date:20060313

[PHP] Re: Hidding HTML Input Elements values approach

2006-03-13 Thread David Dorward

pedro mpa wrote:

> So, for example a typical country select box, its option values are
> encrypted with the previous created key on page request and decrypted
> (after form submission f.ex.) on the validation code:

So the value attribute contains an encrypted representation of the country
name ... which is transmitted in clear text right next to it?

If you want encryption, why not just use SSL?

-- 
David Dorward      
 Home is where the ~/.bashrc is

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] X-Mailer and headers when sending mail

2006-03-13 Thread Angelo Zanetti


Paul Scott wrote:

On Mon, 2006-03-13 at 13:41 -0800, Angelo Zanetti wrote:


*  0.5 X_PRIORITY_HIGH Sent with 'X-Priority' set to high *  1.3 MSGID_NO_HOST 
Message-Id has no hostname *  2.0
HEADER_COUNT_CTYPE Multiple Content-Type headers found *  0.8 PRIORITY_NO_NAME 
Message has priority setting, but no
X-Mailer *  1.8 INVALID_MSGID Message-Id is not valid, according to RFC 2822




Looks like setting X-Mailer should do the trick

--Paul





Thanks again!!

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] X-Mailer and headers when sending mail

2006-03-13 Thread Paul Scott

On Mon, 2006-03-13 at 13:41 -0800, Angelo Zanetti wrote:
> *  0.5 X_PRIORITY_HIGH Sent with 'X-Priority' set to high *  1.3 
> MSGID_NO_HOST Message-Id has no hostname *  2.0
> HEADER_COUNT_CTYPE Multiple Content-Type headers found *  0.8 
> PRIORITY_NO_NAME Message has priority setting, but no
> X-Mailer *  1.8 INVALID_MSGID Message-Id is not valid, according to RFC 2822
> 

Looks like setting X-Mailer should do the trick

--Paul

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] PHP code not functioning on search page

2006-03-13 Thread Bruce Gilbert

I have a bit of PHP rotating image code and time stamp that work fine
on every page except my search page
http://inspired-evolution.com/search.php. I installed a PHP based
search engine called Zoom Search as a plug-in in Dreamweaver. Since
the code works on every other page, I am not sure why it wouldn't on
this page. An example of a page where the code works fine is
http://inspired-evolution.com/search_template.php

Any assistance?

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Looking for PHP SSO-engine

2006-03-13 Thread Manuel Lemos

Hello,

on 03/13/2006 09:56 PM Roger Thomas said the following:
> Are there are PHP projects that focuses on Single Signon/Signoff like 
> Pubcookie, CAS, Cosign etc? Please advise. TIA.

I am not sure, but I think LiveUser is for that purpose:

http://pear.php.net/package/LiveUser/

-- 

Regards,
Manuel Lemos

Metastorage - Data object relational mapping layer generator
http://www.metastorage.net/

PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Printing library in PHP ?

2006-03-13 Thread Manuel Lemos

Hello,

on 03/13/2006 09:44 AM robert mena said the following:
> I am currently migrating an application originally written with Delphi to
> PHP.  Everything is going fine except the printing of the reports that does
> not produce the same visual result (i.e does not look the same or has some
> aligmment issues).
> 
> From what I've read I should use CSS to achieve such result but I was
> wondering if there is any toolkit, library in PHP that would ease my work.
> 
> For example:
> I have a specific report I have to add a header to each page
> I have another one with tabular data that when the result is larger than a
> page I should break the table and start at the next page so the table
> headers can be seen again...
> 
> In both I'd need a way to decide/find out how many pages will be necessary
> (given the size of the paper sheet) so I could generate the HTML correctly.

You did not mention the platform you want to print, nor if you want to
print on the client side or server side.

If you want to print on the server side, you may want to take a look at
this IPP (Internet Printing Protocol) client class that can be used to
print HTML documents on Windows and Linux (with CUPS).

http://www.phpclasses.org/printipp


-- 

Regards,
Manuel Lemos

Metastorage - Data object relational mapping layer generator
http://www.metastorage.net/

PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Possible hacker using php script to send e-mails?

2006-03-13 Thread Manuel Lemos

Hello,

on 03/13/2006 06:38 AM Merlin said the following:
> Hello Manuel,
>
> this seems to be the right track. However I do not have linebrakes in
> there, but the message gets passed by POST. This is my script error.php:

Notice these two lines of your script:

> $from = $_POST[from];

> $mail->AddReplyTo($from);

Personally I think the solution is not filtering the values but rather
use proper from validation. The way I implement these things is to check
whether the user enters valid e-mail addresses. If not, present the form
again with an error message.

Usually I use this class for performing form generation and validation.
It can be used to do the form presentation, validation and processing
with the the same script.

It can perform server side validation and also client side validation
using Javascript generated automatically by the class for you. E-mail
address validation is one of the built-in types of validation that it
supports. For other fields like Subject and even person name, I suggest
using regular expression based validation, which is also built in. Take
a look at the example scripts:

http://www.phpclasses.org/formsgeneration


-- 

Regards,
Manuel Lemos

Metastorage - Data object relational mapping layer generator
http://www.metastorage.net/

PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Looking for PHP SSO-engine

2006-03-13 Thread Roger Thomas

Are there are PHP projects that focuses on Single Signon/Signoff like 
Pubcookie, CAS, Cosign etc? Please advise. TIA.

--roger


---
Sign Up for free Email at http://ureg.home.net.my/
---

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] array_search and multi-dimensional arrays

2006-03-13 Thread Philip Thompson


On Mar 13, 2006, at 5:54 PM, jonathan wrote:

I'd like to return the first key value in the following array such  
that England would return 1 rather than 3 which is the second key  
value. Any help would be greatly appreciated.


$c[1][]="Vietnam";
$c[1][]="China";
$c[1][]="Thailand";
$c[1][]="England";
$c[2][]="USA";
$c[2][]="Japan";


print_r($c);
// Array ( [1] => Array ( [0] => Vietnam [1] => China [2] =>  
Thailand [3] => England ) [2] => Array ( [0] => USA [1] => Japan ) )


foreach($c as $row)
{
echo array_search("England",$row);
}
// prints 3

-jonathan



Multi-dimensional arrays can be a bit tricky. I've wanted to do  
something similar to what you're trying to accomplish. I have not  
tested this, but I think it works:


 $value) {
foreach ($value as $j => $country) {
if ($country == "England")
echo $i;
}
}
?>

Hope that helps.

~Philip

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] array_search and multi-dimensional arrays

2006-03-13 Thread jonathan


looks like this works. Is there any problem with it that people can see?

$c[1][]="Vietnam";
$c[1][]="China";
$c[1][]="Thailand";
$c[1][]="England";
$c[2][]="USA";
$c[2][]="Japan";

print_r($c);

foreach($c as $key=>$value)
{
   if(array_search("England",$value))
   {
   echo $key;   
}
}

thanks,

jonathan

On Mar 13, 2006, at 3:54 PM, jonathan wrote:



I'd like to return the first key value in the following array such  
that England would return 1 rather than 3 which is the second key  
value. Any help would be greatly appreciated.


$c[1][]="Vietnam";
$c[1][]="China";
$c[1][]="Thailand";
$c[1][]="England";
$c[2][]="USA";
$c[2][]="Japan";


print_r($c);
// Array ( [1] => Array ( [0] => Vietnam [1] => China [2] =>  
Thailand [3] => England ) [2] => Array ( [0] => USA [1] => Japan ) )


foreach($c as $row)
{
echo array_search("England",$row);
}
// prints 3

-jonathan

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Memory and BLOB's

2006-03-13 Thread tedd


Jochem and tedd discussed:

Isn't assigned memory just blocks of reserved addresses for the 
requesters use? It shouldn't make any difference where, or how 
much, a block of memory is. To move from a field in a record to 
another field is just following memory addresses from one field to 
another field in each record. It doesn't make any difference if the 
jump is 1 byte of a million bytes, it's just an address.


right but fixed sized jumps are best (base 2 anyone?) - i.e. no varchars.
also experiment with table types in mysql - maybe use a 'temporary' HEAP
or MEMORY table to process and then select back into the 'permanent'
table when your done with the heavy lifting.


I still don't see it. Maybe thi is something like optimizing hash 
table's maximum numbers tied to a prime number type of thing, but 
fixed jumps in a linked list has no benefit over variable jumps 
regardless of what number system you use.



how about easy to calculate (i.e. + N) memblock positions in physical
memory?


Why would anyone/anything want to do that? It isn't necessary to 
calculate memblock positions in physical or whatever memory (besides 
older disk sectors).


The distribution of memory blocks residing in memory is known only to 
the memory manager or whatever you want to call it. But, access to 
"related" pieces of memory, such as records found in a dB, are only 
connected by a linked list of some type. Memory isn't assigned by 
some formula or calculation. It is assigned by request and that 
request is granted by a memory manager.


Now, one way to test our differences in memory management claims 
would be to acquire x chunks of memory in fixed sizes and acquire x 
chunks of memory in variable amounts and then search the two memory 
list. If so, I can tell you right now that the search times would be 
identical in both cases.


If there is something I don't understand here, please elaborate.

tedd
--

http://sperling.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] DB calls vs Session solution

2006-03-13 Thread Grant Young


Hi Jochem.


the nice thing about programming with my 'data framework' is that its
very generic, flexible and interspective (generating abitrarily complex
sql/html/? from objects) ... which comes with a great cost.

so I have code that is really very very heavy but if you consider
the (complete|discount|standard|bundeled) price calculation routines
for the site I was speaking of, are 1000's of lines in themselves you
might agree that a more structured apporach to the code bear fruits
in maintainability/extensability (which has been my finding overall).
bottom line is [they] have to buy a bigger box. :-)

actually my real problem lies in not being [cap]able of using the
Smarty cache (I can't figure out how it works/how to use it)


I'm thinking that output (HTML) caching might be an option for you - you 
seem to be hinting at that with the Smarty reference above.  Probably 
depends mostly on how many variables you have to deal with.  And I would 
still look into using MySQL level caching as well if the query execution 
time is more than a second or two.


I'm in the process of optimising a CMS at the moment which fits your 
description of "very generic, flexible and interspective (generating 
abitrarily complex sql/html/? from objects) ... which comes with a great 
cost."  The biggest bottleneck in my app was not complex SQL, but PHP 
picking up all the include files (classes etc.), but that's beside the 
point.


In my project I implemented an output cache (caching just the HTML) 
based on the full URI for text/html content-type GET requests - taking 
into consideration the query string parameters.  Admittedly it's a very 
aggressive cache, and I may have to change it to allow for flexibility 
based on user ID or other parameters, but it does improve performance 
significantly.  I query the cache before loading my framework, which is 
where most of the performance benefit comes from in my particular app.


Another benefit to this approach is that it would be fairly easy to code 
the caching system "around" your existing framework i.e. if no cache 
hit, handle the request using your framework, then store to the cache 
via the output buffer.


As far as I know you would be able to use APC for this type caching (I 
haven't used APC but have read up on it a little recently).  It might 
even be possible to GZIP the output before caching to reduce memory 
requirements, at a small performance cost when dynamically generating 
the content.  The approach could also be used for HTML fragments (i.e. 
just the changing area - the results listing HTML etc.)


FWIW, Smarty probably doesn't do quite what you want (I use Smarty in 
the CMS, but afaict you need to know the template name + a unique ID to 
use the cache - if the template name can be hard coded, no dramas, but 
if it's dynamically loaded, it becomes trickier - including the Smarty 
class also incurs a performance overhead).


Not sure if any of that's useful?

BTW, if anyone sees any serious issues with this approach, let me know.  
I don't intend to roll out the solution to a live system for a while, so 
I still have plenty of time to revisit.


Regards, Grant

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Hidding HTML Input Elements values approach

2006-03-13 Thread pedro mpa

> -Mensagem original-
> De: jblanchard
> I don't see any problem with the approach, but I would ask why...

Because if I write original ids or values matching those on database (or
other data source) they can easily be changed on client side, that is the
main purpose. Another purpose is to easily allow forward/back on a form with
several steps without showing the 'internal step' and avoid the "The page
you requested has expired"; Increased security (I think, that's why I
posted) because the encryption key is different for every user/visit to the
site (not page). The project in question has several long forms and
different types of payments (sms, unique cc number, etc).

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Hidding HTML Input Elements values approach

2006-03-13 Thread jblanchard

[snip]
I would like some feedback on this approach for encrypting HTML input
element values such as Checkbox, Radio, Select, Hidden, etc, and
Javascript
code related to those elements.
[/snip]

I don't see any problem with the approach, but I would ask why...

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Hidding HTML Input Elements values approach

2006-03-13 Thread pedro mpa

Greetings.

I would like some feedback on this approach for encrypting HTML input
element values such as Checkbox, Radio, Select, Hidden, etc, and Javascript
code related to those elements.

The procedure is when a user first arrives at the site a session structure
is created and in it I create a random key string to use on encryption
functions for every page requested by that specific user.

So, for example a typical country select box, its option values are
encrypted with the previous created key on page request and decrypted (after
form submission f.ex.) on the validation code:


  
  
Country Name
  


function ExampleValidation(){
  // ...
  $country_id = isset($_POST['country']) ?
MyDecryptFunction($_POST['country']) : 0 ;
  // etc...
}

I also use this approach to encrypt values in Querystrings such as ids,
operations, form steps, etc.

So far I haven't found any "holes" on this approach (except when someone
gets access to the hosting account :] ) so I would like some feedback and/or
ideas and/or other approaches.


Thanks in advance.


Apologies for my bad English.

Pedro.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] DB calls vs Session solution

2006-03-13 Thread Jochem Maas


Curt Zirzow wrote:

On Mon, Mar 13, 2006 at 03:30:18PM +0100, Jochem Maas wrote:


I just realized I must be evil ;-)



Arn't we all :)



more so for the random switch to inline+bottom posting :-)





...



Ah, see this is a bit different, and goes along the theory of a
cost has to come from somewhere, and in this case you have memory
to use and abuse.

The problem with relying on a third party solution, whether it be
APC's cache or MySQL's cache, you end up having your application
dependent on them to work under heavy load.


I had loads running up to 25+. the server remained responsive but
felt slow. bit like Dell when there is a 'good' deal on ;-).


But then again, if a site is rather busy custom solutions will be
needed, and requirments to run the site become greater. I'd like to
see google/yahoo ported to some server(s) easily :)



out of interest, Curt when you say 25 requests a second exactly what
kind of requests? I mean 25 request each second on a php file that queries
a DB with lots of LEFT JOINs, etc is going to require a pretty heavy
piece of iron no? (at least more powerful than anything I can get my hands
on in general.)



Yes, 25 requests per the webserver, aka each php file. Since you
evily top posted i would guess that one of my suggestions, in the
thread, was to try to design something that didn't have a left
join.

If I had relied on left joins to join the data i need to get the
site working my apache's 'current request being processed' of 182
would be bringing any P4 with hyperthreads to its knees :)

I think as this topic is enfolds, the key thing is either to make
your queries as fast as possible (using good indexing), flatten a
structure to provide speed, or use a cache system.



the nice thing about programming with my 'data framework' is that its
very generic, flexible and interspective (generating abitrarily complex
sql/html/? from objects) ... which comes with a great cost.

so I have code that is really very very heavy but if you consider
the (complete|discount|standard|bundeled) price calculation routines
for the site I was speaking of, are 1000's of lines in themselves you
might agree that a more structured apporach to the code bear fruits
in maintainability/extensability (which has been my finding overall).
bottom line is [they] have to buy a bigger box. :-)

actually my real problem lies in not being [cap]able of using the
Smarty cache (I can't figure out how it works/how to use it)

:-\

I can do very dynamic, I can do very fast. both together is whole
different ballgame.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] what would a c extension buy me

2006-03-13 Thread Ben Litton

Something that is chiefly bottlenecked at the database isn't going to be  
improved enough at the C level to be worth the trouble. Always optimize  
where it's slow. Database design and indexing helps. Minimizing  
unnecessary queries, writing good ones, helps too.


Once you get to the point that your code is the problem, you should look  
into your algorithms to see if they're as fast as they should be before  
you dive into C. A crappy algorithm will run like crap in any language. I  
had a program in C run in three minutes which was, in my estimation,  
crappy. I re-worked it and used a more sensible algorithm and it now runs  
in less than a second. Obviously it wasn't the language.


In the end maybe an extension will be the way to go for you, depending on  
your needs, but do everything else you can first.


Just my opinion,
Ben

On Mon, 13 Mar 2006 08:04:53 -0500, Jochem Maas <[EMAIL PROTECTED]>  
wrote:



...


word,def,wordid,pos,posn,wordsize,syn from  korean_english  where word
like '운전할 %'  order by wordsize desc


oh would you look at this
you're ordering by WORDSIZE.
stick an index on WORDSIZE!!!




http://dev.mysql.com/doc/refman/5.0/en/order-by-optimization.html


In some cases, MySQL cannot use indexes to resolve the ORDER BY,


note 'In Some Cases'.

so stick an index on WORDSIZE and find out.


although it still uses indexes to find the rows that match the WHERE
clause. These cases include the following:

The key used to fetch the rows is not the same as the one used in the
ORDER BY:

SELECT * FROM t1 WHERE key2=constant ORDER BY key1;

2)



you have an iceballs' chance in hell that I'm going to even read
the 500+ lines of code that followed here ... let alone try to
optimize it. ;-)




it was just a 40 line summary of 550 lines of code 


ah, talk about being caught out :-)
regardless a 40line summary won't cut it either - you have to take
the block as a whole.





questions i may deem myself to answer:


) i get this:
[EMAIL PROTECTED] mysql]# tail -f /var/lib/mysql/mysqld_query.log  > out

[EMAIL PROTECTED] mysql]# cat out | wc -l
15910<<< --- that's line count


how many queries?


15, 910 queries


so roughly (15 * 60) seconds to run 15,000+
queries and do the processing? that doesn't actually
sound so bad.





things already taken care of:
1)


  9795 Query   select
word,def,wordid,pos,posn,wordsize,syn from  korean_english where word
like '운전할'  order by wordsize desc


in cases when you are not using the wildcard tokens (percentage signs)
try changing the query to use something like:

... word = '운전할' ...



your suggestion and a line from the query_log match exactly.


2)





then, it sends each token to CallmatchThis (line 14) which calls
matchThis (line 27 - 47 below)
matchThis may be called twice (2 sql queeries)
(line 51) select * where word = '$token' and another  (take that, but  
if

it's not there  issue the next sql )
(line 55) select * where word like '$token%';


Dont do "SELECT *" - always explicitly specify the fields you want.



that was just a paraphrase. the previous email points to the line number
of the code summary


never paraphrase code - you only end up with smart ass comments like  
mine!


have you reordered you fields in the db yet? adn made as many VARCHARs as
possible into CHARs?








--+
| korean_english | CREATE TABLE `korean_english` (
 `wordid` int(11) NOT NULL auto_increment,
 `word` varchar(130) default NULL,
 `syn` varchar(190) default NULL,
 `def` blob,
 `posn` int(2) default '1',
 `pos` varchar(13) default '1',
 `submitter` varchar(25) default NULL,
 `doe` datetime NOT NULL default '-00-00 00:00:00',
 `wordsize` tinyint(3) unsigned default NULL,
 PRIMARY KEY  (`wordid`),
 KEY `word_idx` (`word`),
 KEY `wordid_idx` (`wordid`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 |


reorder the fields so that the VARCHARS are at the end of the
table (and the BLOB field at the very, very end of the table).

also change VARCHARs to CHARs where you can.



++-
---
-





1 function MainLoop()







--

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] what would a c extension buy me

2006-03-13 Thread Curt Zirzow

On Mon, Mar 13, 2006 at 10:32:55PM +0900, joseph wrote:
> mr. maas,
> 
> psychic me  you are a man.
> 
> i created an index, no change.  but i already knew that because one of
> the cases where an index is never used is when 
> > The key used to fetch the rows is not the same as the one used in the
> > > ORDER BY: 
> > 
> > which is the case here.
> 
> (index creation stuff follows)
> 
> i'm just going to bite the bullet for a few months and do a massive code
> rehaul.  move all the matching code preferably to the sql-server.   or
> pre-compiled C code for the php [ make an extension ].  i think the mb_
> functions in php are very slow ( reportedly ) ... so move those
> somewhere else is a good idea.  maybe the 'select ... like' clauses to
> the sql-server 

Personally I think you are making a wrong decision.

If you think having a store_procedure of what you are wanting to do
it may buy you perhaps 1 second of compile time. The problem is
design.

Put stuff in a pre-compile C code for php, well, i'd like to see
that happen but besides that, let me ask you, if you have query 'A'
that you are exeucting in php. how long does query 'A' take to
execute without using php?

blaming mb_* functions on speed isn't even the question of your
problems.

Curt.
-- 
cat .signature: No such file or directory

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] DB calls vs Session solution

2006-03-13 Thread Curt Zirzow

On Mon, Mar 13, 2006 at 03:30:18PM +0100, Jochem Maas wrote:
> I just realized I must be evil ;-)

Arn't we all :)

> secondly I take 'the cache your db results in the session'
> to an extreme - by shoving serialized ResultSet objects (with all
> results in tow of course) into shared memory by way of the APC
> extension... this is of course evil because Rasmus' says "don't
> stick objects in the APC cache you fools" (I paraphrase ;-),
> the server in question is a single site machine with lots of crazy
> marketing induced queries - by caching _all_ select queries I have
> reduced the load on average from 5+ to 0.5+-

Ah, see this is a bit different, and goes along the theory of a
cost has to come from somewhere, and in this case you have memory
to use and abuse.

The problem with relying on a third party solution, whether it be
APC's cache or MySQL's cache, you end up having your application
dependent on them to work under heavy load.

But then again, if a site is rather busy custom solutions will be
needed, and requirments to run the site become greater. I'd like to
see google/yahoo ported to some server(s) easily :)

> 
> out of interest, Curt when you say 25 requests a second exactly what
> kind of requests? I mean 25 request each second on a php file that queries
> a DB with lots of LEFT JOINs, etc is going to require a pretty heavy
> piece of iron no? (at least more powerful than anything I can get my hands
> on in general.)

Yes, 25 requests per the webserver, aka each php file. Since you
evily top posted i would guess that one of my suggestions, in the
thread, was to try to design something that didn't have a left
join.

If I had relied on left joins to join the data i need to get the
site working my apache's 'current request being processed' of 182
would be bringing any P4 with hyperthreads to its knees :)

I think as this topic is enfolds, the key thing is either to make
your queries as fast as possible (using good indexing), flatten a
structure to provide speed, or use a cache system.

> 
> PS Curt thanks for the braindump - you got me thinking again!

Thats what I'm here for :)

> 
> Curt Zirzow wrote:
> >On Fri, Mar 10, 2006 at 02:10:54PM +0200, Thomas wrote:
> >
> >>Hi there,
> >>
> >>Quick question on performance:
> >>
> >>I have got some expensive sql queries (doing lots of LEFT JOINS) that 
> >>result
> >> ...
> [clip top posted info]

Curt
-- 
cat .signature: No such file or directory

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] recommendations for good breacrumbs script

2006-03-13 Thread Wolf

http://www.baskettcase.com/classes/breadcrumb/ is a pretty good script
that has a lot of functionality with it and that I have used for a while.

Robert


Bruce Gilbert wrote:
> Hello,
> 
> I am looking around for a good PHP breadcrumbs navigation script that
> would out put a path based on file structure.  For instance if I had a
> folder called Portfolio and within that folder I had a index.php file
> and another file called Websites.php. When I was on the websites.php
> page, the breadcrumbs path would display Home >> Portfolio >> Websites
> and Home and Portfolio would be hyperlinks. I don't want the
> breadcrumbs to display a .php extension. I could of course hard code
> this, but would rather find an automated solution.
> 
> Thanks in advance for any assistance!
> 
> --
> ::Bruce::
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Memory and BLOB's

2006-03-13 Thread Jochem Maas


tedd wrote:

Jochem said:


reorder the fields so that the VARCHARS are at the end of the
table (and the BLOB field at the very, very end of the table).



Why the importance of BLOB's being at the end of the table?


its a guestimate based on something I read a while back, the
reason was something silly and not inherent to the blob but some
implementation technicality - the proposed 'solution' was to
move the blob id to the end. it had nothing to do with blob size.



Isn't assigned memory just blocks of reserved addresses for the 
requesters use? It shouldn't make any difference where, or how much, a 
block of memory is. To move from a field in a record to another field is 
just following memory addresses from one field to another field in each 
record. It doesn't make any difference if the jump is 1 byte of a 
million bytes, it's just an address.


right but fixed sized jumps are best (base 2 anyone?) - i.e. no varchars.
also experiment with table types in mysql - maybe use a 'temporary' HEAP
or MEMORY table to process and then select back into the 'permanent'
table when your done with the heavy lifting.



An address, btw, which can be moved by a memory manager or other such 
memory shuffles via handles (pointer to pointers) to provide larger 
contiguous blocks of available memory. So, as such, your table may 
contain fields where the individual records have blocks of assigned 
memory scattered throughout memory with no order other than links to 
addresses. It's a binary tree of some sort with blocks of memory hanging 
off a linked list like leaves on a tree. The trunk of the tree doesn't 
care how large the leaves are.


And deleting blocks of memory is nothing more than severing a link by 
swapping memory addresses to connect with what came before to what comes 
after. So, trying to place large blocks of memory at the end of the 
table is not really doing anything because in assigning memory, there is 
no distinction of where you get memory or how much you need -- you 
either get the memory you need or fail -- to quote Yoda -- "Do, or not 
do. There is no try."


Or is there something here that I don't understand about this type of 
memory?



I'm _guessing_ yes.

how about easy to calculate (i.e. + N) memblock positions in physical
memory?

I'm just thinking out loud - don't consider me an authority.



tedd


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] determining client's external IP

2006-03-13 Thread Miles Thompson


At 02:39 PM 3/13/2006, tedd wrote:


Jochem wrote:


life is not that simple here are some functions I wrote as an attempt to
to better than 'REMOTE_ADDR' - interested if these allow you to retrieve the
same IP as whatismyip.com:


-snip-

A most impressive piece of code -- thank you, it works great!

While you appear to get down to the person's IP, where would one get the 
assorted associated details, such as the IP location text, Reverse IP (if 
any) and Reverse DNS?


For example, such as that provided by:

http://whois.sc

Do these people have access to dB's that civilians don't?

tedd
--

http://sperling.com



Tedd,

Try this link.
http://www.ip2location.com/articles/article2.htm

ip2location.com also have a free database of IP's.

Google turns up others, they are all roughly similar.

HTH - Miles


--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.1.375 / Virus Database: 268.2.1/279 - Release Date: 3/10/2006

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] determining client's external IP

2006-03-13 Thread tedd


Jochem wrote:


life is not that simple here are some functions I wrote as an attempt to
to better than 'REMOTE_ADDR' - interested if these allow you to retrieve the
same IP as whatismyip.com:


-snip-

A most impressive piece of code -- thank you, it works great!

While you appear to get down to the person's IP, where would one get 
the assorted associated details, such as the IP location text, 
Reverse IP (if any) and Reverse DNS?


For example, such as that provided by:

http://whois.sc

Do these people have access to dB's that civilians don't?

tedd
--

http://sperling.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Memory and BLOB's

2006-03-13 Thread tedd


Jochem said:


reorder the fields so that the VARCHARS are at the end of the
table (and the BLOB field at the very, very end of the table).


Why the importance of BLOB's being at the end of the table?

Isn't assigned memory just blocks of reserved addresses for the 
requesters use? It shouldn't make any difference where, or how much, 
a block of memory is. To move from a field in a record to another 
field is just following memory addresses from one field to another 
field in each record. It doesn't make any difference if the jump is 1 
byte of a million bytes, it's just an address.


An address, btw, which can be moved by a memory manager or other such 
memory shuffles via handles (pointer to pointers) to provide larger 
contiguous blocks of available memory. So, as such, your table may 
contain fields where the individual records have blocks of assigned 
memory scattered throughout memory with no order other than links to 
addresses. It's a binary tree of some sort with blocks of memory 
hanging off a linked list like leaves on a tree. The trunk of the 
tree doesn't care how large the leaves are.


And deleting blocks of memory is nothing more than severing a link by 
swapping memory addresses to connect with what came before to what 
comes after. So, trying to place large blocks of memory at the end of 
the table is not really doing anything because in assigning memory, 
there is no distinction of where you get memory or how much you need 
-- you either get the memory you need or fail -- to quote Yoda -- 
"Do, or not do. There is no try."


Or is there something here that I don't understand about this type of memory?

tedd
--

http://sperling.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Creating a unique index ID

2006-03-13 Thread tedd


Hey all,

I've got a project where I'm taking form information from the user and
writing records to several tables in a MySQL database.

The problem I'm having is I need to write a unique number for the ID
column of the records.  Auto increment won't work because I could have
conflicts due to replication of the database servers.  Anyone have any
techique they use for creating unique ID field entries in a db table?

I was thinking maybe using a random 3 digit number and a unix timestamp?

Jeff


Jeff:

Look into getmypid() and uniqid() or combine the two.

tedd

--

http://sperling.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] need a help to connect php to sql server . thanks admin.

2006-03-13 Thread Jochem Maas


John Nichel wrote:

Jochem Maas wrote:


[EMAIL PROTECTED] wrote:


[snip]
can someone send me a tutorial for how to connect my dynamic page to sql
server? may sql server 2000. i'm a college student and need learn more
about php. thanks admin.. [/snip]

To learn more about PHP start with the manual --



and stop calling us 'admin' ;-)

ps  - how many sicko websites start with the header
"I'm a college student and need ..." ;-)



Which usually translates into, "I need you to do my homework."


I was way past the list average of 'please build my FooBar for me' ;-)

I was thinking more along the lines of "'hardup' american college girls
strip for dollars." (it's all the rage in pr0nland :-P). nothing to do
with php though (although given that pr0n is probably the biggest money
spinner on the web I'd be interested to know what development platforms
are favored by pr0n sitebuilders)

[PHP - for dirty hackers ;-)]

which is probably a good place to sto[p and go do something completely
differnt instead.

PS - we have a pr0n dude on this list, IIRC - Dan T. (I'll forego
writing your name in full - just in case someone wants to lay on
the abuse real thick) ... do you have an idea as to how popular php is
for pr0n-webdevelopment?

PPS -





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Creating a unique index ID

2006-03-13 Thread Tim A. Yarbrough



-Original Message-
From: Jochem Maas [mailto:[EMAIL PROTECTED] 
Sent: Monday, March 13, 2006 9:50 AM
To: Jeff
Cc: [EMAIL PROTECTED]; php-general@lists.php.net
Subject: Re: [PHP] Creating a unique index ID

Jeff wrote:
>>-Original Message-
>>From: Jared Williams [mailto:[EMAIL PROTECTED] 
>>Sent: Monday, March 13, 2006 10:16
>>To: 'Jeff'; php-general@lists.php.net
>>Subject: RE: [PHP] Creating a unique index ID
>>
>>
>> 
>>
>>
>>>Hey all,
>>>
>>>I've got a project where I'm taking form information from the
>>>user and writing records to several tables in a MySQL database.
>>>
>>>The problem I'm having is I need to write a unique number for
>>>the ID column of the records.  Auto increment won't work 
>>>because I could have conflicts due to replication of the 
>>>database servers.  Anyone have any techique they use for 
>>>creating unique ID field entries in a db table?
>>>
>>
>>Autoincrements can work in a replicated enviroment, lookup 
>>mysql settings auto_increment_increment & auto_increment_offset.
>>
>>Each server gets its own unique auto_increment_offset, and 
>>auto_increment_increment is set to the number of servers you have.
>>
>>Jared
>>
> 
> 
> Hmm, 
> 
> actually I'm using circular replication, so it's a bit different than
> one way replication.
> 
> A replicates to B which replicates to A.

isn't that called synchronization? not that it matters. :-)

> 
> I've looked at the MySQL docs and can't find anything on how to make
> Auto_Increment work in Circular Replication.

just a thought(tm):

it's probably considered hackish (don't know why) but how about setting
up a seperate server/instance-of MySQL whose ONLY job it is to provide
new ids,
and then configure each system to connect [remotely] to the
aforementioned
db whenever a new id is required... which will probably require some
rewriting if you normally use mysql_insert_id() after a query to
determine an
id (with my proposal you are forced to explicitly generate an id before
hand)


> 

Only problem with that is you start to negate the redundancy of the
mysql setup then.  Because you make everything dependant on that one
server so if it goes down then everything dies.


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] need a help to connect php to sql server . thanks admin.

2006-03-13 Thread John Nichel


Dave Goodchild wrote:

No need for rudeness...


Boo-hoo.

No need to respond off list when not asked to do so.

--
John C. Nichel IV
Programmer/System Admin (ÜberGeek)
Dot Com Holdings of Buffalo
716.856.9675
[EMAIL PROTECTED]

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] need a help to connect php to sql server . thanks admin.

2006-03-13 Thread John Nichel


Jochem Maas wrote:

[EMAIL PROTECTED] wrote:

[snip]
can someone send me a tutorial for how to connect my dynamic page to sql
server? may sql server 2000. i'm a college student and need learn more
about php. thanks admin.. [/snip]

To learn more about PHP start with the manual --


and stop calling us 'admin' ;-)

ps  - how many sicko websites start with the header
"I'm a college student and need ..." ;-)



Which usually translates into, "I need you to do my homework."

--
John C. Nichel IV
Programmer/System Admin (ÜberGeek)
Dot Com Holdings of Buffalo
716.856.9675
[EMAIL PROTECTED]

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] need a help to connect php to sql server . thanks admin.

2006-03-13 Thread Jochem Maas


[EMAIL PROTECTED] wrote:

[snip]
can someone send me a tutorial for how to connect my dynamic page to sql
server? may sql server 2000. i'm a college student and need learn more
about php. thanks admin.. 
[/snip]


To learn more about PHP start with the manual --


and stop calling us 'admin' ;-)

ps  - how many sicko websites start with the header
"I'm a college student and need ..." ;-)



http://www.php.net/odbc



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Creating a unique index ID

2006-03-13 Thread Tim A. Yarbrough

Using the auto_increment_offset will take care of this problem.  Because
say server A can be configured to use odd numbers and server B can be
configured to use even numbers.  You can also set this up in a more
complex fashion for the offsets if your running more then 2 servers.

-Original Message-
From: Jeff [mailto:[EMAIL PROTECTED] 
Sent: Monday, March 13, 2006 9:41 AM
To: [EMAIL PROTECTED]; php-general@lists.php.net
Subject: RE: [PHP] Creating a unique index ID

> -Original Message-
> From: Jared Williams [mailto:[EMAIL PROTECTED] 
> Sent: Monday, March 13, 2006 10:16
> To: 'Jeff'; php-general@lists.php.net
> Subject: RE: [PHP] Creating a unique index ID
> 
> 
>  
> 
> > Hey all,
> > 
> > I've got a project where I'm taking form information from the
> > user and writing records to several tables in a MySQL database.
> > 
> > The problem I'm having is I need to write a unique number for
> > the ID column of the records.  Auto increment won't work 
> > because I could have conflicts due to replication of the 
> > database servers.  Anyone have any techique they use for 
> > creating unique ID field entries in a db table?
> > 
> 
> Autoincrements can work in a replicated enviroment, lookup 
> mysql settings auto_increment_increment & auto_increment_offset.
> 
> Each server gets its own unique auto_increment_offset, and 
> auto_increment_increment is set to the number of servers you have.
> 
> Jared
> 

Hmm, 

actually I'm using circular replication, so it's a bit different than
one way replication.

A replicates to B which replicates to A.

I've looked at the MySQL docs and can't find anything on how to make
Auto_Increment work in Circular Replication.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Creating a unique index ID

2006-03-13 Thread Jochem Maas

Jeff wrote:

-Original Message-
From: Jared Williams [mailto:[EMAIL PROTECTED] 
Sent: Monday, March 13, 2006 10:16

To: 'Jeff'; php-general@lists.php.net
Subject: RE: [PHP] Creating a unique index ID

Hey all,

I've got a project where I'm taking form information from the
user and writing records to several tables in a MySQL database.

The problem I'm having is I need to write a unique number for
the ID column of the records.  Auto increment won't work 
because I could have conflicts due to replication of the 
database servers.  Anyone have any techique they use for 
creating unique ID field entries in a db table?

Autoincrements can work in a replicated enviroment, lookup 
mysql settings auto_increment_increment & auto_increment_offset.

Each server gets its own unique auto_increment_offset, and 
auto_increment_increment is set to the number of servers you have.

Jared

Hmm, 

actually I'm using circular replication, so it's a bit different than
one way replication.

A replicates to B which replicates to A.

isn't that called synchronization? not that it matters. :-)

I've looked at the MySQL docs and can't find anything on how to make
Auto_Increment work in Circular Replication.

just a thought(tm):

it's probably considered hackish (don't know why) but how about setting
up a seperate server/instance-of MySQL whose ONLY job it is to provide new ids,
and then configure each system to connect [remotely] to the aforementioned
db whenever a new id is required... which will probably require some
rewriting if you normally use mysql_insert_id() after a query to determine an
id (with my proposal you are forced to explicitly generate an id before hand)

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Creating a unique index ID

2006-03-13 Thread Jeff

> -Original Message-
> From: Jared Williams [mailto:[EMAIL PROTECTED] 
> Sent: Monday, March 13, 2006 10:16
> To: 'Jeff'; php-general@lists.php.net
> Subject: RE: [PHP] Creating a unique index ID
> 
> 
>  
> 
> > Hey all,
> > 
> > I've got a project where I'm taking form information from the
> > user and writing records to several tables in a MySQL database.
> > 
> > The problem I'm having is I need to write a unique number for
> > the ID column of the records.  Auto increment won't work 
> > because I could have conflicts due to replication of the 
> > database servers.  Anyone have any techique they use for 
> > creating unique ID field entries in a db table?
> > 
> 
> Autoincrements can work in a replicated enviroment, lookup 
> mysql settings auto_increment_increment & auto_increment_offset.
> 
> Each server gets its own unique auto_increment_offset, and 
> auto_increment_increment is set to the number of servers you have.
> 
> Jared
> 

Hmm, 

actually I'm using circular replication, so it's a bit different than
one way replication.

A replicates to B which replicates to A.

I've looked at the MySQL docs and can't find anything on how to make
Auto_Increment work in Circular Replication.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] need a help to connect php to sql server . thanks admin.

2006-03-13 Thread jblanchard

[snip]
can someone send me a tutorial for how to connect my dynamic page to sql
server? may sql server 2000. i'm a college student and need learn more
about php. thanks admin.. 
[/snip]

To learn more about PHP start with the manual --

http://www.php.net/odbc

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] need a help to connect php to sql server . thanks admin.

2006-03-13 Thread choe chii

can someone send me a tutorial for how to connect my dynamic page to sql 
server? may sql server 2000. i'm a college student and need learn more about 
php. thanks admin.. 

-
Brings words and photos together (easily) with
 PhotoMail  - it's free and works with Yahoo! Mail.

RE: [PHP] Creating a unique index ID

2006-03-13 Thread Jared Williams

 

> Hey all,
> 
> I've got a project where I'm taking form information from the 
> user and writing records to several tables in a MySQL database.
> 
> The problem I'm having is I need to write a unique number for 
> the ID column of the records.  Auto increment won't work 
> because I could have conflicts due to replication of the 
> database servers.  Anyone have any techique they use for 
> creating unique ID field entries in a db table?
> 

Autoincrements can work in a replicated enviroment, lookup mysql settings 
auto_increment_increment & auto_increment_offset.

Each server gets its own unique auto_increment_offset, and 
auto_increment_increment is set to the number of servers you have.

Jared

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Creating a unique index ID

2006-03-13 Thread Jim Moseby

> I've got a project where I'm taking form information from the user and
> writing records to several tables in a MySQL database.
> 
> The problem I'm having is I need to write a unique number for the ID
> column of the records.  Auto increment won't work because I could have
> conflicts due to replication of the database servers.  Anyone have any
> techique they use for creating unique ID field entries in a db table?
> 
> I was thinking maybe using a random 3 digit number and a unix 
> timestamp?
> 

Maybe this will work for you?

http://us2.php.net/manual/en/function.uniqid.php

JM

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Creating a unique index ID

2006-03-13 Thread Jeff

Hey all,

I've got a project where I'm taking form information from the user and
writing records to several tables in a MySQL database.

The problem I'm having is I need to write a unique number for the ID
column of the records.  Auto increment won't work because I could have
conflicts due to replication of the database servers.  Anyone have any
techique they use for creating unique ID field entries in a db table?

I was thinking maybe using a random 3 digit number and a unix timestamp?

Jeff

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] DB calls vs Session solution

2006-03-13 Thread Jochem Maas


I just realized I must be evil ;-)

firstly I'm top posting.

secondly I take 'the cache your db results in the session'
to an extreme - by shoving serialized ResultSet objects (with all
results in tow of course) into shared memory by way of the APC
extension... this is of course evil because Rasmus' says "don't
stick objects in the APC cache you fools" (I paraphrase ;-),
the server in question is a single site machine with lots of crazy
marketing induced queries - by caching _all_ select queries I have
reduced the load on average from 5+ to 0.5+-

out of interest, Curt when you say 25 requests a second exactly what
kind of requests? I mean 25 request each second on a php file that queries
a DB with lots of LEFT JOINs, etc is going to require a pretty heavy
piece of iron no? (at least more powerful than anything I can get my hands
on in general.)

PS Curt thanks for the braindump - you got me thinking again!

Curt Zirzow wrote:

On Fri, Mar 10, 2006 at 02:10:54PM +0200, Thomas wrote:


Hi there,

Quick question on performance:

I have got some expensive sql queries (doing lots of LEFT JOINS) that result
in anything between 10 to 1 results. I need to do paging on those. So
far I have used a LIMIT solution which will not do anymore because you don't
get the whole total.


 
The next couple paragraphs are assuming your are using mysql.


A little side note (assuming your using Mysql), there is a select
option called SQL_CALC_FOUND_ROWS, which will allow you to know the
total of rows even though you specify a LIMIT clause.  Becareful
with this though, mysql has to perform the query fully before doing
anything so it can be harmful with large results sets from queries.


The first thing I would look at is, if there is a way you can make
the query not have to use a left join, and ensure that indexes are
all properly used.

Another helpful suggestion is the SQL_CACHE option, this will take
the logic of caching data from your hands.  Be careful, again,
cause if you are dealing with a heavily modified table it will bite
you in the ass.



Now, the idea is to store the results (or the sql query string?) in the
session to avoid too many db calls (on paging). 


The question now is: is the serializing/unserializing more expensive than
another db call?



Well it depends.

At first you might notice that you execute a query that takes very
long 4 seconds before a response happens, you then store the
resulted data in a session array variable. 


On the next page you just jump to the proper record from the array
of data you have stored in the session array, and the page loads
much quicker, probably less than 2 seconds (of course pending how
many results your dealing with.


The problem with this approach is you are taking the cost of the
CPU to other resources, like disk usage, memory usage, as well
with managing the session data yourself.

If we take a resultset of 5000 records, with the above method those
records will have to be stored in the session of some sort of
array. Stored on  that may or may not be used again.  And if you
get a medium load say 25 requests per second, now all this data is
being transfered to a local disk.  Now your bottle neck is your
hard drive.


I guess what I'm saying is try to find a solution on how to do this
at the Database level vs trying to solve it with php, even if it
means you have to flatten your table structure for the searches you
are looking for.


Curt.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Blogger post failed

2006-03-13 Thread joseph

i got that too.  on a post on a different topic though than the one we
were working on.

2006-03-13 (월), 14:37 +0100, Jochem Maas 쓰시길:
> I have never been to blogger.com, let alone posted something to it.
> anyone have any idea what this is about? is google trying to assimilate me
> or something?
> 
> [EMAIL PROTECTED] wrote:
> > Blogger could not process your message at this time.
> > 
> > Error code: 6.1C18D13
> > 
> > Original message:
> > From: [EMAIL PROTECTED]
> > Date: Mon, 13 Mar 2006 14:19:56 +0100
> > Subject: Re: [PHP] what would a c extension buy me
> > joseph wrote:
> > 
> >>sorry, i made a mistake before.
> >>
> >>
> >>
>   9795 Query   select
> word,def,wordid,pos,posn,wordsize,syn from  korean_english where word
> like 'ìš´ì „í• '  order by wordsize desc
> >>>
> >>>in cases when you are not using the wildcard tokens (percentage signs)
> >>>try changing the query to use something like:
> >>>
> >>>   ... word = 'ìš´ì „í• ' ...
> >>>
> >>
> >>
> >>i have to stick with 'like' because it matches case-insensitive, else
> >>the first word of a sentence (with a capital letter) doesn't match the
> >>db word.  FYI
> > 
> > 
> > do you really care about case (in languages where characters even have 
> > case)?
> > if not stick everything into the DB as uppercase and test against that 
> > (always normalizing
> > everything to uppercase before doing the queries). it would be faster than a
> > case-insensitive search
> > 
> > also consider it might be worth creating a special index for the first 
> > (couple?)
> > of letters of the WORD field, that would allow something like this (not in 
> > all cases obviously):
> > 
> > SELECT * FROM korean_english WHERE word = 'ìš´ì „í• ' AND 
> > SUBSTR(word,0,1) = 'ìš´'
> > 
> > (now I'm allowed to sue 'SELECT * ...' because I'm offering a possible
> > concept/idea - as opposed to pasting code for people look at) - basically 
> > the idea
> > entails creating an index (possibly based on an extra column) that would 
> > allow the
> > mysql engine to start searching in a smaller subset based on the 2nd (in 
> > this case)
> > WHERE clause and using the more compact 'SUBSTR(word,0,1)' index.
> > 
> > this might not have any effect whatsoever depending on how indexes are used
> > internally by the mysql engine. so basically this is me guessing :-)
> > 
> > 
> > 
> > 
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: [SPAM] Re: [PHP] DB calls vs Session solution

2006-03-13 Thread joseph

> > 
> > I have got some expensive sql queries (doing lots of LEFT JOINS) that result
> > in anything between 10 to 1 results. I need to do paging on those. So
> > far I have used a LIMIT solution which will not do anymore because you don't
> > get the whole total.
i just decided to issue a count query,
then use limit as the following

$count_query = "select count(*) as dict_pager_search from
".$def_table ." where word like '" . $search  . "%' "; // not much worse
than an extra count query
$countResult = sql_fetch($count_query);
$max_from_db_table = $countResult[dict_pager_search];

...

then use logic to find the slice you want and create the logic
my logic was copied from DB::Pager module

then make a limit query as shown here (DB::Pager computes offsets for me
given size, which came from the count query above)

if ($debug_dict_pager) echo "- page offsets
---";
$max_minArr = $pager->getOffsetByPageId();
if ($debug_dict_pager) var_dump($max_minArr);
if ($debug_dict_pager) echo "";
$offset  = $max_minArr[0] -1;  // if it returns 1, the sql query 'offset
1' skips the first row
$upper_limit  = $max_minArr[1];
$sql_limit  = $upper_limit - $offset;
if ($debug_dict_pager) echo "offset = $offset";
if ($debug_dict_pager)  echo "limit = ". $sql_limit . "";



i am ignorant as to why anybody would need 10,000 results at one time.  
maybe instead of decreasing the left joins you should combine them into
a query which makes for a smaller result set.  MAYBE.
well, you will only deal with sql_server load not apache_server also
using cpu.

i also am looking at server-side sql solutions now.

> > The question now is: is the serializing/unserializing more expensive than
> > another db call?
> 

yes, file connection/db connection are same speed, in milliseconds, as
compared to CPU time which is nanoseconds.  but you have already a
connection to the DB, just use it is inexpensive.  

does php let you use shared memory to store the sessions?  

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] LDAP and Single Sign On MORE THOUGHTS

2006-03-13 Thread jblanchard

[snip]

I've got a bit lost on this, but assuming that we are talking about an
intranet enviornment, with windows/IE6 clients, and apache servers, then
personally:

I would check logins based on a valid session. If the user doesn't have
a session they aren't logged in. Store the username in the session
variable. PHP session variables are AFAIK designed to be hard to detect
and fake. 

Any code that is run under a http:// website ( as opposed to an ssl or
https:// one ), reads the session(ie does not write to it). Any
authentication should be done using a script accessed over https,
protected by mod_auth_kerb. 

The http:// script would be accessed by the person when they first
access the protected site. The protected site would detect that the user
is not logged in, and redirect them to the authentication site(which is
behind mod_auth_kerb, and https), which would create the session, and
redirect the user back, to the page where they originally tried to
access. 

[/snip]

 

The question here is how does a Windows login create a valid session? We
cannot really have the login script create a PHP session, can we?

[PHP] Re: Blogger post failed

2006-03-13 Thread Jochem Maas


I have never been to blogger.com, let alone posted something to it.
anyone have any idea what this is about? is google trying to assimilate me
or something?

[EMAIL PROTECTED] wrote:

Blogger could not process your message at this time.

Error code: 6.1C18D13

Original message:
From: [EMAIL PROTECTED]
Date: Mon, 13 Mar 2006 14:19:56 +0100
Subject: Re: [PHP] what would a c extension buy me
joseph wrote:


sorry, i made a mistake before.




 9795 Query   select
word,def,wordid,pos,posn,wordsize,syn from  korean_english where word
like 'ìš´ì „í• '  order by wordsize desc


in cases when you are not using the wildcard tokens (percentage signs)
try changing the query to use something like:

... word = 'ìš´ì „í• ' ...




i have to stick with 'like' because it matches case-insensitive, else
the first word of a sentence (with a capital letter) doesn't match the
db word.  FYI



do you really care about case (in languages where characters even have case)?
if not stick everything into the DB as uppercase and test against that (always 
normalizing
everything to uppercase before doing the queries). it would be faster than a
case-insensitive search

also consider it might be worth creating a special index for the first (couple?)
of letters of the WORD field, that would allow something like this (not in all 
cases obviously):

SELECT * FROM korean_english WHERE word = 'ìš´ì „í• ' AND 
SUBSTR(word,0,1) = 'ìš´'

(now I'm allowed to sue 'SELECT * ...' because I'm offering a possible
concept/idea - as opposed to pasting code for people look at) - basically the 
idea
entails creating an index (possibly based on an extra column) that would allow 
the
mysql engine to start searching in a smaller subset based on the 2nd (in this 
case)
WHERE clause and using the more compact 'SUBSTR(word,0,1)' index.

this might not have any effect whatsoever depending on how indexes are used
internally by the mysql engine. so basically this is me guessing :-)






--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Possible hacker using php script to send e-mails?

2006-03-13 Thread Jochem Maas


Merlin wrote:

Hello Manuel,

this seems to be the right track. However I do not have linebrakes in 
there, but the message gets passed by POST. This is my script error.php:




'they' are posting stuff to your mailer that includes fullblown
mail headers ... you're going to have to strip out the crud. or
block suspicious incoming data.

upto now I use the following function when I need quick/dirty protection
(no doubt that it could be better!):

/* returns true if any of the values in the passed are suspect in terms
 * of someone trying to hack our form based mailer to start sending people
 * spam.
 *
 * user as follows:

 if (emailFieldHackAttempt($_POST)) die('go away you spam-peddling shmuck.');

 */
function emailFieldHackAttempt( $fieldVals )
{
$evilStrings = array(
'Content-Type: multipart/mixed;',
'Content-Type: text/plain;',
'boundary="',
'boundary=\\"',
'Content-Transfer-Encoding: 7bit',
"\nSubject: ",
'MIME-Version: ',
"\nbcc: ",
"\ncc: ",
"\nFrom: ",
"\nTo: ",
);

if (is_array($fieldVals) && count($fieldVals)) {
foreach ($evilStrings as $evilStr) {
foreach ($fieldVals as $k => $v) {
if (strstr($v, $evilStr) !== false) {
return true;
}
}
}
}

// nothing going on!
return false;
}

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] what would a c extension buy me

2006-03-13 Thread joseph

mr. maas,

psychic me  you are a man.

i created an index, no change.  but i already knew that because one of
the cases where an index is never used is when 
> The key used to fetch the rows is not the same as the one used in the
> > ORDER BY: 
> 
> which is the case here.

(index creation stuff follows)

i'm just going to bite the bullet for a few months and do a massive code
rehaul.  move all the matching code preferably to the sql-server.   or
pre-compiled C code for the php [ make an extension ].  i think the mb_
functions in php are very slow ( reportedly ) ... so move those
somewhere else is a good idea.  maybe the 'select ... like' clauses to
the sql-server 
maybe the improvements you suggest will make a difference, maybe not,
but  when i think about how fast mysql runs its  

mysqlimport --local --fields-terminated-by='*X*X' dict_explicit
french_english french_english 

compared with 

mysql < a.sql  (bunches of insert statements)

that's the kind of improvement i am hoping for.  more than 500 queeries
a second i am getting now, i need to really really improve that if i am
going to parse html on the fly with the technology i have.




mysql> describe korean_english;
+---+-+--+-+-++
| Field | Type| Null | Key | Default |
Extra  |
+---+-+--+-+-++
| wordid| int(11) |  | PRI | NULL|
auto_increment |
| word  | varchar(130)| YES  | MUL | NULL|
|
| syn   | varchar(190)| YES  | | NULL|
|
| def   | blob| YES  | | NULL|
|
| posn  | int(2)  | YES  | | 1   |
|
| pos   | varchar(13) | YES  | | 1   |
|
| submitter | varchar(25) | YES  | | NULL|
|
| doe   | datetime|  | | -00-00 00:00:00 |
|
| wordsize  | tinyint(3) unsigned | YES  | | NULL|
|
+---+-+--+-+-++
9 rows in set (0.00 sec)

mysql> explain select
-> word,def,wordid,pos,posn,wordsize,syn from  korean_english  where
word
-> like '운전할 %'  order by wordsize desc;
++-++---+---+--+-+--+--+-+
| id | select_type | table  | type  | possible_keys | key  |
key_len | ref  | rows | Extra   |
++-++---+---+--+-+--+--+-+
|  1 | SIMPLE  | korean_english | range | word_idx  | word_idx |
391 | NULL |1 | Using where; Using filesort |
++-++---+---+--+-+--+--+-+
1 row in set (0.01 sec)

mysql> CREATE INDEX wordsize_index USING BTREE ON
korean_english(wordsize);
Query OK, 205265 rows affected (11.16 sec)
Records: 205265  Duplicates: 0  Warnings: 0

mysql> explain select word,def,wordid,pos,posn,wordsize,syn from
korean_english  where word like '운전할 %'  order by wordsize desc;e);
++-++---+---+--+-+--+--+-+
| id | select_type | table  | type  | possible_keys | key  |
key_len | ref  | rows | Extra   |
++-++---+---+--+-+--+--+-+
|  1 | SIMPLE  | korean_english | range | word_idx  | word_idx |
391 | NULL |1 | Using where; Using filesort |
++-++---+---+--+-+--+--+-+
1 row in set (0.00 sec)

mysql>   

2006-03-13 (월), 14:04 +0100, Jochem Maas 쓰시길:
> ...
> 
> >>>word,def,wordid,pos,posn,wordsize,syn from  korean_english  where word
> >>>like '운전할 %'  order by wordsize desc
> >>
> >>oh would you look at this
> >>you're ordering by WORDSIZE.
> >>stick an index on WORDSIZE!!!
> > 
> > 
> > 
> > http://dev.mysql.com/doc/refman/5.0/en/order-by-optimization.html
> > 
> > 
> > In some cases, MySQL cannot use indexes to resolve the ORDER BY,
> 
> note 'In Some Cases'.
> 
> so stick an index on WORDSIZE and find out.
> 
> > although it still uses indexes to find the rows that match the WHERE
> > clause. These cases include the following: 
> > 
> > The key used to fetch the rows is not the same as the one used in the
> > ORDER BY: 
> > 
> > SELECT * FROM t1 WHERE key2=constant ORDER BY key1;
> > 
> > 2) 
> > 
> > 
> >>you have an iceballs' chance in hell that I'm going to even read
> >>the 500+ lines of code that f

Re: [PHP] what would a c extension buy me

2006-03-13 Thread Jochem Maas

joseph wrote:
> sorry, i made a mistake before.
> 
> 
>>>   9795 Query   select
>>>word,def,wordid,pos,posn,wordsize,syn from  korean_english where word
>>>like '운전할'  order by wordsize desc
>>
>>in cases when you are not using the wildcard tokens (percentage signs)
>>try changing the query to use something like:
>>
>>  ... word = '운전할' ...
>>
> 
> 
> i have to stick with 'like' because it matches case-insensitive, else
> the first word of a sentence (with a capital letter) doesn't match the
> db word.  FYI

do you really care about case (in languages where characters even have case)?
if not stick everything into the DB as uppercase and test against that (always 
normalizing
everything to uppercase before doing the queries). it would be faster than a
case-insensitive search

also consider it might be worth creating a special index for the first (couple?)
of letters of the WORD field, that would allow something like this (not in all 
cases obviously):

SELECT * FROM korean_english WHERE word = '운전할' AND SUBSTR(word,0,1) = 
'운'

(now I'm allowed to sue 'SELECT * ...' because I'm offering a possible
concept/idea - as opposed to pasting code for people look at) - basically the 
idea
entails creating an index (possibly based on an extra column) that would allow 
the
mysql engine to start searching in a smaller subset based on the 2nd (in this 
case)
WHERE clause and using the more compact 'SUBSTR(word,0,1)' index.

this might not have any effect whatsoever depending on how indexes are used
internally by the mysql engine. so basically this is me guessing :-)

> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: [SPAM] [PHP] determining client's external IP

2006-03-13 Thread joseph

this is what gnuboard4 uses to process logins

$tmp_sql = " insert into $g4[login_table] ( lo_ip, mb_id, lo_datetime,
lo_location, lo_url ) values ( '$_SERVER[REMOTE_ADDR]',
'$member[mb_id]', '$g4[time_ymdhis]', '$lo_location',  '$lo_url' ) ";^M

i thought about proxy proxy servers upstream from user?  popular of SOHO
or office environments but not for home users?... but
BUT you say you are getting diff ip from watismyip.com so it can't be
the proxy.

anyway, gnuboard4 is well coded.  i can't believe SERVER[remote_addr] is
at fault.


2006-03-12 (일), 20:20 -0500, David Calkins 쓰시길:
> My web page needs to determine the client's external IP address, i.e., the
> IP address that others viewing the web page would be able to use to contact
> that user's machine (assuming they've setup the appropriate forwarding into
> their actual machine of course).  In this environment the clients want 
> their external
> IP to be correctly reported, so there's no issue of people trying to 
> spoof and
> show a wrong IP.
> 
> I'm currently using $_SERVER['REMOTE_ADDR'] as this seemed like the best
> approach as I thought it would yield the IP as seen from the web server and
> hence, hopefully, as seen by everyone else on the internet.
> 
> This works in many cases, but in a couple cases users have reported issues
> with others not being able to use the IPs the web page reports to 
> contact their
> machines.  In these cases the $_SERVER['REMOTE_ADDR'] seems to be returning
> a different IP than what www.whatismyip.com  
> returned, for example.
> 
> Is there another reccomended way to get the client's externally visible IP
> address?  Or is $_SERVER['REMOTE_ADDR'] the right approach but might
> not always work?
> 
> Thanks!
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] what would a c extension buy me

2006-03-13 Thread Jochem Maas

...

>>>word,def,wordid,pos,posn,wordsize,syn from  korean_english  where word
>>>like '운전할 %'  order by wordsize desc
>>
>>oh would you look at this
>>you're ordering by WORDSIZE.
>>stick an index on WORDSIZE!!!
> 
> 
> 
> http://dev.mysql.com/doc/refman/5.0/en/order-by-optimization.html
> 
> 
> In some cases, MySQL cannot use indexes to resolve the ORDER BY,

note 'In Some Cases'.

so stick an index on WORDSIZE and find out.

> although it still uses indexes to find the rows that match the WHERE
> clause. These cases include the following: 
> 
> The key used to fetch the rows is not the same as the one used in the
> ORDER BY: 
> 
> SELECT * FROM t1 WHERE key2=constant ORDER BY key1;
> 
> 2) 
> 
> 
>>you have an iceballs' chance in hell that I'm going to even read
>>the 500+ lines of code that followed here ... let alone try to
>>optimize it. ;-)
>>
> 
> 
> it was just a 40 line summary of 550 lines of code   

ah, talk about being caught out :-)
regardless a 40line summary won't cut it either - you have to take
the block as a whole.

> 
> 
> 
> questions i may deem myself to answer: 
> 
>>>) i get this:
>>>[EMAIL PROTECTED] mysql]# tail -f /var/lib/mysql/mysqld_query.log  > out
>>>
>>>[EMAIL PROTECTED] mysql]# cat out | wc -l
>>>15910<<< --- that's line count
>>
>>how many queries?
> 
> 15, 910 queries 

so roughly (15 * 60) seconds to run 15,000+
queries and do the processing? that doesn't actually
sound so bad.

> 
> 
> 
> things already taken care of:
> 1) 
> 
>>>   9795 Query   select
>>>word,def,wordid,pos,posn,wordsize,syn from  korean_english where word
>>>like '운전할'  order by wordsize desc
>>
>>in cases when you are not using the wildcard tokens (percentage signs)
>>try changing the query to use something like:
>>
>>  ... word = '운전할' ...
> 
> 
> your suggestion and a line from the query_log match exactly.
> 
> 
> 2) 
> 
>>
>>
>>>then, it sends each token to CallmatchThis (line 14) which calls
>>>matchThis (line 27 - 47 below)  
>>>matchThis may be called twice (2 sql queeries)
>>>(line 51) select * where word = '$token' and another  (take that, but if
>>>it's not there  issue the next sql )
>>>(line 55) select * where word like '$token%';
>>
>>Dont do "SELECT *" - always explicitly specify the fields you want.
>>
> 
> that was just a paraphrase. the previous email points to the line number
> of the code summary 

never paraphrase code - you only end up with smart ass comments like mine!

have you reordered you fields in the db yet? adn made as many VARCHARs as
possible into CHARs?

> 
> 
>>
>>
>>>--+
>>>| korean_english | CREATE TABLE `korean_english` (
>>>  `wordid` int(11) NOT NULL auto_increment,
>>>  `word` varchar(130) default NULL,
>>>  `syn` varchar(190) default NULL,
>>>  `def` blob,
>>>  `posn` int(2) default '1',
>>>  `pos` varchar(13) default '1',
>>>  `submitter` varchar(25) default NULL,
>>>  `doe` datetime NOT NULL default '-00-00 00:00:00',
>>>  `wordsize` tinyint(3) unsigned default NULL,
>>>  PRIMARY KEY  (`wordid`),
>>>  KEY `word_idx` (`word`),
>>>  KEY `wordid_idx` (`wordid`)
>>>) ENGINE=MyISAM DEFAULT CHARSET=utf8 |
>>
>>reorder the fields so that the VARCHARS are at the end of the
>>table (and the BLOB field at the very, very end of the table).
>>
>>also change VARCHARs to CHARs where you can.
>>
>>
>>>++-
>>>---
>>>-
>>>
>>>
>>>
>>>
>>>
>>> 1 function MainLoop()
> 
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: [SPAM] [PHP] determining client's external IP

2006-03-13 Thread joseph

this is what gnuboard4 uses to process logins

$tmp_sql = " insert into $g4[login_table] ( lo_ip, mb_id, lo_datetime,
lo_location, lo_url ) values ( '$_SERVER[REMOTE_ADDR]',
'$member[mb_id]', '$g4[time_ymdhis]', '$lo_location',  '$lo_url' ) ";^M

i thought about proxy proxy servers upstream from user?  popular of SOHO
or office environments but not for home users?... but
BUT you say you are getting diff ip from watismyip.com so it can't be
the proxy.

anyway, gnuboard4 is well coded.  i can't believe SERVER[remote_addr] is
at fault.



2006-03-12 (일), 20:20 -0500, David Calkins 쓰시길:
> My web page needs to determine the client's external IP address, i.e., the
> IP address that others viewing the web page would be able to use to contact
> that user's machine (assuming they've setup the appropriate forwarding into
> their actual machine of course).  In this environment the clients want 
> their external
> IP to be correctly reported, so there's no issue of people trying to 
> spoof and
> show a wrong IP.
> 
> I'm currently using $_SERVER['REMOTE_ADDR'] as this seemed like the best
> approach as I thought it would yield the IP as seen from the web server and
> hence, hopefully, as seen by everyone else on the internet.
> 
> This works in many cases, but in a couple cases users have reported issues
> with others not being able to use the IPs the web page reports to 
> contact their
> machines.  In these cases the $_SERVER['REMOTE_ADDR'] seems to be returning
> a different IP than what www.whatismyip.com  
> returned, for example.
> 
> Is there another reccomended way to get the client's externally visible IP
> address?  Or is $_SERVER['REMOTE_ADDR'] the right approach but might
> not always work?
> 
> Thanks!
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Printing library in PHP ?

2006-03-13 Thread robert mena

Hi,

I am currently migrating an application originally written with Delphi to
PHP.  Everything is going fine except the printing of the reports that does
not produce the same visual result (i.e does not look the same or has some
aligmment issues).

>From what I've read I should use CSS to achieve such result but I was
wondering if there is any toolkit, library in PHP that would ease my work.

For example:
I have a specific report I have to add a header to each page
I have another one with tabular data that when the result is larger than a
page I should break the table and start at the next page so the table
headers can be seen again...

In both I'd need a way to decide/find out how many pages will be necessary
(given the size of the paper sheet) so I could generate the HTML correctly.

Re: [PHP] what would a c extension buy me

2006-03-13 Thread joseph


sorry, i made a mistake before.

> >9795 Query   select
> > word,def,wordid,pos,posn,wordsize,syn from  korean_english where word
> > like '운전할'  order by wordsize desc
> 
> in cases when you are not using the wildcard tokens (percentage signs)
> try changing the query to use something like:
> 
>   ... word = '운전할' ...
> 

i have to stick with 'like' because it matches case-insensitive, else
the first word of a sentence (with a capital letter) doesn't match the
db word.  FYI

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] what would a c extension buy me

2006-03-13 Thread joseph

many points given to my esteemed and humble correspondant for:
1) 
> psychics-php is a seperate mailing lists, please channel/mindmeld the correct
> subscription procedure from John Nichel ;-)

> 


points to me for a quick comeback  ( word is indexed, wordsize is not)

1) per mysql website 
...
> 
> > 
> > as for indexes, i only search against word, so i have an index for that.
> 
> er, you might want to read up a bit on indexes :-)
> 
> [EMAIL PROTECTED] mysql]# head out 
> >9795 Query   select
> > word,def,wordid,pos,posn,wordsize,syn from  korean_english  where word
> > like '운전할 %'  order by wordsize desc
> 
> oh would you look at this
> you're ordering by WORDSIZE.
> stick an index on WORDSIZE!!!


http://dev.mysql.com/doc/refman/5.0/en/order-by-optimization.html


In some cases, MySQL cannot use indexes to resolve the ORDER BY,
although it still uses indexes to find the rows that match the WHERE
clause. These cases include the following: 

The key used to fetch the rows is not the same as the one used in the
ORDER BY: 

SELECT * FROM t1 WHERE key2=constant ORDER BY key1;

2) 

> you have an iceballs' chance in hell that I'm going to even read
> the 500+ lines of code that followed here ... let alone try to
> optimize it. ;-)
> 

it was just a 40 line summary of 550 lines of code   



questions i may deem myself to answer: 
> > 
> > ) i get this:
> > [EMAIL PROTECTED] mysql]# tail -f /var/lib/mysql/mysqld_query.log  > out
> > 
> > [EMAIL PROTECTED] mysql]# cat out | wc -l
> > 15910<<< --- that's line count
> 
> how many queries?
15, 910 queries 
> 


things already taken care of:
1) 
> >9795 Query   select
> > word,def,wordid,pos,posn,wordsize,syn from  korean_english where word
> > like '운전할'  order by wordsize desc
> 
> in cases when you are not using the wildcard tokens (percentage signs)
> try changing the query to use something like:
> 
>   ... word = '운전할' ...

your suggestion and a line from the query_log match exactly.


2) 
> 
> 
> > 
> > then, it sends each token to CallmatchThis (line 14) which calls
> > matchThis (line 27 - 47 below)  
> > matchThis may be called twice (2 sql queeries)
> > (line 51) select * where word = '$token' and another  (take that, but if
> > it's not there  issue the next sql )
> > (line 55) select * where word like '$token%';
> 
> Dont do "SELECT *" - always explicitly specify the fields you want.
> 
that was just a paraphrase. the previous email points to the line number
of the code summary 

> 
> 
> 
> > --+
> > | korean_english | CREATE TABLE `korean_english` (
> >   `wordid` int(11) NOT NULL auto_increment,
> >   `word` varchar(130) default NULL,
> >   `syn` varchar(190) default NULL,
> >   `def` blob,
> >   `posn` int(2) default '1',
> >   `pos` varchar(13) default '1',
> >   `submitter` varchar(25) default NULL,
> >   `doe` datetime NOT NULL default '-00-00 00:00:00',
> >   `wordsize` tinyint(3) unsigned default NULL,
> >   PRIMARY KEY  (`wordid`),
> >   KEY `word_idx` (`word`),
> >   KEY `wordid_idx` (`wordid`)
> > ) ENGINE=MyISAM DEFAULT CHARSET=utf8 |
> 
> reorder the fields so that the VARCHARS are at the end of the
> table (and the BLOB field at the very, very end of the table).
> 
> also change VARCHARs to CHARs where you can.
> 
> > ++-
> > ---
> > -
> > 
> > 
> > 
> > 
> > 
> >  1 function MainLoop()

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] what would a c extension buy me

2006-03-13 Thread Jochem Maas

joseph wrote:
> fellow php programmers, 
> 
> sorry to you two who were kind enough to take the time to attempt to
> answer my question.  i thought it was enough to say "i had 550 lines
> with a bunch of sql calls and loops and big data structures"

psychics-php is a seperate mailing lists, please channel/mindmeld the correct
subscription procedure from John Nichel ;-)

> 
> to help you make a better assessment i will summarize in more detail
> now.
> 
> for my biggest file  (  
> 
> http://www.myowndictionary.com/index.php?old_cfile=rss&cfile=rss&rss_id=198&cid=242&from_lang=korean
> 
> ) i get this:
> [EMAIL PROTECTED] mysql]# tail -f /var/lib/mysql/mysqld_query.log  > out
> 
> [EMAIL PROTECTED] mysql]# cat out | wc -l
> 15910<<< --- that's line count

how many queries?

> [EMAIL PROTECTED] mysql]# head out
>9795 Query   select
> word,def,wordid,pos,posn,wordsize,syn from  korean_english  where word
> like '운전할 %'  order by wordsize desc

oh would you look at this
you're ordering by WORDSIZE.

stick an index on WORDSIZE!!!


>9795 Query   select
> word,def,wordid,pos,posn,wordsize,syn from  korean_english where word
> like '운전할'  order by wordsize desc

in cases when you are not using the wildcard tokens (percentage signs)
try changing the query to use something like:

... word = '운전할' ...




> 
> then, it sends each token to CallmatchThis (line 14) which calls
> matchThis (line 27 - 47 below)  
> matchThis may be called twice (2 sql queeries)
> (line 51) select * where word = '$token' and another  (take that, but if
> it's not there  issue the next sql )
> (line 55) select * where word like '$token%';

Dont do "SELECT *" - always explicitly specify the fields you want.

...

> 
> as for indexes, i only search against word, so i have an index for that.

er, you might want to read up a bit on indexes :-)

> --+
> | korean_english | CREATE TABLE `korean_english` (
>   `wordid` int(11) NOT NULL auto_increment,
>   `word` varchar(130) default NULL,
>   `syn` varchar(190) default NULL,
>   `def` blob,
>   `posn` int(2) default '1',
>   `pos` varchar(13) default '1',
>   `submitter` varchar(25) default NULL,
>   `doe` datetime NOT NULL default '-00-00 00:00:00',
>   `wordsize` tinyint(3) unsigned default NULL,
>   PRIMARY KEY  (`wordid`),
>   KEY `word_idx` (`word`),
>   KEY `wordid_idx` (`wordid`)
> ) ENGINE=MyISAM DEFAULT CHARSET=utf8 |

reorder the fields so that the VARCHARS are at the end of the
table (and the BLOB field at the very, very end of the table).

also change VARCHARs to CHARs where you can.

> ++-
> ---
> -
> 
> 
> 
> 
> 
>  1 function MainLoop()

you have an iceballs' chance in hell that I'm going to even read
the 500+ lines of code that followed here ... let alone try to
optimize it. ;-)

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] X-Mailer and headers when sending mail

2006-03-13 Thread Angelo Zanetti


Thanks, Paul and Curt,

I will have a look at those suggestions, meanwhile the error Im getting is:

Yes, hits=6.4 required=5.0 tests=HEADER_COUNT_CTYPE, 
INVALID_MSGID,MSGID_NO_HOST,PRIORITY_NO_NAME,X_PRIORITY_HIGH
autolearn=no version=2.63
**
*  0.5 X_PRIORITY_HIGH Sent with 'X-Priority' set to high *  1.3 MSGID_NO_HOST 
Message-Id has no hostname *  2.0
HEADER_COUNT_CTYPE Multiple Content-Type headers found *  0.8 PRIORITY_NO_NAME 
Message has priority setting, but no
X-Mailer *  1.8 INVALID_MSGID Message-Id is not valid, according to RFC 2822


-so I assume that this mail is seen as spam, because of the X-Priority is set 
to High, I will set it to normal.
-the message-ID is invalid.  I will do what you suggested in your reply to my 
first post as I was omitting it.
-I will also set the X-Mailer, as it was also omitted.

Is there anything else Im missing from the above?

Once I set it up and do some tests will let you know the results

thanks
Angelo

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] what would a c extension buy me

2006-03-13 Thread joseph

fellow php programmers, 

sorry to you two who were kind enough to take the time to attempt to
answer my question.  i thought it was enough to say "i had 550 lines
with a bunch of sql calls and loops and big data structures"

to help you make a better assessment i will summarize in more detail
now.

for my biggest file  (  

http://www.myowndictionary.com/index.php?old_cfile=rss&cfile=rss&rss_id=198&cid=242&from_lang=korean

) i get this:
[EMAIL PROTECTED] mysql]# tail -f /var/lib/mysql/mysqld_query.log  > out

[EMAIL PROTECTED] mysql]# cat out | wc -l
15910<<< --- that's line count
[EMAIL PROTECTED] mysql]# head out
   9795 Query   select
word,def,wordid,pos,posn,wordsize,syn from  korean_english  where word
like '운전할 %'  order by wordsize desc
   9795 Query   select
word,def,wordid,pos,posn,wordsize,syn from  korean_english where word
like '운전할'  order by wordsize desc
   9795 Query   select
word,def,wordid,pos,posn,wordsize,syn from  korean_english  where word
like '  %'  order by wordsize desc
   9795 Query   select
word,def,wordid,pos,posn,wordsize,syn from  korean_english  where word
like '수 %'  order by wordsize desc
   9795 Query   select
word,def,wordid,pos,posn,wordsize,syn from  korean_english where word
like '수'  order by wordsize desc

takes 6 minutes


[EMAIL PROTECTED] current]$ date
2006. 03. 13. (월) 20:25:16 KST
[EMAIL PROTECTED] current]$ date
2006. 03. 13. (월) 20:31:37 KST
[EMAIL PROTECTED] current]$



in general, you will see what is involved in processing each token of
text and sending that token through a match against databases  and
processing results:

a summary of the code is:
mainLoop starts, it breaks some text into tokens using my_mb_preg_split.
(line 3)  
the reg exp is like 
$split_pattern =   "/((?:[\.!\s\?,:-]|\\\"는)+)/";
mb_preg_split i'm sure is broken, but haven't prepared a legal case at
this time  ;)


then, it sends each token to CallmatchThis (line 14) which calls
matchThis (line 27 - 47 below)  
matchThis may be called twice (2 sql queeries)
(line 51) select * where word = '$token' and another  (take that, but if
it's not there  issue the next sql )
(line 55) select * where word like '$token%';

those can result sometimes in arrays from mysql of ~ what 100 words and
6 fields each word  for those queeries.

then all that array is narrowed down by finding the longest word (yes, a
field in the DB is pre-set with that value)   there is an algo
involved, i cannot simply select the longest match, because i am also
selecting against not just that single token but against the following
tokens as well, to stop getting a match for "hair" if "hair of the dog
that bit you" is in the databse, i want the longer match.  that was a
necessary embellishment.

the array of arrays returned from matchThis are processed again by
MainLoop  at line 16 to produce a javascript overlib for every word.

as for indexes, i only search against word, so i have an index for that.
---
--+
| korean_english | CREATE TABLE `korean_english` (
  `wordid` int(11) NOT NULL auto_increment,
  `word` varchar(130) default NULL,
  `syn` varchar(190) default NULL,
  `def` blob,
  `posn` int(2) default '1',
  `pos` varchar(13) default '1',
  `submitter` varchar(25) default NULL,
  `doe` datetime NOT NULL default '-00-00 00:00:00',
  `wordsize` tinyint(3) unsigned default NULL,
  PRIMARY KEY  (`wordid`),
  KEY `word_idx` (`word`),
  KEY `wordid_idx` (`wordid`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 |
++-
---
-





 1 function MainLoop()
  2
  3 -> $text_wordArr = my_mb_preg_split($subject,
$utf8_split_pattern,$debug_my_mb);
  4 while (!empty($text_word) ) {
  5 // somehow this allows matches for 'in the bag' (idiom)
by some algorithm or other i have
  6 if (preg_match($split_pattern,$text_word)
  7 &&  (!(preg_match("/^$one_word_matches$/",
$text_wordArr[$i-2][0]) && ($text_wordArr[$i-1][0]==' '))) // gobble up
the space following those in such list, for previuos one
  8 && (!(preg_match("/^$one_word_matches$/",
$text_wordArr[$i-3][0])) && ($text_wordArr[$i-2][0]==' '))) {   // try
to limit it to just blanks and quotes, other such garbage for
previous TWO
  9 } else if ( preg_match("/^$one_word_matches$/i",
$text_word)) {

Re: [PHP] a .php that calls to itself (permission problems)

2006-03-13 Thread Stut


Andrés Cañada wrote:

Changing to "get" form method, the problem dissapears but I'd like to use 
"post".
 

Check the web server configuration to ensure that POST requests are 
allowed. It sounds like they're not.


-Stut

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] a .php that calls to itself (permission problems)

2006-03-13 Thread Andrés Cañada


El Lunes, 13 de Marzo de 2006 11:49, Andrés Cañada escribió:
> I have an index2.php in a folder inside "public_html/folder/"
> when I type the URL of this page, I can see it perfectly. The problem is
> when I use a form with some submit buttons inside index2.php that submit
> information to itself . I mean that index.php sends information to itself
> and then process it and shows something different in it, if that is the
> case. When I press this button I get a 403 error, Forbidden You don't have
> permission to access /folder/index2.php on this server.
> permissions are 777 for index2.php and for folder.
> Is there something I'm passing over?
> Any help would be very appreciated.
> Andres.
>
Changing to "get" form method, the problem dissapears but I'd like to use 
"post".
Thanks for reading
Andrés.

**NOTA DE CONFIDENCIALIDAD** Este correo electrónico, y en su caso los ficheros 
adjuntos, pueden contener información protegida para el uso exclusivo de su 
destinatario. Se prohíbe la distribución, reproducción o cualquier otro tipo de 
transmisión por parte de otra persona que no sea el destinatario. Si usted 
recibe por error este correo, se ruega comunicarlo al remitente y borrar el 
mensaje recibido.
**CONFIDENTIALITY NOTICE** This email communication and any attachments may 
contain confidential and privileged information for the sole use of the 
designated recipient named above. Distribution, reproduction or any other use 
of this transmission by any party other than the intended recipient is 
prohibited. If you are not the intended recipient please contact the sender and 
delete all copies.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] a .php that calls to itself (permission problems)

2006-03-13 Thread Andrés Cañada

I have an index2.php in a folder inside "public_html/folder/"
when I type the URL of this page, I can see it perfectly. The problem is when 
I use a form with some submit buttons inside index2.php that submit 
information to itself . I mean that index.php sends information to itself and 
then process it and shows something different in it, if that is the case.
When I press this button I get a 403 error, Forbidden You don't have 
permission to access /folder/index2.php on this server.
permissions are 777 for index2.php and for folder.
Is there something I'm passing over?
Any help would be very appreciated.
Andres.

**NOTA DE CONFIDENCIALIDAD** Este correo electrónico, y en su caso los ficheros 
adjuntos, pueden contener información protegida para el uso exclusivo de su 
destinatario. Se prohíbe la distribución, reproducción o cualquier otro tipo de 
transmisión por parte de otra persona que no sea el destinatario. Si usted 
recibe por error este correo, se ruega comunicarlo al remitente y borrar el 
mensaje recibido. 
**CONFIDENTIALITY NOTICE** This email communication and any attachments may 
contain confidential and privileged information for the sole use of the 
designated recipient named above. Distribution, reproduction or any other use 
of this transmission by any party other than the intended recipient is 
prohibited. If you are not the intended recipient please contact the sender and 
delete all copies.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Possible hacker using php script to send e-mails?

2006-03-13 Thread Merlin


Hello Manuel,

this seems to be the right track. However I do not have linebrakes in there, but 
the message gets passed by POST. This is my script error.php:

IsHTML(false);
$mail->From = $mailadress_webmaster;
$mail->FromName = $email_from_name_2;
$mail->AddAddress($mailadress_webmaster);
$mail->AddReplyTo($from);
$mail->Subject = 'Fehlerbericht';
$mail->Body= $message.'

Fehler: '.$errormsg.'
Absender: '.$from;
$mail->Send();

HEADER("Location:/about/index.php?fa=3&msg=4");
#
?>

The e-mails I have received contain two subject lines?! Have a look:


Subject: Fehlerbericht
Date: Sat, 11 Mar 2006 01:37:33 +0100
From: My Server 
Reply-To: my email
Content-Type: multipart/alternative; boundary=6cf6796619a040f4ad26b61683f77eac
MIME-Version: 1.0
Subject: little boat undulating near the shore, and
Message-Id: <[EMAIL PROTECTED]>

This is a multi-part message in MIME format.

--6cf6796619a040f4ad26b61683f77eac
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit

from those who stood around the young girl alone stood silent and immovable her 
thoughts seemed to be far away. et some people fancied they saw how she

--6cf6796619a040f4ad26b61683f77eac--

.
Message-ID: <[EMAIL PROTECTED]>
X-Priority: 3
X-Mailer: PHPMailer [version 1.72]
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="iso-8859-1"



Fehler:
Absender: s
Content-Type: multipart/alternative; boundary=6cf6796619a040f4ad26b61683f77eac
MIME-Version: 1.0
Subject: little boat undulating near the shore, and
bcc: [EMAIL PROTECTED]

This is a multi-part message in MIME format.

--6cf6796619a040f4ad26b61683f77eac
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit

from those who stood around the young girl alone stood silent and immovable her 
thoughts seemed to be far away. et some people fancied they saw how she

--6cf6796619a040f4ad26b61683f77eac--

.


Any ideas?

Regards, Merlin


Manuel Lemos schrieb:

Hello,

on 03/11/2006 04:12 PM Rasmus Lerdorf said the following:

I am running php 4.x on a suse 9.x machine. There is a php script which
resides
on a webapp that is responsible for sending e-mail to myself in case of
errors like db-errors or similar. Called error.php
This script does include phpmailer and uses it to send the e-mails to
me.
Now I am receiving on the e-mail specified as TO: e-mails with different
subject
than specified and different text?! All english text with wired
sentences, must be a bot or so. How is this possible? The subject line
is fixed and right after that commend send is executed. So no idea how
they do it and how I can prevent it. It looks like this:
$mail->Subject = 'Fehlerbericht';
$mail->Send();
How is it possible that they change this subject line? I checked the
server log and each time an e-mail has been sent to me of that kind
there is a logentry in apache log that says that this script has been
executed. So the e-mails definatelly come from that script?!

If you are setting message headers with untrusted values that may
contain line breaks, that is your problem. Line breaks make mail systems
interpret the next line as a new header. That header may be used to
inject new recipients for instance using Bcc: .

You can have line breaks in header but you need to escape them properly
so they are interpreted as continuation lines rather than new headers.

That is only true for the additional_headers (4th) argument to the mail
function.  That argument is specifically for doing free-form headers, so
as long as you only use the to, subject and message arguments to the
mail function you are safe.


That is what I said, sending headers with untrusted values, so people
have to use the 4th argument to set for instance the From: header. This
From: header is often set to values set in forms to the e-mail address
and name of the person that is trying to contact the site people. That
is usually from where most the PHP mail form abuses come from.

As I said line breaks in the From: or other headers are not invalid.
Actually line breaks should be used to comply with RFC recommendations
and do not exceed the 78/998 line length limit. When these limits are
exceeded, messages may arrive corrupted.

The mail function is a better than nothing solution. It can still be
used but to send RFC compliant messages, often it is necessary to
correctly format message contents. That is why I always recommend this
or other class that takes care of those (many) details:

http://www.phpclasses.org/mimemessage




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] what would a c extension buy me

2006-03-13 Thread Jochem Maas


joseph wrote:

hi,
my site is www.myowndictionary.com
i use javascript to create definitions for words (from open source
dictionaries) as pop-ups and hook word-lists for vocabulary study with
that.  
i can now parse the html from rss feeds and match only text of interest.

i just wrote my own multibyte html parser by combining various other
code i already had on hand for the parsing of multibyte text anyhow.  
but, that's not the slowest part.  that takes maybe 3 seconds to get the

page, 3 seconds to parse it, but it sometimes takes 5 minutes for the
next step on huge rss files.
(I know the time because they are cached)
that last step...
The slow part that's left is the dictionary searching itself.  It's the
parsing of complicated php code -- 550 lines of complex data structure
loops, function calls, looping through arrays to make sql queeries --
lots of sql queeries 
the seconds ~ 5 minute it takes it all takes so much time.  


use the 'EXPLAIN' syntax of MySQL to figure out if there are any bottlenecks
related to crap or 'missing' indexes with regard to the sql queries you mention
above. - chances are adding a couple of well placed indexes will probably
shave massive ammounts from the process time.



i want to ask for opinion about:
1) rewriting the php as C extension.  Would it slow my down to the below
15 second range?


How Long is a chinaman. How Long is a chinaman?
yes the C extension would be much faster (assuming you wrote it correctly -
but it's much harder to write and maintain)


2) does mysql have server-side functions yet?


there are stored procedures in mysql5.


3) if i moved the php code off mysql to postgresql and wrote server-side
functions (which i've been trained to do), how much of a time
improvement would we be talking about?


how on gods' (or whoever runs the place these days) earth can we tell
whether an unwritten stored procedure in postgres would be faster or slower
than an unknown (to us) piece of php code?

that said I doubt postgres will beat mysql in terms of pure speed assuming
you db schema is sound (indexes are good, etc).



please send me your input!  
i am at a growing stage and need direction here.  
because any of those steps will require considerable time.  


it's monday morning here too ;-)

interesting language tool your building, you might consider repackaging it
in a modular form so that other people could implement in their own site.
(you do call it 'open source')

rgds,
Jochem



thank you.

joseph.



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] determining client's external IP

2006-03-13 Thread Satyam

- Original Message - 
From: "David Calkins" <[EMAIL PROTECTED]>

To: 
Sent: Monday, March 13, 2006 2:20 AM
Subject: [PHP] determining client's external IP

My web page needs to determine the client's external IP address, i.e., the
IP address that others viewing the web page would be able to use to 
contact
that user's machine (assuming they've setup the appropriate forwarding 
into
their actual machine of course).  In this environment the clients want 
their external
IP to be correctly reported, so there's no issue of people trying to spoof 
and

show a wrong IP.

I'm currently using $_SERVER['REMOTE_ADDR'] as this seemed like the best
approach as I thought it would yield the IP as seen from the web server 
and

hence, hopefully, as seen by everyone else on the internet.

This works in many cases, but in a couple cases users have reported issues
with others not being able to use the IPs the web page reports to contact 
their
machines.  In these cases the $_SERVER['REMOTE_ADDR'] seems to be 
returning
a different IP than what www.whatismyip.com  
returned, for example.

Is there another reccomended way to get the client's externally visible IP
address?  Or is $_SERVER['REMOTE_ADDR'] the right approach but might
not always work?

Thanks!

Due to the shortage of IP addresses (there are only 32bits, with gaps of 
unused addresses in between and there are many more devices than ever 
thought possible), IP addresses are reused.  ISP translate the IP addresses 
clients use within their network to any of the pool of valid IP addresses 
they have licensed from ICANN.  This assignment is dynamic and quite 
unpredictable, it might change every single day, it might be stable for 
months and change suddenly.  It depends on the ISP, nothing you can do on 
your side, what you are getting now is as good as you'll ever get.

Both HTTP proxies and routers with NAT (Network Address Translation) do this 
automatically.  Outside addresses obtained from devices that reach the 
outside world through any of these devices are not reachable from the 
outside, you cannot connect to any service they might be offering, because 
the translation does not work backwards.

Satyam

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] determining client's external IP

2006-03-13 Thread Jochem Maas


David Calkins wrote:

My web page needs to determine the client's external IP address, i.e., the
IP address that others viewing the web page would be able to use to contact
that user's machine (assuming they've setup the appropriate forwarding into
their actual machine of course).  In this environment the clients want 
their external
IP to be correctly reported, so there's no issue of people trying to 
spoof and

show a wrong IP.

I'm currently using $_SERVER['REMOTE_ADDR'] as this seemed like the best
approach as I thought it would yield the IP as seen from the web server and
hence, hopefully, as seen by everyone else on the internet.

This works in many cases, but in a couple cases users have reported issues
with others not being able to use the IPs the web page reports to 
contact their

machines.  In these cases the $_SERVER['REMOTE_ADDR'] seems to be returning
a different IP than what www.whatismyip.com  
returned, for example.


Is there another reccomended way to get the client's externally visible IP
address?  Or is $_SERVER['REMOTE_ADDR'] the right approach but might
not always work?


life is not that simple here are some functions I wrote as an attempt to
to better than 'REMOTE_ADDR' - interested if these allow you to retrieve the
same IP as whatismyip.com:

/* Determine if an ip is in a net.
 * E.G. 120.120.120.120 in 120.120.0.0/16
 */
function isIPInSubnet($ip, $net, $mask)
{
$firstpart  = substr(str_pad(decbin(ip2long($net)), 32, "0", STR_PAD_LEFT) 
,0 , $mask);
$firstip= substr(str_pad(decbin(ip2long($ip)), 32, "0", STR_PAD_LEFT), 
0, $mask);

return (strcmp($firstpart, $firstip) == 0);
}

/* This function check if a ip is in an array of nets (ip and mask) */
function isPrivateIP($theip)
{
foreach (array("10.0.0.0/8",
   "172.16.0.0/12",
   "192.168.0.0/16") as $subnet)
{
list($net, $mask) = explode('/', $subnet);
if(isIPInSubnet($theip,$net,$mask)) {
return true;
}
}

return false;
}

/* Building the ip array with the HTTP_X_FORWARDED_FOR and REMOTE_ADDR HTTP 
vars.
 * With this function we get an array where first are the ip's listed in
 * HTTP_X_FORWARDED_FOR and the last ip is the REMOTE_ADDR
 */
function getRequestIPs()
{
$ipList = array();

foreach (array('HTTP_X_FORWARDED_FOR', 'HTTP_FORWARDED_FOR', 'REMOTE_ADDR') 
as $key) {
if (isset($_SERVER[$key]) && $_SERVER[$key]) {
$ipList = array_merge($ipList, explode(',', $_SERVER[$key]));
break;
}
}

return $ipList;
}

/* try hard to determine whAt the users/clients public IP address is */
function getRequestIP($allowPrivIPs = false)
{
foreach (getRequestIPs() as $ip) {
if($ip && ($allowPrivIPs === true || !isPrivateIP($ip))) {
return $ip;
}
}


return 'unknown';
}




Thanks!



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

62 matches

Mail list logo