> 
> function permaRandom($items, $callback)
> {
>  /* caching left as an exercise to the reader ;-/ */
>  if (is_callable($callback)) {
>  $items2 = /*($yes = gotcachedpermarandom($callback))
>  ? getfromcache($callback)
>  : */call_user_func($callback, $items);
>  /* if ($yes) storeincache($callback, $items2); */
>  }
> 
>  return $items2;
> }
> 
> function sortAlphaChar7Random($items)
> {
>  $keys = $items2 = array();
>  // assumption made that $item is a string
>  // and at least 7 chars long, oh and spaces
>  // wont do much good for the sorting probably..
>  foreach ($items as $k => $item) {
>  $keys[$k] = @$item{7};
>  }
>  asort($keys, SORT_LOCALE_STRING | SORT_STRING);
>  foreach ($keys as $k => $v) {
>  $items2[] = $items[$k];
>  }
>  return $items2;
> }
> 
> var_dump(permaRandom($items, "sortAlphaChar7Random"),
>  permaRandom($items, "sortAlphaChar7Random"),
>  permaRandom($items, "sortAlphaChar7Random"));
> 
> > thought that I'd try that, but I got lost in explodes and such.
> >
> > Thanks all. I always look forward to my php lessons!
> >
> > Dotan
> > http://english-lyrics.com/el/index.php
> > Song Lyrics
> >
> 
> 

$items is a static file, that does not change over time. It just needs
to be output in a reproducable 'random' order for different purposes.
I looked over your suggested fuctions, but decided to try Marek's
simpler seed solution first. And it worked for what I need, so I will
be going that route. But I very much appreciate your insight. Although
complicated, it presents a different way of solving the same problem.
That in itself is interesting. I intend to play with it a little when
I have some more time. Maybe I will find an advantage in your solution
that I may need some day! Thank you.

Dotan
http://english-lyrics.com/
Song Lyrics

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Predictable-random array

2005-06-21 Thread Dotan Cohen

On 6/20/05, Marek Kilimajer <[EMAIL PROTECTED]> wrote:
> Dotan Cohen wrote:
> > I've got an array $items which has about 200 entires. I want to print
> > them out in random order, but as usual, I have a catch! I need to add
> > a 'key' so that if need be, I can always return to the same 'random'
> > order, like so:
> >
> > $items=predicatable_random($items, "qwerty");
> >
> > so for each place that I need the items rearranged, I will replace
> > qwerty with a different string, and get a different 'random' order. I
> > haven't played around with it much as I stumbled into a brick wall
> > fairly early and can't get much going. Any ideas?
> >
> > I tried to play with usort, uksort, ksort, and various combinations
> > with shuffle. The 'randomization' can be based on qualities of each
> > string, such as 'sort alphebetically by the 7th character', so I
> > thought that I'd try that, but I got lost in explodes and such.
> 
> Seed the generator with some integer using srand():
> 
> srand(384884);
> $a = range(0, 100);
> shuffle($a);
> print_r($a);
> 

Thanks! That's exactly the simple solution I was looking for. With the
current versions of php not needing a seed, I didn't even think to do
that!

I also recieved many other suggestions, and I will look into them. All
in the name of learning. Thank you.

Dotan
http://english-lyrics.com/el/index.php
English Song Lyrics

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: So many returned mail notices!


Jochem Maas wrote:

apparently I am to receive 615.810 euros 



Beer's on you. ;)

--
John C. Nichel
ÜberGeek
KegWorks.com
716.856.9675
[EMAIL PROTECTED]

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: So many returned mail notices!


Chris W. Parker wrote:

JB05UK 
on Tuesday, June 21, 2005 10:31 AM said:



My point is if you dont like spam do something about it, clearly your
too ignorant to understand.



When did I complain about spam? Go back to my original post, reread it,
think about it, then realize that I never complained about the messages.
I merely was asking if other people were receiving the same messages or
if there was something out of wack with my email servers.

Get a clue.


but Chris, clues are very expensive in England - not everyone can afford them. 
;-)





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: So many returned mail notices!


JB05UK wrote:

Chris W. Parker wrote:


JamesBenson 
on Tuesday, June 21, 2005 8:41 AM said:



You could unsuscribe, open your news client and enter news.php.net




No.



you can then browse at your own leasure, it does actually say a
warning msg at the bottom of this page,

http://www.php.net/mailing-lists.php




Your point is?





My point is if you dont like spam do something about it, clearly your 



"you're" not "your", but it's understandable coming from someone
named after a car license plate number.

if there was a 'pointy' scale with spoons at one end and samurai swords at the
other you're point would weigh in at the spoon end.



too ignorant to understand.


hey, JB, you make no friends here calling regular posters (as in Chris is
one  of the people who _regularly_ post answers to peoples
questions) ignorant, especially when there is no basis to the fact, and doubly
so when the subject matter is spam, to which nobody has a real answer,


apart from you of course (and given that you don't seem to be sharing the 
knowledge
we can only assume that you _must_ keeping the knowledge secret because you
are a purveyor of spam).



talking of spam - today I recieved an advanced fee fraud scam in SnailMail! 2 
sides
of coloured A4, 53 eurocents in postage, in came from Spain but its obvious 
that they
have been scouring dutch chamber of commerce records on a wholesale basis given 
the
address/name on the envelope - apparently I am to receive 615.810 euros (yeah 
right :-),
don't suppose DR MARG TONNIO is a friend of yours JB05UK?






--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: So many returned mail notices!


JB05UK wrote:

My point is if you dont like spam do something about it, clearly your 
too ignorant to understand.



don't, not dont
you're, not your
ignorant: not understanding the OP's post.

*PLONK*

--
John C. Nichel
ÜberGeek
KegWorks.com
716.856.9675
[EMAIL PROTECTED]

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: So many returned mail notices!

I think many of us on this mailing list would be grateful if there was a 
little less nastiness going around. If someone is 'ignorant' then there 
are nicer ways of putting it.





My point is if you dont like spam do something about it, clearly your 
too ignorant to understand.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Re: So many returned mail notices!

JB05UK 
on Tuesday, June 21, 2005 10:31 AM said:

> My point is if you dont like spam do something about it, clearly your
> too ignorant to understand.

When did I complain about spam? Go back to my original post, reread it,
think about it, then realize that I never complained about the messages.
I merely was asking if other people were receiving the same messages or
if there was something out of wack with my email servers.

Get a clue.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: So many returned mail notices!

2005-06-21 Thread JB05UK


Chris W. Parker wrote:

JamesBenson 
on Tuesday, June 21, 2005 8:41 AM said:



You could unsuscribe, open your news client and enter news.php.net



No.



you can then browse at your own leasure, it does actually say a
warning msg at the bottom of this page,

http://www.php.net/mailing-lists.php



Your point is?




My point is if you dont like spam do something about it, clearly your 
too ignorant to understand.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: security question...??

2005-06-21 Thread Matthew Weier O'Phinney

* Rory Browne <[EMAIL PROTECTED]> :
> On 6/21/05, Matthew Weier O'Phinney <[EMAIL PROTECTED]> wrote:
> > * "david forums" <[EMAIL PROTECTED]> :
> > > Why don't you try to get interactivity with ID machin which is unique, or
> > > with mac address.
> > 
> > MAC address wouldn't work if the user is behind a proxy.
> I think you mean IP addresses. MAC's won't work if the user is behind
> a router - which they generally are, unless you're on the same network
> - ie on an Intranet, and even then...

Good catch -- I meant router, not proxy. Thanks!

-- 
Matthew Weier O'Phinney   | WEBSITES:
Webmaster and IT Specialist   | http://www.garden.org
National Gardening Association| http://www.kidsgardening.com
802-863-5251 x156 | http://nationalgardenmonth.org
mailto:[EMAIL PROTECTED] | http://vermontbotanical.org

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Re: security question...??

bruce 
on Monday, June 20, 2005 5:50 PM said:

> if you're going to be writing apps that deal with sensitive
> information, you better damm well give some thought as to how secure
> the client is, or even if the client is actually valid!

It's not possible to determine the validity of the client. Just give it
some good hard thought and you'll probably come to the correct
conclusion.

A client/server relationship is like two people talking through a wall.
You can hear my voice just fine and I can answer all the questions you
ask me correctly but still you can't see what I'm doing nor do you know
that I am who I am say I am.

We can even talk in a language that only the two of us can understand as
to prevent people from listening in. But you still wouldn't know if I
was transmitting that secret message to someone else willfully after I
received it. Nor would you know if someone was pointing a gun to my head
forcing me to tell them what we had just talked about.



Chris.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: So many returned mail notices!


Chris W. Parker wrote:

JamesBenson 
on Tuesday, June 21, 2005 8:41 AM said:



You could unsuscribe, open your news client and enter news.php.net



No.


Yes.

And give me $5 before you go.   ;)

--
John C. Nichel
ÜberGeek
KegWorks.com
716.856.9675
[EMAIL PROTECTED]

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Re: So many returned mail notices!

JamesBenson 
on Tuesday, June 21, 2005 8:41 AM said:

> You could unsuscribe, open your news client and enter news.php.net

No.

> you can then browse at your own leasure, it does actually say a
> warning msg at the bottom of this page,
> 
> http://www.php.net/mailing-lists.php

Your point is?

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] splitting CSV rows into multiple SQL inserts?

2005-06-21 Thread Vince LaMonica

I sent this note off to the php-db list last night, but the more I thought 
about it, the more I figured this was a general looping question rather 
than a mysql-specific one.


I am attempting to take a CSV file that has order header and line item data on 
each line and split it into mulitple insert queries into a mysql db. Each line 
in the CSV file may only be one order, though it is common for there to be more 
than one item ordered, so I need to be able to loop to insert the line item 
values into the proper line item table. I also need to build a counter for a 
value that is not provided in the CVS for each line item.


Here is a sample of a few lines of the CSV:

1110,6/20/2005,Jan Doe,1234 Spring St.,Anytown,PA,17033,0618456990,22.50,1,The 
Sample Book
1114,6/22/2005,Jon Smith,888 Main St.,Big 
City,CA,92648,009444,19.95,1,Coloring Book
1114,6/22/2005,Jon Smith,888 Main St.,Big 
City,CA,92648,9834119933,4.40,1,Picture Book
1114,6/22/2005,Jon Smith,888 Main St.,Big 
City,CA,92648,948922,59.99,4,Coffee Book

In the above file, the last 4 fields [item_num, cost, quantity, title] 
belong in a line_items table. The first number, the order_number, also 
goes into the line_items table, as well as the order_header table. The 
contact info for each customer also goes into the order_header table. I do 
not want duplicate entries in the order_header table, so I can't just to a 
simple loop through each line in the text file and do an insert. I need to 
be able to group an order by the order_number [the 1st field] and insert 
the correct number of rows in both tables. I also need to create a counter 
per order showing which line item number each item is. Eg: the Coloring 
Book would be assigned a 1, the Picture book a 2, and the Coffee Book a 3 
for order #1114. The Sample Book in order #1110 would be given a 1, since 
it is the first [and only] item in that order.


I have been successful in assigning each value to a varable and looping through 
the file via:


while ($line = fgets($fp,1024))
 {
  $i++;
  if ($i > 1) { // using 1 because CSV includes a header row
 list($order_number, ...) = csv_explode($line);

[i am using an Excel generated CSV with double quotes around each value and so 
i have a csv_explode function setup to properly extract each value; also the 
real CSV has about 2 dozen fields - i just cut it down to its basics for the 
example here]


Doing 2 inserts here and closing the loop is obviously not the answer, 
since I get duplicate header rows, and I haven't built a counter for the 
line_item's table's line counter field. The primary key in the line item 
table is a combo of the order_number and the line_counter. Each fresh 
order_number needs to reset the line_counter to 1, until all line items 
for that order are inserted.


I am having difficulty figuring out how to loop through the CSV to do the 
inserts and create a line item counter. Any tips?


TIA,

/vjl/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: GD library images not displaying

2005-06-21 Thread JB05UK


Found this in the PHP manual,


To enable GD-support configure PHP --with-gd[=DIR], where DIR is the GD 
base install directory. To use the recommended bundled version of the GD 
library (which was first bundled in PHP 4.3.0), use the configure option 
--with-gd. GD library requires libpng and libjpeg to compile.


In Windows, you'll include the GD2 DLL php_gd2.dll as an extension in 
php.ini. The GD1 DLL php_gd.dll was removed in PHP 4.3.2. Also note that 
the preferred truecolor image functions, such as imagecreatetruecolor(), 
require GD2.






So, why not try upgrade your PHP version.

James



Ross Trewhella wrote:


Hi,

I am running Apache 2.0 with PHP 4.2.11 on Windows XP.
I installed php_gd2.dll by uncommenting extension=php_gd2.dll and making sure 
that the file was in my extension_dir.
I restarted Apache and didn't get an error, so assumed it was working.
When I run my example code:

$im = imagecreatetruecolor (300, 200); 
$black = imagecolorallocate ($im, 0, 0, 0); 
$white = imagecolorallocate ($im, 255, 255, 255); 
imagefilledrectangle($im,0,0,399,99,$white); 
imagerectangle($im,20,20,250,190,$black); 
header ("Content-type: image/png"); 
imagepng ($im);

?>

I get the following error:

Fatal error: Call to undefined function: imagecreatetruecolor() in 
imagetest.php on line 2

This code works on other servers, so where have I gone wrong in my installation 
of GD?

Thanks in advance,

Ross
 



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: MYSQLI, Class not found?

2005-06-21 Thread JB05UK


Try placing the following into a .php file,





If that fails you either dont have a mysql server or PHP was not 
compiled with mysql support, see here for instructions 
http://php.net/manual/en/ref.mysql.php








[EMAIL PROTECTED] wrote:
 
Hey guys,
 
 I'm doing a tutorial from a book (PHP and MySQL Web Development) and  I'm 
having a problem... when I use the script they supply I get this  error:
 
 
Fatal error: Class 'mysqli' not found  in 
C:\apachefriends\xampp\htdocs\results.php on line 29 
 
here is the code:
 
 
===

 
// create short variable  names

$searchtype=$_POST['searchtype'];
$searchtype=$_POST['searchterm'];
 
$searchterm= trim($searchterm);
 
if (!$searchtype || !$searchterm)

{
echo 'You have not  entered search details. Please go back and try  again.';
exit;
}
 
if (!get_magic_quotes_gpc())

{
$searchtype=  addslashes($searchtype);
$searchterm=  addslashes($searchterm);
}
 
$db = new mysqli('localhost', 'root', 'root', 'bookorama');
 

//$db = mysql_connect('localhost', 'root', 'root');  // tried  this way, no 
luck

//mysql_select_db("bookorama", $db);
 
if(mysqli_connect_errno())

{
echo 'Error: Could not connect  to the Database. Please try again later.';
exit;
}
 
$query = "select * from books where ".$searchtype." like  
'%".$searchterm."%'";

$result = $db->query($query);
 
$num_results = $result->num_rows;
 
echo 'Number of books found:  '.$num_results.'';
 
for ($i=0; $i <$num_results; $i++)

{
$row =  $result->fetch_assoc();
echo ''.($i+1).'.  Title: ';
echo  htmlspecialchars(stripslashes($row['title']));
echo  'Author: ';
echo  stripslashes($row['author']);
echo 'ISBN: ';
echo  stripslashes($row['isbn']);
echo 'Price: ';
echo  stripslashes($row['price']);
echo '';
}
 
$result->free();

$db->close();
 
?>
 



 
===
 
I updated PHP from 5.0.3 to 5.0.4 to see if it would help, no luck.
 
Now I'm just completely lost.
 
Thanks,
 
Clint





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Merging Duplicate array items

U may use array_unique() function

"Joe Harman" <[EMAIL PROTECTED]> ???/ ?  ?:
news:[EMAIL PROTECTED]
Hello, I've been trying to figure out on how I could evaluated this
array and combine like items... here is the array.. it represents a
shopping cart contents.. you'll notice that the first array is the
same as the third... what I am trying to do is combine the quantity of
the first array and the third... I am not asking from someone to
program this for me... just for someone to give me a heads up on if
there is a array function I could use. Thanks for any help!

- array example 

$ARY_cart[] = array( 'product_id' => '123',
'sku' => 'DFBag-12',
'quantity' => '2',
'product_name' => 'Dog Food',
'unit' => '12 lbs. Bag',
'price' => '12.05'
);
$ARY_cart[] = array( 'product_id' => '224',
'sku' => 'cFBag-6',
'quantity' => '1',
'product_name' => 'Cat Food',
'unit' => '8 lbs. Bag',
'price' => '4.25'
);
$ARY_cart[] = array( 'product_id' => '123',
'sku' => 'DFBag-12',
'quantity' => '24',
'product_name' => 'Dog Food',
'unit' => '12 lbs. Bag',
'price' => '12.05'
);


-- 
Joe Harman
-
Do not go where the path may lead, go instead where there is no path
and leave a trail. - Ralph Waldo Emerson

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Merging Duplicate array items

U may use array_unique() function

"Joe Harman" <[EMAIL PROTECTED]> ???/ ?  ?: 
news:[EMAIL PROTECTED]
Hello, I've been trying to figure out on how I could evaluated this
array and combine like items... here is the array.. it represents a
shopping cart contents.. you'll notice that the first array is the
same as the third... what I am trying to do is combine the quantity of
the first array and the third... I am not asking from someone to
program this for me... just for someone to give me a heads up on if
there is a array function I could use. Thanks for any help!

- array example 

$ARY_cart[] = array( 'product_id' => '123',
'sku' => 'DFBag-12',
'quantity' => '2',
'product_name' => 'Dog Food',
'unit' => '12 lbs. Bag',
'price' => '12.05'
);
$ARY_cart[] = array( 'product_id' => '224',
'sku' => 'cFBag-6',
'quantity' => '1',
'product_name' => 'Cat Food',
'unit' => '8 lbs. Bag',
'price' => '4.25'
);
$ARY_cart[] = array( 'product_id' => '123',
'sku' => 'DFBag-12',
'quantity' => '24',
'product_name' => 'Dog Food',
'unit' => '12 lbs. Bag',
'price' => '12.05'
);


-- 
Joe Harman
-
Do not go where the path may lead, go instead where there is no path
and leave a trail. - Ralph Waldo Emerson 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] sending eml file


david forums wrote:

Hi

Could you give me a way to send (with a local sendmail) eml file.

Not as attachment but as the whole email.


http://us4.php.net/manual/en/ref.filesystem.php

http://us4.php.net/mail

--
John C. Nichel
ÜberGeek
KegWorks.com
716.856.9675
[EMAIL PROTECTED]

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] sending eml file


Hi

Could you give me a way to send (with a local sendmail) eml file.

Not as attachment but as the whole email.

regards

david

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: security question...??

2005-06-21 Thread Jason Barnett

This was an interesting topic when it started, but this is getting way 
out of the realm of PHP and you are in danger of your messages going my 
/dev/null.  I understand your concerns about application security being 
all-encompassing, but there have been a lot of good suggestions on how 
to overcome some of these problems already.


If you are hell bent on checking browser integrity then this is what you do:

1.  Download every version of IE, Fire(fox|bird|???), Opera, Konqueror, 
Safari, Links, Lynx, Mosaic, Netscape Navigator, mobile phone browsers, 
PDA browsers, etc. that has ever existed.  These have to be the 
"trusted" binary versions of those applications for every platform on 
which they have been built.
2.  Run a checksum program on each of the binaries and store the 
checksums in a database.  This checksum algorithm needs to be one that 
you trust.
3.  Require each user to create a secure connection with your server 
(however you want to do that).
4.  After the connection is created, get the user to upload the 
executable they are using to access your server.

5.  Checksum the upload and look for the matching hash.

The steps outlined above do very little if anything to enhance security, 
but it is a way to check for integrity of a plain vanilla installation. 
 Then again if you really, really wanted to be accurate you would also 
need to download and hash all possible combinations of 3rd party add-ons 
with each browser, for each operating system, and...


Do you see what a difficult task this is?  And do you think the average 
user is actually going to do anything like what I've described above? 
It's tough enough to just get visitors to accept cookies.


The benefits of going through the exercise you're describing are nowhere 
even close to the costs involved (costs meaning the time involved for 
the server, the client, the web developers, and the end users as well as 
bandwidth usage).  There are other ways to increase security that are 
more cost effective than what you're suggesting.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] GD library images not displaying

2005-06-21 Thread Richard Davey

Hello Ross,

Tuesday, June 21, 2005, 4:47:40 PM, you wrote:

RT> I am running Apache 2.0 with PHP 4.2.11 on Windows XP.
RT> I installed php_gd2.dll by uncommenting extension=php_gd2.dll
RT> and making sure that the file was in my extension_dir.
RT> I restarted Apache and didn't get an error, so assumed it was working.
RT> When I run my example code:

[snip]

RT> I get the following error:

RT> Fatal error: Call to undefined function:
RT> imagecreatetruecolor() in imagetest.php on line 2

RT> This code works on other servers, so where have I gone wrong in my 
installation of GD?

Create a file with phpinfo(); in it - view it. Does it have the GD
extension listed?

Best regards,

Richard Davey
-- 
 http://www.launchcode.co.uk - PHP Development Services
 "I do not fear computers. I fear the lack of them." - Isaac Asimov

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] GD library images not displaying

2005-06-21 Thread Ross Trewhella

Hi,

I am running Apache 2.0 with PHP 4.2.11 on Windows XP.
I installed php_gd2.dll by uncommenting extension=php_gd2.dll and making sure 
that the file was in my extension_dir.
I restarted Apache and didn't get an error, so assumed it was working.
When I run my example code:



I get the following error:

Fatal error: Call to undefined function: imagecreatetruecolor() in 
imagetest.php on line 2

This code works on other servers, so where have I gone wrong in my installation 
of GD?

Thanks in advance,

Ross

[PHP] Re: So many returned mail notices!

2005-06-21 Thread JamesBenson


You could unsuscribe, open your news client and enter news.php.net

you can then browse at your own leasure, it does actually say a warning 
msg at the bottom of this page,


http://www.php.net/mailing-lists.php






Chris W. Parker wrote:

Hey,

I know this kind of post can be annoying to some people but I must ask
anyway. Is everyone else getting a bunch of returned mail from
[EMAIL PROTECTED] It looks like it has something to do with
(possibly) an email address that is subscribed through Road Runner?

Anyway this kind of thing always makes me a bit nervous because I start
to think something is wrong with my end.



Chris.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: security question...??

2005-06-21 Thread Jason Wong

On Tuesday 21 June 2005 23:05, bruce wrote:
> if i'm the server app, and you tell me that you're IE, v.6, i'd like
> the ability to somehow be able to gather information from you, such
> that i can then check with msoft to see if your answers match what
> msoft claims the answers should be. if you give wrong answers, i can
> then make a determination as to whether i want to talk with you, or
> perhaps limit the amount/type of information i allow you to access...

Aside from the fact there doesn't seem to be anything in the HTTP spec 
which would allow this kind of querying, what's to stop someone from 
writing a client that will spit the same response as IE? 

> this kind of approach goes beyond the 'user/access string' and can
> actually get to be rather difficult to spoof, or to break...

As there are no existing mechanisms of this kind you would have to create 
a whole new standard. Then persuade the browser makers to adopt it. 
Otherwise your server will have no clients to talk to.

Still, you haven't really explained why you need to only talk to "real" 
browsers (real in the sense that they're not "hacked up" as you put it). 
What's to stop a bad guy using a "real" browser talking to your server 
and getting some information and doing something bad with that 
information? What are you trying to prevent?

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
--
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
--
New Year Resolution: Ignore top posted posts

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Allowed memory size of

2005-06-21 Thread Bob Winter


David,

I don't believe this to be a bug.  In order to process the script, PHP needs to 
use additional memory resources.  My guess is that while the original 69Mb file 
is loaded, the new encrypted file also needs to exist in memory.

Glad you were able to find a solution.
--Bob

david forums wrote:

I did it

IT works with 256M memory allocated.

After realising the line it shown 69505726(little more )Mo as memory usage.

It's in some way really not understandable. I suppose it could be a php  
bug.


tx

david

Le Tue, 21 Jun 2005 16:35:20 +0200, Bob Winter <[EMAIL PROTECTED]> a  
écrit:



David

I don't have a definitive answer for you, but I notice that the 
memory  size is less than twice the file size.  Depending on the PHP 
functions  you are using you could be eating up a lot of memory in the 
execution of  the script that wouldn't necessary show up where you 
inserted the  debugging statements.


Does the script work with smaller files?  Can you the memory_limit to  
something very high, over 220 Mb, and/or test your script with 
smaller  files to find the threshold where the Fatal error occurs? -- Bob

  david forums wrote:


Bob
 I try to run your test script.
 So before the file reading the memory is 125730 o, and I 'm not 
able  to  get the next text due to error display

 CURRENT MEMORY USAGE = 125720
PHP Fatal error:  Allowed memory size of 134217728 bytes exhausted  
(tried  to allocate 69505726 bytes)
I tried to set the memory_limit in the script and set a default 
value  more  efficient in the php.ini

 That show the same error.
 Thanks for your helps
 david
  Le Mon, 20 Jun 2005 16:46:36 +0200, Bob Winter 
<[EMAIL PROTECTED]>  a  écrit:



David,

Perhaps your memory usage and/or memory limit is different than 
what  you  are assuming it is. If you add the following code to your 
script,  in  several places if necessary, it should help you debug 
it .//  PRINT  CURRENT MEMORY USAGE:
http://us4.php.net/manual/en/function.memory-get-usage.php

print 'CURRENT MEMORY USAGE = '.memory_get_usage().'';

   // PRINT CURRENT MEMORY LIMIT: 
http://us4.php.net/manual/en/function.ini-get.php

print 'MEMORY LIMIT = '.ini_get('memory_limit').'';


You can also set the memory limit on a per page basis
   // SET MEMORY LIMIT:  
http://us4.php.net/manual/en/function.ini-set.php

$mem_limit = '128';
print "SETTING MEMORY LIMIT TO $mem_limit Megabytes";
ini_set('memory_limit', $mem_limit.'M');
//http://us4.php.net/manual/en/ini.core.php#ini.memory-limit


There are a variety of limitations and restrictions to the 
commands   noted above, be sure to read the documentation.

-- Bob


david forums wrote:


Hello
 I got the following message.
 PHP Fatal error:  Allowed memory size of 134217728 bytes 
exhausted   (tried  to allocate 69505726

bytes)
 I read on several forums to increase the size of the memory limit  
in   php.ini.
 As you can wee which as already be done cause 134217728>69505726.  
But  I  still  get the message.

 I'll like to understand and find how to do.
 The aim of this script is to get a big file (69MB) and to 
encrypt   (using  mcrypt). then to send it

by ftp.
 Thanks for your helps
 david






--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: security question...??

2005-06-21 Thread Duncan Hill

On Tuesday 21 June 2005 16:05, bruce typed:
> if i'm the server app, and you tell me that you're IE, v.6, i'd like the
> ability to somehow be able to gather information from you, such that i can
> then check with msoft to see if your answers match what msoft claims the
> answers should be. if you give wrong answers, i can then make a
> determination as to whether i want to talk with you, or perhaps limit the
> amount/type of information i allow you to access...

Stop and think about that.

I'm FooBrowser 1.0, but my coder has read what MS says IE 12.1 will do when 
asked certain questions.  I, therefore, have the ability to claim to be IE 
12.1 and answer in the correct manner.

Technology is not a panacea, and cannot solve this problem for you.  If one 
entity can publish a specification of some sort so another entity can 
validate against it, nothing stops a third entity from using the same 
information - whether they gain it legally or illegally.

The one way it could be solved is a centrally controlled net with centrally 
controlled software.  Good luck getting that.

-- 
My mind not only wanders, it sometimes leaves completely.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Mail System Error - Returned Mail

2005-06-21 Thread Automatic Email Delivery Software

ALERT!

This e-mail, in its original form, contained one or more attached files that 
were infected with a virus, worm, or other type of security threat. This e-mail 
was sent from a Road Runner IP address. As part of our continuing initiative to 
stop the spread of malicious viruses, Road Runner scans all outbound e-mail 
attachments. If a virus, worm, or other security threat is found, Road Runner 
cleans or deletes the infected attachments as necessary, but continues to send 
the original message content to the recipient. Further information on this 
initiative can be found at http://help.rr.com/faqs/e_mgsp.html.
Please be advised that Road Runner does not contact the original sender of the 
e-mail as part of the scanning process. Road Runner recommends that if the 
sender is known to you, you contact them directly and advise them of their 
issue. If you do not know the sender, we advise you to forward this message in 
its entirety (including full headers) to the Road Runner Abuse Department, at 
[EMAIL PROTECTED]



file attachment: letter.scr

This e-mail in its original form contained one or more attached files that were 
infected with the [EMAIL PROTECTED] virus or worm. They have been removed.
For more information on Road Runner's virus filtering initiative, visit our 
Help & Member Services pages at http://help.rr.com, or the virus filtering 
information page directly at http://help.rr.com/faqs/e_mgsp.html. 
-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Re: security question...??

2005-06-21 Thread Shaw, Chris - Accenture

You could always use a IE exploit to crash the browser, if they are still
requesting, you know they are not IE. ;)

Out of interest, what information are you planning on getting from the
browser?

Why can you not use certificates?

-Original Message-
From: bruce [mailto:[EMAIL PROTECTED]
Sent: 21 June 2005 16:06
To: 'Rory Browne'; 'Matthew Weier O'Phinney'
Cc: php-general@lists.php.net
Subject: RE: [PHP] Re: security question...??

*

This e-mail has been received by the Revenue Internet e-mail service.

*

if i'm the server app, and you tell me that you're IE, v.6, i'd like the
ability to somehow be able to gather information from you, such that i can
then check with msoft to see if your answers match what msoft claims the
answers should be. if you give wrong answers, i can then make a
determination as to whether i want to talk with you, or perhaps limit the
amount/type of information i allow you to access...

this kind of approach goes beyond the 'user/access string' and can actually
get to be rather difficult to spoof, or to break...

keep in mind, this is an off the top suggestion, i'm sure if someone spent
some time, there could be solutions that would be robust, doable, and
reasonably secure...

-bruce

-Original Message-
From: Rory Browne [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 21, 2005 7:39 AM
To: Matthew Weier O'Phinney
Cc: php-general@lists.php.net
Subject: Re: [PHP] Re: security question...??

On 6/21/05, Matthew Weier O'Phinney <[EMAIL PROTECTED]> wrote:
> * "david forums" <[EMAIL PROTECTED]>:
> > Why don't you try to get interactivity with ID machin which is unique,
or
> > with mac address.
>
> MAC address wouldn't work if the user is behind a proxy.
I think you mean IP addresses. MAC's won't work if the user is behind
a router - which they generally are, unless you're on the same network
- ie on an Intranet, and even then...

>
>
> --
> Matthew Weier O'Phinney   | WEBSITES:
> Webmaster and IT Specialist   | http://www.garden.org
> National Gardening Association| http://www.kidsgardening.com
> 802-863-5251 x156 | http://nationalgardenmonth.org
> mailto:[EMAIL PROTECTED] | http://vermontbotanical.org
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

This message has been delivered to the Internet by the Revenue Internet e-mail 
service

*

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: security question...??


I read this article, which is very interresting.

I will work over a tracking service, adn I'm very interresting by those  
information.


But my main question, it's how to do it with php.

If some of you try this please let us know how to applicate it with php.

regards

david


Le Tue, 21 Jun 2005 17:10:22 +0200, Jason Barnett  
<[EMAIL PROTECTED]> a écrit:



I haven't tried it yet, but clock skew looks interesting:

http://www.aunty-spam.com/track-any-computer-on-the-internet-using-its-clock-skew-fingerprint/



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Allowed memory size of


I did it

IT works with 256M memory allocated.

After realising the line it shown 69505726(little more )Mo as memory usage.

It's in some way really not understandable. I suppose it could be a php  
bug.


tx

david

Le Tue, 21 Jun 2005 16:35:20 +0200, Bob Winter <[EMAIL PROTECTED]> a  
écrit:



David

I don't have a definitive answer for you, but I notice that the memory  
size is less than twice the file size.  Depending on the PHP functions  
you are using you could be eating up a lot of memory in the execution of  
the script that wouldn't necessary show up where you inserted the  
debugging statements.


Does the script work with smaller files?  Can you the memory_limit to  
something very high, over 220 Mb, and/or test your script with smaller  
files to find the threshold where the Fatal error occurs? -- Bob

  david forums wrote:

Bob
 I try to run your test script.
 So before the file reading the memory is 125730 o, and I 'm not able  
to  get the next text due to error display

 CURRENT MEMORY USAGE = 125720
PHP Fatal error:  Allowed memory size of 134217728 bytes exhausted  
(tried  to allocate 69505726 bytes)
I tried to set the memory_limit in the script and set a default value  
more  efficient in the php.ini

 That show the same error.
 Thanks for your helps
 david
  Le Mon, 20 Jun 2005 16:46:36 +0200, Bob Winter <[EMAIL PROTECTED]>  
a  écrit:



David,

Perhaps your memory usage and/or memory limit is different than what  
you  are assuming it is. If you add the following code to your script,  
in  several places if necessary, it should help you debug it .//  
PRINT  CURRENT MEMORY USAGE:
http://us4.php.net/manual/en/function.memory-get-usage.php

print 'CURRENT MEMORY USAGE = '.memory_get_usage().'';

   // PRINT CURRENT MEMORY LIMIT: 
http://us4.php.net/manual/en/function.ini-get.php

print 'MEMORY LIMIT = '.ini_get('memory_limit').'';


You can also set the memory limit on a per page basis
   // SET MEMORY LIMIT:  
http://us4.php.net/manual/en/function.ini-set.php

$mem_limit = '128';
print "SETTING MEMORY LIMIT TO $mem_limit Megabytes";
ini_set('memory_limit', $mem_limit.'M');
//http://us4.php.net/manual/en/ini.core.php#ini.memory-limit


There are a variety of limitations and restrictions to the commands   
noted above, be sure to read the documentation.

-- Bob


david forums wrote:


Hello
 I got the following message.
 PHP Fatal error:  Allowed memory size of 134217728 bytes exhausted   
(tried  to allocate 69505726

bytes)
 I read on several forums to increase the size of the memory limit  
in   php.ini.
 As you can wee which as already be done cause 134217728>69505726.  
But  I  still  get the message.

 I'll like to understand and find how to do.
 The aim of this script is to get a big file (69MB) and to encrypt   
(using  mcrypt). then to send it

by ftp.
 Thanks for your helps
 david





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: security question...??

2005-06-21 Thread Jason Barnett


I haven't tried it yet, but clock skew looks interesting:

http://www.aunty-spam.com/track-any-computer-on-the-internet-using-its-clock-skew-fingerprint/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Re: security question...??

if i'm the server app, and you tell me that you're IE, v.6, i'd like the
ability to somehow be able to gather information from you, such that i can
then check with msoft to see if your answers match what msoft claims the
answers should be. if you give wrong answers, i can then make a
determination as to whether i want to talk with you, or perhaps limit the
amount/type of information i allow you to access...

this kind of approach goes beyond the 'user/access string' and can actually
get to be rather difficult to spoof, or to break...

keep in mind, this is an off the top suggestion, i'm sure if someone spent
some time, there could be solutions that would be robust, doable, and
reasonably secure...

-bruce

-Original Message-
From: Rory Browne [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 21, 2005 7:39 AM
To: Matthew Weier O'Phinney
Cc: php-general@lists.php.net
Subject: Re: [PHP] Re: security question...??

On 6/21/05, Matthew Weier O'Phinney <[EMAIL PROTECTED]> wrote:
> * "david forums" <[EMAIL PROTECTED]>:
> > Why don't you try to get interactivity with ID machin which is unique,
or
> > with mac address.
>
> MAC address wouldn't work if the user is behind a proxy.
I think you mean IP addresses. MAC's won't work if the user is behind
a router - which they generally are, unless you're on the same network
- ie on an Intranet, and even then...

>
>
> --
> Matthew Weier O'Phinney   | WEBSITES:
> Webmaster and IT Specialist   | http://www.garden.org
> National Gardening Association| http://www.kidsgardening.com
> 802-863-5251 x156 | http://nationalgardenmonth.org
> mailto:[EMAIL PROTECTED] | http://vermontbotanical.org
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Strategies for debugging a segmentation fault on a production ser ver

2005-06-21 Thread Michael Caplan

Hi there,

 

I am looking for some advice on how to go about debugging Apache 1.3.33 /
PHP 5.0.4 on a production Linux box (RHE 3).  The scenario is this:  Once a
day we find a segfault in our apache logs.  From our current position, we
don't know what page was accessed, and our 400+ users haven't brought the
issue to our attention.  All we know is the date/time and PID of when the
segfault occurred.  The question is this:  how can we go about isolating the
offending requested page that bombs?

 

I've set up a custom apache log file that populates each entry with the PID
that handled it.  However, when we do see a segfault, this  log file does
not appear to be populated with an entry that corresponds (within a 5 - 10
second period) to the PID that bombs.  I'm guessing that the log file is
only written to after a request is delivered?

 

Otherwise, looking at the PHP bugs page, it recommends rebuilding PHP with
-enable-debug and running Apache with -X in order to get a core dump.
Running apache with debug mode on is not an option on our production box.
Is running apache -X mandatory to get a core dump?

 

Any other strategies that you can recommend that would help us isolate the
offending page so we can get to the good work of reproducing and fixing the
problem at hand?

 

Thanks!

 

Michael




CONFIDENTIALITY NOTICE
This message contains confidential information intended only for the use of
the individual or entity named as recipient. Any dissemination, distribution
or copying of this communication by anyone other than the intended recipient
is strictly prohibited. If you have received this message in error, please
immediately notify us and delete your copy. Thank you.

AVIS DE CONFIDENTIALITÉ
Les informations contenues aux présentes sont de nature privilégiée et
confidentielle. Elles ne peuvent être utilisées que par la personne ou
l'entité dont le nom paraît comme destinataire. Si le lecteur du présent
message n'est pas le destinataire prévu, il est par les présentes prié de
noter qu'il est strictement interdit de divulguer, de distribuer ou de
copier ce message. Si ce message vous a été transmis par mégarde, veuillez
nous en aviser immédiatement et supprimer votre copie. Merci.

Re: [PHP] updating only some records of some tables of a database


Paul Godard wrote:


I would really appreciate advice on this matter...



Ask php questions on a php list.
Ask MySQL questions on a MySQL list.

http://lists.mysql.com/

--
John C. Nichel
ÜberGeek
KegWorks.com
716.856.9675
[EMAIL PROTECTED]

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: security question...??

2005-06-21 Thread Rory Browne

On 6/21/05, Matthew Weier O'Phinney <[EMAIL PROTECTED]> wrote:
> * "david forums" <[EMAIL PROTECTED]>:
> > Why don't you try to get interactivity with ID machin which is unique, or
> > with mac address.
> 
> MAC address wouldn't work if the user is behind a proxy.
I think you mean IP addresses. MAC's won't work if the user is behind
a router - which they generally are, unless you're on the same network
- ie on an Intranet, and even then...


> 
> 
> --
> Matthew Weier O'Phinney   | WEBSITES:
> Webmaster and IT Specialist   | http://www.garden.org
> National Gardening Association| http://www.kidsgardening.com
> 802-863-5251 x156 | http://nationalgardenmonth.org
> mailto:[EMAIL PROTECTED] | http://vermontbotanical.org
> 
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 
>

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Allowed memory size of

2005-06-21 Thread Bob Winter

David

I don't have a definitive answer for you, but I notice that the memory size is
less than twice the file size. Depending on the PHP functions you are using
you could be eating up a lot of memory in the execution of the script that
wouldn't necessary show up where you inserted the debugging statements.

Does the script work with smaller files? Can you the memory_limit to something very high, over 220 Mb, and/or test your script with smaller files to find the threshold where the Fatal error occurs?
-- Bob

david forums wrote:

Bob

I try to run your test script.

So before the file reading the memory is 125730 o, and I 'm not able to
get the next text due to error display

CURRENT MEMORY USAGE = 125720
PHP Fatal error: Allowed memory size of 134217728 bytes exhausted
(tried to allocate 69505726 bytes)
I tried to set the memory_limit in the script and set a default value
more efficient in the php.ini

That show the same error.

Thanks for your helps

david

Le Mon, 20 Jun 2005 16:46:36 +0200, Bob Winter <[EMAIL PROTECTED]> a
écrit:

David,

Perhaps your memory usage and/or memory limit is different than what
you are assuming it is. If you add the following code to your script,
in several places if necessary, it should help you debug it .//
PRINT CURRENT MEMORY USAGE:
http://us4.php.net/manual/en/function.memory-get-usage.php

print 'CURRENT MEMORY USAGE = '.memory_get_usage().'';

// PRINT CURRENT MEMORY LIMIT:
http://us4.php.net/manual/en/function.ini-get.php

print 'MEMORY LIMIT = '.ini_get('memory_limit').'';

You can also set the memory limit on a per page basis
// SET MEMORY LIMIT:
http://us4.php.net/manual/en/function.ini-set.php

$mem_limit = '128';
print "SETTING MEMORY LIMIT TO $mem_limit Megabytes";
ini_set('memory_limit', $mem_limit.'M');
//http://us4.php.net/manual/en/ini.core.php#ini.memory-limit

There are a variety of limitations and restrictions to the commands
noted above, be sure to read the documentation.

-- Bob

david forums wrote:

Hello
I got the following message.
PHP Fatal error: Allowed memory size of 134217728 bytes exhausted
(tried to allocate 69505726

bytes)
I read on several forums to increase the size of the memory limit
in php.ini.
As you can wee which as already be done cause 134217728>69505726.
But I still get the message.

I'll like to understand and find how to do.
The aim of this script is to get a big file (69MB) and to encrypt
(using mcrypt). then to send it

by ftp.
Thanks for your helps
david

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: resetting arrays

Agggh, I feel stupid now. I keep on forgetting to use the double equal 
sign...


Thanks everyone, it is all working now!

Shaw, Chris - Accenture wrote:

Use !==

if (array_search($basket, $baskitems) !== FALSE) {
$pos = array_search($basket, $baskitems);
unset($ses_basket_items[$pos]); $ses_basket_items  =

array_values($ses_basket_items) ;

-Original Message-
From: I. Gray [mailto:[EMAIL PROTECTED]
Sent: 21 June 2005 14:21
To: php-general@lists.php.net
Subject: [PHP] Re: resetting arrays


*

This e-mail has been received by the Revenue Internet e-mail service.

*

Thanks Al,

That's done it!

unset($ses_basket_items[$pos]); $ses_basket_items  =

array_values($ses_basket_items) ;

They aren't big arrays so I suppose I shouldn't worry about exceeding

memory limits -

http://uk2.php.net/manual/en/function.array-values.php#36837  ?

My only problem now is that I can't seem to delete the first value of

the array.

$basket is the item I want to delete from the array $baskitems

if (array_search($basket, $baskitems) != FALSE) {
$pos = array_search($basket, $baskitems);
unset($ses_basket_items[$pos]); $ses_basket_items  =

array_values($ses_basket_items) ;
}





Al wrote:


I. Gray wrote:





Hi.

I am sure this is easy, but I can't get this work.  Is there not a php




function that can do this?

I have an array- for example...
[1] => Yellow
[2] => Green
[3] => Purple
[4] => Blue
[5] => Red
[6] => Orange
[7] => Cyan

What happens, say if I delete [3] => Purple?  I get...

[1] => Yellow
[2] => Green
[4] => Blue
[5] => Red
[6] => Orange
[7] => Cyan

But what if I want to reset the numbers? Like...

[1] => Yellow
[2] => Green
[3] => Blue
[4] => Red
[5] => Orange
[6] => Cyan

I've tried this...

unset($ses_basket_items[$pos]); for ($ii=0;




$ii



(isset($ses_basket_items[$ii])) {$cc++; $arry_a[$cc] =




$ses_basket_items[$ii]; }} $ses_basket_items = $arry_a;

where $pos is the position of the array I want to get rid of.




$ses_basket_items is session variable, does that matter?

Please help.






array_values()



--

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php







This message has been delivered to the Internet by the Revenue Internet e-mail 
service

*


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Re: resetting arrays

2005-06-21 Thread Shaw, Chris - Accenture


Use !==

if (array_search($basket, $baskitems) !== FALSE) {
$pos = array_search($basket, $baskitems);
unset($ses_basket_items[$pos]); $ses_basket_items  =
array_values($ses_basket_items) ;

-Original Message-
From: I. Gray [mailto:[EMAIL PROTECTED]
Sent: 21 June 2005 14:21
To: php-general@lists.php.net
Subject: [PHP] Re: resetting arrays


*

This e-mail has been received by the Revenue Internet e-mail service.

*

Thanks Al,

That's done it!

unset($ses_basket_items[$pos]); $ses_basket_items  =
array_values($ses_basket_items) ;

They aren't big arrays so I suppose I shouldn't worry about exceeding
memory limits -
http://uk2.php.net/manual/en/function.array-values.php#36837  ?

My only problem now is that I can't seem to delete the first value of
the array.

$basket is the item I want to delete from the array $baskitems

if (array_search($basket, $baskitems) != FALSE) {
$pos = array_search($basket, $baskitems);
unset($ses_basket_items[$pos]); $ses_basket_items  =
array_values($ses_basket_items) ;
}





Al wrote:
> I. Gray wrote:
>
>> Hi.
>>
>> I am sure this is easy, but I can't get this work.  Is there not a php
>> function that can do this?
>>
>> I have an array- for example...
>> [1] => Yellow
>> [2] => Green
>> [3] => Purple
>> [4] => Blue
>> [5] => Red
>> [6] => Orange
>> [7] => Cyan
>>
>> What happens, say if I delete [3] => Purple?  I get...
>>
>> [1] => Yellow
>> [2] => Green
>> [4] => Blue
>> [5] => Red
>> [6] => Orange
>> [7] => Cyan
>>
>> But what if I want to reset the numbers? Like...
>>
>> [1] => Yellow
>> [2] => Green
>> [3] => Blue
>> [4] => Red
>> [5] => Orange
>> [6] => Cyan
>>
>> I've tried this...
>>
>> unset($ses_basket_items[$pos]); for ($ii=0;
>> $ii> (isset($ses_basket_items[$ii])) {$cc++; $arry_a[$cc] =
>> $ses_basket_items[$ii]; }} $ses_basket_items = $arry_a;
>>
>> where $pos is the position of the array I want to get rid of.
>> $ses_basket_items is session variable, does that matter?
>>
>> Please help.
>
>
> array_values()

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php







This message has been delivered to the Internet by the Revenue Internet e-mail 
service

*

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: security question...??

2005-06-21 Thread Matthew Weier O'Phinney

* "david forums" <[EMAIL PROTECTED]>:
> Why don't you try to get interactivity with ID machin which is unique, or  
> with mac address.

MAC address wouldn't work if the user is behind a proxy.


-- 
Matthew Weier O'Phinney   | WEBSITES:
Webmaster and IT Specialist   | http://www.garden.org
National Gardening Association| http://www.kidsgardening.com
802-863-5251 x156 | http://nationalgardenmonth.org
mailto:[EMAIL PROTECTED] | http://vermontbotanical.org

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: resetting arrays


Thanks Al,

That's done it!

unset($ses_basket_items[$pos]); $ses_basket_items  = 
array_values($ses_basket_items) ;


They aren't big arrays so I suppose I shouldn't worry about exceeding 
memory limits - 
http://uk2.php.net/manual/en/function.array-values.php#36837  ?


My only problem now is that I can't seem to delete the first value of 
the array.


$basket is the item I want to delete from the array $baskitems

if (array_search($basket, $baskitems) != FALSE) {
$pos = array_search($basket, $baskitems);
unset($ses_basket_items[$pos]); $ses_basket_items  = 
array_values($ses_basket_items) ;

}





Al wrote:

I. Gray wrote:


Hi.

I am sure this is easy, but I can't get this work.  Is there not a php 
function that can do this?


I have an array- for example...
[1] => Yellow
[2] => Green
[3] => Purple
[4] => Blue
[5] => Red
[6] => Orange
[7] => Cyan

What happens, say if I delete [3] => Purple?  I get...

[1] => Yellow
[2] => Green
[4] => Blue
[5] => Red
[6] => Orange
[7] => Cyan

But what if I want to reset the numbers? Like...

[1] => Yellow
[2] => Green
[3] => Blue
[4] => Red
[5] => Orange
[6] => Cyan

I've tried this...

unset($ses_basket_items[$pos]); for ($ii=0; 
$ii(isset($ses_basket_items[$ii])) {$cc++; $arry_a[$cc] = 
$ses_basket_items[$ii]; }} $ses_basket_items = $arry_a;


where $pos is the position of the array I want to get rid of. 
$ses_basket_items is session variable, does that matter?


Please help.



array_values()


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] resetting arrays


Thanks Richard,

I had thought of sort.  It almost does what I want, and really simply 
and neat. However it sorts the array alphabetically, and I would prefer 
to have things in the same order. Is there another way?


Ian Gray

Richard Davey wrote:

Hello,

Tuesday, June 21, 2005, 1:33:55 PM, you wrote:

IG> I have an array- for example...
IG> What happens, say if I delete [3] => Purple?  I get...
IG> But what if I want to reset the numbers? Like...

 'a', 1 => 'b', 2 => 'c', 3 => 'd', 4 => 'e');
print_r($array);

unset($array[3]);

print_r($array);

sort($array);
print_r($array);
?>

Best regards,

Richard Davey


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] resetting arrays

2005-06-21 Thread Kim Madsen


> -Original Message-
> From: I. Gray [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, June 21, 2005 2:34 PM
> To: php-general@lists.php.net
> Subject: [PHP] resetting arrays
> 
> Hi.
> 
> I am sure this is easy, but I can't get this work.  Is there not a php
> function that can do this?

Yes, use sort()
 
> I have an array- for example...
> [1] => Yellow
> [2] => Green
> [3] => Purple
> [4] => Blue
> [5] => Red
> [6] => Orange
> [7] => Cyan

This does however set yellow to 0, not 1 - run through the array with
foreach:

foreach($array AS $key => $val) {
  $count++;
  $new_array[$count] = $val";
}

--
Med venlig hilsen / best regards
ComX Networks A/S
Kim Madsen
Systemudvikler/Systemdeveloper

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: resetting arrays

2005-06-21 Thread Al


I. Gray wrote:

Hi.

I am sure this is easy, but I can't get this work.  Is there not a php 
function that can do this?


I have an array- for example...
[1] => Yellow
[2] => Green
[3] => Purple
[4] => Blue
[5] => Red
[6] => Orange
[7] => Cyan

What happens, say if I delete [3] => Purple?  I get...

[1] => Yellow
[2] => Green
[4] => Blue
[5] => Red
[6] => Orange
[7] => Cyan

But what if I want to reset the numbers? Like...

[1] => Yellow
[2] => Green
[3] => Blue
[4] => Red
[5] => Orange
[6] => Cyan

I've tried this...

unset($ses_basket_items[$pos]); for ($ii=0; 
$ii{$cc++; $arry_a[$cc] = $ses_basket_items[$ii]; }} $ses_basket_items = 
$arry_a;


where $pos is the position of the array I want to get rid of. 
$ses_basket_items is session variable, does that matter?


Please help.


array_values()

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] resetting arrays


Hi

I'm not sure but maybe array_flip or array_reverse should help 

try with different array_FONCTION, at the ultimate you can use array_map  
to reindex the array.


regards

david


Le Tue, 21 Jun 2005 14:33:55 +0200, I. Gray  
<[EMAIL PROTECTED]> a écrit:



Hi.

I am sure this is easy, but I can't get this work.  Is there not a php  
function that can do this?


I have an array- for example...
[1] => Yellow
[2] => Green
[3] => Purple
[4] => Blue
[5] => Red
[6] => Orange
[7] => Cyan

What happens, say if I delete [3] => Purple?  I get...

[1] => Yellow
[2] => Green
[4] => Blue
[5] => Red
[6] => Orange
[7] => Cyan

But what if I want to reset the numbers? Like...

[1] => Yellow
[2] => Green
[3] => Blue
[4] => Red
[5] => Orange
[6] => Cyan

I've tried this...

unset($ses_basket_items[$pos]); for ($ii=0;  
$ii{$cc++; $arry_a[$cc] = $ses_basket_items[$ii]; }} $ses_basket_items =  
$arry_a;


where $pos is the position of the array I want to get rid of.  
$ses_basket_items is session variable, does that matter?


Please help.



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] resetting arrays

2005-06-21 Thread Richard Davey

Hello,

Tuesday, June 21, 2005, 1:33:55 PM, you wrote:

IG> I have an array- for example...
IG> What happens, say if I delete [3] => Purple?  I get...
IG> But what if I want to reset the numbers? Like...

 'a', 1 => 'b', 2 => 'c', 3 => 'd', 4 => 'e');
print_r($array);

unset($array[3]);
print_r($array);

sort($array);
print_r($array);
?>

Best regards,

Richard Davey
-- 
 http://www.launchcode.co.uk - PHP Development Services
 "I do not fear computers. I fear the lack of them." - Isaac Asimov

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Persistant Connections and max_connections on mysql


Hi

Use sqlrelay which manage persistance and load balancing and give very  
high speedy access cause is doing database pool connection cache.


regards

david


Le Tue, 21 Jun 2005 11:47:29 +0200, Catalin Trifu  
<[EMAIL PROTECTED]> a écrit:





Dan Rossi wrote:


On 21/06/2005, at 6:06 PM, Catalin Trifu wrote:


Hi,

This is a database issue and has to do with the following mysql
variables:

interactive_timeout
wait_timeout

By default these variables are set to 28800 and they represent the
time for which
the server waits on "persistent" connection.
If you have a busy site that number is way too big; so try to
decrease
those variables and you should be fine:

mysql> set global interactive_timeout = 120;
mysql> set global wait_timeout = 120;

This makes the timeout on connections 2 minutes after which mysql
disconects the user
and so freeing usable space for new connections.
You can also add them in my.cnf so that the server gets them when
started:

set-variable = intercative_timeout=120



Cheers its one or the other :O , I work most with intranet apps so dont
have these kind of issues.


	I presume you mean whether it's interactive_timeout or wait_timeout, or  
?

Actually they both are important. Read the mysql at dev.mysql.com

C.



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: security question...??

Why don't you try to get interactivity with ID machin which is unique, or  
with mac address.


David


Le Tue, 21 Jun 2005 12:50:23 +0200, Shaw, Chris - Accenture  
<[EMAIL PROTECTED]> a écrit:




"(thus Philip Zimmermann got arrested for violating the weapons law when  
he

created PGP)"

I thought he got arrested because he exported PGP out of the US, not  
because

he created it.
He was told that PGP could not leave the US via any electronical form,
compiled or uncompiled, because of the encryption level. He didn't break  
that
condition and got it out via a book and someone outside the US scanned  
in the

book and compiled the source code, but they arrested him anyhow.

Probably some urban myth that I heard somewhere.

As for the browser topic, you cannot control what the client browser is,  
or
whether it has any naughty plugins. The responsibility is on the user,  
once

the data has left the server via HTTP.

Didn't the UK banks try to implement something like that for the online
banking, you could only use Internet Explorer, which sparked a debate in  
the

Linux/Unix world. This was easily spoofed.

-Original Message-
From: Rene Brehmer [mailto:[EMAIL PROTECTED]
Sent: 21 June 2005 09:12
To: php-general@lists.php.net
Subject: Re: [PHP] Re: security question...??


*

This e-mail has been received by the Revenue Internet e-mail service.

*

However secure you try to make a web application, even with encryption,  
it

still does not hinder anyone from putting a packet sniffer on your client
and grab whatever sensitive information you send out.

And if a hacker really wanted to get hold of your sensitive information,  
he

wouldn't actually have to use a typical browser or anything similar to do
it, nor is it likely he would. There's nothing to hinder for talking to
your HTTP server using manually entered commands in a telnet client.

My information 'bout the US approach to encryption may be a little out of
date, but for the longest, using anything stronger than 40 bit encryption
was illegal, unless the CIA knew the extra bits above 40 (thus Philip
Zimmermann got arrested for violating the weapons law when he created  
PGP).

All that mess did change something, but there's still limitations to what
you can do in regards to encryption, that don't exist in any other  
country.

9/11 didn't exactly help that in any way.

But nevertheless, for every way you can come up with ensuring that your
client is using a secure application, there's atleast as many ways to  
make

a program that fools your tests, and then you're back to where you came
from. The thing I said about where your responsibility ends, is simply  
that
when you tell a client to use this and that software to access the data  
in

your remote application, then you can't really prevent them from using
software that they think is right, but isn't. There is no reliable way,
with current technologies, of determining whether or not a client's
software is what it says it is or not. I think it falls under implicit
trust ...


It reminds me of those websites that checks for the version of your
browser, and refuses to work if you don't have one they like, that falls
completely short when you visit them with Firefox because it has Mozilla
and ver. 1 in its ID string, and the sites think it's a Netscape 1 ...
point being that you can't blindly trust what the client software tells  
you
... I don't honestly see any way of doing what you want, without also  
being

able to see how it can be fooled...


Rene

Documented research indicate that on Mon, 20 Jun 2005 17:50:25 -0700,
"bruce" wrote:


rene..




from my perspective, i strongly disagree...




if you're going to be writing apps that deal with sensitive information,

you
better damm well give some thought as to how secure the client is, or  
even

if the client is actually valid!




while i'm not precisely sure as to how you'd go about ensuring that the
client is indeed real/valid, and not faked, there are some reasonable
approaches that the vendor/manufacturer could take, or make available  
that

could go a good way towards satisfying the issue somewhat...




and creating a secure client/server connection that only the two parties
(server/client) can listen to is not illegal in the US.. i'm not sure  
where

you get your information..




but my point was not regarding tha actual communicatino pipe/wire. there

are
already methods of securing the wire conversation betwen the  
server/client.
i'm concerned with being reasonably sure that the client i'm talking to  
is

indeed a valid/real client. IE, if it identifies itself as IE, then it
actually is IE, and not some spoofed app, that acts like IE, that might  
be

sending data to who knows where...




-bruce


--

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php







This message has been

[PHP] resetting arrays


Hi.

I am sure this is easy, but I can't get this work.  Is there not a php 
function that can do this?


I have an array- for example...
[1] => Yellow
[2] => Green
[3] => Purple
[4] => Blue
[5] => Red
[6] => Orange
[7] => Cyan

What happens, say if I delete [3] => Purple?  I get...

[1] => Yellow
[2] => Green
[4] => Blue
[5] => Red
[6] => Orange
[7] => Cyan

But what if I want to reset the numbers? Like...

[1] => Yellow
[2] => Green
[3] => Blue
[4] => Red
[5] => Orange
[6] => Cyan

I've tried this...

unset($ses_basket_items[$pos]); for ($ii=0; 
$ii{$cc++; $arry_a[$cc] = $ses_basket_items[$ii]; }} $ses_basket_items = 
$arry_a;


where $pos is the position of the array I want to get rid of. 
$ses_basket_items is session variable, does that matter?


Please help.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] MySQLI, Class not found

2005-06-21 Thread Catalin Trifu

Could you make a var_export($result); before calling free() ?
Normally the extension should work fine with MySQL 4.1.12.
Does the phpinfo() say against which MySQL version it was compiled.
I use mysqli on linux and have no problems with it.
php5.1.0b1, apache 2.0.54, mysql 4.1.12, gentoo ck-sources-2.6.11 with nptl 
kernel

Catalin


[EMAIL PROTECTED] wrote:
> Well, I figured out that problem (I suppose) by upgrading to MySQL 5.0 and  
> the error doesn't come up anymore... but now I get this error:
>  
>  Fatal error: Call to a member function  free() on a non-object in 
> C:\xampp\htdocs\results.php on line 60 
>  
> Again, here's the code:
>  
> ==
>   
> // create short variable  names
> $searchtype=$_POST['searchtype'];
> $searchtype=$_POST['searchterm'];
>  
> $searchterm= trim($searchterm);
>  
> if (!$searchtype || !$searchterm)
> {
> echo 'You have not entered  search details. Please go back and try again.';
> exit;
> }
>  
> if (!get_magic_quotes_gpc())
> {
> $searchtype=  addslashes($searchtype);
> $searchterm=  addslashes($searchterm);
> }
>  
> $db = new mysqli('localhost', 'root', 'root', 'bookorama');
>  
>  
>  
> if(mysqli_connect_errno())
> {
> echo 'Error: Could not connect to  the Database. Please try again later.';
> exit;
> }
>  
> $query = "select * from books where ".$searchtype." like  
> '%".$searchterm."%'";
> $result = $db->query($query);
>  
> $num_results = $result->num_rows;
>  
> echo 'Number of books found: '.$num_results.'';
>  
> for ($i=0; $i <$num_results; $i++)
> {
> $row =  $result->fetch_assoc();
> echo ''.($i+1).'.  Title: ';
> echo  htmlspecialchars(stripslashes($row['title']));
> echo  'Author: ';
> echo  stripslashes($row['author']);
> echo 'ISBN: ';
> echo  stripslashes($row['isbn']);
> echo 'Price: ';
> echo  stripslashes($row['price']);
> echo '';
> }
>  
> //$result->free();
> $db->close();
>  
> ?>
> 
>  
> Anymore help would be more than appreciated! I've spent hours trying to fix  
> the first problem and about another hour trying to fix this one now... Google 
>  
> doesn't supply anything besides PHPNuke installation errors - which is not 
> the  case here.
>  
> Thanks,
>  
> Clint
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Persistant Connections and max_connections on mysql

2005-06-21 Thread Catalin Trifu

One other mysql optimization is to increase the thread_pool.
This way mysql spends less time creating threads; which on linux without NPTL
is not exactly a cheap operation.

Catalin


Dan Rossi wrote:
> 
> On 21/06/2005, at 7:47 PM, Catalin Trifu wrote:
> 
>>
>> I presume you mean whether it's interactive_timeout or
>> wait_timeout, or ?
>> Actually they both are important. Read the mysql at dev.mysql.com
>>
>> C.
>>
>>
> 
> We should be sweet now, still use persistant connections on a high
> traffice server, but reduce the timeout for the threads before they drop
> off, hence why they stay open for so long and then run into the
> max_connection issues.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Persistant Connections and max_connections on mysql

2005-06-21 Thread Jason Wong

On Tuesday 21 June 2005 18:33, Dan Rossi wrote:

> We should be sweet now, still use persistant connections on a high
> traffice server, but reduce the timeout for the threads before they
> drop off, hence why they stay open for so long and then run into the
> max_connection issues.

To be certain that you won't hit the limit configure your webserver so 
that the maximum number of instances (or requests it can handle) is less 
than the max connections settings of mysql.

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
--
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
--
New Year Resolution: Ignore top posted posts

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Re: security question...??

2005-06-21 Thread Shaw, Chris - Accenture

"(thus Philip Zimmermann got arrested for violating the weapons law when he
created PGP)"

I thought he got arrested because he exported PGP out of the US, not because
he created it.
He was told that PGP could not leave the US via any electronical form,
compiled or uncompiled, because of the encryption level. He didn't break that
condition and got it out via a book and someone outside the US scanned in the
book and compiled the source code, but they arrested him anyhow.

Probably some urban myth that I heard somewhere.

As for the browser topic, you cannot control what the client browser is, or
whether it has any naughty plugins. The responsibility is on the user, once
the data has left the server via HTTP.

Didn't the UK banks try to implement something like that for the online
banking, you could only use Internet Explorer, which sparked a debate in the
Linux/Unix world. This was easily spoofed.

-Original Message-
From: Rene Brehmer [mailto:[EMAIL PROTECTED]
Sent: 21 June 2005 09:12
To: php-general@lists.php.net
Subject: Re: [PHP] Re: security question...??

*

This e-mail has been received by the Revenue Internet e-mail service.

*

However secure you try to make a web application, even with encryption, it
still does not hinder anyone from putting a packet sniffer on your client
and grab whatever sensitive information you send out.

And if a hacker really wanted to get hold of your sensitive information, he
wouldn't actually have to use a typical browser or anything similar to do
it, nor is it likely he would. There's nothing to hinder for talking to
your HTTP server using manually entered commands in a telnet client.

My information 'bout the US approach to encryption may be a little out of
date, but for the longest, using anything stronger than 40 bit encryption
was illegal, unless the CIA knew the extra bits above 40 (thus Philip
Zimmermann got arrested for violating the weapons law when he created PGP).
All that mess did change something, but there's still limitations to what
you can do in regards to encryption, that don't exist in any other country.
9/11 didn't exactly help that in any way.

But nevertheless, for every way you can come up with ensuring that your
client is using a secure application, there's atleast as many ways to make
a program that fools your tests, and then you're back to where you came
from. The thing I said about where your responsibility ends, is simply that
when you tell a client to use this and that software to access the data in
your remote application, then you can't really prevent them from using
software that they think is right, but isn't. There is no reliable way,
with current technologies, of determining whether or not a client's
software is what it says it is or not. I think it falls under implicit
trust ...

It reminds me of those websites that checks for the version of your
browser, and refuses to work if you don't have one they like, that falls
completely short when you visit them with Firefox because it has Mozilla
and ver. 1 in its ID string, and the sites think it's a Netscape 1 ...
point being that you can't blindly trust what the client software tells you
... I don't honestly see any way of doing what you want, without also being
able to see how it can be fooled...

Rene

Documented research indicate that on Mon, 20 Jun 2005 17:50:25 -0700,
"bruce" wrote:

> rene..
>
> from my perspective, i strongly disagree...
>
> if you're going to be writing apps that deal with sensitive information,
you
> better damm well give some thought as to how secure the client is, or even
> if the client is actually valid!
>
> while i'm not precisely sure as to how you'd go about ensuring that the
> client is indeed real/valid, and not faked, there are some reasonable
> approaches that the vendor/manufacturer could take, or make available that
> could go a good way towards satisfying the issue somewhat...
>
> and creating a secure client/server connection that only the two parties
> (server/client) can listen to is not illegal in the US.. i'm not sure where
> you get your information..
>
> but my point was not regarding tha actual communicatino pipe/wire. there
are
> already methods of securing the wire conversation betwen the server/client.
> i'm concerned with being reasonably sure that the client i'm talking to is
> indeed a valid/real client. IE, if it identifies itself as IE, then it
> actually is IE, and not some spoofed app, that acts like IE, that might be
> sending data to who knows where...
>
> -bruce

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

This message has been delivered to the Internet by the Revenue Internet e-mail 
service

*

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: editor in WEB PAGE

2005-06-21 Thread Satyam

http://www.htmlarea.com/

It seems their free version is discontinued and the new version no longer 
free.  But they now list a large number of editors with different licenses 
and capabilities.

Satyam

""Denyl Meneses Guillén"" <[EMAIL PROTECTED]> wrote in message 
news:[EMAIL PROTECTED]
Hello
I want to use a RTF editor within a web page like the Hotmail or Yahoo where 
when writing the content of the email him can be put format like Bold, 
fonts, etc.
 I'll like to find how to do.
Thanks for your helps

Denyl.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Persistant Connections and max_connections on mysql

2005-06-21 Thread Dan Rossi



On 21/06/2005, at 7:47 PM, Catalin Trifu wrote:



	I presume you mean whether it's interactive_timeout or wait_timeout, 
or ?

Actually they both are important. Read the mysql at dev.mysql.com

C.




We should be sweet now, still use persistant connections on a high 
traffice server, but reduce the timeout for the threads before they 
drop off, hence why they stay open for so long and then run into the 
max_connection issues.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: file upload

use $HTTP_POST_FILES for older php versions

""Han"" <[EMAIL PROTECTED]> ÓÏÏÂÝÉÌ/ÓÏÏÂÝÉÌÁ × ÎÏ×ÏÓÔÑÈ 
ÓÌÅÄÕÀÝÅÅ: 
news:[EMAIL PROTECTED]
> Hello,
>
> I'm having a problem with a file upload. The following works on one server 
> I use : -
>
> ---
> function add_me(){
> global $filename;
> global $maxFileSize;
> global $yourdirectory;
>
> // put this in a file that is called by your webpage with a form
> // use the form file input type and call it 'file'
>
>   $maxFileSize =  204800;
>   $filename = $_FILES['file']['tmp_name'];
> echo "f is ".$filename;
>
>   if (file_exists($filename))
>   {
>// open the file
>   $handle = fopen($filename, "r");
>
>// 1. read the file in line by line
>   while (!feof($handle))
>{
>  $buffer = fgets($handle, 4096);
>
> // if you were reading a text file you can
> // do any operations on each line as you go here
>   }
>
>
>// 2. otherwise just read the whole file
>// in one go, e.g. for an image.
> $buffer = fgets($handle, 4096);
>
>// then you can write to the database or
>// do whatever with it here
>
>// close the file
>   fclose($handle);
>   }
>
>
> $uploaddir = '/home/folder1/htdocs/folder2/'.myfolder.'/';
> echo "YYY ".$uploaddir;
>
> $uploadfile2 = $_FILES['file']['tmp_name'];
> $uploadfile2 = preg_replace("/\/tmp\//", "", $uploadfile2);
>
> $uploadfile = $uploaddir . $uploadfile2 .".gif";
>
>
> //$$uploadfile2 =~ s/\/[a-zA-Z]\///g;
>
> //print "";
> if (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)) {
>   print "File is valid, and was successfully uploaded. ";
> } else {
>   print "Possible file upload attack!  Here's some debugging info:\n";
> }
> //print "$uploadfile";
>
> chmod($uploadfile,0777);
>
> --
>
> But when I use this same code on a different server, it doesn't work as 
> there seem to be no $_FILES['file']['tmp_name'].
> Is $_FILES['file']['tmp_name'] something configured by the server (I'm 
> using Apache on a Linux system), or something default within PHP itself?
>
>
> Han. 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: editor in WEB PAGE

I used KTML
http://www.interaktonline.com/Products/KTML/Overview/

""Denyl Meneses Guillén"" <[EMAIL PROTECTED]> ???/ ? 
?: news:[EMAIL PROTECTED]
Hello
I want to use a RTF editor within a web page like the Hotmail or Yahoo where
when writing the content of the email him can be put format like Bold,
fonts, etc.
 I'll like to find how to do.
Thanks for your helps

Denyl.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: editor in WEB PAGE