[PHP] remove page referrer
Hi all, I have 2 page ,when I go from first page to second page , I don't want the user can back to first page where it come from. is there any way to do this in php ? to remove or disactive $_SERVER[HTTP_REFERER] in php? Thanks
[PHP] mandriva and gd problem
Hi all, I have php 5 and gd install on a mandriva and i'm working with it since a long time. Now i want to use functions like imagepstext that require gd with t1lib enable. I work with a mandriva server so i use urpmi to install php extensions and other programs. I've successfully installed php-gd package but at this time it is impossible for me to enable t1lib in mandriva. I don't find any package named php-t1lib or php-gd-t1lib so i install t1lib by hand but now i don't know how to say to php to enable t1lib. Can someone explain me how to do this on a system who use urpmi. thanks -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] upd sockets
dwa wrote: Hey, i have got a problem and cannot find answer. I have got an process which sends real time data per udp. i can catch this packets and write to a site with php and sockets. CODE ?php define('LISTEN_IP','0.0.0.0'); define('LISTEN_PORT',52700); define('PACKET_SIZE',1024); include(common.inc); if ( $socket = @stream_socket_server('udp://'.LISTEN_IP.':'.LISTEN_PORT, $errno, $errstr, STREAM_SERVER_BIND) ) { ? html head titlephp-test/title script language=JavaScript function alarma() { alert(ARLAMA: ?php echo getAPaket() ?); } /script /head body h2Welcome to me/h2 plisten to port 52776/p ?php echo 'used socket '.$socket; $packet = ''; $ilauf = 0; while ($ilauf 10) { //$buff = stream_socket_recvfrom($socket, PACKET_SIZE, 0, $remote_ip); $buff = stream_socket_recvfrom($socket, PACKET_SIZE, STREAM_OOB); $packet .= $buff.'brbr'; $ilauf++; echo 'current paketnummer is:'.$ilauf.'br'; echo 'current paket content:'.$buff.'brbr'; } fclose($socket);echo getAPaket(); } EDOC In this example i read ONLY 10 packets BUT i want to read the data continuous AND write the last received packet into a table. Now, i write the data among each other. need a good idea! Ajax? js? i thing, that the biggest prob. is that php is server sided a php cleint sided... Any IDEA??? Please answer here AND write an email to me. Because i ve only an modem ;-( wanscha @ web.de THX dave Well, sounds to me what you need to do is setup a PHP CLI daemon, using inetd or something. Have that running all the time logging the information it receives to a file. Then, have a web page that when initially loaded reads a data file that has been populated by the daemon. Then displays all the initial data. Then on that web page, have an AJAXy thingy that calls to the server with a time stamp of the last time the page was loaded or the last time it asked for an update. If the time of the log file is past that timestamp, then you can either reload the data, or figure out where in the data you need to start reading from that point to the end and then append that to the end of your existing table or data set in the current web page. Then wait a given time frame and do it again. This time passing the updated timestamp. Just a few ideas... -- Jim Lucas Perseverance is not a long race; it is many short races one after the other Walter Elliot Some men are born to greatness, some achieve greatness, and some have greatness thrust upon them. Twelfth Night, Act II, Scene V by William Shakespeare -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Public Announcement
Sascha Braun - CEO @ Braun Networks wrote: hi stut, thank you for your advices. Ok, just so it's perfectly clear to you... I'm taking the piss. Still, since you provided apparently serious answers I'm going to continue to enjoy myself... - Screentexts are texts shown as link texts or descriptions in forms and other page elements which remain static in one language area. The screentexts are getting replaced by they' re coresponding translations as the user selects a different language. Wow, a multi-lingual website, how innovative of you. And look, you gave the text on the page a name, how twee. - The Google standard, of websites describes, that Query URL's like ?param1=XYZparam2=123 or as in $_SERVER['QUERY_STRING'] are not human readable, which makes them not acceptable as valid content links. Nope, sorry, not a standard. When you claim something is standards compliant you really should make sure the standards it's complying with are actually standards backed by a reputable organisation. But as I am pretty familar with search engine optimisation, my system is creating metatags for every page, h1 tags are used for headlines, h2 tags for subheads and so on. Please, for the love of $DEITY get yourself an English spelling checker and use it. I'd also recommend a grammar checker. If you are a professional in search engine optimisation, you will not find any weakness in my application anymore. Its happending absolutely automatically the authors don't have to do anything, for make it happen. Stopword lists like in my- sql are removing useless keywords and so on. Wow, so the user doesn't need to worry about URLs or SEO optimisation. You truly have created a masterpiece. As Gavin pointed out this sounds a lot like a CMS and not a framework. - Yes, my system is the only application framework worldwide with its capabilities. I added a neural networking functionality which makes it possible to autodecide which contents are inte- resting for the viewers on a page. Yeah, sorry to destroy your delusions of grandeur, but that's not even slightly unique (not that uniqueness has multiple levels, but I'm using some artistic licence). I'm also fairly certain it's covered by numerous patents, so you might not want to shout about it too loudly. Fx: If a user is allergic, no products containing large amounts of the alergen are shown in the shop anymore. As well it is possi- ble to create psychological profiles from the users of the system during the runtime of the application. Sold!! I have read a paper from the department of defence, from year 2004. I first read it in the early beginning of this year. I figured out, that my application framework is the perfect psynet application for performing psychological operations over the internet. I guess I developed one of the biggest weapon systems available now a days. I really have nothing useful to say here. If you can't see how ridiculous (and hilarious) such a claim is then there really is no hope. - As a blogging standard I would describe websites which contain a linklist to the left or the right of the blogs content as well as a calender and a search field. I guess this makes a blog. Again, not a standard. The term Weblog (from which the word blogging is derived) is (according to Wikipedia) a web-based publication consisting primarily of periodic articles (normally in reverse chronological order). There is no requirement for a particular page layout or for specific page elements to be present. - The shop system is widely using ajax for performing fast shopping actions, its possible to use videos or audiofiles as product descip- tion media, as well as soon you change product parameters these me- dias are getting replaced by different color media or size images as what ever you could think of. Again with the uniqueness - you're on fire! A customisable shop for your website, whatever will you geniuses think of next. And as well my system is using XLinks, which means, you add a link to a document, you are able to select the target document from one of the content modules, automatically the headline of the target document is used as link description and as well the link is shown as a nonquery url, like: http://www.domain.com/en/magazin/something-new/while-i-wrote-it-here.html Ah, so by nonquery you actually mean without a query string. Not really the same thing so I'm glad you cleared up the confusion. Done without mod_rewrite. Being serious for a second (don't worry, it's just for a second), how is this accomplished? I know there are several ways to do this but I'd be interested to know which you are using and what you have against mod_rewrite. I hope I answered all your questions. That would be a bit of a stretch, but I appreciate the effort. Best Regards, Yours sarcastically, -Stut Am Montag, den 10.09.2007, 16:39 +0100 schrieb Stut: Things to do before spamming a public English mailing
Re: [PHP] Public Announcement
Hahaha oh wow. -Xander Stut wrote: Sascha Braun - CEO @ Braun Networks wrote: hi stut, thank you for your advices. Ok, just so it's perfectly clear to you... I'm taking the piss. Still, since you provided apparently serious answers I'm going to continue to enjoy myself... - Screentexts are texts shown as link texts or descriptions in forms and other page elements which remain static in one language area. The screentexts are getting replaced by they' re coresponding translations as the user selects a different language. Wow, a multi-lingual website, how innovative of you. And look, you gave the text on the page a name, how twee. - The Google standard, of websites describes, that Query URL's like ?param1=XYZparam2=123 or as in $_SERVER['QUERY_STRING'] are not human readable, which makes them not acceptable as valid content links. Nope, sorry, not a standard. When you claim something is standards compliant you really should make sure the standards it's complying with are actually standards backed by a reputable organisation. But as I am pretty familar with search engine optimisation, my system is creating metatags for every page, h1 tags are used for headlines, h2 tags for subheads and so on. Please, for the love of $DEITY get yourself an English spelling checker and use it. I'd also recommend a grammar checker. If you are a professional in search engine optimisation, you will not find any weakness in my application anymore. Its happending absolutely automatically the authors don't have to do anything, for make it happen. Stopword lists like in my- sql are removing useless keywords and so on. Wow, so the user doesn't need to worry about URLs or SEO optimisation. You truly have created a masterpiece. As Gavin pointed out this sounds a lot like a CMS and not a framework. - Yes, my system is the only application framework worldwide with its capabilities. I added a neural networking functionality which makes it possible to autodecide which contents are inte- resting for the viewers on a page. Yeah, sorry to destroy your delusions of grandeur, but that's not even slightly unique (not that uniqueness has multiple levels, but I'm using some artistic licence). I'm also fairly certain it's covered by numerous patents, so you might not want to shout about it too loudly. Fx: If a user is allergic, no products containing large amounts of the alergen are shown in the shop anymore. As well it is possi- ble to create psychological profiles from the users of the system during the runtime of the application. Sold!! I have read a paper from the department of defence, from year 2004. I first read it in the early beginning of this year. I figured out, that my application framework is the perfect psynet application for performing psychological operations over the internet. I guess I developed one of the biggest weapon systems available now a days. I really have nothing useful to say here. If you can't see how ridiculous (and hilarious) such a claim is then there really is no hope. - As a blogging standard I would describe websites which contain a linklist to the left or the right of the blogs content as well as a calender and a search field. I guess this makes a blog. Again, not a standard. The term Weblog (from which the word blogging is derived) is (according to Wikipedia) a web-based publication consisting primarily of periodic articles (normally in reverse chronological order). There is no requirement for a particular page layout or for specific page elements to be present. - The shop system is widely using ajax for performing fast shopping actions, its possible to use videos or audiofiles as product descip- tion media, as well as soon you change product parameters these me- dias are getting replaced by different color media or size images as what ever you could think of. Again with the uniqueness - you're on fire! A customisable shop for your website, whatever will you geniuses think of next. And as well my system is using XLinks, which means, you add a link to a document, you are able to select the target document from one of the content modules, automatically the headline of the target document is used as link description and as well the link is shown as a nonquery url, like: http://www.domain.com/en/magazin/something-new/while-i-wrote-it-here.html Ah, so by nonquery you actually mean without a query string. Not really the same thing so I'm glad you cleared up the confusion. Done without mod_rewrite. Being serious for a second (don't worry, it's just for a second), how is this accomplished? I know there are several ways to do this but I'd be interested to know which you are using and what you have against mod_rewrite. I hope I answered all your questions. That would be a bit of a stretch, but I appreciate the effort. Best Regards, Yours sarcastically, -Stut Am Montag, den 10.09.2007, 16:39 +0100 schrieb Stut: Things to
Re: [PHP] Public Announcement
I'm still waiting for the URL where I can see the product in action. Aleksandar Vojnovic wrote: Hahaha oh wow. -Xander Stut wrote: Sascha Braun - CEO @ Braun Networks wrote: hi stut, thank you for your advices. Ok, just so it's perfectly clear to you... I'm taking the piss. Still, since you provided apparently serious answers I'm going to continue to enjoy myself... - Screentexts are texts shown as link texts or descriptions in forms and other page elements which remain static in one language area. The screentexts are getting replaced by they' re coresponding translations as the user selects a different language. Wow, a multi-lingual website, how innovative of you. And look, you gave the text on the page a name, how twee. - The Google standard, of websites describes, that Query URL's like ?param1=XYZparam2=123 or as in $_SERVER['QUERY_STRING'] are not human readable, which makes them not acceptable as valid content links. Nope, sorry, not a standard. When you claim something is standards compliant you really should make sure the standards it's complying with are actually standards backed by a reputable organisation. But as I am pretty familar with search engine optimisation, my system is creating metatags for every page, h1 tags are used for headlines, h2 tags for subheads and so on. Please, for the love of $DEITY get yourself an English spelling checker and use it. I'd also recommend a grammar checker. If you are a professional in search engine optimisation, you will not find any weakness in my application anymore. Its happending absolutely automatically the authors don't have to do anything, for make it happen. Stopword lists like in my- sql are removing useless keywords and so on. Wow, so the user doesn't need to worry about URLs or SEO optimisation. You truly have created a masterpiece. As Gavin pointed out this sounds a lot like a CMS and not a framework. - Yes, my system is the only application framework worldwide with its capabilities. I added a neural networking functionality which makes it possible to autodecide which contents are inte- resting for the viewers on a page. Yeah, sorry to destroy your delusions of grandeur, but that's not even slightly unique (not that uniqueness has multiple levels, but I'm using some artistic licence). I'm also fairly certain it's covered by numerous patents, so you might not want to shout about it too loudly. Fx: If a user is allergic, no products containing large amounts of the alergen are shown in the shop anymore. As well it is possi- ble to create psychological profiles from the users of the system during the runtime of the application. Sold!! I have read a paper from the department of defence, from year 2004. I first read it in the early beginning of this year. I figured out, that my application framework is the perfect psynet application for performing psychological operations over the internet. I guess I developed one of the biggest weapon systems available now a days. I really have nothing useful to say here. If you can't see how ridiculous (and hilarious) such a claim is then there really is no hope. - As a blogging standard I would describe websites which contain a linklist to the left or the right of the blogs content as well as a calender and a search field. I guess this makes a blog. Again, not a standard. The term Weblog (from which the word blogging is derived) is (according to Wikipedia) a web-based publication consisting primarily of periodic articles (normally in reverse chronological order). There is no requirement for a particular page layout or for specific page elements to be present. - The shop system is widely using ajax for performing fast shopping actions, its possible to use videos or audiofiles as product descip- tion media, as well as soon you change product parameters these me- dias are getting replaced by different color media or size images as what ever you could think of. Again with the uniqueness - you're on fire! A customisable shop for your website, whatever will you geniuses think of next. And as well my system is using XLinks, which means, you add a link to a document, you are able to select the target document from one of the content modules, automatically the headline of the target document is used as link description and as well the link is shown as a nonquery url, like: http://www.domain.com/en/magazin/something-new/while-i-wrote-it-here.html Ah, so by nonquery you actually mean without a query string. Not really the same thing so I'm glad you cleared up the confusion. Done without mod_rewrite. Being serious for a second (don't worry, it's just for a second), how is this accomplished? I know there are several ways to do this but I'd be interested to know which you are using and what you have against mod_rewrite. I hope I answered all your questions. That would be a bit of a stretch, but I appreciate the effort. Best
Re: [PHP] remove page referrer
You can not control this, but you might be able to control the page where the user is going back through the third page :) like this: page 1: submit to page 2 page 2: header('Location: /page 3'); page 3: the final page if the user clicks back he is going to end up on page 2 which has location redirect to page 3. True? -Xander Stut wrote: Shahrzad wrote: I have 2 page ,when I go from first page to second page , I don't want the user can back to first page where it come from. is there any way to do this in php ? to remove or disactive $_SERVER[HTTP_REFERER] in php? No, this is not something the server (where PHP lives) can control. Why do you think you need to do this? -Stut -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Public Announcement
The pages are all delivered by one single kind of page parser. Its consisting of round about 5 lines of code. But for different reasons there have to get written parsers, especially for the content to show. The longest parser is consisting of 11 lines of code. But I don't want to say more, otherwise my invention is not mine anymore. Me alone as a developer can't react fast enough, to ar- chive the success, I normaly ought to have, before everybody is running to archive the same innovations like me. But as I can see how you are reacting on it, and others as well everybody is really loves the behavior. Its long time ago that I spoke with other devs. So I really feel well about the conver- sation. Thank you very much. Best Regards, Sascha Am Dienstag, den 11.09.2007, 09:34 +0100 schrieb Stut: Sascha Braun - CEO @ Braun Networks wrote: hi stut, thank you for your advices. Ok, just so it's perfectly clear to you... I'm taking the piss. Still, since you provided apparently serious answers I'm going to continue to enjoy myself... - Screentexts are texts shown as link texts or descriptions in forms and other page elements which remain static in one language area. The screentexts are getting replaced by they' re coresponding translations as the user selects a different language. Wow, a multi-lingual website, how innovative of you. And look, you gave the text on the page a name, how twee. - The Google standard, of websites describes, that Query URL's like ?param1=XYZparam2=123 or as in $_SERVER['QUERY_STRING'] are not human readable, which makes them not acceptable as valid content links. Nope, sorry, not a standard. When you claim something is standards compliant you really should make sure the standards it's complying with are actually standards backed by a reputable organisation. But as I am pretty familar with search engine optimisation, my system is creating metatags for every page, h1 tags are used for headlines, h2 tags for subheads and so on. Please, for the love of $DEITY get yourself an English spelling checker and use it. I'd also recommend a grammar checker. If you are a professional in search engine optimisation, you will not find any weakness in my application anymore. Its happending absolutely automatically the authors don't have to do anything, for make it happen. Stopword lists like in my- sql are removing useless keywords and so on. Wow, so the user doesn't need to worry about URLs or SEO optimisation. You truly have created a masterpiece. As Gavin pointed out this sounds a lot like a CMS and not a framework. - Yes, my system is the only application framework worldwide with its capabilities. I added a neural networking functionality which makes it possible to autodecide which contents are inte- resting for the viewers on a page. Yeah, sorry to destroy your delusions of grandeur, but that's not even slightly unique (not that uniqueness has multiple levels, but I'm using some artistic licence). I'm also fairly certain it's covered by numerous patents, so you might not want to shout about it too loudly. Fx: If a user is allergic, no products containing large amounts of the alergen are shown in the shop anymore. As well it is possi- ble to create psychological profiles from the users of the system during the runtime of the application. Sold!! I have read a paper from the department of defence, from year 2004. I first read it in the early beginning of this year. I figured out, that my application framework is the perfect psynet application for performing psychological operations over the internet. I guess I developed one of the biggest weapon systems available now a days. I really have nothing useful to say here. If you can't see how ridiculous (and hilarious) such a claim is then there really is no hope. - As a blogging standard I would describe websites which contain a linklist to the left or the right of the blogs content as well as a calender and a search field. I guess this makes a blog. Again, not a standard. The term Weblog (from which the word blogging is derived) is (according to Wikipedia) a web-based publication consisting primarily of periodic articles (normally in reverse chronological order). There is no requirement for a particular page layout or for specific page elements to be present. - The shop system is widely using ajax for performing fast shopping actions, its possible to use videos or audiofiles as product descip- tion media, as well as soon you change product parameters these me- dias are getting replaced by different color media or size images as what ever you could think of. Again with the uniqueness - you're on fire! A customisable shop for your website, whatever will you geniuses think of next. And as well my system is using XLinks, which means, you add a link to a document, you are able to
Re: [PHP] remove page referrer
Shahrzad wrote: I have 2 page ,when I go from first page to second page , I don't want the user can back to first page where it come from. is there any way to do this in php ? to remove or disactive $_SERVER[HTTP_REFERER] in php? No, this is not something the server (where PHP lives) can control. Why do you think you need to do this? -Stut -- http://stut.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Public Announcement
If you take 30 seconds for the startpage to load, you can check out http://www.fit-o-matic.com again. The english translation is not finished yet. But for checking the behavior you can check out the german page as well. I gave allready demo user account informtations, it might be best for checking the application a little. I will give it to you in a private mail. Am Dienstag, den 11.09.2007, 14:40 +0530 schrieb Sudheer Satyanarayana: I'm still waiting for the URL where I can see the product in action. Aleksandar Vojnovic wrote: Hahaha oh wow. -Xander Stut wrote: Sascha Braun - CEO @ Braun Networks wrote: hi stut, thank you for your advices. Ok, just so it's perfectly clear to you... I'm taking the piss. Still, since you provided apparently serious answers I'm going to continue to enjoy myself... - Screentexts are texts shown as link texts or descriptions in forms and other page elements which remain static in one language area. The screentexts are getting replaced by they' re coresponding translations as the user selects a different language. Wow, a multi-lingual website, how innovative of you. And look, you gave the text on the page a name, how twee. - The Google standard, of websites describes, that Query URL's like ?param1=XYZparam2=123 or as in $_SERVER['QUERY_STRING'] are not human readable, which makes them not acceptable as valid content links. Nope, sorry, not a standard. When you claim something is standards compliant you really should make sure the standards it's complying with are actually standards backed by a reputable organisation. But as I am pretty familar with search engine optimisation, my system is creating metatags for every page, h1 tags are used for headlines, h2 tags for subheads and so on. Please, for the love of $DEITY get yourself an English spelling checker and use it. I'd also recommend a grammar checker. If you are a professional in search engine optimisation, you will not find any weakness in my application anymore. Its happending absolutely automatically the authors don't have to do anything, for make it happen. Stopword lists like in my- sql are removing useless keywords and so on. Wow, so the user doesn't need to worry about URLs or SEO optimisation. You truly have created a masterpiece. As Gavin pointed out this sounds a lot like a CMS and not a framework. - Yes, my system is the only application framework worldwide with its capabilities. I added a neural networking functionality which makes it possible to autodecide which contents are inte- resting for the viewers on a page. Yeah, sorry to destroy your delusions of grandeur, but that's not even slightly unique (not that uniqueness has multiple levels, but I'm using some artistic licence). I'm also fairly certain it's covered by numerous patents, so you might not want to shout about it too loudly. Fx: If a user is allergic, no products containing large amounts of the alergen are shown in the shop anymore. As well it is possi- ble to create psychological profiles from the users of the system during the runtime of the application. Sold!! I have read a paper from the department of defence, from year 2004. I first read it in the early beginning of this year. I figured out, that my application framework is the perfect psynet application for performing psychological operations over the internet. I guess I developed one of the biggest weapon systems available now a days. I really have nothing useful to say here. If you can't see how ridiculous (and hilarious) such a claim is then there really is no hope. - As a blogging standard I would describe websites which contain a linklist to the left or the right of the blogs content as well as a calender and a search field. I guess this makes a blog. Again, not a standard. The term Weblog (from which the word blogging is derived) is (according to Wikipedia) a web-based publication consisting primarily of periodic articles (normally in reverse chronological order). There is no requirement for a particular page layout or for specific page elements to be present. - The shop system is widely using ajax for performing fast shopping actions, its possible to use videos or audiofiles as product descip- tion media, as well as soon you change product parameters these me- dias are getting replaced by different color media or size images as what ever you could think of. Again with the uniqueness - you're on fire! A customisable shop for your website, whatever will you geniuses think of next. And as well my system is using XLinks, which means, you add a link to a document, you are able to select the target document from one of the content modules, automatically the headline of the target document is used as link description and as well the link is shown as a nonquery
Re: Fw: [PHP] remove page referrer
my problem is for the 'Back' button of Internet Explorer,.. You cannot disable the back buttom of any browser with php ;) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Public Announcement
Sascha Braun - CEO @ Braun Networks wrote: The pages are all delivered by one single kind of page parser. Its consisting of round about 5 lines of code. But for different reasons there have to get written parsers, especially for the content to show. The longest parser is consisting of 11 lines of code. But I don't want to say more, otherwise my invention is not mine anymore. Me alone as a developer can't react fast enough, to ar- chive the success, I normaly ought to have, before everybody is running to archive the same innovations like me. This is not your invention so I'm not sure what you think you're protecting. It's known as the Front Controller pattern and is widely used with and without a query string in both PHP and many other languages. It can also require changes to the web server environment to make it work. Google for front controller pattern for more information. You didn't say what you have against mod_rewrite. I'll bet you mod_rewrite can parse a request and send it to the right script faster than your PHP implementation. But as I can see how you are reacting on it, and others as well everybody is really loves the behavior. Its long time ago that I spoke with other devs. So I really feel well about the conver- sation. You're not quite catching on to my opinion of your product, but I'm glad you feel well about the conversation. Thank you very much. You're quite welcome. -Stut Am Dienstag, den 11.09.2007, 09:34 +0100 schrieb Stut: Sascha Braun - CEO @ Braun Networks wrote: hi stut, thank you for your advices. Ok, just so it's perfectly clear to you... I'm taking the piss. Still, since you provided apparently serious answers I'm going to continue to enjoy myself... - Screentexts are texts shown as link texts or descriptions in forms and other page elements which remain static in one language area. The screentexts are getting replaced by they' re coresponding translations as the user selects a different language. Wow, a multi-lingual website, how innovative of you. And look, you gave the text on the page a name, how twee. - The Google standard, of websites describes, that Query URL's like ?param1=XYZparam2=123 or as in $_SERVER['QUERY_STRING'] are not human readable, which makes them not acceptable as valid content links. Nope, sorry, not a standard. When you claim something is standards compliant you really should make sure the standards it's complying with are actually standards backed by a reputable organisation. But as I am pretty familar with search engine optimisation, my system is creating metatags for every page, h1 tags are used for headlines, h2 tags for subheads and so on. Please, for the love of $DEITY get yourself an English spelling checker and use it. I'd also recommend a grammar checker. If you are a professional in search engine optimisation, you will not find any weakness in my application anymore. Its happending absolutely automatically the authors don't have to do anything, for make it happen. Stopword lists like in my- sql are removing useless keywords and so on. Wow, so the user doesn't need to worry about URLs or SEO optimisation. You truly have created a masterpiece. As Gavin pointed out this sounds a lot like a CMS and not a framework. - Yes, my system is the only application framework worldwide with its capabilities. I added a neural networking functionality which makes it possible to autodecide which contents are inte- resting for the viewers on a page. Yeah, sorry to destroy your delusions of grandeur, but that's not even slightly unique (not that uniqueness has multiple levels, but I'm using some artistic licence). I'm also fairly certain it's covered by numerous patents, so you might not want to shout about it too loudly. Fx: If a user is allergic, no products containing large amounts of the alergen are shown in the shop anymore. As well it is possi- ble to create psychological profiles from the users of the system during the runtime of the application. Sold!! I have read a paper from the department of defence, from year 2004. I first read it in the early beginning of this year. I figured out, that my application framework is the perfect psynet application for performing psychological operations over the internet. I guess I developed one of the biggest weapon systems available now a days. I really have nothing useful to say here. If you can't see how ridiculous (and hilarious) such a claim is then there really is no hope. - As a blogging standard I would describe websites which contain a linklist to the left or the right of the blogs content as well as a calender and a search field. I guess this makes a blog. Again, not a standard. The term Weblog (from which the word blogging is derived) is (according to Wikipedia) a web-based publication consisting primarily of periodic articles (normally in reverse chronological order). There is no requirement for a particular page layout or for specific
Fw: [PHP] remove page referrer
my problem is for the 'Back' button of Internet Explorer,.. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] remove page referrer
Please include the list when replying. Shahrzad wrote: Mercyyy Stut for your reply, No problem. For the reason of sessions I want no one can back to previous page,if somebody temptates to do that, either this error occur : HTTP/1.0 404 Not Found or that page reload again . Can I do this with javaScript or something else? There are some nasty evil hacks that can achieve this, but you really don't want to. There are two possible solutions to your problem... 1) Write your code in such a way that it doesn't matter if someone goes back to a previous page and resubmits it. 2) Use the session to keep track of what page the user is on. That way if they do hit the back button you can tell them they've not allowed to do that and provide a link to the page they should be one. The first option is the best because the second is very poor UI design. Is there a reason why the user cannot go back to a previous page? What is technically stopping you handling that situation? -Stut -- http://stut.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Public Announcement
Hi Stut, if you check out http://getvanilla.com/ this is a forum software which uses mod_rewrite to show everything in fine ass written urls, like my system does allready in a better way. As I know from the google indexing threads running over my websites, the robot indexes all pathes as long there are found contents. If you have a query like http://www.domain.com/en/folder1/folder2/document-name.html and the application shows contents over this url: http://www.domain.com/index.php?lang=enpid=XYZ while document XYZ belongs to category automobiles and is a BMX Nissan If now the search robot is comming is crawling the http://www.domain.com/ finds a hole bunch of links to /en/automobiles/bmx-nissan/XYZ.html decides to look into /en/ first, and figures out, here there is absolutely nothing in it. The same thing happens to the /en/automobiles/ folder till it at the late end reaches the document-name.html So the indexing provider decides, that these categories are only getting missused to point out informations which are not really there. So its a fraud. I could advertise pictures off dolly buster to all people searching for BMX-Nissan. While when the indexing service comes and I call the document bmx-nissan.html and on the site only is to read dolly buster has a dot on her ass, the website will sink in the respect of the search engine. I hope you understood what I said. My websites are working in a slightly different way. I am creating overview pages in every category which says, I have an overview page showing all car brands in automobile, in the BMX-Nissan sektion there is an overview page over all BMX-Nissan Cars which are pointing out to one of the XYZ's Yes, Stut you are right you could see it as a front controller pattern, while it actually is reappearing in any folder shown on my websites. Its great to talk to you stut :) Best Regards, Sascha Am Dienstag, den 11.09.2007, 10:57 +0100 schrieb Stut: Sascha Braun - CEO @ Braun Networks wrote: The pages are all delivered by one single kind of page parser. Its consisting of round about 5 lines of code. But for different reasons there have to get written parsers, especially for the content to show. The longest parser is consisting of 11 lines of code. But I don't want to say more, otherwise my invention is not mine anymore. Me alone as a developer can't react fast enough, to ar- chive the success, I normaly ought to have, before everybody is running to archive the same innovations like me. This is not your invention so I'm not sure what you think you're protecting. It's known as the Front Controller pattern and is widely used with and without a query string in both PHP and many other languages. It can also require changes to the web server environment to make it work. Google for front controller pattern for more information. You didn't say what you have against mod_rewrite. I'll bet you mod_rewrite can parse a request and send it to the right script faster than your PHP implementation. But as I can see how you are reacting on it, and others as well everybody is really loves the behavior. Its long time ago that I spoke with other devs. So I really feel well about the conver- sation. You're not quite catching on to my opinion of your product, but I'm glad you feel well about the conversation. Thank you very much. You're quite welcome. -Stut Am Dienstag, den 11.09.2007, 09:34 +0100 schrieb Stut: Sascha Braun - CEO @ Braun Networks wrote: hi stut, thank you for your advices. Ok, just so it's perfectly clear to you... I'm taking the piss. Still, since you provided apparently serious answers I'm going to continue to enjoy myself... - Screentexts are texts shown as link texts or descriptions in forms and other page elements which remain static in one language area. The screentexts are getting replaced by they' re coresponding translations as the user selects a different language. Wow, a multi-lingual website, how innovative of you. And look, you gave the text on the page a name, how twee. - The Google standard, of websites describes, that Query URL's like ?param1=XYZparam2=123 or as in $_SERVER['QUERY_STRING'] are not human readable, which makes them not acceptable as valid content links. Nope, sorry, not a standard. When you claim something is standards compliant you really should make sure the standards it's complying with are actually standards backed by a reputable organisation. But as I am pretty familar with search engine optimisation, my system is creating metatags for every page, h1 tags are used for headlines, h2 tags for subheads and so on. Please, for the love of $DEITY get yourself an English spelling checker and use it. I'd also recommend a grammar checker. If you are a professional in search engine optimisation, you will not find any weakness in my application anymore. Its happending
Re: [PHP] Public Announcement
One of the main causes, why I don't make the application frame work or however you call it is, the lack of security. As soon as an application becomes open source, hackers and frauders can take time, to check out billing processes user management and many other things. Spectral is loading before any login can proceed allready the rights management system, which has to load all possible rights into the session before the logon can get fullfilled. Every button and every function of spectral can get enabled or dis- abled. So its a large session :)) But I believe this is a secure way to do it. And as a matter of fact I looked up the subject application framework at wikipedia and yes, spectral is still an application framework, while I took very much time in the development of cms like modules. The modules are all different like in other system structured in single folders like: modules/content_mm/classes modules/content_mm/elements modules/content_mm/frontends modules/content_mm/templates modules/asset_mm/classes modules/asset_mm/frontends modules/asset_mm/elements and so forth. A Frontend simply looks like that: ?xml version=1.0 encoding=UTF-8 ? frontend doctype=form action=forum_sub_topic_add module=forum_mm linktype=sub frontend_headforum_sub_topic_add/frontend_head frontend_elements forum_category_selector type=element src=forum_main_category_selector module=forum_mm/forum_category_selector forum_topic_name type=text size=69 maxlength=100/forum_topic_name forum_topic_desc type=textarea rows=6 cols=66/forum_topic_desc forum_sub_topic_add type=nav align=right style=button highlight=yes/forum_sub_topic_add /frontend_elements /frontend without the line breaks :)) Its including a simple php script as element which is not found in the HTML Specification and shows a couple of form elements like they are found in the html specification and as well its showing an button with the complete functionality needed. To develop a new module takes only round about two days. To set up a complete standard dot-com can get done in about two days as well, if there is a project specific functionality needed, you can do it in about two weeks, comming on to the amount of needed functio- nalty. I made use of the autoload functionality of PHP5 pretty much, so all classes are autoloaded. The heart of spectral is consisting of only three files used as matrix to decide which class methods should get called or which content module should get loaded to load the contents from the databases. Mh, I came in mind of something. Spectral is using one single datawarehouse solution for all webplatt- forms developed with it. Its still possible to set up new dataware- houses, but its made to build up a large number of international web- sites using datasets from one single datawarehouse. If I take insurances as an example there might be ten different kind of insurances which could get grouped in the corresponding number of cate- gories. One category is good for a car website another one for an real estate website, the other one for a health service. I allready thought about to open up the possibility to allow people to use spectral for building up they're websites, while trying to arrange the licence in a way, everybody has to store the used informations, which means product descriptions, articles, advertisements and so on in one single datawarehouse solution, so the contents can get used on a hole bunch of sites. What do you think about something like that? Mh, now i decided to send out, what I wrote allready to one of the other php guru's in here. I hope god will not bite my in my ass at the late end. The system is installing its content databases completely on its own. You can delete one of the tables, which are getting used by the cms modules as a kind of file allocation table, and by button press all datasets are read from the file system back into the tables again. You can install as many content modules you like, and hook them into an existing content module as submodules, which causes a possible maximum category level of tvelve. As you can use an unlimited number of those modules, you can please as many content modules aside of eachother in this category level pattern. As the blog the forum and the weblogs are storing they're infor- mations in the exactly same data format as the content modules even the forum, or blogs or the shop, can get put in any of the category levels, which are on the late end building the file- system structure. Its possible to place chart diagrams, videos pictures and what so ever in any of the documents, which means you can place chart diagrams even in blogs. The user management is working plattform independent, which means, that your users could open up an account at website A and import the complete user informations in website B, C, D. If the user changes the userdata on website B its changed in
Re: [PHP] Fwd: 403 Forbiden
On 9/11/07, Jesús de Diego Alarcón [EMAIL PROTECTED] wrote: Daniel Wo... Yes. This solved the problem... Thank you; many , many thanks.. I'm really surprised with the very goog PHP people Jesús de Diego 2007/9/11, Daniel Brown [EMAIL PROTECTED]: On 9/10/07, Jesús de Diego Alarcón [EMAIL PROTECTED] wrote: Daniel Here is the provincias.php code: ?php header('Content-Type: application/xml'); //error_reporting(E_ALL); $request = ' https://ovc.catastro.meh.es/ovcservweb/OVCSWLocalizacionRC/OVCCallejero.asmx/ConsultaProvincia '; $xml = file_get_contents($request); echo $xml; ? However, i'm not calling the PHP from another php but for the ExtJS ComboBox : http://extjs.com/deploy/ext/docs/output/Ext.form.ComboBox.html#properties http://extjs.com/deploy/ext/examples/form/combos.html In my case, you can see the Javascript code at: http://www.my3dgis.es/visor/scripts/catastro.js [snip] Jesus, On line 52 of visor/scripts/catastro.js, try changing the method from post to get. If necessary, make those changes in php/provincias.php. See if that changes anything for you. If it doesn't, what have your web logs told you so far? -- Daniel P. Brown [office] (570-) 587-7080 Ext. 272 [mobile] (570-) 766-8107 Give a man a fish, he'll eat for a day. Then you'll find out he was allergic and is hospitalized. See? No good deed goes unpunished My pleasure, Jesus. I'm just replying this to the list - not for bragging rights, but so that people searching the archives can benefit as well. Nothing worse than searching the web, finding someone else who had the EXACT same problem you're having, and finding no solutions posted. -- Daniel P. Brown [office] (570-) 587-7080 Ext. 272 [mobile] (570-) 766-8107 Give a man a fish, he'll eat for a day. Then you'll find out he was allergic and is hospitalized. See? No good deed goes unpunished -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mandriva and gd problem
On 9/11/07, marc serra [EMAIL PROTECTED] wrote: Hi all, I have php 5 and gd install on a mandriva and i'm working with it since a long time. Now i want to use functions like imagepstext that require gd with t1lib enable. I work with a mandriva server so i use urpmi to install php extensions and other programs. I've successfully installed php-gd package but at this time it is impossible for me to enable t1lib in mandriva. I don't find any package named php-t1lib or php-gd-t1lib so i install t1lib by hand but now i don't know how to say to php to enable t1lib. Can someone explain me how to do this on a system who use urpmi. thanks -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Marc, I'm typing this message to you from my desktop at work - a dual-headed Mandriva 2006.0C machine with PHP5 installed, complete with GD and T1. Try this: urpmi libt1lib5 urpmi t1lib-config urpmi php-gd Then install PHP as you normally would, using URPMI. If you already have the packages installed, back up your php.ini file (and any external configuration scripts you may have) and `rpm -e` them. You may have to force the removal with --nodeps flipped on. If that doesn't work, reply back with what version of PHP you're using and we'll go from there. -- Daniel P. Brown [office] (570-) 587-7080 Ext. 272 [mobile] (570-) 766-8107 Give a man a fish, he'll eat for a day. Then you'll find out he was allergic and is hospitalized. See? No good deed goes unpunished -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Public Announcement
Tedd: Very sorry, should have listened to you! Sascha: http://de.wikipedia.org/wiki/Sarkasmus (here's hoping it doesn't get lost in translation) I'm done with this thread now. -Stut Sascha Braun - CEO @ Braun Networks wrote: Hi Stut, if you check out http://getvanilla.com/ this is a forum software which uses mod_rewrite to show everything in fine ass written urls, like my system does allready in a better way. As I know from the google indexing threads running over my websites, the robot indexes all pathes as long there are found contents. If you have a query like http://www.domain.com/en/folder1/folder2/document-name.html and the application shows contents over this url: http://www.domain.com/index.php?lang=enpid=XYZ while document XYZ belongs to category automobiles and is a BMX Nissan If now the search robot is comming is crawling the http://www.domain.com/ finds a hole bunch of links to /en/automobiles/bmx-nissan/XYZ.html decides to look into /en/ first, and figures out, here there is absolutely nothing in it. The same thing happens to the /en/automobiles/ folder till it at the late end reaches the document-name.html So the indexing provider decides, that these categories are only getting missused to point out informations which are not really there. So its a fraud. I could advertise pictures off dolly buster to all people searching for BMX-Nissan. While when the indexing service comes and I call the document bmx-nissan.html and on the site only is to read dolly buster has a dot on her ass, the website will sink in the respect of the search engine. I hope you understood what I said. My websites are working in a slightly different way. I am creating overview pages in every category which says, I have an overview page showing all car brands in automobile, in the BMX-Nissan sektion there is an overview page over all BMX-Nissan Cars which are pointing out to one of the XYZ's Yes, Stut you are right you could see it as a front controller pattern, while it actually is reappearing in any folder shown on my websites. Its great to talk to you stut :) Best Regards, Sascha Am Dienstag, den 11.09.2007, 10:57 +0100 schrieb Stut: Sascha Braun - CEO @ Braun Networks wrote: The pages are all delivered by one single kind of page parser. Its consisting of round about 5 lines of code. But for different reasons there have to get written parsers, especially for the content to show. The longest parser is consisting of 11 lines of code. But I don't want to say more, otherwise my invention is not mine anymore. Me alone as a developer can't react fast enough, to ar- chive the success, I normaly ought to have, before everybody is running to archive the same innovations like me. This is not your invention so I'm not sure what you think you're protecting. It's known as the Front Controller pattern and is widely used with and without a query string in both PHP and many other languages. It can also require changes to the web server environment to make it work. Google for front controller pattern for more information. You didn't say what you have against mod_rewrite. I'll bet you mod_rewrite can parse a request and send it to the right script faster than your PHP implementation. But as I can see how you are reacting on it, and others as well everybody is really loves the behavior. Its long time ago that I spoke with other devs. So I really feel well about the conver- sation. You're not quite catching on to my opinion of your product, but I'm glad you feel well about the conversation. Thank you very much. You're quite welcome. -Stut Am Dienstag, den 11.09.2007, 09:34 +0100 schrieb Stut: Sascha Braun - CEO @ Braun Networks wrote: hi stut, thank you for your advices. Ok, just so it's perfectly clear to you... I'm taking the piss. Still, since you provided apparently serious answers I'm going to continue to enjoy myself... - Screentexts are texts shown as link texts or descriptions in forms and other page elements which remain static in one language area. The screentexts are getting replaced by they' re coresponding translations as the user selects a different language. Wow, a multi-lingual website, how innovative of you. And look, you gave the text on the page a name, how twee. - The Google standard, of websites describes, that Query URL's like ?param1=XYZparam2=123 or as in $_SERVER['QUERY_STRING'] are not human readable, which makes them not acceptable as valid content links. Nope, sorry, not a standard. When you claim something is standards compliant you really should make sure the standards it's complying with are actually standards backed by a reputable organisation. But as I am pretty familar with search engine optimisation, my system is creating metatags for every page, h1 tags are used for headlines, h2 tags for subheads and so on. Please, for the love of $DEITY get yourself an English spelling checker and use it. I'd also recommend a grammar checker.
Re: [PHP] remove page referrer
Shahrzad wrote: Hi all, I have 2 page ,when I go from first page to second page , I don't want the user can back to first page where it come from. is there any way to do this in php ? to remove or disactive $_SERVER[HTTP_REFERER] in php? Shahrzad, i'm assuming that you want to do this to protect against duplicate form submissions. If that's the case, this article may be of some use: Redirect after POST http://www.theserverside.com/tt/articles/article.tss?l=RedirectAfterPost brian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] remove page referrer
On 9/11/07, Stut [EMAIL PROTECTED] wrote: Please include the list when replying. Shahrzad wrote: Mercyyy Stut for your reply, No problem. For the reason of sessions I want no one can back to previous page,if somebody temptates to do that, either this error occur : HTTP/1.0 404 Not Found or that page reload again . Can I do this with javaScript or something else? There are some nasty evil hacks that can achieve this, but you really don't want to. There are two possible solutions to your problem... 1) Write your code in such a way that it doesn't matter if someone goes back to a previous page and resubmits it. 2) Use the session to keep track of what page the user is on. That way if they do hit the back button you can tell them they've not allowed to do that and provide a link to the page they should be one. The first option is the best because the second is very poor UI design. Is there a reason why the user cannot go back to a previous page? What is technically stopping you handling that situation? -Stut -- http://stut.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php What about the following? L page1.php ? session_start(); if($_SESSION['already_submitted'] == True) { header(Location: page2.php); } // Continue with your existing code from the first page. ? L page2.php ? session_start(); $_SESSION['already_visited'] = True; // Set this now. // Continue with the rest of your code from the second page. ? For as long as that session remains active, any time the user attempts to reload that page, they'll be forwarded to a page of your choice (in this case, page2.php). If you absolutely want a 404 error, you can either spoof one or legitimately create one --- by forwarding them to a page that does not and will not ever exist on your server. Not a very elegant solution, but it will work. -- Daniel P. Brown [office] (570-) 587-7080 Ext. 272 [mobile] (570-) 766-8107 Give a man a fish, he'll eat for a day. Then you'll find out he was allergic and is hospitalized. See? No good deed goes unpunished -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] look at all files, then go elsewhere
All, I'm trying to figure out the logic piece, and I'm pretty sure I am missing something simple. I have a script that I want to check all files in a directory for information, if it doesn't find it when all done, I want it to go elsewhere, however if it does find it, I want it to break out of the search and perform a function. CODE: if ($userinfo == ) { if ($handle = opendir('./bp_csv/')) { while (false !== ($file = readdir($handle))) { if($file != '..' $file != '.') { if(is_dir($file)) { //Diretory skipped } else { $command = 'cat ./bp_csv/' . $file . ' | grep ''; $user = $_POST[userid]; $command .= $user . '''; $userinfo=exec($command); // here's where it is multi-looping if ($userinfo ==) { echo $user not found in any BP_CSV files, now running LDAP checkBR; ldap_check($user); } else { // ok, found the person, run the function userprofile($userinfo); } } } } } } else { //original data has contents, go after user data userprofile($userinfo); } --- END CODE Wolf -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Public Announcement
At 11:24 AM +0200 9/11/07, Sascha Braun - CEO @ Braun Networks wrote: If you take 30 seconds for the startpage to load, you can check out http://www.fit-o-matic.com again. While the link takes forever to load and fails validation, I do like the use of registration trademarks (the R not the TM) in the URL's (click the top left image). However, I think IE will object. Also, if you use that product, will you become all-serious-looking like the people shown, not counting the one in the top right that apparently died at 33. :-) Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] look at all files, then go elsewhere
[snip] I have a script that I want to check all files in a directory for information, if it doesn't find it when all done, I want it to go elsewhere, however if it does find it, I want it to break out of the search and perform a function. CODE: if ($userinfo == ) { if ($handle = opendir('./bp_csv/')) { while (false !== ($file = readdir($handle))) { if($file != '..' $file != '.') { if(is_dir($file)) { //Diretory skipped } else { $command = 'cat ./bp_csv/' . $file . ' | grep ''; $user = $_POST[userid]; $command .= $user . '''; $userinfo=exec($command); // here's where it is multi-looping if ($userinfo ==) { echo $user not found in any BP_CSV files, now running LDAP checkBR; ldap_check($user); } else { // ok, found the person, run the function userprofile($userinfo); } } } } } } else { //original data has contents, go after user data userprofile($userinfo); } [/snip] Put all of the locations you want to search in an array and loop through the array. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] remove page referrer
At 10:04 AM +0430 9/12/07, Shahrzad wrote: Hi all, I have 2 page ,when I go from first page to second page , I don't want the user can back to first page where it come from. is there any way to do this in php ? to remove or disactive $_SERVER[HTTP_REFERER] in php? Thanks Didn't someone recently ask this question? In any event, from what you described above, try this below. http://webbytedd.com/bb/one-time/ This uses sessions -- you cannot return to this page until you restart your browser. It's a simple session variable check. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] MySQL upload problem
Hi gang: I know that this is not a php question, but all of you are so smart I thought would ask anyway. I need to upload a 5 Meg sql file to a client's database. However, his site's phpMyAdmin shows a maximum file size limit of 2 Meg. Now, is this something that is controlled by his host, or is there a way for me to get around it without requiring his host to do something, or what? How can I do this? Advice sought. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] look at all files, then go elsewhere
Wolf wrote: All, I'm trying to figure out the logic piece, and I'm pretty sure I am missing something simple. I have a script that I want to check all files in a directory for information, if it doesn't find it when all done, I want it to go elsewhere, however if it does find it, I want it to break out of the search and perform a function. CODE: if ($userinfo == ) { if ($handle = opendir('./bp_csv/')) { while (false !== ($file = readdir($handle))) { if($file != '..' $file != '.') { if(is_dir($file)) { //Diretory skipped } else { $command = 'cat ./bp_csv/' . $file . ' | grep ''; $user = $_POST[userid]; $command .= $user . '''; $userinfo=exec($command); You'd sanitise this in real life, i hope. escapeshellarg() and escapeshellcmd() are your good friends. curl -d user=foo%22%3Becho+%22pwned%21 http://yourdomain/yourscript.php And i think you have an extra single quote there at the end of both those lines. Why aren't you simply reading into an array the contents of the file and searching for $user in that? Use file() http://www.php.net/manual/en/function.file.php -- snip -- while (false !== ($file = readdir($handle))) { $lines = file($file); $idx = array_search($user, $lines) if ($idx !== FALSE) { $userinfo = $line; break; } } if ($userinfo != ) { userprofile($userinfo); } else { ... -- snip -- Or something like that. // here's where it is multi-looping if ($userinfo ==) { echo $user not found in any BP_CSV files, now running LDAP checkBR; ldap_check($user); } else { // ok, found the person, run the function userprofile($userinfo); } } } } } } else { //original data has contents, go after user data userprofile($userinfo); } --- END CODE The reason your script was looping is because your second if ($userinfo ==) is reached for each and every file found in the directory. That is, every time you grep for $user in a file, you're re-setting $userinfo, regardless of the result. Then you're running ldap_check(). Basically, you need a break in there, at the very minimum. And your second test on $userinfo should be outside of the while loop. Regardless, use file() instead of that exec() call. That looks as if it could have sharp edges. brian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] look at all files, then go elsewhere
Wolf wrote: All, I'm trying to figure out the logic piece, and I'm pretty sure I am missing something simple. I have a script that I want to check all files in a directory for information, if it doesn't find it when all done, I want it to go elsewhere, however if it does find it, I want it to break out of the search and perform a function. Wolf based off your logic, I think I fixed your problem. don't forget about http://us3.php.net/break // Get a directory resource handler if ($handle = opendir('./bp_csv/')) { // Looping... while ( $file = readdir($handle) ) { // This checks to see if it is a file. Not a symlink, dir, socket, etc... // Your is_dir() test would have failed if it had come across a socket if ( is_file($file) ) { // Mind you that I have not used the escapeshell***() commands // that much. You might need to drop the escapeshellcmd(), since // you are creating the command inline, and you have already escaped // the input data with escapeshellarg() // Be sure to validate input $user = escapeshellarg(@$_POST[userid]); // Be sure to escape the command also $command= escapeshellcmd(grep \{$user}\ ./bp_csv/{$file}); // Run command and capture results $userinfo = exec($command); // Check to see if I got any results // Might want to do a little better result checking. // This would pass even if the command failes and hands back an error if ( ! empty($userinfo) ) { // ok, found the person, run the function userprofile($userinfo); // Exit while loop break; } } } } // Nothing was returned for any of the files that we found. if ( empty($userinfo) ) { echo $user not found in any BP_CSV files, now running LDAP checkBR; ldap_check($user); } -- Jim Lucas Some men are born to greatness, some achieve greatness, and some have greatness thrust upon them. Twelfth Night, Act II, Scene V by William Shakespeare -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Public Announcement
[snip] At 11:24 AM +0200 9/11/07, Sascha Braun - CEO @ Braun Networks wrote: If you take 30 seconds for the startpage to load, you can check out http://www.fit-o-matic.com again. [/snip] That is awful. Not only does it take a long time for the start page to load (and there is nothing of any import on it) it takes a long time for each link to load, and there is nothing there either. The user would likely end up leaving because the experience is so bad. There are still users with dial-up accounts and this may take a horribly long time to load. As far as I can see there is nothing special or proprietary about this. It appears to be YAFC -- Yet Another Front Controller for YACMS. Everything that I read up until this point in the discussion reveals no new way of thinking about these issues and no new solutions. [snip] I guess I developed one of the biggest weapon systems available now a days. [/snip] I am sure that you did not really want to say something like this on a public mailing list. Did something get lost in translation? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: mandriva and gd problem
marc serra wrote: Hi all, I have php 5 and gd install on a mandriva and i'm working with it since a long time. Now i want to use functions like imagepstext that require gd with t1lib enable. I work with a mandriva server so i use urpmi to install php extensions and other programs. I've successfully installed php-gd package but at this time it is impossible for me to enable t1lib in mandriva. I don't find any package named php-t1lib or php-gd-t1lib so i install t1lib by hand but now i don't know how to say to php to enable t1lib. Can someone explain me how to do this on a system who use urpmi. If you get really stuck (i.e. think it's not possible with the current packaging) please post a bug in our Bugzilla, http://qa.mandriva.com/enter_bug.cgi?format=guidedclassification=__all Add me as a CC (I'm not the default maintainer for PHP on Mandriva, that accolade belongs to Oden, but I use PHP a lot and keep generally up to date with Odens work) and I'll take a look. My Mdv email is cguthrie at mandriva dot org. It's not really relevant for the PHP ML at large, so probably best dealt with there. I'm also quite often on #mandriva-cooker IRC channel if you want some interactive help Col. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] MIME type
Hi guys. I am linking to a file on a WAP site. the backend is written in PHP. However I need to link to a file but set the content type. I've done the following and am wondering if this is correct: ? // We'll be outputting a PDF header('Content-type: application/vnd.symbian.install'); // It will be called downloaded.pdf header('Content-Disposition: attachment; filename=../File/norEnglish.sis'); ? So basically I set the HREF to the file above (filename .php). Let me know if there is anything that im doing incorrectly. Thanks -- Angelo Zanetti Systems developer *Telephone:* +27 (021) 552 9799 *Mobile:* +27 (0) 72 441 3355 *Fax:*+27 (0) 86 681 5885 * Web:* http://www.zlogic.co.za *E-Mail:* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MySQL upload problem
tedd wrote: I know that this is not a php question, but all of you are so smart I thought would ask anyway. I need to upload a 5 Meg sql file to a client's database. However, his site's phpMyAdmin shows a maximum file size limit of 2 Meg. Now, is this something that is controlled by his host, or is there a way for me to get around it without requiring his host to do something, or what? How can I do this? Manually break the SQL file into several pieces. You may need to duplicate some statements at the top and tail of the main file in each part and also make sure that you duplicate any USE DATABASE statements to ensure you're on the right DB. You'll also need to make sure you execute them on the server in order. -Stut -- http://stut.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Using a variable for include statement
Sorry if this is a noob question, I have used PERL, TCL and VB but I am just getting into PHP. If there is a better place to ask noobie questions then let me know. I want to use the include statement but I want to pass the name of the file rather than hard code it. It seems that PHP needs the file to be in its defined PATH in order to do this (or am I wrong?). My code works OK if I use hard coding Example (works) include ('somefile.php') Example (doesn't work) $TheFile = somefile.php include ($TheFile) Am I trying to do something that is impossible? If it is a path problem then how do I get around this, I can control my local server config but I only have a local server for development. Thanks, Jeff -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Using a variable for include statement
On Tue, 2007-09-11 at 14:00 -0300, Jeff Benetti wrote: Sorry if this is a noob question, I have used PERL, TCL and VB but I am just getting into PHP. If there is a better place to ask noobie questions then let me know. I want to use the include statement but I want to pass the name of the file rather than hard code it. It seems that PHP needs the file to be in its defined PATH in order to do this (or am I wrong?). My code works OK if I use hard coding Example (works) include ('somefile.php') Example (doesn't work) $TheFile = somefile.php include ($TheFile) Am I trying to do something that is impossible? If it is a path problem then how do I get around this, I can control my local server config but I only have a local server for development. If the first works, then the second will work unless you've trimmed out some useful information for us to see... or maybe it's the lack of a semi-colon after the assignment (but that's probably just a quick typo mistake). Cheers, Rob. -- ... SwarmBuy.com - http://www.swarmbuy.com Leveraging the buying power of the masses! ... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] SEARCHING for an answer...
Hi Everyone :) I am attempting to add the ability to search a online database, and I thought that I have the code right, but apparently it's not... Here's the problem, when I type jason in the search box and hit go it brings me to edit.php?search=jason which displays nothing since edit.php is looking for a record number, not a search phrase... The end result I want, is that someone could search for jason and have it display ONLY the results having Jason in them on the same page. Simple right? Well my brain seems to be on vacation! :) Here is the relevant code (I think...) $search = $_GET[search]; $self = $_SERVER['PHP_SELF']; $qstring = SELECT * FROM current WHERE FName like '%$qstring%' or LName like '%$qstring%' or Add1 like '%$qstring%' or Add2 like '% $qstring%' or City like '%$qstring%' or State like '%$qstring%' or Zip like '%$qstring%' or XCode like '%qstring%'; if ($search != NULL){ echo The search string is: strong$search/strong.BR; $qresult= mysql_query($link, $qstring); echo Query completed; } else { echo (' form action='.$self.' method=get labelSearch: input type=text name=search id=search / /label input type=submit value=Go! / /form '); } -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424 www.raoset.com [EMAIL PROTECTED]
RE: [PHP] SEARCHING for an answer...
From: Jason Pruim [EMAIL PROTECTED] Here is the relevant code (I think...) $search = $_GET[search]; $self = $_SERVER['PHP_SELF']; $qstring = SELECT * FROM current WHERE FName like '%$qstring%' or LName like '%$qstring%' or Add1 like '%$qstring%' or Add2 like '% $qstring%' or City like '%$qstring%' or State like '%$qstring%' or Zip like '%$qstring%' or XCode like '%qstring%'; Perhaps you meant like '%$search%' instead of like '%$qstring%' multiple times? Also read http://en.wikipedia.org/wiki/SQL_injection _ Gear up for Halo® 3 with free downloads and an exclusive offer. http://gethalo3gear.com?ocid=SeptemberWLHalo3_MSNHMTxt_1 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SEARCHING for an answer...
On Sep 11, 2007, at 1:22 PM, Instruct ICC wrote: From: Jason Pruim [EMAIL PROTECTED] Here is the relevant code (I think...) $search = $_GET[search]; $self = $_SERVER['PHP_SELF']; $qstring = SELECT * FROM current WHERE FName like '%$qstring%' or LName like '%$qstring%' or Add1 like '%$qstring%' or Add2 like '% $qstring%' or City like '%$qstring%' or State like '%$qstring%' or Zip like '%$qstring%' or XCode like '%qstring%'; Perhaps you meant like '%$search%' instead of like '%$qstring%' multiple times? Actually I did, Need to proof read my code a little bit more when I copy/paste it from another project... I fixed that but the problem still remains... When I preform the search I get redirected from index.php to edit.php and can't see where that would happen. Also read http://en.wikipedia.org/wiki/SQL_injection I have read about SQL injection, and I will be scrubbing the data before searching but the search is only available after logging into the system. No one who isn't logged in can even view the page :) _ Gear up for Halo® 3 with free downloads and an exclusive offer. http://gethalo3gear.com?ocid=SeptemberWLHalo3_MSNHMTxt_1 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] SEARCHING for an answer...
[snip] I fixed that but the problem still remains... When I preform the search I get redirected from index.php to edit.php and can't see where that would happen. [/snip] echo $qstring; $search is not NULL because $search is equal to $_GET[search]. $search may be empty though. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Public Announcement
On Tuesday 11 September 2007 10:17, tedd wrote: At 11:24 AM +0200 9/11/07, Sascha Braun - CEO @ Braun Networks wrote: If you take 30 seconds for the startpage to load, you can check out http://www.fit-o-matic.com again. While the link takes forever and ever to load and fails validation, I do like the use of registration trademarks (the R not the TM) in the URL's (click the top left image). However, I think IE will object. Also, if you use that product, will you become all-serious-looking like the people shown, not counting the one in the top right that apparently died at 33. :-) Cheers, tedd i liked the colors. but any site containing word like: place order username password and country flags... really turns it all off -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SEARCHING for an answer...
Jason Pruim wrote: On Sep 11, 2007, at 1:22 PM, Instruct ICC wrote: Also read http://en.wikipedia.org/wiki/SQL_injection I have read about SQL injection, and I will be scrubbing the data before searching but the search is only available after logging into the system. No one who isn't logged in can even view the page :) That couldn't be less relevant. Repeat after me... Legitimate users can be malicious too. All data going into a SQL statement needs to be escaped unless it's a hard-coded string. No exceptions. Ever. -Stut -- http://stut.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] remove page referrer
Hi, You can not control this, but you might be able to control the page where the user is going back through the third page :) like this: page 1: submit to page 2 page 2: header('Location: /page 3'); page 3: the final page if the user clicks back he is going to end up on page 2 which has location redirect to page 3. True? Nope, this ain't true: if he goes back, he'll land on page 1. -Xander -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SEARCHING for an answer...
On Sep 11, 2007, at 2:10 PM, Stut wrote: Jason Pruim wrote: On Sep 11, 2007, at 1:22 PM, Instruct ICC wrote: Also read http://en.wikipedia.org/wiki/SQL_injection I have read about SQL injection, and I will be scrubbing the data before searching but the search is only available after logging into the system. No one who isn't logged in can even view the page :) That couldn't be less relevant. Repeat after me... Legitimate users can be malicious too. All data going into a SQL statement needs to be escaped unless it's a hard-coded string. No exceptions. Ever. I see what you are getting at, and I do plan to check the data before searching the contents of the database, but I was hoping to get one thing working at a time since I'm still learning all of this :) -Stut -- http://stut.net/ -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SEARCHING for an answer...
On Sep 11, 2007, at 1:58 PM, Jay Blanchard wrote: [snip] I fixed that but the problem still remains... When I preform the search I get redirected from index.php to edit.php and can't see where that would happen. [/snip] echo $qstring; $search is not NULL because $search is equal to $_GET[search]. $search may be empty though. echo $qstring; produces: SELECT * FROM current WHERE FName like '%%' or LName like '%%' or Add1 like '%%' or Add2 like '%%' or City like '% %' or State like '%%' or Zip like '%%' or XCode like '%%' Which is correct except for it being empty. I tried to echo $search, but since it redirects to another page I lose the value of $search. Any idea what is causing it to redirect to edit.php? -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] SEARCHING for an answer...
[snip] echo $qstring; produces: SELECT * FROM current WHERE FName like '%%' or LName like '%%' or Add1 like '%%' or Add2 like '%%' or City like '% %' or State like '%%' or Zip like '%%' or XCode like '%%' Which is correct except for it being empty. I tried to echo $search, but since it redirects to another page I lose the value of $search. Any idea what is causing it to redirect to edit.php? [/snip] I'd have to see the condition check for the redirection. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SEARCHING for an answer...
On Sep 11, 2007, at 2:32 PM, Jay Blanchard wrote: [snip] echo $qstring; produces: SELECT * FROM current WHERE FName like '%%' or LName like '%%' or Add1 like '%%' or Add2 like '%%' or City like '% %' or State like '%%' or Zip like '%%' or XCode like '%%' Which is correct except for it being empty. I tried to echo $search, but since it redirects to another page I lose the value of $search. Any idea what is causing it to redirect to edit.php? [/snip] I'd have to see the condition check for the redirection. The problem is there's not... At least there's not supposed to be. The end result that I want is for the search results to end up on the same page if possible... edit.php is a script I use for editing records. Maybe I should just do it on a separate page... It might be easier for displaying? -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] remove page referrer
On 9/11/07, NOSPAM plz bla wrote: I think you have to put the exit(); function in the code to prevent hacks. if($_SESSION['already_submitted'] == True) { header(Location: page2.php); *exit();* } Good call. I forgot to type that in there, but you're right. ;-) -- Daniel P. Brown [office] (570-) 587-7080 Ext. 272 [mobile] (570-) 766-8107 Give a man a fish, he'll eat for a day. Then you'll find out he was allergic and is hospitalized. See? No good deed goes unpunished -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Using a variable for include statement
you can definately use variables for filenames. i do it all the time. it's not like XSLT or other languages where it has to be included at the start or you're screwed. On 9/11/07, Jeff Benetti [EMAIL PROTECTED] wrote: Sorry if this is a noob question, I have used PERL, TCL and VB but I am just getting into PHP. If there is a better place to ask noobie questions then let me know. I want to use the include statement but I want to pass the name of the file rather than hard code it. It seems that PHP needs the file to be in its defined PATH in order to do this (or am I wrong?). My code works OK if I use hard coding Example (works) include ('somefile.php') Example (doesn't work) $TheFile = somefile.php include ($TheFile) Am I trying to do something that is impossible? If it is a path problem then how do I get around this, I can control my local server config but I only have a local server for development. Thanks, Jeff -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SEARCHING for an answer...
On 9/11/07, Jason Pruim [EMAIL PROTECTED] wrote: echo $qstring; produces: SELECT * FROM current WHERE FName like '%%' or LName like '%%' or Add1 like '%%' or Add2 like '%%' or City like '% %' or State like '%%' or Zip like '%%' or XCode like '%%' Which is correct except for it being empty. I tried to echo $search, but since it redirects to another page I lose the value of $search. Any idea what is causing it to redirect to edit.php? exit(); or die is your friend. echo what you want and exit() right after. that should effectively dump what you want. and if it doesn't something is redirecting it way before that point. :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SEARCHING for an answer...
Jason Pruim wrote: On Sep 11, 2007, at 2:10 PM, Stut wrote: Jason Pruim wrote: On Sep 11, 2007, at 1:22 PM, Instruct ICC wrote: Also read http://en.wikipedia.org/wiki/SQL_injection I have read about SQL injection, and I will be scrubbing the data before searching but the search is only available after logging into the system. No one who isn't logged in can even view the page :) That couldn't be less relevant. Repeat after me... Legitimate users can be malicious too. All data going into a SQL statement needs to be escaped unless it's a hard-coded string. No exceptions. Ever. I see what you are getting at, and I do plan to check the data before searching the contents of the database, but I was hoping to get one thing working at a time since I'm still learning all of this :) Sorry to go on about it, but security is not something you add after you've got it working - that leads to holes. You need to bake security right in from the start. -Stut -- http://stut.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] SEARCHING for an answer...
[snip] The problem is there's not... At least there's not supposed to be. The end result that I want is for the search results to end up on the same page if possible... edit.php is a script I use for editing records. Maybe I should just do it on a separate page... It might be easier for displaying? [/snip] There is no redirection to edit.php? You're calling PHP_SELF so it should not go anywhere else. Is there any mention of edit.php in the code? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SEARCHING for an answer...
On Sep 11, 2007, at 2:57 PM, Jay Blanchard wrote: There is no redirection to edit.php? You're calling PHP_SELF so it should not go anywhere else. Is there any mention of edit.php in the code? Correct. PHP_SELF refers to index.php which is the page that the search is happening on. a few lines above that there is a reference to edit.php and here is the code for it: Sorry for the long cut/paste, but I thought it was important to try and provide it in context, and the line where it says : tda href='edit.php?Record={$row['Record']}'Edit/a/td is the ONLY reference to edit.php in the entire code of that page. //Display the info using heredoc syntax echo HTML tr td{$row['FName']}/td td{$row['LName']}/td td{$row['Add1']}/td td{$row['Add2']}/td td{$row['City']}/td td{$row['State']}/td td{$row['Zip']}/td td{$row['XCode']}/td td{$row['Record']}/td tda href='edit.php?Record={$row['Record']}'Edit/a/td tda href='delete.php?Record={$row['Record']}'Delete/a/td /tr HTML; } echo div class=\nav\A Href=\excelexport.php\Export to Excel/ ABRA href=\logout.php\Logout/ABRa href=\add.shtml\Add Record/A; echo P class=\total\Total Records: $num_rows/P/div; echo /div/div; } $search = $_GET['search']; $self = $_SERVER['PHP_SELF']; $qstring = SELECT * FROM current WHERE FName like '%$search%' or LName like '%$search%' or Add1 like '%$search%' or Add2 like '%$search %' or City like '%$search%' or State like '%$search%' or Zip like '% $search%' or XCode like '%$search%'; echo $qstring; if ($search != NULL){ echo The search string is: strong$search/strong.BR; echo $search; $qresult= mysql_query($link, $qstring); echo Query completed; } else { echo (' form action='.$self.' method=get labelSearch: input type=text name=search id=search / /label input type=submit value=Go! / /form '); } -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SEARCHING for an answer...
On Sep 11, 2007, at 2:59 PM, Stut wrote: Jason Pruim wrote: On Sep 11, 2007, at 2:10 PM, Stut wrote: Jason Pruim wrote: On Sep 11, 2007, at 1:22 PM, Instruct ICC wrote: Also read http://en.wikipedia.org/wiki/SQL_injection I have read about SQL injection, and I will be scrubbing the data before searching but the search is only available after logging into the system. No one who isn't logged in can even view the page :) That couldn't be less relevant. Repeat after me... Legitimate users can be malicious too. All data going into a SQL statement needs to be escaped unless it's a hard-coded string. No exceptions. Ever. I see what you are getting at, and I do plan to check the data before searching the contents of the database, but I was hoping to get one thing working at a time since I'm still learning all of this :) Sorry to go on about it, but security is not something you add after you've got it working - that leads to holes. You need to bake security right in from the start. And thank you for hammering this into me :) I'm at the point of developing my programming habits, and secure coding is a good habit to be in. Some would say it is the only habit to be in... :) -Stut -- http://stut.net/ -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] SEARCHING for an answer...
[snip] Correct. PHP_SELF refers to index.php which is the page that the search is happening on. a few lines above that there is a reference to edit.php and here is the code for it: Sorry for the long cut/paste, but I thought it was important to try and provide it in context, and the line where it says : tda href='edit.php?Record={$row['Record']}'Edit/a/td is the ONLY reference to edit.php in the entire code of that page. //Display the info using heredoc syntax echo HTML tr td{$row['FName']}/td td{$row['LName']}/td td{$row['Add1']}/td td{$row['Add2']}/td td{$row['City']}/td td{$row['State']}/td td{$row['Zip']}/td td{$row['XCode']}/td td{$row['Record']}/td tda href='edit.php?Record={$row['Record']}'Edit/a/td tda href='delete.php?Record={$row['Record']}'Delete/a/td /tr HTML; } echo div class=\nav\A Href=\excelexport.php\Export to Excel/ ABRA href=\logout.php\Logout/ABRa href=\add.shtml\Add Record/A; echo P class=\total\Total Records: $num_rows/P/div; echo /div/div; } $search = $_GET['search']; $self = $_SERVER['PHP_SELF']; $qstring = SELECT * FROM current WHERE FName like '%$search%' or LName like '%$search%' or Add1 like '%$search%' or Add2 like '%$search %' or City like '%$search%' or State like '%$search%' or Zip like '% $search%' or XCode like '%$search%'; echo $qstring; if ($search != NULL){ echo The search string is: strong$search/strong.BR; echo $search; $qresult= mysql_query($link, $qstring); echo Query completed; } else { echo (' form action='.$self.' method=get labelSearch: input type=text name=search id=search / /label input type=submit value=Go! / /form '); } [/snip] Are you getting the output from echo The search string is: strong$search/strong.BR; or it is redirecting before that? How long is the complete code for the page, you may have to paste all of it or use pastebin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SEARCHING for an answer...
On Sep 11, 2007, at 3:37 PM, Jay Blanchard wrote: [snip] Correct. PHP_SELF refers to index.php which is the page that the search is happening on. a few lines above that there is a reference to edit.php and here is the code for it: Sorry for the long cut/paste, but I thought it was important to try and provide it in context, and the line where it says : tda href='edit.php?Record={$row['Record']}'Edit/a/td is the ONLY reference to edit.php in the entire code of that page. //Display the info using heredoc syntax echo HTML tr td{$row['FName']}/td td{$row['LName']}/td td{$row['Add1']}/td td{$row['Add2']}/td td{$row['City']}/td td{$row['State']}/td td{$row['Zip']}/td td{$row['XCode']}/td td{$row['Record']}/td tda href='edit.php?Record={$row['Record']}'Edit/a/td tda href='delete.php?Record={$row['Record']}'Delete/a/td /tr HTML; } echo div class=\nav\A Href=\excelexport.php\Export to Excel/ ABRA href=\logout.php\Logout/ABRa href=\add.shtml\Add Record/A; echo P class=\total\Total Records: $num_rows/P/div; echo /div/div; } $search = $_GET['search']; $self = $_SERVER['PHP_SELF']; $qstring = SELECT * FROM current WHERE FName like '%$search%' or LName like '%$search%' or Add1 like '%$search%' or Add2 like '%$search %' or City like '%$search%' or State like '%$search%' or Zip like '% $search%' or XCode like '%$search%'; echo $qstring; if ($search != NULL){ echo The search string is: strong$search/strong.BR; echo $search; $qresult= mysql_query($link, $qstring); echo Query completed; } else { echo (' form action='.$self.' method=get labelSearch: input type=text name=search id=search / /label input type=submit value=Go! / /form '); } [/snip] Are you getting the output from echo The search string is: strong$search/strong.BR; or it is redirecting before that? How long is the complete code for the page, you may have to paste all of it or use pastebin Total length is 293 lines. It redirects before any output of $search is visible. I put it up as a .txt file at: raoset.com/oldb/index.txt for anyone who wants to see the code... I know it repeats it's self, but I couldn't figure out how to get it to log in and stay logged in right without doing that... If anyone has any ideas on that as well... But that is a different issue :) -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SEARCHING for an answer...
On Tue, 2007-09-11 at 15:20 -0400, Jason Pruim wrote: echo div class=\nav\A Href=\excelexport.php\Export to Excel/ ABRA href=\logout.php\Logout/ABRa href=\add.shtml\Add Record/A; echo P class=\total\Total Records: $num_rows/P/div; While you're trying to clean up your security approach you might also spend a little time cleaning up your HTML. Your lack of a consistent discipline for tag names and attribute names is so retro 90s. You might also consider using single quotes around HTML strings to avoid having to escape all those attribute double quotes... yeah yeah I know, you've got a variable in there. Probably less work and easier on the eyes to break out of single quotes for the odd variable. Cheers, Rob. -- ... SwarmBuy.com - http://www.swarmbuy.com Leveraging the buying power of the masses! ... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] SEARCHING for an answer...
[snip] Total length is 293 lines. It redirects before any output of $search is visible. I put it up as a .txt file at: raoset.com/oldb/index.txt for anyone who wants to see the code... I know it repeats it's self, but I couldn't figure out how to get it to log in and stay logged in right without doing that... If anyone has any ideas on that as well... But that is a different issue :) [/snip] Use a SESSION to keep the user logged in. I am reading the code now. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SEARCHING for an answer...
On Tue, 2007-09-11 at 15:42 -0400, Jason Pruim wrote: Total length is 293 lines. It redirects before any output of $search is visible. I put it up as a .txt file at: raoset.com/oldb/index.txt for anyone who wants to see the code... I know it repeats it's self, but I couldn't figure out how to get it to log in and stay logged in right without doing that... If anyone has any ideas on that as well... But that is a different issue :) *lol* I ALWAYS create a wrapper function to perform redirects so that in times of confusion I can add a simple print_r( debug_backtrace() ) to find out where the hell the redirect is occurring :) it's also simpler for ensuring that I use the Location header properly (absolute URL) and for saving me having to write header( 'Location: '.$wherever ) when it's so much clearer to write: doRedirect( $wherever ). Cheers, Rob. -- ... SwarmBuy.com - http://www.swarmbuy.com Leveraging the buying power of the masses! ... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SEARCHING for an answer...
On Tue, 2007-09-11 at 15:42 -0400, Jason Pruim wrote: It redirects before any output of $search is visible. I put it up as a .txt file at: raoset.com/oldb/index.txt for anyone who wants to see the code... I took a look and now I can't get my eyes to stop bleeding. The horror, the horror! Mixed PHP/HTML is yucky :) Cheers, Rob. -- ... SwarmBuy.com - http://www.swarmbuy.com Leveraging the buying power of the masses! ... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] SEARCHING for an answer...
[snip] tda href='edit.php?Record={$row['Record']}'Edit/a/td is the ONLY reference to edit.php in the entire code of that page. [/snip] No it isn't. edit.php shows up a couple of times, not the least of which is row 218; echo form method='GET' action='edit.php'; Do you know where the closing form tag is for this? Line 288. If you look at your source with the search form in place you will see that it calls edit.php as your action. You left out a closing form tag somewhere. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SEARCHING for an answer...
On Sep 11, 2007, at 3:58 PM, Robert Cummings wrote: On Tue, 2007-09-11 at 15:42 -0400, Jason Pruim wrote: It redirects before any output of $search is visible. I put it up as a .txt file at: raoset.com/oldb/index.txt for anyone who wants to see the code... I took a look and now I can't get my eyes to stop bleeding. The horror, the horror! Mixed PHP/HTML is yucky :) I know it's a bit of a mess now that I'm looking at it... The whole project has been done as a learning experience for me, And I have learned alot. NOW I just need to figure out how I am going to display the pages (I think use a .php extension and heredoc to serve up the HTML) and go through and convert it all over to a much nicer syntax... :) -- ... SwarmBuy.com - http://www.swarmbuy.com Leveraging the buying power of the masses! ... -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] SEARCHING for an answer...
[snip] I took a look and now I can't get my eyes to stop bleeding. The horror, the horror! Mixed PHP/HTML is yucky :) [/snip] 8^{)} Undoubtedly things could be organized better. Jason did you just sit down and code or did you walk it through with paper and pencil (or notepad even)? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SEARCHING for an answer...
On Sep 11, 2007, at 3:59 PM, Jay Blanchard wrote: [snip] tda href='edit.php?Record={$row['Record']}'Edit/a/td is the ONLY reference to edit.php in the entire code of that page. [/snip] No it isn't. edit.php shows up a couple of times, not the least of which is row 218; echo form method='GET' action='edit.php'; Do you know where the closing form tag is for this? Line 288. If you look at your source with the search form in place you will see that it calls edit.php as your action. You left out a closing form tag somewhere. Son of a Bitch... Soon as I closed that down at line 265 the search now isn't redirecting to edit.php Do you debug by hand? Or do you have something that helps you to do that? I've been tearing my hair out for hours trying to find that and I couldn't see it... -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SEARCHING for an answer...
On Sep 11, 2007, at 4:02 PM, Jay Blanchard wrote: [snip] I took a look and now I can't get my eyes to stop bleeding. The horror, the horror! Mixed PHP/HTML is yucky :) [/snip] 8^{)} Undoubtedly things could be organized better. Jason did you just sit down and code or did you walk it through with paper and pencil (or notepad even)? I didn't go through and do a whole flow chart... I did write down the goals of the project though. I probably should have put more time into planning before starting to code it... With a well thought out plan I could have done some research and come to the conclusions that I have now and have to redo it :) That one programming class in high school is starting to creep back into my brain about how to do stuff :) -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] SEARCHING for an answer...
[snip] Son of a Bitch... Soon as I closed that down at line 265 the search now isn't redirecting to edit.php Do you debug by hand? Or do you have something that helps you to do that? I've been tearing my hair out for hours trying to find that and I couldn't see it... [/snip] Debugged by hand. And I never tried to load in a browser. 1. Searched for edit.php in the file to make sure it appeared nowhere else. 2. When I found the form call I looked for the closing form tag. None found till after your search query. BINGO! Knew that if you viewed the source that your opening form tag (subsequent ones get ignored, you must close each form tag first) would have an action of edit.php, not PHP_SELF Now, I am old school and your code had reasonable whitespace and indentations...BUT NO COMMENTS! Well some, but not enough...you never explain the logic, just things like // Show your login form here. YOU MUST EXPLAIN THE LOGIC OR YOU WILL HAVE PROBLEMS MAINTAINING THE CODE 2 WEEKS FROM NOW MUCH LESS 2 MONTHS FROM NOW. So Jason you learned three valuable lessons today. a. plan your code (use paper and pencil or something like it) b. always account for security c. comment properly Now, here is something you can do for a project; create a file parser that will look for all opening/closing tag pairs. I did not need one in this short code, but had it been longer I might have thrown something like this at it. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Public Announcement
On Tue, 11 Sep 2007, Stut wrote: You didn't say what you have against mod_rewrite. I'll bet you mod_rewrite can parse a request and send it to the right script faster than your PHP implementation. Has anyone tried Nginx? The rewrite rules are a bit more clear than those of the Apache mod_rewrite variety. http://wiki.codemongers.com/NginxHttpRewriteModule -- Greg Donald Cyberfusion Consulting http://cyberfusionconsulting.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Using a variable for include statement
Jeff Benetti wrote: Sorry if this is a noob question, I have used PERL, TCL and VB but I am just getting into PHP. If there is a better place to ask noobie questions then let me know. I want to use the include statement but I want to pass the name of the file rather than hard code it. It seems that PHP needs the file to be in its defined PATH in order to do this (or am I wrong?). My code works OK if I use hard coding Example (works) include ('somefile.php') Example (doesn't work) $TheFile = somefile.php include ($TheFile) Am I trying to do something that is impossible? If it is a path problem then how do I get around this, I can control my local server config but I only have a local server for development. Thanks, Jeff Jeff, there are a couple ways you can do this. 1) include(/path/to/.$TheFile./); 2) include $TheFile; Notice the lack of brackets in the last one. Either way has worked for me. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SEARCHING for an answer...
Jay Blanchard wrote: So Jason you learned three valuable lessons today. a. plan your code (use paper and pencil or something like it) b. always account for security c. comment properly I'll add two more: d: Check the source that your script outputs. Send it to the W3C validator (WebDeveloper Firefox extension is one of your bestest ever friends). e: (my personal opinion) Using echo() to spit out HTML will lead to *much* heartache and gnashing of teeth. Put a closing PHP tag (?) in there and let the parser spit out the markup without echo(). either: -- snip -- while($row = mysql_fetch_assoc($result)) { ? tr td?= $row['FName'] ?/td td?= $row['LName'] ?/td td?= $row['Add1'] ?/td ... ?php } -- snip -- or: -- snip -- while($row = mysql_fetch_assoc($result)) { ? tr td?php echo $row['FName'] ?/td td?php echo $row['LName'] ?/td td?php echo $row['Add1'] ?/td ... ?php } -- snip -- or, as i said, use a template system. brian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SEARCHING for an answer...
On 9/11/07, brian [EMAIL PROTECTED] wrote: e: (my personal opinion) Using echo() to spit out HTML will lead to *much* heartache and gnashing of teeth. Put a closing PHP tag (?) in there and let the parser spit out the markup without echo(). i think this is quite opposite. i prefer echo'ing everything. it allows me to indent the code perfectly in the right nested places. i hate inline php/html mixes. or, as i said, use a template system. a good presentation layer is always a good idea :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Public Announcement
Greg Donald wrote: On Tue, 11 Sep 2007, Stut wrote: You didn't say what you have against mod_rewrite. I'll bet you mod_rewrite can parse a request and send it to the right script faster than your PHP implementation. Has anyone tried Nginx? The rewrite rules are a bit more clear than those of the Apache mod_rewrite variety. http://wiki.codemongers.com/NginxHttpRewriteModule But is it the greatest weapon system of our time? If its not then it's nothing to me. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SEARCHING for an answer...
At 4:01 PM -0400 9/11/07, Jason Pruim wrote: Son of a Bitch... Soon as I closed that down at line 265 the search now isn't redirecting to edit.php Do you debug by hand? Or do you have something that helps you to do that? I've been tearing my hair out for hours trying to find that and I couldn't see it... Yes, most of us debug by hand -- some of us still have hair. It would probably help you if you would make your problems small ones and work in smaller incremental steps. It's far easier to debug 10-20 lines than 200-300 lines. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MySQL upload problem
At 4:46 PM +0100 9/11/07, Stut wrote: tedd wrote: I know that this is not a php question, but all of you are so smart I thought would ask anyway. I need to upload a 5 Meg sql file to a client's database. However, his site's phpMyAdmin shows a maximum file size limit of 2 Meg. Now, is this something that is controlled by his host, or is there a way for me to get around it without requiring his host to do something, or what? How can I do this? Manually break the SQL file into several pieces. You may need to duplicate some statements at the top and tail of the main file in each part and also make sure that you duplicate any USE DATABASE statements to ensure you're on the right DB. You'll also need to make sure you execute them on the server in order. -Stut -Stut: This is a relational dB and the several times that I have attempted to load it in in parts has met with failure. I was thinking that I could ftp the sql file to the clients server and then run a php script on his server, something like: $sql = mysql -h$dbhost -u$dbuser -p$dbpass $dbname $filename; system($sql); But, that didn't work -- however -- using mysqldump did download the file. So, I'm close. I know that safe_mode is ON, but I'm not sure if that's what's causing the failure or something else. There has to be a simple way to do this. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MySQL upload problem
tedd wrote: At 4:46 PM +0100 9/11/07, Stut wrote: tedd wrote: I know that this is not a php question, but all of you are so smart I thought would ask anyway. I need to upload a 5 Meg sql file to a client's database. However, his site's phpMyAdmin shows a maximum file size limit of 2 Meg. Now, is this something that is controlled by his host, or is there a way for me to get around it without requiring his host to do something, or what? How can I do this? Manually break the SQL file into several pieces. You may need to duplicate some statements at the top and tail of the main file in each part and also make sure that you duplicate any USE DATABASE statements to ensure you're on the right DB. You'll also need to make sure you execute them on the server in order. -Stut -Stut: This is a relational dB and the several times that I have attempted to load it in in parts has met with failure. Split the database up per table - I have a perl script if you want it. Upload each table separately. -- Postgresql php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MySQL upload problem
tedd wrote: I was thinking that I could ftp the sql file to the clients server and then run a php script on his server, something like: $sql = mysql -h$dbhost -u$dbuser -p$dbpass $dbname $filename; system($sql); But, that didn't work -- however -- using mysqldump did download the file. So, I'm close. I know that safe_mode is ON, but I'm not sure if that's what's causing the failure or something else. Just a thought: did you pass the full path for $filename? Also, pass in a return var to read: system($sql, $ret); if ($ret === 0) { echo 'sucess'; } Sorry, you'll have to hunt down the other return codes that MySQl might send back. If safe_mode is enabled, your command will be escaped with escapeshellcmd() but that's about it. If you can FTP it but can't get a shell is there any chance you could convince an admin to run the script? brian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MySQL upload problem
tedd wrote: At 4:46 PM +0100 9/11/07, Stut wrote: tedd wrote: I know that this is not a php question, but all of you are so smart I thought would ask anyway. I need to upload a 5 Meg sql file to a client's database. However, his site's phpMyAdmin shows a maximum file size limit of 2 Meg. Now, is this something that is controlled by his host, or is there a way for me to get around it without requiring his host to do something, or what? How can I do this? Manually break the SQL file into several pieces. You may need to duplicate some statements at the top and tail of the main file in each part and also make sure that you duplicate any USE DATABASE statements to ensure you're on the right DB. You'll also need to make sure you execute them on the server in order. -Stut -Stut: This is a relational dB and the several times that I have attempted to load it in in parts has met with failure. I was thinking that I could ftp the sql file to the clients server and then run a php script on his server, something like: $sql = mysql -h$dbhost -u$dbuser -p$dbpass $dbname $filename; system($sql); But, that didn't work -- however -- using mysqldump did download the file. So, I'm close. Actually reading the php site: http://php.net/system With safe mode enabled, the command string is escaped with escapeshellcmd(). Then http://www.php.net/manual/en/function.escapeshellcmd.php: Following characters are preceded by a backslash: #;`|*?~^()[]{}$\, \x0A and \xFF. So your is being replaced with \ which is why it wouldn't work. -- Postgresql php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MySQL upload problem
Chris wrote: tedd wrote: I was thinking that I could ftp the sql file to the clients server and then run a php script on his server, something like: $sql = mysql -h$dbhost -u$dbuser -p$dbpass $dbname $filename; system($sql); But, that didn't work -- however -- using mysqldump did download the file. So, I'm close. Actually reading the php site: http://php.net/system With safe mode enabled, the command string is escaped with escapeshellcmd(). Then http://www.php.net/manual/en/function.escapeshellcmd.php: Following characters are preceded by a backslash: #;`|*?~^()[]{}$\, \x0A and \xFF. So your is being replaced with \ which is why it wouldn't work. Right. You could try mysqlimport to get around using the instead. Strip out all but the ddl statements (CREATE TABLE and friends) and place them into separate files for each table. That is, name each file for the table its data corresponds to. Upload the ddl stuff with phpMyAdmin, then import the data with mysqlimport through your script. However, i think you might need FILE privilege. Instead of putzing around with your existing dump file to copy everything out, you could import everything to a local database (if you don't have it already) and dump out each table to a separate file. brian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MySQL upload problem
brian wrote: tedd wrote: I was thinking that I could ftp the sql file to the clients server and then run a php script on his server, something like: $sql = mysql -h$dbhost -u$dbuser -p$dbpass $dbname $filename; system($sql); But, that didn't work -- however -- using mysqldump did download the file. So, I'm close. I know that safe_mode is ON, but I'm not sure if that's what's causing the failure or something else. Just a thought: did you pass the full path for $filename? Also, pass in a return var to read: system($sql, $ret); if ($ret === 0) { echo 'sucess'; } Sorry, you'll have to hunt down the other return codes that MySQl might send back. If safe_mode is enabled, your command will be escaped with escapeshellcmd() but that's about it. If you can FTP it but can't get a shell is there any chance you could convince an admin to run the script? Also, to be on the safe side, you might want to include set_time_limit(0); in your script, also (if you can get system() to work, that is). brian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php