Fwd: Re: [PHP] Print or Echo takes lots of time
-- Forwarded Message -- Subject: Re: [PHP] Print or Echo takes lots of time Date: Wednesday 27 September 2006 06:37 From: Børge Holen <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] On Wednesday 27 September 2006 01:46, Richard Lynch wrote: > On Tue, September 26, 2006 6:35 pm, Curt Zirzow wrote: > >> I wonder what would happen if you put your swap on a RAM disk? > > > > I actually have done this, it works like a charm :) > > > > you just have to ensure swap doesn't run out... of course i'd only > > recomend this on a dedicated machine for like firewalling or a > > gateway. > > Like... > > Wouldn't it just make more sense to not have swap at all?... > > I mean, you can only be increasing overhead and whatnot... > > I suppose if you just plain CANNOT build the system with no swap, > because the tools won't let you do that... > > H. Never tried to build a swap-less box, for obvious reasons... I've done that since '01. Never any occurences (witch WILL happen whenever you run out). Of course never on a production machine, but my desktop and laptop sure got none. > -- > Like Music? > http://l-i-e.com/artists.htm -- --- Børge Kennel Arivene http://www.arivene.net --- --- -- --- Børge Kennel Arivene http://www.arivene.net --- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Print or Echo takes lots of time
On Tue, 2006-09-26 at 18:46 -0500, Richard Lynch wrote: > On Tue, September 26, 2006 6:35 pm, Curt Zirzow wrote: > >> I wonder what would happen if you put your swap on a RAM disk? > > > > I actually have done this, it works like a charm :) > > > > you just have to ensure swap doesn't run out... of course i'd only > > recomend this on a dedicated machine for like firewalling or a > > gateway. > > Like... > > Wouldn't it just make more sense to not have swap at all?... > > I mean, you can only be increasing overhead and whatnot... > > I suppose if you just plain CANNOT build the system with no swap, > because the tools won't let you do that... > > H. Never tried to build a swap-less box, for obvious reasons... *lol* I was gonna say, why the hell would anyone make swap into a ramdisk when the memory used for the ramdisk would be better used as primary RAM. I presumed you were joking Richard which you clarify above, but Curtis now has me wondering :B The only time I'd use a ramdisk for swap is if I had the extra cash to shell out for one of the pretend hard drives that really map to RAM... like this sucker: http://www.shoprbc.com/ca/shop/product_details.php?pid=13968 Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Download files outside DocumentRoot Dir
On Tue, September 26, 2006 6:29 pm, Curt Zirzow wrote: >> This files cannot be downloaded through direct url like >> http://site/test.zip. It must be downloaded after user login. > > This will need some sort of rewrite or 404 handling on the webserver > level Au contraire, my good friend. $_SERVER['PATH_INFO'] and judicious usage of ForceType is much simpler and less stressful than mod_rewrite and 404 handling :-) I used mod_rewrite exactly once. Man, that was painful... -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Mail Problem
On a side note.. have i ever mentioned the email system really sucks. Curt. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Print or Echo takes lots of time
On Tue, September 26, 2006 6:35 pm, Curt Zirzow wrote: >> I wonder what would happen if you put your swap on a RAM disk? > > I actually have done this, it works like a charm :) > > you just have to ensure swap doesn't run out... of course i'd only > recomend this on a dedicated machine for like firewalling or a > gateway. Like... Wouldn't it just make more sense to not have swap at all?... I mean, you can only be increasing overhead and whatnot... I suppose if you just plain CANNOT build the system with no swap, because the tools won't let you do that... H. Never tried to build a swap-less box, for obvious reasons... -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Mail Problem
On 9/26/06, Richard Lynch <[EMAIL PROTECTED]> wrote:
On Tue, September 26, 2006 11:09 am, [EMAIL PROTECTED] wrote:
> I have an issue with sending email via PHP which may be a
> configuration problem with either PHP, Apache, or possibly a Sendmail,
> but I don't know which yet. I figured I'd start here first.
>
> Here's the situation. I have several webpages that send email to
> users for various reasons. We have our webserver, an intranet
> webserver, configured to connect to our smtp server which sits on a
> different box. The script looks like this:
>
> $from = "[EMAIL PROTECTED]";
> $to = "[EMAIL PROTECTED]";
> $subject = "Test";
> $msg = "This is a test from my site\n\nTimestamp: " . date("r");
> $headers = "From:$from\r\n";
Add a space after the ':' to be kosher.
::cough::rfc compliant::cough::)
Add a Reply-To:
Add an Errors-to: (I think?)
Yeah these can help in finding out the problem, the Errors-To: header
is usually used when the original message can't be delivered, if the
server handling the message supports it will send to that header
instead of the envelope addressee. The Reply-To, is more for the
client software, iirc.
> if(!mail($to,$subject,$msg,$headers)) { die("Unable to send"); }
*IF* you are using PHP5 (?) and *IF* your security settings allow it,
the optional fifth argument will let you specify the "real" sender of
the message, which the responder may or may not be using to bounce to.
php4 allows the '5th' param as well, but the safe_mode paramater does
affect if you are able to use this.
Curt.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] File Upload Security and chmod
On Mon, September 25, 2006 3:58 pm, Andy Hultgren wrote: > So I tried to implement the example code given in the php tmpfile() > documentation and it wouldn't do anything, which suggests that I don't > have > access to the /tmp directory. Also, the FAQ's section on my server's > website say that /tmp is not shared between the servers. So, looks > like > /tmp option is out... Did they perhaps give you your own "tmp" directory elsewhere?... Sometimes you just need to poke at it to figure out where your "tmp" is, and then you can use the PHP functions that let you specify your own directory, but not the ones that assume that system /tmp is your "tmp" My host has a "tmp" dir I can use, but it ain't /tmp, and PHP routinely tries to use /tmp with some functions. G. > So, let me see if I understand the situation I'm looking at here: > > The bad side: > -- I don't have any place to put uploaded files outside of my webtree, > which > makes it tough to ensure these files cannot be surfed to once they are > uploaded, and also means I have to do my security checks while the > files are > within my webtree and potentially accessible. (BAD). Yes. Though if file uploads are working at all, looking at the $_FILES array may give you a clue as to a directory that you maybe *can* access which is your own private "tmp"... > -- Any php script on my server (created by me or somehow maliciously > uploaded) can do whatever it wants within my account because all php > scripts run as me. (also BAD). On the plus side, some of the coding gets real simple, since you are you, and you are never somebody else. :-) > The good side: > -- Uploaded files can be chmod so that nobody can read them, then I > chmod > them when I need to use them. This adds a layer of protection for > completely uploaded files. I assume this will not help with files > while > they are getting their security checks, since PHP has to be able to > read and > execute them in order to run the checks (get_image_size, etc.)? PHP needs to read them for get_image_size, but not execute. Use minimum force needed. If you are flipping the chmod around within your scripts, that reduces your risk to however long the dir remains in its 0777 (or whatever) state, which is however long your script takes to process whatever it has to process in that state. So long exhaustive checks of the validity of a file are "bad" because that leaves that window open longer, but they're "good" because the file is then more likely to be kosher. > -- Since I'm only allowing image uploads, I can strictly filter which > files > are allowed to be uploaded (with extension checks and get_image_size). Extension check is kinda useless... I can name any file I want with .jpg and upload it. get_image_size() is good, as it checks the first N bytes -- But somebody somewhere can construct a worm with the first N bytes that LOOK like a valid image, to get_image_size() A human eyeball check would be even better, as then you *know* that a much larger number of bytes are a valid image. It could still be "image+worm" with the worm tacked on at the end, and a valid image at the front, which the browser would probably just go ahead and display as valid image. :-( The odds of somebody able to construct a valid-looking image whose exact byte sequence is also a worm are pretty low, but not impossible... :-) > (Plus > all the stuff talked about in the PHP Security Guide provided by the > PHP > Security Consortium for html POSTs, MySQL stuff, cookies, etc. Well, > all of > it that I can implement without having access to a directory outside > of my > webtree anyway). Be careful. It's entirely possible that *some* of the advice would put you at higher risk with your setup, if their assumption is the "nobody" user and a directory outside web-tree. So just because you *CAN* implement your advice in your situation, won't mean you should. You're going to have to examine every little thing on a case-by-case basis with your Security Hat on firmly -- Which means thinking "If I was Evil, how would I break this?" > So, given this situation (if I've got it right), I have two questions: > > 1) With the above "as is", am I just asking for anyone to come in and > tear > my site apart? I am not an experienced web developer (obviously), but > I > love to read. Is that enough to build a secure site, or am I just way > in > over my head? There's no such thing as "a secure site"... A secure site is not an off/on switch. It's more a gradient from horrible to very strong. And the act of building a Secure site is not even just a question of following all the "rules" in http://phpsec.org and so on. It's a thought process, a living breathing intelligent human actually *thinking* about what they are doing, and what the Risks are, and what the Benefits are, and trying to consider every possible angle of every decision. Are you building an e-commerce site, right out of the gate, on a server configured li
Re: [PHP] Print or Echo takes lots of time
On 9/26/06, Richard Lynch <[EMAIL PROTECTED]> wrote: On Tue, September 26, 2006 12:16 pm, Børge Holen wrote: > On Tuesday 26 September 2006 02:07, Robert Cummings wrote: >> On Mon, 2006-09-25 at 17:39 -0600, Google Kreme wrote: >> > I'm sitting here with 4 Gigs of RAM trying to figure out how to >> use >> > it all... :-) (Me, in 2005) >> >> Not really related to the post... but I find a good way to eat up 4 >> gigs >> of RAM is to run several VMWare nodes :) Depending on what these >> nodes >> do, it can also be a great way to eat up those dual core processors >> :) > > Forget 'bout em vmware stuff. Imagine putting those ramdisks to good > use. I wonder what would happen if you put your swap on a RAM disk? I actually have done this, it works like a charm :) you just have to ensure swap doesn't run out... of course i'd only recomend this on a dedicated machine for like firewalling or a gateway. Curt -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Download files outside DocumentRoot Dir
On 9/24/06, Ramiro <[EMAIL PROTECTED]> wrote: Hi, i'm trying to find a good solution to this problem. I want download files from a directory outside DocumentRoot. This is a standard procedure. This files cannot be downloaded through direct url like http://site/test.zip. It must be downloaded after user login. This will need some sort of rewrite or 404 handling on the webserver level I know i can do that using some functions like fread() + fopen() or readfile(), than i would echo file buffer to browser with correct headers. But, reading then dumping file to browser is a big problem to server. I readfile() about 10 6mb files per-second, and havn't had any issues with performance. I've made one test that shows me i will "eat" 1.8% of RAM (i've used "ps aux" at Linux, in a server with 2Gb of RAM) to download a 30Mb file at 60kb/s speed. So, imagine what a dump-php-script can do with 50 to 100 concurrently downloads. Probably i will need 1 TeraByte of RAM to provide downloads ;) Provide your tests, and exactly what version of php you have. a read file or a fopen/fread wont uses that much memory unless you dont specifly a length or specify a rather large amount for the length param for fread() Theres my question now. Is there other way to protect files against direct downloading? (Obligating users to login and denying direct-url's). Yes. I also know i can check referer by using Mod_Rewrite at Apache. But it isn't secure, since referer cannot be sent or be fake. you can check it without mod_rewrite. I think you meant to say 'it isn't secure, since the referrer can be fake or not even sent' So yes, this is true, this is not a security mechanism. Curt. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Re: Frustrated trying to get help from your site
On Fri, September 22, 2006 4:48 pm, Michelle Konzack wrote: > I like to have html files which I can put on my internal > documentation server. I believe http://mirrors.php.net or somesuch has instructions on how to++ run your own private mirror, with (or without) UCN* * UCN - User Contributed Notes ++ And how *not* to do it, as you'll tick them off. :-) -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] libcurl (cookies across cURL session). . .?
On Sat, September 23, 2006 1:10 am, Michael Williams wrote: > Is there any way at all by which to persist cookies across cURL > sessions? Basically I have a login page that sets cookies and looks > for them for "logged in" status so that the user may use the site to > their heart's content. The problem with cURL, however, appears that > after the initial login, any further attempts are foiled by the fact > that the cookies don't remain. How exactly should I go about doing > this? curl_setopt($curl, CURLOPT_COOKIEFILE, '/full/path/to/php/writeable/file'); curl_setopt($curl, CURLOPT_COOKIES, '/full/path/to/php/writeable/file'); NOTE: I probably got the CURLOPT_* thingies wrong. RTFM. BUG: If you are also trying to get the Headers with that other CURLOPT, then curl just plain won't do the Cookies for you :-( Then you have the joy of writing a header parser for getting the Cookies, and sending out headers with your curl request to send the cookies. It can't be that tricky, cuz before I found the CURLOPT_* above, I used to do that. :-) -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] File Upload Security and chmod
The FTP will be slower, almost for sure.
He's doing it because he can FTP in as himself, and not as the
"nobody" user Apache runs as.
Your webhost has you running as yourself already, so you can chmod
your files at will in PHP.
On Mon, September 25, 2006 2:11 pm, Andy Hultgren wrote:
> Tedd,
>
> Thanks so much your thorough response - it's good to know that I'm not
> the
> only one trying to figure this out! I'm curious, in your code you use
> the
> PHP ftp functions, but I have used the PHP functions chmod() and
> mkdir()
> without establishing an ftp connection. Is it faster to establish an
> ftp
> connection within PHP and then use the ftp series of functions to
> accomplish
> all of the directory creation and permissions changes? If so, then I
> will
> probably change my code to follow yours.
>
> Andy
>
>
> On 9/25/06, tedd <[EMAIL PROTECTED]> wrote:
>>
>> At 9:32 PM -0600 9/24/06, Andy Hultgren wrote:
>> >Hi Tedd,
>> >
>> >Yes, when I browse to www.myDomain.com I get the index.html file,
>> and so
>> I
>> >have been leaving the .public_html/ directory alone since it is not
>> my
>> >root. I'm curious, what you described is exactly what I'm trying
>> to do -
>> >what permissions do you set the parent folder at when you are
>> finished
>> >uploading/saving/downloading/etc.? I have my "uploaded_images/"
>> >directory set at chmod 0100 and I can still browse to an uploaded
>> image
>> from
>> >my file upload page... Thanks for your response,
>>
>>
>> Andy:
>>
>> I ran into the same problem trying to work with, and understand,
>> permissions on a virtual host. When I asked this gang about
>> permissions some time back, I received answers that ranged from RTFM
>> to calling me stupid for using 0777, but none answered my question.
>> No fault of the gang, I probably didn't ask the question correctly.
>> In any event, I felt too stupid to ask the question again, so I went
>> elsewhere looking for answers and eventually found something that
>> works for me.
>>
>> Some consider me a novice, so I'll ask the gang to overview my
>> comments to make sure that I'm not guiding you down the wrong path.
>>
>> As you know, the key to setting the permissions of a file depends
>> upon the permissions the parent folder. If the parent folder
>> permission is set to 0777, then we can change any files inside the
>> folder as we want. However, that also presents a major security hole
>> because then anyone can use that folder to upload and run evil code.
>>
>> So, the key problem is how to alter parent folder permissions.
>>
>> With virtual hosting, we can upload, manage, and set permissions as
>> we want via our FTP connection software. So, I thought perhaps php
>> had something like that and as such I discovered how to ftp connect
>> via php.
>>
>> Now, not all php ftp_ are available to php 4, but you can
>> connect to your site and change permissions of folders, which is
>> what
>> we actually need. So, if you want to do something with a file: then
>> change the folder permissions of the folder that holds it; do
>> whatever you want with the file; and then change the folder
>> permissions back to something safe.
>>
>> You can also create new folders if you want using the command
>> ftp_mkdir().
>>
>> Note, the beginning of the ftp_paths are different than url paths we
>> would normally use to locate a file. For example:
>>
>> An example web path:
>>
>> http://www.yourdomain.com/rw/tmp/text.txt
>>
>> An example symbolic link:
>>
>> public_html/rw/tmp/text.txt
>>
>> The following code will show you an example of how this works. Just
>> put in your own domain, user id, password, and correct paths and try
>> it out. Change the permissions in the code and watch how the file
>> permissions change.
>>
>> Please let me know if this works for you -- watch for line breaks.
>>
>> hth's
>>
>> tedd
>>
>> PS: I don't know what to say about your ".public_html/" directory,
>> but I would just leave it alone.
>>
>> ---
>>
>> // how to call the function
>>
>> >
>> $ftp_path = "public_html/rw/"; // note the ftp path
>> $theDir = "tmp";
>> $theFile ="text.txt";
>> FtpPerms($ftp_path, $theDir, $theFile);
>> ?>
>>
>>
>> // the function
>>
>> > // create directory and change permissions via FTP connection
>>
>> function FtpPerms($path, $theDir, $theFile)
>> {
>>
>> $server='ftp.yourdomain.com'; // ftp server
>> $connection = ftp_connect($server); // connection
>>
>> $user = "you";
>> $pass = "yourpassword";
>> $result = ftp_login($connection, $user, $pass); // login to ftp
>> server
>>
>> if ((!$connection) || (!$result))
>> {
>> echo("No connection");
>> return false;
>> exit();
>> }
>> else
>> {
>> echo("Made connection");
>> ftp_chdir($connection, $path); // go to destination dir
>>
>> echo("Change permission");
>> $str="CHMOD 0755 " . $theDir; // change permissions for dir (note
>> the
>> space after 0775 )
>> ftp_site($connection, $str);
>> echo("$str");
>>
>> $filename = "$theDir/$theFile";
>> $contents = "This is the contents of
Re: [PHP] Object to array conversion oddity
On 26 Sep 2006, at 23:52, Richard Lynch wrote: You start using that PHP5 private/protected stuff, and it just doesn't make sense to coerce it to an array, imho. I'm quite aware of that, and in this case I'm using it in a one-off string-and-glue fix for a specific problem until I fix it properly. The original question wasn't whether it was a good idea or not, but that it didn't act as the docs said it did. In the mean time, you might like to know that this behaviour IS apparently considered correct and a patch to documentation has been committed. Marcus -- Marcus Bointon Synchromedia Limited: Creators of http://www.smartmessages.net/ [EMAIL PROTECTED] | http://www.synchromedia.co.uk/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Print or Echo takes lots of time
On Tue, September 26, 2006 4:08 am, Colin Guthrie wrote: > Google Kreme wrote: >> On 25 Sep 2006, at 06:11 , Sancar Saran wrote: >>> $strPage = " yada dayda"; >>> ... >>> $strPage.= " another html tags"; >>> ... >>> $strPage.= getSqlDataAndCreateSomeHtmlCOde(); >> >> If this is generating hundred of K of HTML, use ' instead of " >> >> (yes, it's faster). > > In this example tho', it is not the string processing that is taking > up > the time. The $ expansion etc. will be done when building the string > $strPage, not at the echo stage which is where the OP is seeing the > delay. Plus it's "faster" in such a marginal sense that you'd have to be doing zillions in a very tight loop to measure it. Benchmark it for yourself and see. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Mail Problem
On Tue, September 26, 2006 5:08 pm, Travis Doherty wrote: > The RFC's are a rather in depth, so here is an excerpt from Wikipedia > that pretty much sums up what the RFCs do contain: > [http://en.wikipedia.org/wiki/Bounce_message] For awhile, I've been pondering the advisability of sending a "Bounce" for some spam -- the ones where I think it's a more or less honorable company, with some idiots running it, and I want off their list, and other actions have so far failed. So, if I code a PHP IMAP app to let me send a "Bounce" for one message, is that going to screw my because some MTA will cache that "Bounce" status and start bouncing other mail?... Yeah, okay, the question is sorta off-topic, but it will get coded in PHP if it's safe to do so... -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Display dynamic progress bar
Hi, Like to get some advice from you guys... I've a html form page and the "Action" is link to a php script to process the form dataI would like to have a progress bar once the user hit the Submit button...The php script take quite sometime to produce the result since it is connecting to a remote database... How can I do this using PHP to display the progress bar.. Thanks a million... Choy
Re: [PHP] Mail Problem
On Tue, September 26, 2006 5:08 pm, Travis Doherty wrote: > They should *always* be sending to the envelope from address (SMTP > `MAIL > FROM` command), with an empty envelope sender (SMTP `MAIL FROM:<>`) to > avoid loops. There was a brief period in time where there was an Errors-to: header that some MTAs where using... I got no idea if they were just ignoring RFCs (Microsoft) or the RFCs changed or what... But adding the Errors-to: header may solve things for a tiny percentage of legacy (broken) MTAs. YMMV -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Object to array conversion oddity
On Sat, September 23, 2006 10:39 am, Marcus Bointon wrote: > On 23 Sep 2006, at 16:37, Ray Hauge wrote: > >> Could you do something like this? >> >> $private = "Myclass" >> $protected = "*"; > > No, because if I have a property called 'Myclassfield1', after > casting to an array I can't tell if it's private property called > 'field1' or a public property called 'Myclassfield1'. Don't do that. :-) > I think it's just plain wrong. Arrays should not try to be objects. > You can find out protection level of a property via introspection of > the object that you have in hand. In the vast majority of cases, > you'll want it to act just like the docs say it does, and if you > don't, you should probably be using the object itself anyway. Perhaps it would also be accurate to say that Objects should not try to be Arrays? :-) Seriously. I mean, the type coercion object->array made sense in PHP3 and even PHP4 where an Object was not much more than a glorified struct, or an array with some extra baggage. You start using that PHP5 private/protected stuff, and it just doesn't make sense to coerce it to an array, imho. YMMV -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Alternative to FCKeditor
On Mon, September 25, 2006 1:17 am, Lester Caine wrote: >> TinyMCE...I don't know how good/bad TinyMCE is, but if you can't use >> FCK, you could try it. >> >> http://tinymce.moxiecode.com/ > > Looks like we are all looking for something that actually works :( > I switched TinyMCE off because it keeps messing up good html, and I've > been told to try FCKeditor ;) Train your users to use the handful of tags that they actually need? And use CSS to style those tags so that they only need super simple tags in the first place? Obviously this only works for educable userbase, so if your client/admin/author/editor is not educable, you're screwed. Note that the general case of having the whole wide world able to edit in FCK or TinyMCE is probably flawed from a security stand-point, never mind the educable issues... Though, I confess, I still have one site completely wide open to anybody to trash all the content if they so desire. [shrug] It's been there for years, and nobody seems to dis it enough to want to do that, so I guess maybe the world isn't such a bad place. :-) -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Download files outside DocumentRoot Dir
On Mon, September 25, 2006 3:57 pm, Christopher Weldon wrote: > On 2:36 pm 09/25/06 "Ramiro Cavalcanti" <[EMAIL PROTECTED]> wrote: >> Hi Christopher, >> at first, thank you for your answer. >> >> I'd like to know if it's possible use this when php is running like >> cgi (php-suexec). I've put this code at httpd.conf at , >> then tryed to use it at .htaccess, but without successs. >> >> Thank you again. >> > > Oh, in that case, you most definitely can't use the .htaccess > conditions. > PHP will have issues if you are running php-suexec. > > I'll see if I can think of any other ways around this, but php-suexec > definitely limits your usage for this simple fix right now. If you *want* that ugly HTTP Auth popup box, you can search on php.net for code to do that. If not, you can take that code, and replace the HTTP challenge with a simple login form. If they aren't logged in, the download just doesn't go... -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Download files outside DocumentRoot Dir
On Mon, September 25, 2006 7:52 am, Miles Thompson wrote:
> $filenam = $_REQUEST["filenam"];
> if ($filenam){
> $contents = file_get_contents( "../above_root/" .
> $filenam );
> echo $contents;
> }else{
> echo "Not found";
> }
I certainly hope this is not ALL of the script...
Imagine, if you will, that somebody surfs to this URL:
http://example.com/above_script.php?filenam=../../../../../etc/passwd
By the rules of Linux, they've just downloaded your passwd file, which
has all your usernames in it.
That's a Bad Thing, as they then can look for an easy password in
those accounts.
Sanitize your data!
PS Not to mention that file_get_contents() will suck the ENTIRE 60Mb
file into RAM, which is exactly what the OP needs to avoid... :-)
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] People who bought this also bought (amazon style) functionality...logic problem
On 9/26/06, Richard Lynch <[EMAIL PROTECTED]> wrote: On Tue, September 26, 2006 7:18 am, Ryan A wrote: > I want to write a "module" for xcart (a commercial > 'shopping cart') which would be like what Amazon.com > offers when you go to shop on their site... when you > click on a product to see its details you get a little > box below that recommends more products based on what > others have purchased > > eg: > If you click on a toy helicopter it would recommend > extra rotor blades,landing gear etc > > eg 2: > If you click on Eminem's latest album it would show > you his other two albums that people bought with this > album > > etc > > I'm trying to work out the logic to do this... and > quite frankly have hit a brick wall. Possibly because Amazon's algorithm does not down-scale well... > So far: > --- > I was thinking when someone (Joe) purchases X with > product id Y I would put that in a seperate table, > then when someone (Jane) else comes looking at item Y > I would display everything that Joe bought... > but then it gets a little complicated, if Jane buys Y > and other stuff that Joe didnt buy... how do I merge > what Joe and Jane bought to display to the next > visitor? (I can only dispaly 5 recommendations at > once) You want something like this: select other_stuff.product_id, count(order_id) as score from orders as other_stuff, orders as this_product where other_stuff.order_id = this_product.order_id and other_stuff.product_id != $product_id and this_product.product_id = $product_id group by other_stuff.id order by sold DESC limit 5 The point being that you get the 5 things that are MOST purchased in other orders with this same product. The above query may well bring your DB to its knees, and you may need to optimize the heck out of it. Yeah i was just thinking about that as i read it. The one thing I would do is generate some sort of table on a scheduled bases that links ids of the items that were bought into a some sort of group. and then just use that table on the page you are showing. Curt. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Download files outside DocumentRoot Dir
On Sun, September 24, 2006 11:44 pm, Ramiro wrote:
> i'm trying to find a good solution to this problem. I want download
> files
> from a directory outside DocumentRoot.
>
> This files cannot be downloaded through direct url like
> http://site/test.zip. It must be downloaded after user login.
>
> I know i can do that using some functions like fread() + fopen() or
> readfile(), than i would echo file buffer to browser with correct
> headers.
> But, reading then dumping file to browser is a big problem to server.
>
> I've made one test that shows me i will "eat" 1.8% of RAM (i've used
> "ps
> aux" at Linux, in a server with 2Gb of RAM) to download a 30Mb file at
> 60kb/s speed. So, imagine what a dump-php-script can do with 50 to 100
> concurrently downloads. Probably i will need 1 TeraByte of RAM to
> provide
> downloads ;)
Which did you use?
readfile() or fopen/fread
Because readfile() probably WILL cause that problem.
But fopen/fread with a small buffer will allow many more concurrent
downloads to "share" the RAM, but will also use as much RAM as is
available, if nothing else is going on...
I suspect your test is flawed, in other words. :-)
>
> Theres my question now. Is there other way to protect files against
> direct
> downloading? (Obligating users to login and denying direct-url's).
Well, there's HTTP Authentication.
There's time-specific URLs.
There's all kinds of ways to protect a directory and require login...
> I also know i can check referer by using Mod_Rewrite at Apache. But it
> isn't
> secure, since referer cannot be sent or be fake.
> header('Content-Description: File Transfer');
> header('Content-Type: application/force-download');
> header("Content-Disposition: attachment;
> filename=\"".basename($url)."\";");
Bogus, bogus, bogus.
Please read this rant:
http://richardlynch.blogspot.com/
> header('Content-Length: ' . filesize($url));
> @readfile($url) OR die();
Yup, readfile()
That's a big difference right there...
fopen/fread != readfile
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] RE: Error Reporting for file commands
Try using http://php.net/set_error_handler and see if you can trap the errors. You'll want to test it with a test script that intentionally causes the errors. On Mon, September 25, 2006 5:53 am, James Nunnerley wrote: > Sometime ago, I posted the email below, regarding some problems with a > file > manager we have developed for our users. > > The problem still exists, and is now starting to cause "complaints". > Mainly > from my manager, who's fed-up with receiving the error emails from the > system, but it must be annoying users! > > The scenario is; we have a fairly large Linux cluster, with a RAID > disc. > Obviously because of the number of disc calls, there's a fair amount > of > caching. > > We think the problem is related to this, and would ideally like purely > to > suppress the error, as it's normally when the script is trying to > delete > something already deleted. > > I've tried turning off errors (error_reporting(0)) and indeed using @ > on all > php file system calls, but it still triggers an error. > > Does anyone know of any issues with suppressing errors on the > following > functions? > - unlink > - mkdir > - copy > - scandir > > All of these fail sporadically, even with the above error stuff turned > off, > and trigger an error. > > Anyone's thoughts gratefully received > > Thanks > Nunners > > -Original Message- > From: James Nunnerley [mailto:[EMAIL PROTECTED] > Sent: 25 July 2006 16:33 > To: 'php-general@lists.php.net' > Subject: Error Reporting for file commands > > We've created a file manager which allows users to access their web > space on > a server. It's working brilliantly, except that it would seem there > are > some caching issues, either by the system cache or the web server > cache that > are causing us a headache. > > When the script tries to delete a file, we always check (using > file_exists) > to see whether the file exists before it's deleted. > > The check comes back true, but the unlink then fails, saying no file > or > directory there! > > We've tried turning off all errors (using error_reoprting(0) ) but > this > would seem to have little difference in the error - it still comes > back with > a failure. > > We are using our own error handling, but before the command is carried > out, > there is this 0 call... > > Does anyone know how we can stop these errors? > > Cheers > Nunners > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Print or Echo takes lots of time
On Tue, September 26, 2006 12:16 pm, Børge Holen wrote: > On Tuesday 26 September 2006 02:07, Robert Cummings wrote: >> On Mon, 2006-09-25 at 17:39 -0600, Google Kreme wrote: >> > I'm sitting here with 4 Gigs of RAM trying to figure out how to >> use >> > it all... :-) (Me, in 2005) >> >> Not really related to the post... but I find a good way to eat up 4 >> gigs >> of RAM is to run several VMWare nodes :) Depending on what these >> nodes >> do, it can also be a great way to eat up those dual core processors >> :) > > Forget 'bout em vmware stuff. Imagine putting those ramdisks to good > use. I wonder what would happen if you put your swap on a RAM disk? Wouldn't that be really fast?! -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Print or Echo takes lots of time
On Mon, September 25, 2006 7:11 am, Sancar Saran wrote: > When I was check the performance of my system I found interesting > resuts. > > My code stores html output into a variable. When page creation > complete I > printed out the variable. > > Problem was generation html code takes 0.5 second and just > echo $strPage takes 2.0 or more second. > > my code structure was. > > $strPage = " yada dayda"; > ... > $strPage.= " another html tags"; > ... > $strPage.= getSqlDataAndCreateSomeHtmlCOde(); > ... > end of page creation. > Current Total execution time 0.5 seconds. > print $strPage; > Current Total execution time 2.5 seconds. > > $strPage carries entire html structure (for example equal of 100K html > code); > > excluding the cookie and other kind of header transfers and error > messages, > there was no print or echo command was submitted. > > Is there any idea about this latency and any idea to find problem... You could try echo-ing it out in "chunks" instead of waiting until the very end. echo/print has to send the data "out" through the very narrow pipe to Apache -> the browser If you send every little snippet one tiny piece at a time, you waste resources. If you wait until the end and send out some huge monster string, you waste resources. Find the balance if you can. Depends on your hardware/bandwidth exactly where optimum is. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How would you do this ?
On Tue, September 26, 2006 1:17 am, Chris wrote: > Cache the feeds for a period of time. Oh yeah. I forgot that part. Here's some code I posted for that a few months back http://www.l-i-e.com/FeedMulti/FeedMulti.phps Note that the above opens up multiple feeds at once. You do *not* want to sit around waiting for dog-slow feed #37 when you could have your computer reading 10 other feeds while you are waiting. I'm not sure I'd want to try to open up 100 feeds at once with this, but you can at least do 10 or even 20 at a time. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How would you do this ?
On Mon, September 25, 2006 8:26 am, Jad madi wrote: > I'm building an RSS aggregator so I'm trying to find out the best way > to > parse users account feeds equally so Lets say we have 20.000 user with > average of 10 feeds in account so we have about > 200.000 feed > > How would you schedule the parsing process to keep all accounts always > updated without killing the server? NOTE: that some of the 200.000 > feeds > might be shared between more than one user Before I spent another microsecond worrying about splitting my processor time/speed, I'd write a test application with the most plain and simple straightforward architecture to see if I need to worry about splitting my processor time/speed. :-) Just rip through all the feeds and do the job, and stop whining about it :-) :-) :-) More seriously, until you *know* you can't do it, or have metrics showing what you can do, attempting to optimize is just plain silly. If you *do* need to optimize, K.I.S.S. Instead of ranking users and all that, just run through X% of each user's feed, where X is a number you can control through an admin page. And maybe round "up" so if X% is 0.0001, you still get at least one from each feed. Definitely run this as a daemon or cron job or something similar, that just keeps ripping through the feeds and starting over. The overhead of the book-keeping you are thinking about will dwarf the original problem you are trying to solve, which may not be a problem anyway. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] manage/modify linux file/folder structure...
On Mon, September 25, 2006 3:59 pm, bruce wrote: > i should state... while i've seen different apps... i'm more > interested in > any that have actually been used by you, or someone you know!! > > an app that comes with references! > Google for php file manager - there are lots of them around, but > remember that they are 1) a huge security risk, and 2) limited by the > filesystem permissions of the web server user. Note that 1) and 2) here are diamtrically opposed. The more you have of 1), the less you have of 2) and vice versa. Not knowing which one you want more of, nobody can give you good advice... Actually, here's some advice: Don't try to do this in a web app, because either the Security will suck, or the functionality with suck. :-) -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Mail Problem
Richard Lynch wrote:
>>if(!mail($to,$subject,$msg,$headers)) { die("Unable to send"); }
>>
>>
>
>*IF* you are using PHP5 (?) and *IF* your security settings allow it,
>the optional fifth argument will let you specify the "real" sender of
>the message, which the responder may or may not be using to bounce to.
>
>http://php.net/mail
>
>
Richard is correct on that. The fifth argument isn't only for the
envelope sender, so ensure you include the '-f' for sendmail and compat.
wrappers.
php.net/mail: ChangeLog:
"4.0.5 The additional_parameters parameter was added."
>... which the responder may or may not be using to bounce to.
>
>
They should *always* be sending to the envelope from address (SMTP `MAIL
FROM` command), with an empty envelope sender (SMTP `MAIL FROM:<>`) to
avoid loops.
The RFC's are a rather in depth, so here is an excerpt from Wikipedia
that pretty much sums up what the RFCs do contain:
[http://en.wikipedia.org/wiki/Bounce_message]
> The Return-Path is visible in delivered mail as header field
> Return-Path inserted by the final SMTP mail transfer agent
> (MTA), also known
> as mail delivery agent
> (MDA). The MDA
> simply copies the *reverse path* in the SMTP MAIL FROM command into
> the Return-Path. The MDA also removes bogus Return-Path header fields
> inserted by other MTAs, this header field is generally guaranteed to
> reflect the last reverse path seen in the MAIL FROM command.
Travis Doherty
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] People who bought this also bought (amazon style) functionality...logic problem
On Tue, September 26, 2006 7:18 am, Ryan A wrote: > I want to write a "module" for xcart (a commercial > 'shopping cart') which would be like what Amazon.com > offers when you go to shop on their site... when you > click on a product to see its details you get a little > box below that recommends more products based on what > others have purchased > > eg: > If you click on a toy helicopter it would recommend > extra rotor blades,landing gear etc > > eg 2: > If you click on Eminem's latest album it would show > you his other two albums that people bought with this > album > > etc > > I'm trying to work out the logic to do this... and > quite frankly have hit a brick wall. Possibly because Amazon's algorithm does not down-scale well... > So far: > --- > I was thinking when someone (Joe) purchases X with > product id Y I would put that in a seperate table, > then when someone (Jane) else comes looking at item Y > I would display everything that Joe bought... > but then it gets a little complicated, if Jane buys Y > and other stuff that Joe didnt buy... how do I merge > what Joe and Jane bought to display to the next > visitor? (I can only dispaly 5 recommendations at > once) You want something like this: select other_stuff.product_id, count(order_id) as score from orders as other_stuff, orders as this_product where other_stuff.order_id = this_product.order_id and other_stuff.product_id != $product_id and this_product.product_id = $product_id group by other_stuff.id order by sold DESC limit 5 The point being that you get the 5 things that are MOST purchased in other orders with this same product. The above query may well bring your DB to its knees, and you may need to optimize the heck out of it. YMMV > I would appreciate any tips/advise and code you can > give me, would be fantastic of course if you have > worked with xcart or have already done this. The problem is that unless you have the volume of Sales that Amazon has, there may not be enough people buying enough stuff for this to make sense. It also won't group accessories or anything -- It goes solely based on who bought what. This is possibly great for "e-commerce" but might not be the ideal. I *much* prefer the CDBaby approach where somebody listens to the CD and then recommends artists they think are complementary. :-) -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Mysql_free_result() doubt
On Tue, September 26, 2006 8:44 am, suresh kumar wrote: >I am little bit confused to use the > mysql_free_result($result) function.because i searched > google - they told dont use this function to php 4.X > and also it says clearly "When you are done with a > result set, you must free the memory it uses by calling > mysql_free_result()". > > I mean something like when to use or not to use it? I > already know that only SELECT queries that retrieve > rows require to free resources, but maybe when all data > is retrieved the resources are free automatically or we > need to call mysql_free_result() to free the memory. and > also this function will free only one row at a time or > all the rows of the result set . PHP is going to free the data when your script ends, so most common uses of MySQL don't even need mysql_free_result, as your page doesn't do anything after it's done with MySQL anyway. In some scripts, you are "done" with a large result set, and can gain some performance by releasing all the resources tied to that result set. The argument to mysql_free_result is a result resource, and it frees ALL the records, as you call it, and any other resources that result set is using. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Mail Problem
On Tue, September 26, 2006 11:16 am, Kevin Murphy wrote:
> Why not validate the email address before you send. I use something
> like this to kick back an error that says you put in a bad email
> address. It won't tell you about a wrong email address, but it will
> tell you if they forgot to put in the @ sign and stuff.
>
> if (!preg_match("/^(.+)@[a-zA-Z0-9-]+\.[a-zA-Z0-9.-]+$/si", $data))
> { $email_error = "yes"; }
Given that the *correct* PCRE expression for a valid email address is
3 pages long, the odds that yours is not rejecting some valid address
seem rather slim to me.
The . between the 9 and the - is not escaped, and renders the rest of
the characters in that class superfluous.
But let's suppose your PCRE actually proved the email syntactically
valid.
That's got *NOTHING* to do with the email generating a bounce or not!
There are a zillion times as many syntactically valid emails as there
are ones that don't bounce, never mind the even smaller class of email
addresses that actually go somewhere, and the even smaller class of
email addresses that a human reads on a regular basis.
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Mail Problem
On Tue, September 26, 2006 11:09 am, [EMAIL PROTECTED] wrote:
> I have an issue with sending email via PHP which may be a
> configuration problem with either PHP, Apache, or possibly a Sendmail,
> but I don't know which yet. I figured I'd start here first.
>
> Here's the situation. I have several webpages that send email to
> users for various reasons. We have our webserver, an intranet
> webserver, configured to connect to our smtp server which sits on a
> different box. The script looks like this:
>
> $from = "[EMAIL PROTECTED]";
> $to = "[EMAIL PROTECTED]";
> $subject = "Test";
> $msg = "This is a test from my site\n\nTimestamp: " . date("r");
> $headers = "From:$from\r\n";
Add a space after the ':' to be kosher.
Add a Reply-To:
Add an Errors-to: (I think?)
> if(!mail($to,$subject,$msg,$headers)) { die("Unable to send"); }
*IF* you are using PHP5 (?) and *IF* your security settings allow it,
the optional fifth argument will let you specify the "real" sender of
the message, which the responder may or may not be using to bounce to.
http://php.net/mail
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Override php.ini
I wouldn't use it myself, but a buddy who is using Frontpage is complaining that it automatically changes and wanted to know how to get around this. I suggested not using FP and get a real editor. Thanks to others that replied. B -Original Message- From: Richard Lynch [mailto:[EMAIL PROTECTED] Sent: September 22, 2006 8:02 PM To: Beauford Cc: PHP Subject: Re: [PHP] Override php.ini On Fri, September 22, 2006 11:42 am, Beauford wrote: > Is there a way I can use <% %> instead of for the opening and > closing tags of a php script. I thought I read this somewhere but > can't find anything on it now. > > Is there something that I could do with override php.ini command? I > don't have access to the php.ini file on this server. You can do this in .htaccess under Apache, or with ini_set (which would have to be in But you SHOULD NOT DO THIS Nobody else on the planet is using <% for PHP, and it's unlikely to be all that useful to you. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] reading a remote directory
I have to read a directory (on a windows machine) from another box (a linux machine) and I thought that I could set the handle to the IP address of the windows box, but that does not work. Do I have to open a socket or is there another way? Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Status of PHPDocWriter
Hi All, Does anyone on this list know the status of PHPDocWriter? Is it an abandoned project? -- Leonard Burton, N9URK [EMAIL PROTECTED] "The prolonged evacuation would have dramatically affected the survivability of the occupants." -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Mail Problem
> I have an issue with sending email via PHP which may be a configuration
> problem with either PHP, Apache, or possibly a Sendmail, but I don't know
> which yet. I figured I'd start here first.
>
> Here's the situation. I have several webpages that send email to users for
> various reasons. We have our webserver, an intranet webserver, configured to
> connect to our smtp server which sits on a different box. The script looks
> like this:
>
> $from = "[EMAIL PROTECTED]";
> $to = "[EMAIL PROTECTED]";
> $subject = "Test";
> $msg = "This is a test from my sitennTimestamp: " . date("r");
> $headers = "From:$fromrn";
> if(!mail($to,$subject,$msg,$headers)) { die("Unable to send"); }
> ?>
>
> This works great when it works. Users receive email as expected and when they
> hit reply it goes back to the webmaster email address. The problem is if the
> to email address isn't a valid one. When this happens, the mail server
> bounces the message back to [EMAIL PROTECTED] instead of [EMAIL PROTECTED]
>
> I've tried adding reply-to to the mail headers and that doesn't work either.
> We tried sending the same failed message using webmin and that worked great,
> which is why I believe this to be a PHP or Apache problem.
Is it a UNIX box? Sendmail takes the -f parameter in your php.ini to configure
its envelope from address... Does not extract it from message headers. The
fifth argument to mail() also supports doing this if you need to change it on a
per-mail basis. I would just set it in php.ini. (like: sendmail_path =
'/usr/bin/sendmail -f [EMAIL PROTECTED]')
If its a Win box there is a sendmail_from config param in php.ini.
php.net/manual/function.mail.php read for 'Additional Params' the fifth
argument, it specifically deals with this case.
Travis
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Print or Echo takes lots of time
On Tuesday 26 September 2006 02:07, Robert Cummings wrote: > On Mon, 2006-09-25 at 17:39 -0600, Google Kreme wrote: > > I'm sitting here with 4 Gigs of RAM trying to figure out how to use > > it all... :-) (Me, in 2005) > > Not really related to the post... but I find a good way to eat up 4 gigs > of RAM is to run several VMWare nodes :) Depending on what these nodes > do, it can also be a great way to eat up those dual core processors :) Forget 'bout em vmware stuff. Imagine putting those ramdisks to good use. > > Cheers, > Rob. > -- > .. > > | InterJinn Application Framework - http://www.interjinn.com | > | > :: > : > | An application and templating framework for PHP. Boasting | > | a powerful, scalable system for accessing system services | > | such as forms, properties, sessions, and caches. InterJinn | > | also provides an extremely flexible architecture for | > | creating re-usable components quickly and easily. | > > `' -- --- Børge Kennel Arivene http://www.arivene.net --- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Mail Problem
Why not validate the email address before you send. I use something
like this to kick back an error that says you put in a bad email
address. It won't tell you about a wrong email address, but it will
tell you if they forgot to put in the @ sign and stuff.
if (!preg_match("/^(.+)@[a-zA-Z0-9-]+\.[a-zA-Z0-9.-]+$/si", $data))
{ $email_error = "yes"; }
--
Kevin Murphy
Webmaster: Information and Marketing Services
Western Nevada Community College
www.wncc.edu
775-445-3326
On Sep 26, 2006, at 9:09 AM, [EMAIL PROTECTED] wrote:
I have an issue with sending email via PHP which may be a
configuration problem with either PHP, Apache, or possibly a
Sendmail, but I don't know which yet. I figured I'd start here first.
Here's the situation. I have several webpages that send email to
users for various reasons. We have our webserver, an intranet
webserver, configured to connect to our smtp server which sits on a
different box. The script looks like this:
This works great when it works. Users receive email as expected and
when they hit reply it goes back to the webmaster email address.
The problem is if the to email address isn't a valid one. When
this happens, the mail server bounces the message back to
[EMAIL PROTECTED] instead of [EMAIL PROTECTED]
I've tried adding reply-to to the mail headers and that doesn't
work either. We tried sending the same failed message using webmin
and that worked great, which is why I believe this to be a PHP or
Apache problem.
Any ideas?
Thanks,
Robbert
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Mail Problem
I have an issue with sending email via PHP which may be a configuration problem with either PHP, Apache, or possibly a Sendmail, but I don't know which yet. I figured I'd start here first. Here's the situation. I have several webpages that send email to users for various reasons. We have our webserver, an intranet webserver, configured to connect to our smtp server which sits on a different box. The script looks like this: This works great when it works. Users receive email as expected and when they hit reply it goes back to the webmaster email address. The problem is if the to email address isn't a valid one. When this happens, the mail server bounces the message back to [EMAIL PROTECTED] instead of [EMAIL PROTECTED] I've tried adding reply-to to the mail headers and that doesn't work either. We tried sending the same failed message using webmin and that worked great, which is why I believe this to be a PHP or Apache problem. Any ideas? Thanks, Robbert -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Re: Re: Frustrated trying to get help from your site
Am 2006-09-25 08:33:52, schrieb Ray Hauge: > It's not the best in the world, but it works. > > http://xchm.sourceforge.net/index.html > > But since the documentation is online and always updated that way, I prefer > to > just use the website. Me too, but IF you live mobil like me (I have an 88-tons MAN-SuperTruck as MotorCaravan) you wil not have Internet Access all the time. OK, I have GlobelSat but it is quiet expensive because I pay for the traffic. Greetings Michelle Konzack Systemadministrator Tamay Dogan Network Debian GNU/Linux Consultant -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ # Debian GNU/Linux Consultant # Michelle Konzack Apt. 917 ICQ #328449886 50, rue de Soultz MSM LinuxMichi 0033/6/6192519367100 Strasbourg/France IRC #Debian (irc.icq.com) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Re: Frustrated trying to get help from your site
Am 2006-09-25 23:00:15, schrieb David Robley: > xchm is probably what you are thinking of - xchm.sourceforge.net This afternoon I will go downloading it. Greetings Michelle Konzack -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ # Debian GNU/Linux Consultant # Michelle Konzack Apt. 917 ICQ #328449886 50, rue de Soultz MSM LinuxMichi 0033/6/6192519367100 Strasbourg/France IRC #Debian (irc.icq.com) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] People who bought this also bought (amazon style) functionality...logic problem
You have a User table and a Product table, then a linking table that
joins users with products that they have bought.
Given product A you get all users {B} who have bought product A, you
then get a list of all products {C} that they have bought. You group
{C} by product and get a count, order by the count, return the product
and limit the query to return only 5 entries. All this is possible in
one SQL statement, the SQL is left as an exercise to the reader.
As this is an O(n^2) query it won't scale particularily well, so you
should cache the results somewhere, probably in the product table. This
could be regenerated every week or two as it doesn't actually need to be
very current.
David
Ryan A wrote:
> Hey all,
>
> I want to write a "module" for xcart (a commercial
> 'shopping cart') which would be like what Amazon.com
> offers when you go to shop on their site... when you
> click on a product to see its details you get a little
> box below that recommends more products based on what
> others have purchased
>
> eg:
> If you click on a toy helicopter it would recommend
> extra rotor blades,landing gear etc
>
> eg 2:
> If you click on Eminem's latest album it would show
> you his other two albums that people bought with this
> album
>
> etc
>
> I'm trying to work out the logic to do this... and
> quite frankly have hit a brick wall.
>
> So far:
> ---
> I was thinking when someone (Joe) purchases X with
> product id Y I would put that in a seperate table,
> then when someone (Jane) else comes looking at item Y
> I would display everything that Joe bought...
> but then it gets a little complicated, if Jane buys Y
> and other stuff that Joe didnt buy... how do I merge
> what Joe and Jane bought to display to the next
> visitor? (I can only dispaly 5 recommendations at
> once)
>
>
>
> I would appreciate any tips/advise and code you can
> give me, would be fantastic of course if you have
> worked with xcart or have already done this.
>
> (shameless plug)
> I think this was one of the suggested features of
> Dan's open source PHPCart
> (http://code.google.com/p/phpcart) unfortunatly I dont
> have the OO skill to take part in that project and no
> time either as we need a cart immd.
> Note:
> I dont get anything for recommending the above cart
> (or xcart for that matter) but if you are interested
> in joining a free os cart project, you might want to
> think of looking into the above.
>
> Thanks in advance,
> Ryan
>
> --
> - The faulty interface lies between the chair and the keyboard.
> - Creativity is great, but plagiarism is faster!
> - Smile, everyone loves a moron. :-)
>
> __
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Mysql_free_result() doubt
Hi to all, I am little bit confused to use the mysql_free_result($result) function.because i searched google - they told dont use this function to php 4.X and also it says clearly "When you are done with a result set, you must free the memory it uses by calling mysql_free_result()". I mean something like when to use or not to use it? I already know that only SELECT queries that retrieve rows require to free resources, but maybe when all data is retrieved the resources are free automatically or we need to call mysql_free_result() to free the memory. and also this function will free only one row at a time or all the rows of the result set . A.suresh - Find out what India is talking about on - Yahoo! Answers India Send FREE SMS to your friend's mobile from Yahoo! Messenger Version 8. Get it NOW
[PHP] People who bought this also bought (amazon style) functionality...logic problem
Hey all, I want to write a "module" for xcart (a commercial 'shopping cart') which would be like what Amazon.com offers when you go to shop on their site... when you click on a product to see its details you get a little box below that recommends more products based on what others have purchased eg: If you click on a toy helicopter it would recommend extra rotor blades,landing gear etc eg 2: If you click on Eminem's latest album it would show you his other two albums that people bought with this album etc I'm trying to work out the logic to do this... and quite frankly have hit a brick wall. So far: --- I was thinking when someone (Joe) purchases X with product id Y I would put that in a seperate table, then when someone (Jane) else comes looking at item Y I would display everything that Joe bought... but then it gets a little complicated, if Jane buys Y and other stuff that Joe didnt buy... how do I merge what Joe and Jane bought to display to the next visitor? (I can only dispaly 5 recommendations at once) I would appreciate any tips/advise and code you can give me, would be fantastic of course if you have worked with xcart or have already done this. (shameless plug) I think this was one of the suggested features of Dan's open source PHPCart (http://code.google.com/p/phpcart) unfortunatly I dont have the OO skill to take part in that project and no time either as we need a cart immd. Note: I dont get anything for recommending the above cart (or xcart for that matter) but if you are interested in joining a free os cart project, you might want to think of looking into the above. Thanks in advance, Ryan -- - The faulty interface lies between the chair and the keyboard. - Creativity is great, but plagiarism is faster! - Smile, everyone loves a moron. :-) __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Print or Echo takes lots of time
Google Kreme wrote: > On 25 Sep 2006, at 06:11 , Sancar Saran wrote: > ... > > If this is generating hundred of K of HTML, use ' instead of " > > (yes, it's faster). > I've seen this stated several times and at first glance it seems to make sense. The double quoted version has all the \n and related characters that need to be handled. Except that php is a C program and uses the printf family of functions. This means that all the single quoted strings actually have to be converted to escaped versions of double quoted strings, so internally '\n' becomes "\\n". You can see this in some benchmarks, I ran the following script and a single quoted version from the command line. I ran each 10 times, interleaved to try to balance changes in the system load. I found that the double quoted version averaged 5.5516 seconds against the single quoted script of 5.5627. Which really goes to show that while the double quoted version is faster the difference is almost completely irrelevent. David -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] manage/modify linux file/folder structure...
bruce wrote: i should state... while i've seen different apps... i'm more interested in any that have actually been used by you, or someone you know!! an app that comes with references! try this? http://kfm.verens.com/ I'm biased, though - I wrote the thing. Kae -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Print or Echo takes lots of time
Google Kreme wrote: > On 25 Sep 2006, at 06:11 , Sancar Saran wrote: >> $strPage = " yada dayda"; >> ... >> $strPage.= " another html tags"; >> ... >> $strPage.= getSqlDataAndCreateSomeHtmlCOde(); > > If this is generating hundred of K of HTML, use ' instead of " > > (yes, it's faster). In this example tho', it is not the string processing that is taking up the time. The $ expansion etc. will be done when building the string $strPage, not at the echo stage which is where the OP is seeing the delay. Col. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: How would you do this ?
Kae Verens wrote: every 6 hours, check feeds who's primes are divisible by $i, then add 1 to $i of course, this should be "check feeds where $i%(the prime) is 0" Kae -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: How would you do this ?
Jad madi wrote: I'm building an RSS aggregator so I'm trying to find out the best way to parse users account feeds equally so Lets say we have 20.000 user with average of 10 feeds in account so we have about 200.000 feed How would you schedule the parsing process to keep all accounts always updated without killing the server? NOTE: that some of the 200.000 feeds might be shared between more than one user Now, what I was thinking of is to split users into 1-) Idle users (check their account once a week, no traffic on their RSS feeds) 2-) Idle++ (check their account once a week, but got traffic on their RSS feeds) 2-) Active users (Check their accounts regularly and they got traffic on their RSS feeds) NOTE: The week is just an example but at the end it’s going to be dynamic ratio so with this classification I can split the parsing power and time to 1-) 10% idle users 2-) 20% idle++ users 3-) 70% active users. NOTE: There is another factors that should be included but I don’t want to get the idea messy now (CPU usage, Memory usage, connectivity issues (if feed site is down) in general the MAX execution time for the continues parsing loop shouldn’t be more than 30 minutes 60 minutes) Actually I’m thinking of writing a daemon to do it “just keep checking CPU/memory” and excute whenever a reasonable amount of resource available without killing the server. Please elaborate. I would suggest using a queue/pool system. Have one mechanism the loads request for update into a queue and anther that takes the requests out of the pool at the fixed rate (or several at once over different threads/processes). You then limit the rate the messages are consumed to the maximum you want the server to use up. You can then add update requests into the queue based on how often the user checks their feed. That way, the more often they check it, the more often it is updated. OK - this needs a bit of polishing, but I suspect it would do what you wanted. A database table would make a nice queue as you insert at the bottom and read/delete off the top and let the DB engine synchronize up the separate threads of action. Cheers AJ -- www.deployview.com www.nerds-central.com www.project-network.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: How would you do this ?
Jad madi wrote: I'm building an RSS aggregator so I'm trying to find out the best way to parse users account feeds equally so Lets say we have 20.000 user with average of 10 feeds in account so we have about 200.000 feed How would you schedule the parsing process to keep all accounts always updated without killing the server? NOTE: that some of the 200.000 feeds might be shared between more than one user this is just an idle thought, but could you base it on prime numbers? for instance, let's say you have 6 feeds which in the last week have generated (a=10, b=8, c=5, d=7, e=13, f=2) articles. order them by article amount descending in last week: e, a, b, d, c, f assign primes to them: e=1, a=2, b=3, d=5, c=7, f=11 let $i=1 every 6 hours, check feeds who's primes are divisible by $i, then add 1 to $i at the end of the week, recalculate the primes. in this example, the feed checks would be: monday(1,2,3,4) = (e), (e,a), (e,b), (e,a) tuesday (5,6,7,8) = (e,d), (e,a,b), (e,c), (e,a) wednesday (9,10,11,12) = (e,b), (e,a,d), (e,f), (e,a,b) thursday (13,14,15,16) = (e), (e,a,c), (e,b,d), (e,a) friday(17,18,19,20) = (e), (e,a,b), (e), (e,a,d) saturday (21,22,23,24) = (e,b,c), (e,a,f), (e), (e,a,b) sunday(25,26,27,28) = (e,d), (e,a), (e,a,b), (e,a,c) in this example, at most three out of six are being checked for at a time, but everything gets at least a chance. e had 13 articles, is checked 28 times a had 10 articles, is checked 14 times b had 8 articles, is checked 9 times d had 7 articles, is checked 5 times c had 5 articles, is checked 4 times f had 2 articles, is checked 2 times Kae -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
