php-general Digest 17 Feb 2008 15:34:09 -0000 Issue 5298
php-general Digest 17 Feb 2008 15:34:09 - Issue 5298
Topics (messages 269421 through 269429):
Check time in between times
269421 by: Johny Burns
269423 by: Nathan Nobbe
269424 by: Emilio Astarita
Re: Hex Strings Appended to Pathnames
269422 by: Mick
Re: Fwrite Function
269425 by: Nick Stinemates
Re: Session destruction problem
269426 by: Nick Stinemates
269428 by: Adil Drissi
Re: Protected ZIP file with password
269427 by: Nick Stinemates
regex usage
269429 by: Valedol
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
--
---BeginMessage---
I am having fields in my table where I put times like 4:30pm in string
format
Can anybody help with function which helps detect.
Is it the current time between those fields?
function checkinzone($time1,$time2):boolean
Has to verify does the current time is in those 2 variables.
Thank you for your help. My ability with time and date funtions in PHP are
not that great
---End Message---
---BeginMessage---
On Feb 17, 2008 12:53 AM, Johny Burns [EMAIL PROTECTED] wrote:
I am having fields in my table where I put times like 4:30pm in string
format
Can anybody help with function which helps detect.
Is it the current time between those fields?
function checkinzone($time1,$time2):boolean
Has to verify does the current time is in those 2 variables.
Thank you for your help. My ability with time and date funtions in PHP are
not that great
convert $time1 and $time2 to unix timestamps;
from there its a matter of basic logic; something like this (vaguely)
function isTimeBetween($time1, $time2) {
if(!($lowerBound = date('U', $time1)) { return false; }
if(!($upperBound = date('U', $time2)) { return false; }
$curTime = mktime();
if($curTime $lowerBound $curTime $upperBound) {
return true;
} else { return false; }
}
note; $time1 and $time2 will have to unix timestamps; this
function will verify that by passing them through the date() function.
http://www.php.net/manual/en/function.date.php
if you want something a little more flexible; check out; strtotime();
http://www.php.net/manual/en/function.strtotime.php
and also, the DateTime class will make for good reading ;)
http://www.php.net/manual/en/function.date-create.php
-nathan
---End Message---
---BeginMessage---
Johny Burns [EMAIL PROTECTED] writes:
I am having fields in my table where I put times like 4:30pm in string
format
Check this:
http://dev.mysql.com/doc/refman/5.0/en/date-and-time-types.html
Perhaps you could use a data type date for that.
Can anybody help with function which helps detect.
Is it the current time between those fields?
function checkinzone($time1,$time2):boolean
Has to verify does the current time is in those 2 variables.
This may help you:
function strange2min($strange) {
$h24h = substr($strange,-2);
list($hour,$minute) = preg_split(/(?i:am|pm|:)/,$strange);
if ($h24h == 'am' $hour == 12) {
$hour = 0;
} elseif ($h24h == 'pm') {
$hour = $hour + 12;
}
return ($hour * 60) + $minute;
}
function checkinzone($start,$end) {
$now = (date('G') * 60) + date('i');
$start = strange2min($start);
$end = strange2min($end);
return ( ($start = $now ) ($now = $end));
}
// test
$start = 1:30am;
$end = 9:39am;
echo 'strong', var_dump(checkinzone($start,$end)),'/strong';
--
Emilio Astarita [EMAIL PROTECTED]
---End Message---
---BeginMessage---
Nathan Rixham wrote:
Richard Lynch wrote:
I don't know if it's before/after, but PHP can't change the GET
request to something it wasn't...
So THAT was the URL requested.
You might have some kind of funky mod_rewrite rule messing you up...
On Tue, January 29, 2008 5:22 am, Mick wrote:
Richard Lynch wrote:
On Sun, January 27, 2008 7:57 am, Mick wrote:
Operating System: CentOS 4.6
PHP Version: 4.3.9-3.22.9
Zend Optimizer (free) version: 3.2.6
Hello.
I've got somewhat of a strange problem here involving Squirrelmail.
Basically, what is happening is that one of our customers is logged
out
of his Squirrelmail session at random intervals. This can occur
when
he goes to read an email or, after composing an email, when he
clicks
on the Send button.
The following log entries correspond with those times that the
customer
is logged out.
[error] [client X.X.X.X] File does not exist:
/var/www/squirrelmail/src/redirect.php3a5def33
[error] [client X.X.X.X] File does not exist:
/var/www/squirrelmail/src/redirect.php29e09f87
[error] [client X.X.X.X] File does not exist:
/var/www/squirrelmail/src/move_messages.phpf9f96dfb
[error] [client X.X.X.X] File does not exist:
/var/www/squirrelmail/src/redirect.phpdc6cc80a
So what would be the cause of appending those hex strings to those
Re: [PHP] Session destruction problem
Adil Drissi wrote: Hi everybody, I need help with sessions. I have a simple authentification relying only on sessions (i don't use cookies). After the user submits his username and password, the script checks if that corresponds to a record in a mysql table. If this is the case $_SESSION['sessioname'] = $_POST['login'];. the $_SESSION['sessioname'] is checked in subsequent pages to see if the user is connected or not. The problem is after the user logs out, and after that uses the previous button of the browser he becomes connected. How can i prevent this please. Here is my logout.php: ?php session_start(); unset($_SESSION[sessioname]); session_destroy(); header(location: index.php); ? Thank you for advance Looking for last minute shopping deals? Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping Is your session being set in any other place but your login page? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Protected ZIP file with password
Petrus Bastos wrote:
Hey folks,
Do you know how can I create a protected zip file with password? Is
there anyway? I've search on the internet, but without success.
Thank's in advance,
Petrus Bastos.
The easiest way to accomplish this would be to write a wrapper function
using the zip tool provided by (almost every) Linux distribution.
?php
function zip($directory, $password, $saveAs) {
return exec(zip -r $saveAs -P $password $directory;
}
print zip(/home/nick, mypass, /tmp/homebackup.zip);
?
Please note: the -P flag can be monitored on the local system so it is
considered insecure.
If you're going to be accepting input, you should also wrap your
variables in escapeshellarg()
http://us3.php.net/zip
http://us.php.net/manual/en/function.exec.php
from the zip manual entry
THIS IS INSECURE! Many multi-user operating sys-tems
provide ways for any user to see the current command line of any other
user; even on stand-alone
systems there is always the threat of over-the-shoulder peeking.
Storing the plaintext password as
part of a command line in an automated script is even worse. Whenever
possible, use the non-echoing,
interactive prompt to enter passwords. (And where security is truly
important, use strong encryption
such as Pretty Good Privacy instead of the relatively weak encryption
provided by standard zipfile
utilities.)
==
Nick Stinemates ([EMAIL PROTECTED])
http://nick.stinemates.org
AIM: Nick Stinemates
MSN: [EMAIL PROTECTED]
Yahoo: [EMAIL PROTECTED]
==
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session destruction problem
Is your session being set in any other place but your login page? No, just in the page just to which the form of login and password points. Looking for last minute shopping deals? Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] regex usage
Valedol wrote:
Is there a mothod to check string`s length with regex or the only way is
using strlen?
I want string consisting of 4 digits
and check string with this code:
if (preg_match(/\d{4}/,$_POST[id]))
{ echo $_POST[id]; }
but preg_match returns true when string consists of 4 or more digits
preg_match(/^\d{4}$/,$_POST['id'])
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] regex usage
Is there a mothod to check string`s length with regex or the only way is
using strlen?
I want string consisting of 4 digits
and check string with this code:
if (preg_match(/\d{4}/,$_POST[id]))
{ echo $_POST[id]; }
but preg_match returns true when string consists of 4 or more digits
You could change the regex to use start/end anchors. Also, the trailing
comma in the length specifier bit means 4 or more Eg:
if (preg_match(/^\d{4,}$/, $_POST['id'])){
echo $_POST['id'];
}
--
Richard Heyes
http://www.websupportsolutions.co.uk
Knowledge Base and Helpdesk software hosted for you - no
installation, no maintenance, new features automatic and free
** New Helpdesk demo now available **
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: stream_select problem with signals
Nathan Rixham escribió: socket_strerror(socket_last_error()) maybe? That i can see in PHP manual socket functions sre not bundled by default in PHP 5.3.0 and above, so if i'm using the stream implementation, how i can determine if a signal interrupt a stream_select call, the stream not will to be a socket can be a any other stream supported types. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Protected ZIP file with password
Hi Nick,
Sorry, but I forgot to tell you that I can't use this exec neither
system commands because they are disabled for security precautions. So, Do
you have any other ideas on how can I do that?
Thanks for your help,
Petrus Bastos.
On Feb 17, 2008 5:15 AM, Nick Stinemates [EMAIL PROTECTED] wrote:
Petrus Bastos wrote:
Hey folks,
Do you know how can I create a protected zip file with password? Is
there anyway? I've search on the internet, but without success.
Thank's in advance,
Petrus Bastos.
The easiest way to accomplish this would be to write a wrapper function
using the zip tool provided by (almost every) Linux distribution.
?php
function zip($directory, $password, $saveAs) {
return exec(zip -r $saveAs -P $password $directory;
}
print zip(/home/nick, mypass, /tmp/homebackup.zip);
?
Please note: the -P flag can be monitored on the local system so it is
considered insecure.
If you're going to be accepting input, you should also wrap your
variables in escapeshellarg()
http://us3.php.net/zip
http://us.php.net/manual/en/function.exec.php
from the zip manual entry
THIS IS INSECURE! Many multi-user operating sys-tems
provide ways for any user to see the current command line of any other
user; even on stand-alone
systems there is always the threat of over-the-shoulder peeking.
Storing the plaintext password as
part of a command line in an automated script is even worse. Whenever
possible, use the non-echoing,
interactive prompt to enter passwords. (And where security is truly
important, use strong encryption
such as Pretty Good Privacy instead of the relatively weak encryption
provided by standard zipfile
utilities.)
==
Nick Stinemates ([EMAIL PROTECTED])
http://nick.stinemates.org
AIM: Nick Stinemates
MSN: [EMAIL PROTECTED]
Yahoo: [EMAIL PROTECTED]
==
Re: [PHP] PHP/mySQL dropping zeros after inserting number into record
On Feb 16, 2008 6:22 PM, Rob Gould [EMAIL PROTECTED] wrote:
I've got a PHP script that inserts 00012345678 into a record in a mySQL
database (it's a barcode). Things work ok unless the number has preceding
zeros, and then the zeros get cut off and all I get is 12345678.
I have the mySQL database fieldtype set to bigint(14). If the maximum length
a barcode can be is 14, is there a better fieldtype to use that will keep the
zeros?
(or some way for PHP to tell mySQL not to chop off the zeros?)
Rob,
A few years ago, I developed a full-on inventory management system
(with barcode printing and assignment, as well as scanning) and found
that with Code 39 I didn't have the issue, but when using UPC or some
other format, I often had to convert the code to string(). Then
insert the data into a CHAR or VARCHAR column, because to most
systems, INT 001234 is equal to INT 1234, but with more overhead,
which is then normally trimmed.
--
/Dan
Daniel P. Brown
Senior Unix Geek
? while(1) { $me = $mind--; sleep(86400); } ?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session destruction problem
On Feb 16, 2008 3:31 PM, Adil Drissi [EMAIL PROTECTED] wrote:
Hi everybody,
I need help with sessions.
I have a simple authentification relying only on
sessions (i don't use cookies).
Just to let you know, if you're using sessions, you're using
cookies. You're not setting the data in the client-side cookie, but a
cookie is still installed on the system containing the PHPSESSID.
--
/Dan
Daniel P. Brown
Senior Unix Geek
? while(1) { $me = $mind--; sleep(86400); } ?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] regex usage
--- Valedol [EMAIL PROTECTED] wrote:
Is there a mothod to check string`s length with regex or the only
way is
using strlen?
I want string consisting of 4 digits
and check string with this code:
if (preg_match(/\d{4}/,$_POST[id]))
{ echo $_POST[id]; }
but preg_match returns true when string consists of 4 or more
digits
--
To check only 4 digit, you have to specify max lengh of the string in
length specifier..
if (preg_match(/\d{4,4}/,$_POST[id]))
{ echo $_POST[id]; }
---
Nirmalya Lahiri
[+91-9433113536]
Looking for last minute shopping deals?
Find them fast with Yahoo! Search.
http://tools.search.yahoo.com/newsearch/category.php?category=shopping
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Protected ZIP file with password
On Feb 16, 2008 3:39 PM, Petrus Bastos [EMAIL PROTECTED] wrote:
Hey folks,
Do you know how can I create a protected zip file with password? Is
there anyway? I've search on the internet, but without success.
If you have system() access, use something in the exec() family
(and be sure to properly sanitize that). Otherwise, there is probably
a PEAR or PECL module that will do the work for you.
--
/Dan
Daniel P. Brown
Senior Unix Geek
? while(1) { $me = $mind--; sleep(86400); } ?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] regex usage
Valedol wrote:
Is there a mothod to check string`s length with regex or the only way is
using strlen?
I want string consisting of 4 digits
and check string with this code:
if (preg_match(/\d{4}/,$_POST[id]))
{ echo $_POST[id]; }
but preg_match returns true when string consists of 4 or more digits
Yes you can, but why do it this way? What advantage is it over the
following?
Given that this isn't a real intense regex, I don't know how much you
will save, but you could also do this.
if ( strlen(intval($_POST['id'])) == 4 ) {
echo $_POST['id'];
}
Not sure about speed, but it might be a little faster if you are looking
for performance.
Jim Lucas
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session destruction problem
Hi,
I suppose this can be used to solve the problem i
posted. Can you please tell me how, or send a link to
ressource explaining that?
Thanks
--- Daniel Brown [EMAIL PROTECTED] wrote:
On Feb 16, 2008 3:31 PM, Adil Drissi
[EMAIL PROTECTED] wrote:
Hi everybody,
I need help with sessions.
I have a simple authentification relying only on
sessions (i don't use cookies).
Just to let you know, if you're using sessions,
you're using
cookies. You're not setting the data in the
client-side cookie, but a
cookie is still installed on the system containing
the PHPSESSID.
--
/Dan
Daniel P. Brown
Senior Unix Geek
? while(1) { $me = $mind--; sleep(86400); } ?
Looking for last minute shopping deals?
Find them fast with Yahoo! Search.
http://tools.search.yahoo.com/newsearch/category.php?category=shopping
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP/mySQL dropping zeros after inserting number into record
Daniel Brown wrote: On Feb 16, 2008 6:22 PM, Rob Gould [EMAIL PROTECTED] wrote: I've got a PHP script that inserts 00012345678 into a record in a mySQL database (it's a barcode). Things work ok unless the number has preceding zeros, and then the zeros get cut off and all I get is 12345678. I have the mySQL database fieldtype set to bigint(14). If the maximum length a barcode can be is 14, is there a better fieldtype to use that will keep the zeros? (or some way for PHP to tell mySQL not to chop off the zeros?) Rob, A few years ago, I developed a full-on inventory management system (with barcode printing and assignment, as well as scanning) and found that with Code 39 I didn't have the issue, but when using UPC or some other format, I often had to convert the code to string(). Then insert the data into a CHAR or VARCHAR column, because to most systems, INT 001234 is equal to INT 1234, but with more overhead, which is then normally trimmed. zerofill is the way - the stupid but works way is to store the barcodes backwards :D or indeed base convert them from 10 to 32.. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] upload issue
any idea why this fails?this is the error: Sorry, there was a problem
uploading your file
?php
require_once(classes/db.class.php);
$target = ;
$fileName = basename( $_FILES['uploaded']['name']);
$extension = strtolower(strrchr($fileName,.));
$DB = new DB();
$insertID = $DB-insert_sql(INSERT INTO CMS_Media (File_Name) VALUES
(''));
$target = media/ . $insertID . $extension;
//echo $target;
if (move_uploaded_file($_FILES['uploaded']['tmp_name'], $target)) {
// Error
echo File was uploaded!;
} else {
echo Sorry, there was a problem uploading your file.;
}
chmod($target, 0755);
header(Location: crop.php?imageName=$newFileName);
?
---
Edward H. Hotchkiss
Chief Technical Officer
Durgle, INC
[EMAIL PROTECTED]
http://www.durgle.com
---
Re: [PHP] Session destruction problem
At 12:31 PM -0800 2/16/08, Adil Drissi wrote: Hi everybody, I need help with sessions. I have a simple authentification relying only on sessions (i don't use cookies). After the user submits his username and password, the script checks if that corresponds to a record in a mysql table. If this is the case $_SESSION['sessioname'] = $_POST['login'];. the $_SESSION['sessioname'] is checked in subsequent pages to see if the user is connected or not. The problem is after the user logs out, and after that uses the previous button of the browser he becomes connected. How can i prevent this please. Here is my logout.php: ?php session_start(); unset($_SESSION[sessioname]); session_destroy(); header(location: index.php); ? That will destroy the session, but not the browser history. You'll need javascript to alter window history. Google window.history.forward Here's one link that may help: http://www.4guysfromrolla.com/webtech/111500-1.2.shtml Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] upload issue
On Sunday 17 February 2008 19:22:03 nihilism machine wrote:
any idea why this fails?this is the error: Sorry, there was a problem
uploading your file
?php
require_once(classes/db.class.php);
$target = ;
$fileName = basename( $_FILES['uploaded']['name']);
$extension = strtolower(strrchr($fileName,.));
$DB = new DB();
$insertID = $DB-insert_sql(INSERT INTO CMS_Media (File_Name) VALUES
(''));
$target = media/ . $insertID . $extension;
//echo $target;
if (move_uploaded_file($_FILES['uploaded']['tmp_name'], $target)) {
// Error
echo File was uploaded!;
} else {
echo Sorry, there was a problem uploading your file.;
}
chmod($target, 0755);
header(Location: crop.php?imageName=$newFileName);
?
This looks weird. is this actually anything: $_FILES['uploaded']['tmp_name'].
I always used $_FILES['tmp_name'], $_FILES['name'] and such
---
Edward H. Hotchkiss
Chief Technical Officer
Durgle, INC
[EMAIL PROTECTED]
http://www.durgle.com
---
--
---
Børge Holen
http://www.arivene.net
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session destruction problem
Hi, Thanks for the link, it is very interesting, but as the author says, the solutions are not perfect. I'm wondering how yahoo mail for example are doing, or maybe they are using something else (not php)? Thank you --- tedd [EMAIL PROTECTED] wrote: At 12:31 PM -0800 2/16/08, Adil Drissi wrote: Hi everybody, I need help with sessions. I have a simple authentification relying only on sessions (i don't use cookies). After the user submits his username and password, the script checks if that corresponds to a record in a mysql table. If this is the case $_SESSION['sessioname'] = $_POST['login'];. the $_SESSION['sessioname'] is checked in subsequent pages to see if the user is connected or not. The problem is after the user logs out, and after that uses the previous button of the browser he becomes connected. How can i prevent this please. Here is my logout.php: ?php session_start(); unset($_SESSION[sessioname]); session_destroy(); header(location: index.php); ? That will destroy the session, but not the browser history. You'll need javascript to alter window history. Google window.history.forward Here's one link that may help: http://www.4guysfromrolla.com/webtech/111500-1.2.shtml Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Looking for last minute shopping deals? Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Protected ZIP file with password
Petrus Bastos wrote:
Hi Nick,
Sorry, but I forgot to tell you that I can't use this exec neither
system commands because they are disabled for security precautions. So, Do
you have any other ideas on how can I do that?
Thanks for your help,
Petrus Bastos.
On Feb 17, 2008 5:15 AM, Nick Stinemates [EMAIL PROTECTED] wrote:
Petrus Bastos wrote:
Hey folks,
Do you know how can I create a protected zip file with password? Is
there anyway? I've search on the internet, but without success.
Thank's in advance,
Petrus Bastos.
The easiest way to accomplish this would be to write a wrapper function
using the zip tool provided by (almost every) Linux distribution.
?php
function zip($directory, $password, $saveAs) {
return exec(zip -r $saveAs -P $password $directory;
}
print zip(/home/nick, mypass, /tmp/homebackup.zip);
?
Please note: the -P flag can be monitored on the local system so it is
considered insecure.
If you're going to be accepting input, you should also wrap your
variables in escapeshellarg()
http://us3.php.net/zip
http://us.php.net/manual/en/function.exec.php
from the zip manual entry
THIS IS INSECURE! Many multi-user operating sys-tems
provide ways for any user to see the current command line of any other
user; even on stand-alone
systems there is always the threat of over-the-shoulder peeking.
Storing the plaintext password as
part of a command line in an automated script is even worse. Whenever
possible, use the non-echoing,
interactive prompt to enter passwords. (And where security is truly
important, use strong encryption
such as Pretty Good Privacy instead of the relatively weak encryption
provided by standard zipfile
utilities.)
==
Nick Stinemates ([EMAIL PROTECTED])
http://nick.stinemates.org
AIM: Nick Stinemates
MSN: [EMAIL PROTECTED]
Yahoo: [EMAIL PROTECTED]
==
Unfortunately I don't have any other ideas. Since PHP's implementation
of ZIP does not have password features you're left with the following
options:
* Write your own implementation based on RFC
* Write an interface to another app which can zip the file for you
* Something else I can't think of ;x
Sorry I don't have any other ideas.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Protected ZIP file with password
Unfortunately I don't have access to this family of methods because security
policy. Lefting this way out, I didn't find anyway on how to do that. If you
have any idea or know any module can do that, I'll appreciate to know too!
Thanks in advance,
Petrus Bastos.
On Feb 17, 2008 2:30 PM, Daniel Brown [EMAIL PROTECTED] wrote:
On Feb 16, 2008 3:39 PM, Petrus Bastos [EMAIL PROTECTED] wrote:
Hey folks,
Do you know how can I create a protected zip file with password? Is
there anyway? I've search on the internet, but without success.
If you have system() access, use something in the exec() family
(and be sure to properly sanitize that). Otherwise, there is probably
a PEAR or PECL module that will do the work for you.
--
/Dan
Daniel P. Brown
Senior Unix Geek
? while(1) { $me = $mind--; sleep(86400); } ?
Re: [PHP] Better DB Class MySQL
On Thursday 14 February 2008, Richard Lynch wrote: On Sun, February 10, 2008 9:31 am, Jochem Maas wrote: Larry Garfield schreef: http://www.php.net/pdo All the cool kids are doing it. not true - some of them use firebird ;-) And some have figured out that PDO does not quite live up to its promise (yet) and needs some more work... Particularly for the commercial DBs, as I understand it... You say that like I care about non-open-source databases. It's not PDO's fault that Oracle still thinks it's 1988. :-) Even if you're just using MySQL, PDO is far nicer than ext/mysql and ext/mysqli is not widely installed enough to be useful for those of us who have to deal with shared hosts. -- Larry Garfield AIM: LOLG42 [EMAIL PROTECTED] ICQ: 6817012 If nature has made any one thing less susceptible than all others of exclusive property, it is the action of the thinking power called an idea, which an individual may exclusively possess as long as he keeps it to himself; but the moment it is divulged, it forces itself into the possession of every one, and the receiver cannot dispossess himself of it. -- Thomas Jefferson -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Protected ZIP file with password
Nick,
I thank you help! But unfortunalety I didn't find way to do this. I'll
continue trying. If you have any other idea, I'll appreciate to hear!
Best regards,
Petrus Bastos.
On Feb 17, 2008 4:57 PM, Nick Stinemates [EMAIL PROTECTED] wrote:
Petrus Bastos wrote:
Hi Nick,
Sorry, but I forgot to tell you that I can't use this exec neither
system commands because they are disabled for security precautions. So,
Do
you have any other ideas on how can I do that?
Thanks for your help,
Petrus Bastos.
On Feb 17, 2008 5:15 AM, Nick Stinemates [EMAIL PROTECTED] wrote:
Petrus Bastos wrote:
Hey folks,
Do you know how can I create a protected zip file with password?
Is
there anyway? I've search on the internet, but without success.
Thank's in advance,
Petrus Bastos.
The easiest way to accomplish this would be to write a wrapper function
using the zip tool provided by (almost every) Linux distribution.
?php
function zip($directory, $password, $saveAs) {
return exec(zip -r $saveAs -P $password $directory;
}
print zip(/home/nick, mypass, /tmp/homebackup.zip);
?
Please note: the -P flag can be monitored on the local system so it is
considered insecure.
If you're going to be accepting input, you should also wrap your
variables in escapeshellarg()
http://us3.php.net/zip
http://us.php.net/manual/en/function.exec.php
from the zip manual entry
THIS IS INSECURE! Many multi-user operating sys-tems
provide ways for any user to see the current command line of any other
user; even on stand-alone
systems there is always the threat of over-the-shoulder peeking.
Storing the plaintext password as
part of a command line in an automated script is even worse. Whenever
possible, use the non-echoing,
interactive prompt to enter passwords. (And where security is truly
important, use strong encryption
such as Pretty Good Privacy instead of the relatively weak
encryption
provided by standard zipfile
utilities.)
==
Nick Stinemates ([EMAIL PROTECTED])
http://nick.stinemates.org
AIM: Nick Stinemates
MSN: [EMAIL PROTECTED]
Yahoo: [EMAIL PROTECTED]
==
Unfortunately I don't have any other ideas. Since PHP's implementation
of ZIP does not have password features you're left with the following
options:
* Write your own implementation based on RFC
* Write an interface to another app which can zip the file for you
* Something else I can't think of ;x
Sorry I don't have any other ideas.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] separating strings from extensions
i am using this code to get the extension of a filename: $extension = strtolower(strrchr($fileName,.)); how can i get the text BEFORE the . (period) ? thanks in advance. -e -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] separating strings from extensions
On Monday 18 February 2008 00:10:30 John Meyer wrote:
Daniel Brown wrote:
On Feb 17, 2008 5:37 PM, nihilism machine [EMAIL PROTECTED]
wrote:
i am using this code to get the extension of a filename:
$extension = strtolower(strrchr($fileName,.));
how can i get the text BEFORE the . (period)
You can STFW and RTFM. This list should never be your first place
to ask simple questions.
In any case
?
$split = explode('.',strtolower($fileName));
$name = $split[0];
$ext = $split[1];
?
Flame job aside, that's going to fail on a compound extension such as
.tar.gz by just returning .tar
so.
it.will.fail.this.one.to.txt
and a fix would also fail because you would have to hardcord everygoddamn
ending if thats what youre after. How many do you care to count for?
I would say stick with the last dot, if its not particulary often you stumble
over those .tar.bz2 endings.
what does he want to upload anyway?
Oi you, whats yer task?
--
---
Børge Holen
http://www.arivene.net
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] separating strings from extensions
Daniel Brown wrote:
On Feb 17, 2008 5:37 PM, nihilism machine [EMAIL PROTECTED] wrote:
i am using this code to get the extension of a filename:
$extension = strtolower(strrchr($fileName,.));
how can i get the text BEFORE the . (period)
You can STFW and RTFM. This list should never be your first place
to ask simple questions.
In any case
?
$split = explode('.',strtolower($fileName));
$name = $split[0];
$ext = $split[1];
?
Flame job aside, that's going to fail on a compound extension such as
.tar.gz by just returning .tar
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] separating strings from extensions
On Feb 17, 2008 5:37 PM, nihilism machine [EMAIL PROTECTED] wrote:
i am using this code to get the extension of a filename:
$extension = strtolower(strrchr($fileName,.));
how can i get the text BEFORE the . (period)
You can STFW and RTFM. This list should never be your first place
to ask simple questions.
In any case
?
$split = explode('.',strtolower($fileName));
$name = $split[0];
$ext = $split[1];
?
--
/Dan
Daniel P. Brown
Senior Unix Geek
? while(1) { $me = $mind--; sleep(86400); } ?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] separating strings from extensions
Børge Holen wrote:
On Monday 18 February 2008 00:10:30 John Meyer wrote:
Daniel Brown wrote:
On Feb 17, 2008 5:37 PM, nihilism machine [EMAIL PROTECTED]
wrote:
i am using this code to get the extension of a filename:
$extension = strtolower(strrchr($fileName,.));
how can i get the text BEFORE the . (period)
You can STFW and RTFM. This list should never be your first place
to ask simple questions.
In any case
?
$split = explode('.',strtolower($fileName));
$name = $split[0];
$ext = $split[1];
?
Flame job aside, that's going to fail on a compound extension such as
.tar.gz by just returning .tar
so.
it.will.fail.this.one.to.txt
and a fix would also fail because you would have to hardcord everygoddamn
ending if thats what youre after. How many do you care to count for?
I would say stick with the last dot, if its not particulary often you stumble
over those .tar.bz2 endings.
You could also stick with the first, i.e.:
?
$split = explode('.',strtolower($fileName),1);
$name = $split[0];
$ext = $split[1];
?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] separating strings from extensions
John Meyer wrote:
Børge Holen wrote:
On Monday 18 February 2008 00:10:30 John Meyer wrote:
Daniel Brown wrote:
On Feb 17, 2008 5:37 PM, nihilism machine
[EMAIL PROTECTED]
wrote:
i am using this code to get the extension of a filename:
$extension = strtolower(strrchr($fileName,.));
how can i get the text BEFORE the . (period)
You can STFW and RTFM. This list should never be your first place
to ask simple questions.
In any case
?
$split = explode('.',strtolower($fileName));
$name = $split[0];
$ext = $split[1];
?
Flame job aside, that's going to fail on a compound extension such as
.tar.gz by just returning .tar
so.
it.will.fail.this.one.to.txt
and a fix would also fail because you would have to hardcord
everygoddamn ending if thats what youre after. How many do you care
to count for?
I would say stick with the last dot, if its not particulary often you
stumble over those .tar.bz2 endings.
You could also stick with the first, i.e.:
?
$split = explode('.',strtolower($fileName),1);
$name = $split[0];
$ext = $split[1];
?
Or you can stop spreading bad advice and listen to Brady Mitchell
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Session destruction problem
Adil Drissi wrote: Hi everybody, I need help with sessions. I have a simple authentification relying only on sessions (i don't use cookies). After the user submits his username and password, the script checks if that corresponds to a record in a mysql table. If this is the case $_SESSION['sessioname'] = $_POST['login'];. the $_SESSION['sessioname'] is checked in subsequent pages to see if the user is connected or not. The problem is after the user logs out, and after that uses the previous button of the browser he becomes connected. How can i prevent this please. Here is my logout.php: ?php session_start(); unset($_SESSION[sessioname]); session_destroy(); header(location: index.php); ? Thank you for advance Looking for last minute shopping deals? Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping I don't think they are reconnected. What happens if they logout, then hit back, then hit refresh? Are they loggedin? Probably not. It may just appear that way because the back bottom brings up a cache of the previous page. But once the user tries to do anything that requires that they be loggedin, I doubt they can. -Shawn -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] separating strings from extensions
On Feb 17, 2008, at 256PM, Daniel Brown wrote: On Feb 17, 2008 5:37 PM, nihilism machine [EMAIL PROTECTED] wrote: i am using this code to get the extension of a filename: $extension = strtolower(strrchr($fileName,.)); how can i get the text BEFORE the . (period) You can STFW and RTFM. This list should never be your first place to ask simple questions. PLEASE start using the PHP manual! http://php.net/pathinfo http://php.net/basename Brady -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] upload issue
nihilism machine wrote:
any idea why this fails?this is the error: Sorry, there was a problem
uploading your file
It can't move the file to the $target location, or maybe the file wasn't
uploaded properly in the first place.
What's in $_FILES['uploaded']['error'] ?
http://www.php.net/manual/en/features.file-upload.errors.php
if (move_uploaded_file($_FILES['uploaded']['tmp_name'], $target)) {
// Error
echo File was uploaded!;
} else {
echo Sorry, there was a problem uploading your file.;
}
chmod($target, 0755);
Files do not need to be 0755, they should be 0644 unless you want them
to actually run something (eg they are a shell script or perl script
that you'd run from the cmd line).
--
Postgresql php tutorials
http://www.designmagick.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] upload issue
Børge Holen wrote:
On Sunday 17 February 2008 19:22:03 nihilism machine wrote:
any idea why this fails?this is the error: Sorry, there was a problem
uploading your file
?php
require_once(classes/db.class.php);
$target = ;
$fileName = basename( $_FILES['uploaded']['name']);
$extension = strtolower(strrchr($fileName,.));
$DB = new DB();
$insertID = $DB-insert_sql(INSERT INTO CMS_Media (File_Name) VALUES
(''));
$target = media/ . $insertID . $extension;
//echo $target;
if (move_uploaded_file($_FILES['uploaded']['tmp_name'], $target)) {
// Error
echo File was uploaded!;
} else {
echo Sorry, there was a problem uploading your file.;
}
chmod($target, 0755);
header(Location: crop.php?imageName=$newFileName);
?
This looks weird. is this actually anything: $_FILES['uploaded']['tmp_name'].
I always used $_FILES['tmp_name'], $_FILES['name'] and such
According to php docs it's always a multi-dimensional array:
http://www.php.net/manual/en/features.file-upload.php
The 'uploaded' is what you call the file input in your form.
--
Postgresql php tutorials
http://www.designmagick.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] upload issue
On Monday 18 February 2008 00:59:31 Chris wrote:
Børge Holen wrote:
On Sunday 17 February 2008 19:22:03 nihilism machine wrote:
any idea why this fails?this is the error: Sorry, there was a problem
uploading your file
?php
require_once(classes/db.class.php);
$target = ;
$fileName = basename( $_FILES['uploaded']['name']);
$extension = strtolower(strrchr($fileName,.));
$DB = new DB();
$insertID = $DB-insert_sql(INSERT INTO CMS_Media (File_Name) VALUES
(''));
$target = media/ . $insertID . $extension;
//echo $target;
if (move_uploaded_file($_FILES['uploaded']['tmp_name'], $target)) {
// Error
echo File was uploaded!;
} else {
echo Sorry, there was a problem uploading your file.;
}
chmod($target, 0755);
header(Location: crop.php?imageName=$newFileName);
?
This looks weird. is this actually anything:
$_FILES['uploaded']['tmp_name']. I always used $_FILES['tmp_name'],
$_FILES['name'] and such
According to php docs it's always a multi-dimensional array:
http://www.php.net/manual/en/features.file-upload.php
The 'uploaded' is what you call the file input in your form.
oh well, as long as it works for me, thanks for the info
--
Postgresql php tutorials
http://www.designmagick.com/
--
---
Børge Holen
http://www.arivene.net
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Protected ZIP file with password
Petrus Bastos wrote: Unfortunately I don't have access to this family of methods because security policy. Lefting this way out, I didn't find anyway on how to do that. If you have any idea or know any module can do that, I'll appreciate to know too! See if the pear package does what you want: http://pear.php.net/package/File_Archive -- Postgresql php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Better DB Class MySQL
On Feb 17, 2008 3:49 PM, Larry Garfield [EMAIL PROTECTED] wrote: On Thursday 14 February 2008, Richard Lynch wrote: On Sun, February 10, 2008 9:31 am, Jochem Maas wrote: Larry Garfield schreef: http://www.php.net/pdo All the cool kids are doing it. not true - some of them use firebird ;-) And some have figured out that PDO does not quite live up to its promise (yet) and needs some more work... Particularly for the commercial DBs, as I understand it... You say that like I care about non-open-source databases. It's not PDO's fault that Oracle still thinks it's 1988. :-) Even if you're just using MySQL, PDO is far nicer than ext/mysql and ext/mysqli is not widely installed enough to be useful for those of us who have to deal with shared hosts. You say that like you're the only person using PHP for databases. ;-) Perhaps you don't care; some of us do. (SQL Server in my case, not Oracle.) I like the idea of PDO, but I don't like the way a couple things work with regard to parameterized queries and some things just flat out don't work right. Andrew
Re: [PHP] Protected ZIP file with password
Chris, Thanks for your help, but I think that package can't make what I want. But , I appreciate your help anyway and if you have any other ideas, please let me know! :) Thanks, Petrus Bastos. On Feb 17, 2008 10:38 PM, Chris [EMAIL PROTECTED] wrote: Petrus Bastos wrote: Unfortunately I don't have access to this family of methods because security policy. Lefting this way out, I didn't find anyway on how to do that. If you have any idea or know any module can do that, I'll appreciate to know too! See if the pear package does what you want: http://pear.php.net/package/File_Archive -- Postgresql php tutorials http://www.designmagick.com/
Re: [PHP] Re: Session destruction problem
Well, i'm doing all that. Maybe something is wrong in my code. I'll arrange my code in a way that it will be easy to run and i'll post it. I think like that, you'll see by yourself and you gonna help to fix that for sure. Thank you --- Shawn McKenzie [EMAIL PROTECTED] wrote: Adil Drissi wrote: Hi everybody, I need help with sessions. I have a simple authentification relying only on sessions (i don't use cookies). After the user submits his username and password, the script checks if that corresponds to a record in a mysql table. If this is the case $_SESSION['sessioname'] = $_POST['login'];. the $_SESSION['sessioname'] is checked in subsequent pages to see if the user is connected or not. The problem is after the user logs out, and after that uses the previous button of the browser he becomes connected. How can i prevent this please. Here is my logout.php: ?php session_start(); unset($_SESSION[sessioname]); session_destroy(); header(location: index.php); ? Thank you for advance Looking for last minute shopping deals? Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping I don't think they are reconnected. What happens if they logout, then hit back, then hit refresh? Are they loggedin? Probably not. It may just appear that way because the back bottom brings up a cache of the previous page. But once the user tries to do anything that requires that they be loggedin, I doubt they can. -Shawn -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Never miss a thing. Make Yahoo your home page. http://www.yahoo.com/r/hs -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Protected ZIP file with password
Petrus Bastos wrote: Chris, Thanks for your help, but I think that package can't make what I want. But , I appreciate your help anyway and if you have any other ideas, please let me know! :) Thanks, Petrus Bastos. On Feb 17, 2008 10:38 PM, Chris [EMAIL PROTECTED] wrote: Petrus Bastos wrote: Unfortunately I don't have access to this family of methods because security policy. Lefting this way out, I didn't find anyway on how to do that. If you have any idea or know any module can do that, I'll appreciate to know too! See if the pear package does what you want: http://pear.php.net/package/File_Archive -- Postgresql php tutorials http://www.designmagick.com/ I'm sure you know what you're doing, but maybe you'd be better off letting us know the task / process to better understand what you'd like to accomplish. From there, since it's obvious that PHP does not have built in password functions, and that exec() is out of the question; maybe we can figure out how to move onward. -- == Nick Stinemates ([EMAIL PROTECTED]) http://nick.stinemates.org AIM: Nick Stinemates MSN: [EMAIL PROTECTED] Yahoo: [EMAIL PROTECTED] == -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Session destruction problem
Adil Drissi wrote: Well, i'm doing all that. Maybe something is wrong in my code. I'll arrange my code in a way that it will be easy to run and i'll post it. I think like that, you'll see by yourself and you gonna help to fix that for sure. Thank you --- Shawn McKenzie [EMAIL PROTECTED] wrote: Adil Drissi wrote: Hi everybody, I need help with sessions. I have a simple authentification relying only on sessions (i don't use cookies). After the user submits his username and password, the script checks if that corresponds to a record in a mysql table. If this is the case $_SESSION['sessioname'] = $_POST['login'];. the $_SESSION['sessioname'] is checked in subsequent pages to see if the user is connected or not. The problem is after the user logs out, and after that uses the previous button of the browser he becomes connected. How can i prevent this please. Here is my logout.php: ?php session_start(); unset($_SESSION[sessioname]); session_destroy(); header(location: index.php); ? Thank you for advance Looking for last minute shopping deals? Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping I don't think they are reconnected. What happens if they logout, then hit back, then hit refresh? Are they loggedin? Probably not. It may just appear that way because the back bottom brings up a cache of the previous page. But once the user tries to do anything that requires that they be loggedin, I doubt they can. -Shawn -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Never miss a thing. Make Yahoo your home page. http://www.yahoo.com/r/hs From the code you've shown it should work fine, but you might do unset($_SESSION); or $_SESSION = array(); instead of unset($_SESSION[sessioname]);. Regardless, the fact is that the page you see is cached and I can't believe that after logout you can go back and then click a link to another page and still be loggedin. -Shawn -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
