Re: [PHP] LDAP and Single Sign On MORE THOUGHTS

2006-03-10 Thread Rory Browne 
I've got a bit lost on this, but assuming that we are talking about an
intranet enviornment, with windows/IE6 clients, and apache servers, then
personally:

I would check logins based on a valid session. If the user doesn't have a
session they aren't logged in. Store the username in the session variable.
PHP session variables are AFAIK designed to be hard to detect and fake.

Any code that is run under a http:// website ( as opposed to an ssl or
https:// one ), reads the session(ie does not write to it). Any
authentication should be done using a script accessed over https, protected
by mod_auth_kerb.

The http:// script would be accessed by the person when they first access
the protected site. The protected site would detect that the user is not
logged in, and redirect them to the authentication site(which is behind
mod_auth_kerb, and https), which would create the session, and redirect the
user back, to the page where they originally tried to access.

Re: [PHP] mktime month

2006-03-10 Thread Austin Denyer 
Mark Steudel wrote:
> Im a little confused on the number I should use for the month:
>  
> Take the following:
>  
> echo date('Ymd', mktime(0, 0, 0, 3, 0, date("Y")) );
>  
> I expected it to output: 20060331
>  
> But instead it outputs 20060228.

Correct.

You are asking it for the zeroth day of March, which is the last day of
February.

Regards,
Ozz.


signature.asc
Description: OpenPGP digital signature

[PHP] mktime month

2006-03-10 Thread Mark Steudel 
Im a little confused on the number I should use for the month:
 
Take the following:
 
echo date('Ymd', mktime(0, 0, 0, 3, 0, date("Y")) );
 
I expected it to output: 20060331
 
But instead it outputs 20060228.
 
In the examples for january in the php manual I get december instead of
january.
 
Is there a server config or any ideas what I am doing wrong?
 
Thanks, Mark

[PHP] Re: displaying documents stored under web root

2006-03-10 Thread Chuck Anderson 

Adrian Bruce wrote:


Hi

After some advice (surprise!)

I currently store restricted documents beneath the web root so they are 
not accessible via the URL, when a valid user wishes to view a document 
i copy it to a temporary folder above the root and load it in a new 
page.  the only way i can then manage to delete the copy is 
automatically deleting all temp files when any user goes to the log out 
page.


This is obviously not a very good way of doing this but unless i can 
establish when a user is no longer viewing the doc then i dont know when 
to delete it.  I was wandering how others deal with these problems like this


any advice appreciated greatly

Ade
 

I deliver restricted PDFs that are kept *above* the web root without 
using a temporary file. Why do you need to create a temporary file? I 
use headers and readfile.


--
*
Chuck Anderson • Boulder, CO
http://www.CycleTourist.com
Integrity is obvious.
The lack of it is common.
*

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] ebay/nusoap example?

2006-03-10 Thread Paul Reinheimer 
I tried to get the eBay API working with nusoap for quite a while, but
eventually gave up and wrote my own code from scratch.

There is a pear project that deals with eBay if you're more interested
in using a prefab solution than coding your own from scratch.


paul

On 3/8/06, jon <[EMAIL PROTECTED]> wrote:
> Howdy...
>
> I don't suppose that any of you would happen to have an example of how
> to use the ebay API with nusoap?
>
> I've done plenty o' projects with nusoap, but working with the ebay api
> has me stumped. I don't really even know how to get started,
> coding-wise. (I've setup all the developer tokens and whatnot, so that's
> all good.)
>
> Thanks a lot,
>
>   -- jon
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>


--
Paul Reinheimer
Zend Certified Engineer

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] LDAP and Single Sign On MORE THOUGHTS

2006-03-10 Thread Rick Emery 

Quoting Jochem Maas <[EMAIL PROTECTED]>:


Rick Emery wrote:
Okay, I'm following all of this. So I could take, say, the username  
  reversed and encode it, then decode it in the PHP application,  
and  be


I wouldn't do it like that

instead stick the username in the cookie in plaintext and as a oneway encoded
hash (the hash creation could make use of a fixed, secret prefix string
[amongst
other things) to make it secure] - then to check the cookie you take the
plain text name perform the same hash creation routine on it and
compared the results
of that with the encoded hash that was sent in the cookie - if they match the
cookie could be considered valid and untampered.

the basic jist being don't use two way encryption, use a oneway hash
like sha1().


Okay. I don't know enough about encoding/encryption to discuss the  
merits either way, but I'll go along with your suggestion.


So to carry through on my thought, the "secret prefix" would have to  
be constant. I'd like to find a way to make it variable (and random,  
even; I'm working under the assumption that at least one of our users  
would be smart enough to write a cookie to masquerade as another user).


I have an idea, but I have little experience with Active Directory or  
LDAP, and I think I'm venturing into the space of "off-topic". I  
wonder if it would be possible (probably after modifying the schema)  
to write a value into the user's account in Active Directory/LDAP. The  
login script could generate a random string to prefix the username,  
hash it, write the random value into the user's LDAP record, and write  
the cookie. The PHP app on the other side could get the value from the  
user's LDAP record and then do the comparison. That way, each user  
would have a different "secret prefix", and it would be different each  
time that user logged in.


Thoughts?


well you can stick it in the session ... but like I said decoding is an
unnecessary step it seems to me (given that you can achieve the validation
using a oneway encryption method)


Wouldn't the session expire on completion of the login script? If I  
opened a browser to run an application on our Intranet, wouldn't that  
create a different session? Again, I may be missing something.


Thanks for the discussion; I'm really enjoying it.
Rick

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Editing an existing pdf?

2006-03-10 Thread Meron 

Thank you for replying patiently.
No hard feelings but imagination is better than preinformation. Einstein

--
View this message in context: 
http://www.nabble.com/Editing-an-existing-pdf--t1202479.html#a3343684
Sent from the PHP - General forum at Nabble.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] PDOStatement::execute() Return Values

2006-03-10 Thread Chris 

Under what circumstances does PDOStatement::execute() return false?

It seems to always return true.

Thanks,

Chris

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] QUARANTINED: Xuvpcx

2006-03-10 Thread WorkgroupMail Content Filter 
The message "Xuvpcx" from MAILER-DAEMON, sent on 3/10/2006 09:42 was 
quarantined because it contained either an executable file, a batch file or a 
screen saver file. All of these types of attachments are considered security 
risks. Please consult your mail administrator who can release the message.

This message was checked by MailScan for WorkgroupMail.
www.workgroupmail.com 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Editing an existing pdf?

2006-03-10 Thread Sam Smith 
> 
> Thankyou for the quick reply Sam.
> Infact I took this option at first but I didnot proceed because creating a
> pdf form is new to me.
> And also I donot have the tool. what do you advise me.

I would like to hang out on a yacht off the coast of Saint Tropez where
Paris Hilton and her friends stop by most afternoons because they love
trying to beat me at strip poker but I'm poor and ugly, what do you advise.

Seriously, you need to tools and the education. Get the Acrobat demo for
free 30 days. 

There's a companion app called Designer that builds forms.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Displaying documents stored under web root

2006-03-10 Thread Gerry Danen 
Adrian,

I use something like this:

http://groups.yahoo.com/group/php_and_mysql/

On 3/10/06, Adrian Bruce <[EMAIL PROTECTED]> wrote:
>
> Hi
>
> After some advice (surprise!)
>
> I currently store restricted documents beneath the web root so they are
> not accessible via the URL, when a valid user wishes to view a document
> i copy it to a temporary folder above the root and load it in a new
> page.  the only way i can then manage to delete the copy is
> automatically deleting all temp files when any user goes to the log out
> page.
>
> This is obviously not a very good way of doing this but unless i can
> establish when a user is no longer viewing the doc then i dont know when
> to delete it.  I was wandering how others deal with these problems like
> this
>

Re: [PHP] LDAP and Single Sign On MORE THOUGHTS

2006-03-10 Thread Jochem Maas 

Rick Emery wrote:

Quoting [EMAIL PROTECTED]:


You could just store a username, since they have already authenticated,
but a cookie with just a username would be easy to duplicate. My current
thought is to hash a checksum of some sort and storing that in the
cookie as well. That way you avoid the username only problem. I do not
want to store the users password in any format in the cookie. I am
thinking that the login script will cause a cookie to be written (via
PHP) with a base64 encoded
(http://www.php.net/manual/en/function.base64-encode.php) string or some
other hash method. Then that string could be decoded when the user
accesses the intranet site and compared against whatever criteria you
deem necessary.



Okay, I'm following all of this. So I could take, say, the username  
reversed and encode it, then decode it in the PHP application, and be  


I wouldn't do it like that

instead stick the username in the cookie in plaintext and as a oneway encoded
hash (the hash creation could make use of a fixed, secret prefix string [amongst
other things) to make it secure] - then to check the cookie you take the
plain text name perform the same hash creation routine on it and compared the 
results
of that with the encoded hash that was sent in the cookie - if they match the
cookie could be considered valid and untampered.

the basic jist being don't use two way encryption, use a oneway hash like 
sha1().

safe as long as nobody ever figures out what I'm encoding and how I'm  
encoding it. What would be great would be if the value that gets  
encoded could somehow be dynamic (like the current time, or even a  
randomly generated string). But then how would the PHP script know  what 
the decoded value is supposed to be? Hmmm...something to think  about.


well you can stick it in the session ... but like I said decoding is an
unnecessary step it seems to me (given that you can achieve the validation
using a oneway encryption method)




I have not tested this though. It is on my task list for next week
though. :)



Let us know how it goes!

Thanks,
Rick



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] LDAP and Single Sign On MORE THOUGHTS

2006-03-10 Thread Rick Emery 

Quoting [EMAIL PROTECTED]:


You could just store a username, since they have already authenticated,
but a cookie with just a username would be easy to duplicate. My current
thought is to hash a checksum of some sort and storing that in the
cookie as well. That way you avoid the username only problem. I do not
want to store the users password in any format in the cookie. I am
thinking that the login script will cause a cookie to be written (via
PHP) with a base64 encoded
(http://www.php.net/manual/en/function.base64-encode.php) string or some
other hash method. Then that string could be decoded when the user
accesses the intranet site and compared against whatever criteria you
deem necessary.


Okay, I'm following all of this. So I could take, say, the username  
reversed and encode it, then decode it in the PHP application, and be  
safe as long as nobody ever figures out what I'm encoding and how I'm  
encoding it. What would be great would be if the value that gets  
encoded could somehow be dynamic (like the current time, or even a  
randomly generated string). But then how would the PHP script know  
what the decoded value is supposed to be? Hmmm...something to think  
about.



I have not tested this though. It is on my task list for next week
though. :)


Let us know how it goes!

Thanks,
Rick

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Dynamic Form List - how to change values

2006-03-10 Thread Jochem Maas 

tedd wrote:

Pat:

I would suggest changing to:

http://.../chkout.php?imagename=NATURE-1.jpg&count=6&continue=Continue+Checkout, 



$newqty = $_GET['count'];
$imagename = $_GET['imagename'];

Also, to see what you are actually "getting" try:

echo ("");
echo ("");
echo ("GET info:\n");
print_r($_GET);
echo("");

You might also want to consider taking care of undefined variables -- 
here's a reference:


http://www.weberdev.com/get_example-3823.html

HTH's

tedd



Ok, this works for one item, but my shopping cart may have (hopefully) 
dozens of items in it. How do I refer to each new quantity changes for 
each new row in the table? I was hoping that by making the qty field a 
name of the image, I would be able to match the new qty up with the 
right image quickly, but that won't work, obviously.


How can I change multiple items in a list (or all) when the list is 
dynamically created? My approach may be wrong -- suggestions?




Pat:

You can add numerous items to the url. I don't remember the total number 
of characters that's allowed, but it's considerable.


if your running Apache the default max length of the url is 8K - this can be 
upped
but you have to recompile Apache. the HTTP spec itself doesn't stipulate a limit
to the length... in general though anything over 512 bytes  (outside of
CMS tools) is discouraged...



If you reach the limit, but might consider reducing the number of 
characters in your variables, such as: "NATURE-1.jpg" could be n1 where 
you had a look-up table or you knew what the cryptic code was to make 
the transformation.


Or you could continue on a course like you were with n1=6 where you know 
that n1 stands for "NATURE-1.jpg" and the value contained therein is the 
value for that image.


There's lot's of ways to do this.

As for it being dynamically created, that shouldn't present a problem 
either -- just treat the url as a string and add ampersands (&) between 
"variables and their value" pairs.


HTH's

tedd



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] LDAP and Single Sign On MORE THOUGHTS

2006-03-10 Thread jblanchard 
[snip]
First, let me apologize for having to take it to a basic level. I'll  
admit that I'm fairly new to web development, but this is something I  
could *really* use at work and I want to make sure I understand (just  
to set the stage, we use Windows/Active Directory/MS SQL Server at  
work, but have decided that future applications will be written in PHP  
run on Linux/Apache).

So I have a login script that sets a cookie when the user logs in.  
Then I have an application written in PHP that reads the cookie for  
authentication purposes.

What would I store in the cookie? Would the username be sufficient  
(since the cookie was set, we can assume that it was already  
authenticated through AD, right), or is there something more I can add  
to the cookie to make the process more secure?

Which leads back to my original question; what would keep me from  
setting a cookie with, say, my manager's username, fooling the PHP  
application into thinking I'm her?

[/snip]

You could just store a username, since they have already authenticated,
but a cookie with just a username would be easy to duplicate. My current
thought is to hash a checksum of some sort and storing that in the
cookie as well. That way you avoid the username only problem. I do not
want to store the users password in any format in the cookie. I am
thinking that the login script will cause a cookie to be written (via
PHP) with a base64 encoded
(http://www.php.net/manual/en/function.base64-encode.php) string or some
other hash method. Then that string could be decoded when the user
accesses the intranet site and compared against whatever criteria you
deem necessary.

I have not tested this though. It is on my task list for next week
though. :)

So, you could set a cookie with your manager's name, but it wouldn't
work. You would also have to know how to encode a string properly for
storage in the cookie. Read
http://www.php.net/manual/en/function.setcookie.php for more information
on cookies.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Editing an existing pdf?

2006-03-10 Thread Meron 

Thankyou for the quick reply Sam.
Infact I took this option at first but I didnot proceed because creating a
pdf form is new to me.
And also I donot have the tool. what do you advise me.
--
View this message in context: 
http://www.nabble.com/Editing-an-existing-pdf--t1202479.html#a3339621
Sent from the PHP - General forum at Nabble.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] LDAP and Single Sign On MORE THOUGHTS

2006-03-10 Thread Rick Emery 

Quoting [EMAIL PROTECTED]:


[snip]
Couldn't I write my own cookie to fool the authentication into
thinking I'm somebody else?
[/snip]

I suppose that you could do that if you were savvy enough to realize
that automatic login to the intranet used a cookie for authentication
and you knew how to format the cookie and properly hash a checksum
stored in the cookie. The user information stored in the cookie would be
verified against the AD via LDAP.


First, let me apologize for having to take it to a basic level. I'll  
admit that I'm fairly new to web development, but this is something I  
could *really* use at work and I want to make sure I understand (just  
to set the stage, we use Windows/Active Directory/MS SQL Server at  
work, but have decided that future applications will be written in PHP  
run on Linux/Apache).


So I have a login script that sets a cookie when the user logs in.  
Then I have an application written in PHP that reads the cookie for  
authentication purposes.


What would I store in the cookie? Would the username be sufficient  
(since the cookie was set, we can assume that it was already  
authenticated through AD, right), or is there something more I can add  
to the cookie to make the process more secure?


Which leads back to my original question; what would keep me from  
setting a cookie with, say, my manager's username, fooling the PHP  
application into thinking I'm her?


I can't help but feel like I'm missing something.

Thanks,
Rick

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] LDAP and Single Sign On MORE THOUGHTS

2006-03-10 Thread jblanchard 
[snip]
> We are sitting here having a discussion on login techniques and I cam
up
> with a thought...why not have a login script write a cookie that then
> coulod be read by PHP and compared against the AD via LDAP? Does
anyone
> see any gotcha's with that kind of process?

Couldn't I write my own cookie to fool the authentication into  
thinking I'm somebody else?
[/snip]

I suppose that you could do that if you were savvy enough to realize
that automatic login to the intranet used a cookie for authentication
and you knew how to format the cookie and properly hash a checksum
stored in the cookie. The user information stored in the cookie would be
verified against the AD via LDAP.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] LDAP and Single Sign On MORE THOUGHTS

2006-03-10 Thread Rick Emery 

Quoting [EMAIL PROTECTED]:


[snip]
As far as I can tell you will have to ask the user to login at the web
application level again, but you can verify it against your AD via LDAP
with the basic stuff from http://www.php.net/ldap
[/snip]

We are sitting here having a discussion on login techniques and I cam up
with a thought...why not have a login script write a cookie that then
coulod be read by PHP and compared against the AD via LDAP? Does anyone
see any gotcha's with that kind of process?


Couldn't I write my own cookie to fool the authentication into  
thinking I'm somebody else?


--
Rick Emery

"When once you have tasted flight, you will forever walk the Earth
 with your eyes turned skyward, for there you have been, and there
 you will always long to return"
  -- Leonardo Da Vinci

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Editing an existing pdf?

2006-03-10 Thread Sam Smith 
> 
> I wanted to add texts from an html form to existing pdf.
> I was able to create a pdf but not to edit it.
> 
> Please give me guidance how to.

FDF is what you're after if I understand this brief post.

Google FDF PDF PHP. PHP writes the FDF file which fills out a linked PDF
form. Notice I said PDF form.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] highlight_string()

2006-03-10 Thread Weber Sites LTD 
Hi

I found an example for this on WeberDev and got it to work pretty good.
However, when I started to check, I now have a different issue.

Till now, I just highlighted all of the text. Now I take the php code
Out, highlight only the php code and put it back in.

The problem is that I'm looking for anything between 
And some of the code examples have .?>

So what I really take out is 

How can I avoid this?

thanks

-Original Message-
From: chris smith [mailto:[EMAIL PROTECTED] 
Sent: Friday, March 10, 2006 1:19 PM
To: Weber Sites LTD
Cc: php-general@lists.php.net
Subject: Re: [PHP] highlight_string()

On 3/10/06, Weber Sites LTD <[EMAIL PROTECTED]> wrote:
> Hi
>
> I'm trying to go with your idea but I'm having difficulties with 
> preg_match_all.
> I want the text between . The use of preg_match_all bellow 
> only Returns text that is in a single line. If the  and the ?> is A few lines bellow, it does not match.
>
> preg_match_all('/<\?php(.*?)\?>/i',$text,$CodeArray,PREG_PATTERN_ORDER
> );

Try /is

it will treat the string as one huge line.

> -Original Message-
> From: Chris [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, March 07, 2006 3:08 AM
> To: Weber Sites LTD
> Cc: php-general@lists.php.net
> Subject: Re: [PHP] highlight_string()
>
> Weber Sites LTD wrote:
> > I was afraid of that...
> > I need to do HTML manipulations on the text that is outside the .
> > After I run highlight_string the original text is messed up.
> > If I run the manipulations before then they will look like HTML And 
> > not act as HTML...
> >
> > Any ideas?
>
> You could get the php from your page, highlight it and replace it back in:
>
> preg_replace('%%s', 'highlight_string(${1})', $content);
>
> don't know if that will work straight out for you but that should give 
> you an idea on how to proceed.
>
>
> Or you could temporarily remove them, do whatever then replace it back in:
>
> $placeholders = array();
> while(preg_match('%%s', $content, $matches)) {
>$size = sizeof($placeholders);
>$placeholders[$size] = $matches[1];
>$content = str_replace($matches[0], '%%PLACEHOLDER['.$size.']%%', 
> $content); }
>
> ... other processing here.
>
> foreach($placeholders as $i => $text) {
>$content = str_replace('%%PLACEHOLDER['.$i.']%%',
> highlight_string($text), $content);
> }
>
>
> > -Original Message-
> > From: chris smith [mailto:[EMAIL PROTECTED]
> > Sent: Monday, March 06, 2006 11:59 AM
> > To: Weber Sites LTD
> > Cc: php-general@lists.php.net
> > Subject: Re: [PHP] highlight_string()
> >
> > On 3/6/06, Weber Sites LTD <[EMAIL PROTECTED]> wrote:
> >
> >>The only way I could work around this was to put empty  at the 
> >>Beginning of the text and now highlight_string() highlights only 
> >>what Is inside 
> >>
> >>You can see an example of the problematic text in the example Area 
> >>of this page : http://www.weberdev.com/get_example-4345.html
> >>
> >>Notice the empty  at the beginning of the example.
> >>Without them, all of the example, including the text and HTML Part 
> >>will be painted by highlight_string().
> >>
> >>Is this a bug?
> >
> >
> > No. It will highlight html as well.
> >
> > You can give the illusion of it not highlighting the html by using:
> >
> > ini_set('highlight.html', '#00');

--
Postgresql & php tutorials
http://www.designmagick.com/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] DB calls vs Session solution

2006-03-10 Thread Thomas 

Hi there,

Quick question on performance:

I have got some expensive sql queries (doing lots of LEFT JOINS) that result
in anything between 10 to 1 results. I need to do paging on those. So
far I have used a LIMIT solution which will not do anymore because you don't
get the whole total.

Now, the idea is to store the results (or the sql query string?) in the
session to avoid too many db calls (on paging). 

The question now is: is the serializing/unserializing more expensive than
another db call?

Thanks,

T


SPIRAL EYE STUDIOS 
P.O. Box 37907, Faerie Glen, 0043

Tel: +27 12 362 3486
Fax: +27 12 362 3493 
Mobile: +27 82 442 9228
Email: [EMAIL PROTECTED]
Web: www.spiraleye.co.za 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] highlight_string()

2006-03-10 Thread Robin Vickery 
On 10/03/06, Weber Sites LTD <[EMAIL PROTECTED]> wrote:
> Hi
>
> I'm trying to go with your idea but I'm having difficulties with
> preg_match_all.
> I want the text between . The use of preg_match_all bellow only
> Returns text that is in a single line. If the 
> is
> A few lines bellow, it does not match.
>
> preg_match_all('/<\?php(.*?)\?>/i',$text,$CodeArray,PREG_PATTERN_ORDER);
>

By default a '.' matches any character except for a newline. If you
want it to match *everything* you have to use the 's' pattern modifier
- just stick an 's' on the very end of your pattern, after the 'i'.

   /<\?php(.*?)\?>/is

  -robin

Re: [PHP] highlight_string()

2006-03-10 Thread chris smith 
On 3/10/06, Weber Sites LTD <[EMAIL PROTECTED]> wrote:
> Hi
>
> I'm trying to go with your idea but I'm having difficulties with
> preg_match_all.
> I want the text between . The use of preg_match_all bellow only
> Returns text that is in a single line. If the 
> is
> A few lines bellow, it does not match.
>
> preg_match_all('/<\?php(.*?)\?>/i',$text,$CodeArray,PREG_PATTERN_ORDER);

Try /is

it will treat the string as one huge line.

> -Original Message-
> From: Chris [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, March 07, 2006 3:08 AM
> To: Weber Sites LTD
> Cc: php-general@lists.php.net
> Subject: Re: [PHP] highlight_string()
>
> Weber Sites LTD wrote:
> > I was afraid of that...
> > I need to do HTML manipulations on the text that is outside the .
> > After I run highlight_string the original text is messed up.
> > If I run the manipulations before then they will look like HTML And
> > not act as HTML...
> >
> > Any ideas?
>
> You could get the php from your page, highlight it and replace it back in:
>
> preg_replace('%%s', 'highlight_string(${1})', $content);
>
> don't know if that will work straight out for you but that should give you
> an idea on how to proceed.
>
>
> Or you could temporarily remove them, do whatever then replace it back in:
>
> $placeholders = array();
> while(preg_match('%%s', $content, $matches)) {
>$size = sizeof($placeholders);
>$placeholders[$size] = $matches[1];
>$content = str_replace($matches[0], '%%PLACEHOLDER['.$size.']%%',
> $content);
> }
>
> ... other processing here.
>
> foreach($placeholders as $i => $text) {
>$content = str_replace('%%PLACEHOLDER['.$i.']%%',
> highlight_string($text), $content);
> }
>
>
> > -Original Message-
> > From: chris smith [mailto:[EMAIL PROTECTED]
> > Sent: Monday, March 06, 2006 11:59 AM
> > To: Weber Sites LTD
> > Cc: php-general@lists.php.net
> > Subject: Re: [PHP] highlight_string()
> >
> > On 3/6/06, Weber Sites LTD <[EMAIL PROTECTED]> wrote:
> >
> >>The only way I could work around this was to put empty  at the
> >>Beginning of the text and now highlight_string() highlights only what
> >>Is inside 
> >>
> >>You can see an example of the problematic text in the example Area of
> >>this page : http://www.weberdev.com/get_example-4345.html
> >>
> >>Notice the empty  at the beginning of the example.
> >>Without them, all of the example, including the text and HTML Part
> >>will be painted by highlight_string().
> >>
> >>Is this a bug?
> >
> >
> > No. It will highlight html as well.
> >
> > You can give the illusion of it not highlighting the html by using:
> >
> > ini_set('highlight.html', '#00');

--
Postgresql & php tutorials
http://www.designmagick.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] displaying documents stored under web root

2006-03-10 Thread Kevin Davies - Bonhurst Consulting 
Hi Adrian,

I had the same dilemma on a project I was working on, and came across this:
http://www.vibralogix.com/linklokurl/index.php

It basically adds an authentication code, which can lock the download to an
IP address and also you can limit the life of the URL to a length of time.

You can also store all the documents below the web root.

It's not free, but for $30 dollars it was well worth the investment and
saved me plenty of time! 

HTH,

Kev


-Original Message-
From: Adrian Bruce [mailto:[EMAIL PROTECTED] 
Sent: 10 March 2006 11:02
To: php-general@lists.php.net
Subject: [PHP] displaying documents stored under web root

Hi

After some advice (surprise!)

I currently store restricted documents beneath the web root so they are 
not accessible via the URL, when a valid user wishes to view a document 
i copy it to a temporary folder above the root and load it in a new 
page.  the only way i can then manage to delete the copy is 
automatically deleting all temp files when any user goes to the log out 
page.

This is obviously not a very good way of doing this but unless i can 
establish when a user is no longer viewing the doc then i dont know when 
to delete it.  I was wandering how others deal with these problems like this

any advice appreciated greatly

Ade

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Editing an existing pdf?

2006-03-10 Thread Meron 

I wanted to add texts from an html form to existing pdf.
I was able to create a pdf but not to edit it.

Please give me guidance how to.

--
View this message in context: 
http://www.nabble.com/Editing-an-existing-pdf--t1202479.html#a3337105
Sent from the PHP - General forum at Nabble.com.


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] displaying documents stored under web root

2006-03-10 Thread Adrian Bruce 

Hi

After some advice (surprise!)

I currently store restricted documents beneath the web root so they are 
not accessible via the URL, when a valid user wishes to view a document 
i copy it to a temporary folder above the root and load it in a new 
page.  the only way i can then manage to delete the copy is 
automatically deleting all temp files when any user goes to the log out 
page.


This is obviously not a very good way of doing this but unless i can 
establish when a user is no longer viewing the doc then i dont know when 
to delete it.  I was wandering how others deal with these problems like this


any advice appreciated greatly

Ade

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Extending a class with a static constructur (like PEAR::DB)

2006-03-10 Thread Andreas Korthaus 

Chris wrote:


You'll need to:

$dbtoy = new DBToyExt();
$dbtoy->connect()
$dbtoy->testext('testing');


But you cannot do:

$dbtoy = new DBToyExt();
$dbtoy->connect()
$dbtoy->testext('testing');
$result = $dbtoy->query('SELECT...');
//[...]


You have to do something like this:

$dbtoy = new DBToyExt();
$db = $dbtoy->connect()
$dbtoy->testext('testing');
$result = $db->query('SELECT...');
//[...]

If you want to avoid that, you have to write a wrapper around DB.


best regards
Andreas

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Extending a class with a static constructur (like PEAR::DB)

2006-03-10 Thread Andreas Korthaus 

[EMAIL PROTECTED] wrote:


Ahhh! I'd kept thinking what connect() returned was a db object, but it does 
look like
it returns varying objects depending on which database you're using.


correct



Maybe I'd want to extend DB_common instead of DB_mysql, so that the methods 
would
be inhereted by any object?


But DB_mysql will not inherit from your object! Look at the source:

class DB_mysql extends DB_common {...}

If you inherit from a class, the parent class will not inherit your (the 
child classes) methods. If a class should inherit from your object, it 
must explicitly inherit from that class.



Best regards
Andreas

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] highlight_string()

2006-03-10 Thread Weber Sites LTD 
Hi

I'm trying to go with your idea but I'm having difficulties with
preg_match_all.
I want the text between . The use of preg_match_all bellow only
Returns text that is in a single line. If the 
is
A few lines bellow, it does not match.

preg_match_all('/<\?php(.*?)\?>/i',$text,$CodeArray,PREG_PATTERN_ORDER); 

Thanks. 

-Original Message-
From: Chris [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, March 07, 2006 3:08 AM
To: Weber Sites LTD
Cc: php-general@lists.php.net
Subject: Re: [PHP] highlight_string()

Weber Sites LTD wrote:
> I was afraid of that...
> I need to do HTML manipulations on the text that is outside the .
> After I run highlight_string the original text is messed up.
> If I run the manipulations before then they will look like HTML And 
> not act as HTML...
> 
> Any ideas?

You could get the php from your page, highlight it and replace it back in:

preg_replace('%%s', 'highlight_string(${1})', $content);

don't know if that will work straight out for you but that should give you
an idea on how to proceed.


Or you could temporarily remove them, do whatever then replace it back in:

$placeholders = array();
while(preg_match('%%s', $content, $matches)) {
   $size = sizeof($placeholders);
   $placeholders[$size] = $matches[1];
   $content = str_replace($matches[0], '%%PLACEHOLDER['.$size.']%%', 
$content);
}

... other processing here.

foreach($placeholders as $i => $text) {
   $content = str_replace('%%PLACEHOLDER['.$i.']%%', 
highlight_string($text), $content);
}


> -Original Message-
> From: chris smith [mailto:[EMAIL PROTECTED] 
> Sent: Monday, March 06, 2006 11:59 AM
> To: Weber Sites LTD
> Cc: php-general@lists.php.net
> Subject: Re: [PHP] highlight_string()
> 
> On 3/6/06, Weber Sites LTD <[EMAIL PROTECTED]> wrote:
> 
>>The only way I could work around this was to put empty  at the 
>>Beginning of the text and now highlight_string() highlights only what 
>>Is inside 
>>
>>You can see an example of the problematic text in the example Area of 
>>this page : http://www.weberdev.com/get_example-4345.html
>>
>>Notice the empty  at the beginning of the example.
>>Without them, all of the example, including the text and HTML Part 
>>will be painted by highlight_string().
>>
>>Is this a bug?
> 
> 
> No. It will highlight html as well.
> 
> You can give the illusion of it not highlighting the html by using:
> 
> ini_set('highlight.html', '#00');
> 
> --
> Postgresql & php tutorials
> http://www.designmagick.com/
> 
> 
> 


-- 
Postgresql & php tutorials
http://www.designmagick.com/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php