Re: [PHP] SESSIONS vs. MySQL
On 19 Sep 2008, at 22:33, Philip Thompson wrote: On Sep 19, 2008, at 4:01 PM, Stut wrote: On 19 Sep 2008, at 21:44, Philip Thompson wrote: On Sep 19, 2008, at 1:12 PM, Stut wrote: On 19 Sep 2008, at 18:47, Philip Thompson wrote: 6. Begin transaction 7. Lock user session row 8. Update user session 9. Commit transaction If all you're doing is issuing an update command there is no need to do so in a transaction and definitely no need to lock the row. An update is atomic. Maybe what you actually mean to do here is lock it before you get the session data, make changes to it and then unlock it once you're done changing it. Doing that would likely keep the row locked for the entire duration of a request which can start causing problems as traffic increases. I'm starting the transaction because MySQL "SELECT... FOR UPDATE" requires a transaction to lock the row. But now that I think about it... the reason we use the lock is so that we don't have collisions in data - specifically here the user session. However, the user session row is only accessed by a single user (his/her own). And since they can only be logged in at one location, there's virtually no way for a collision. Right? I can remove queries 6, 7, and 9, right? Yes, you only need the update statement. Ok, here, only the update is needed. But for other locations where multiple users may be accessing the same record, I should lock it. Yes and no. If all you're going to do while it's locked is issue the update statement then it's pointless. However, if you need to prevent anyone from updating the row from when you read it to when you write it back then you need to lock it for the duration. Note that these are the 10 queries that happen after the initial SESSION load. I supposed I could reduce this by 1 or 2 queries - I could store the page id/information in the session. Now with that said, the queries are negligible (in elapsed time) and required. However, I'm always open up to suggestions/improvements =D You may think they're required, but I'm betting they're not if you really think about it. However, if your DB can handle it then why fix something that ain't broken. It can handle it now. But I'm not worried about now. We have less than 10 clients/offices using the app. This may grow up to 100 within the next year. That's when there's gonna be lots and lots of data and we may start to see a slow down. That's not even close to a large number of users, but it depends a lot on what else the servers you're hosting it on are being used for. A client may have 1 user or 50 users. It's not the user-size I'm concerned about. This software is for doctor's offices. So, last week when we had our first import from another practice management system (aptly acronym'd, PMS), our patient records jumped from about 1,000 to 65,000. That's just 1 client! Now, I still know that's not a whole lot, but multiply that by 100 clients in the next year: 64000 * 100 = 6.4 million patient records. That's more of a significant number. Not particularly, and to be honest the traffic to the site will be your problem, not the number of users or records stored on it. Queries can always be optimised but the architecture of the site is harder and more expensive to change. We're using a dedicated server that hosts the website and the database. I *know* we're going to need to expand... but that's beyond my control as a mere pawn. As of today, it's okay. Sounds like you've got an easy sharding option so you should be ok. Once you outgrow that single server it should be pretty simple to put a redirector on to a main server which will redirect after login to another server (shard) which contains all the data for that client. This is commonly the easiest sharding scenario to implement but it only works so long as a single client doesn't outgrow a single server. -Stut -- http://stut.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSIONS vs. MySQL
On Sep 19, 2008, at 4:01 PM, Stut wrote: On 19 Sep 2008, at 21:44, Philip Thompson wrote: On Sep 19, 2008, at 1:12 PM, Stut wrote: On 19 Sep 2008, at 18:47, Philip Thompson wrote: 4. Grab user privs IMHO you should only grab these when you need them. I will need these on most pages anyway. Because of the architecture, the security class (which uses these a lot) is a separate part. Fair enough, but I would suggest this is an ideal candidate for being kept in the session. Yes, I agree - these can prob be moved into the session. 5. Grab user session (for application) Again, why isn't this already in $_SESSION for every page request expect the first per visit? This "user session" deals with merely keeping up with the time - how long has it been since this user accessed the site? Keep logged in? Logged in elsewhere? This uses the db and cookies. Note, this was designed into the app from the beginning... using the _SESSION var is new to the app as of this week. Yes, we can probably move this functionality into the new _SESSION stuff Sounds like a lot of work for little benefit, but it sounds like it might be hard to remove so I'd probably live with it for a while too. It may be some work... but it doesn't make sense to have session stuff in two different places. (I inherited this architecture, so I've been limited as to what I can do to some extent.) The question I have to ask myself now... will it be worth it in the future to have moved the session stuff to 1 class now? And do I have the time/resources to? =D 6. Begin transaction 7. Lock user session row 8. Update user session 9. Commit transaction If all you're doing is issuing an update command there is no need to do so in a transaction and definitely no need to lock the row. An update is atomic. Maybe what you actually mean to do here is lock it before you get the session data, make changes to it and then unlock it once you're done changing it. Doing that would likely keep the row locked for the entire duration of a request which can start causing problems as traffic increases. I'm starting the transaction because MySQL "SELECT... FOR UPDATE" requires a transaction to lock the row. But now that I think about it... the reason we use the lock is so that we don't have collisions in data - specifically here the user session. However, the user session row is only accessed by a single user (his/her own). And since they can only be logged in at one location, there's virtually no way for a collision. Right? I can remove queries 6, 7, and 9, right? Yes, you only need the update statement. Ok, here, only the update is needed. But for other locations where multiple users may be accessing the same record, I should lock it. Note that these are the 10 queries that happen after the initial SESSION load. I supposed I could reduce this by 1 or 2 queries - I could store the page id/information in the session. Now with that said, the queries are negligible (in elapsed time) and required. However, I'm always open up to suggestions/improvements =D You may think they're required, but I'm betting they're not if you really think about it. However, if your DB can handle it then why fix something that ain't broken. It can handle it now. But I'm not worried about now. We have less than 10 clients/offices using the app. This may grow up to 100 within the next year. That's when there's gonna be lots and lots of data and we may start to see a slow down. That's not even close to a large number of users, but it depends a lot on what else the servers you're hosting it on are being used for. A client may have 1 user or 50 users. It's not the user-size I'm concerned about. This software is for doctor's offices. So, last week when we had our first import from another practice management system (aptly acronym'd, PMS), our patient records jumped from about 1,000 to 65,000. That's just 1 client! Now, I still know that's not a whole lot, but multiply that by 100 clients in the next year: 64000 * 100 = 6.4 million patient records. That's more of a significant number. We're using a dedicated server that hosts the website and the database. I *know* we're going to need to expand... but that's beyond my control as a mere pawn. As of today, it's okay. The way I approach this stuff is always with the knowledge that the database is the most expensive resource in the infrastructure, so anything I can do to avoid using it when it's not strictly necessary is something I consider well-worth the effort. With the rise of frameworks and the lazy architectures it's pretty common to end up with this mass of DB access at the start of each request, but it won't scale and it leads to assumptions that are extremely expensive to find and fix when you do need to scale. Trust me, I've been there many times and it's been painful every time! Can y
Re: [PHP] SESSIONS vs. MySQL
On 19 Sep 2008, at 21:44, Philip Thompson wrote: On Sep 19, 2008, at 1:12 PM, Stut wrote: On 19 Sep 2008, at 18:47, Philip Thompson wrote: 4. Grab user privs IMHO you should only grab these when you need them. I will need these on most pages anyway. Because of the architecture, the security class (which uses these a lot) is a separate part. Fair enough, but I would suggest this is an ideal candidate for being kept in the session. 5. Grab user session (for application) Again, why isn't this already in $_SESSION for every page request expect the first per visit? This "user session" deals with merely keeping up with the time - how long has it been since this user accessed the site? Keep logged in? Logged in elsewhere? This uses the db and cookies. Note, this was designed into the app from the beginning... using the _SESSION var is new to the app as of this week. Yes, we can probably move this functionality into the new _SESSION stuff Sounds like a lot of work for little benefit, but it sounds like it might be hard to remove so I'd probably live with it for a while too. 6. Begin transaction 7. Lock user session row 8. Update user session 9. Commit transaction If all you're doing is issuing an update command there is no need to do so in a transaction and definitely no need to lock the row. An update is atomic. Maybe what you actually mean to do here is lock it before you get the session data, make changes to it and then unlock it once you're done changing it. Doing that would likely keep the row locked for the entire duration of a request which can start causing problems as traffic increases. I'm starting the transaction because MySQL "SELECT... FOR UPDATE" requires a transaction to lock the row. But now that I think about it... the reason we use the lock is so that we don't have collisions in data - specifically here the user session. However, the user session row is only accessed by a single user (his/her own). And since they can only be logged in at one location, there's virtually no way for a collision. Right? I can remove queries 6, 7, and 9, right? Yes, you only need the update statement. Note that these are the 10 queries that happen after the initial SESSION load. I supposed I could reduce this by 1 or 2 queries - I could store the page id/information in the session. Now with that said, the queries are negligible (in elapsed time) and required. However, I'm always open up to suggestions/improvements =D You may think they're required, but I'm betting they're not if you really think about it. However, if your DB can handle it then why fix something that ain't broken. It can handle it now. But I'm not worried about now. We have less than 10 clients/offices using the app. This may grow up to 100 within the next year. That's when there's gonna be lots and lots of data and we may start to see a slow down. That's not even close to a large number of users, but it depends a lot on what else the servers you're hosting it on are being used for. The way I approach this stuff is always with the knowledge that the database is the most expensive resource in the infrastructure, so anything I can do to avoid using it when it's not strictly necessary is something I consider well-worth the effort. With the rise of frameworks and the lazy architectures it's pretty common to end up with this mass of DB access at the start of each request, but it won't scale and it leads to assumptions that are extremely expensive to find and fix when you do need to scale. Trust me, I've been there many times and it's been painful every time! Can you explain why it won't scale and may lead to assumptions? Sure. With an architecture like this you start to assume that X is available anywhere in your code because at the moment you know the framework loads it for you. This makes it exceedingly difficult to strip the initialisation code down if you end up needing to optimise the crap out of it. As far as scaling goes you're placing all the load on the database so if you get to a stage where you can no longer vertically scale the DB hardware you're left with a major rewrite of your entire codebase to allow it to scale horizontally. It's possible that your app is capable of being sharded across multiple servers but chances are that's still going to take major surgery to achieve. Some on the list may have noticed I'm a bit anal about scalability issues, but it's only because I've inherited several systems now that were never designed with scalability in mind and I ended up almost completely rewriting each one. Every new site I develop now is built so it's modular, can spread across multiple servers if/when needed and doesn't waste resources. No doubt most web developers never hit these problems, but I guess I've just been unlucky in that respect. -Stut -- http://stut.net/ -- PHP
Re: [PHP] SESSIONS vs. MySQL
On Fri, 2008-09-19 at 21:31 +0100, Stut wrote: > >> > >> I can modify this: > >> > >> http://webbytedd.com/bb/pdf/ > > > > He said EXPENSIVE you insensitive clod! > > Ahh, mood swings from ink poisoning? > > Tedd: Charge $100 per certificate, Rob'll buy one, maybe even two!! > > I've managed to avoid getting the Zend certification until now despite > many many people trying to convince me it's worth it. As both an > employee and an employer I just don't see the value. The last practice > tests I saw were primarily memory tests - that's not a useful measure > in my book. I'm also in the camp of avoiding getting Zend certification. As you point out, it's merely a test on memorization of simple (and occasionally obscure) language constructs. It's hardly an example of how a person thinks, tackles problems, and can effectively develop solutions. Cheers, Rob. -- http://www.interjinn.com Application and Templating Framework for PHP -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSIONS vs. MySQL
Time's off by an hour :) I could have my graphic designer whip something up hehee :) On Sep 19, 2008, at 4:15 PM, tedd wrote: At 3:11 PM -0400 9/19/08, Eric Butera wrote: On Fri, Sep 19, 2008 at 2:50 PM, Robert Cummings <[EMAIL PROTECTED] > wrote: 4. lack of industry adoption There needs to be some sort of expensive test to certify one may wear the badge. Then it will have higher adoption rates. I can modify this: http://webbytedd.com/bb/pdf/ Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSIONS vs. MySQL
I have more questions/responses throughout... On Sep 19, 2008, at 1:12 PM, Stut wrote: On 19 Sep 2008, at 18:47, Philip Thompson wrote: I've narrowed it down to 10 initial queries... 1. Grab system config data (that's used in lots of places) Does it change often? No? Then cache it in a PHP script. Use var_export to create a file that you can include which will create the configuration array. Alternatively cache it in a Memcache instance which is where my system-wide config usually lives. Good idea. 2. Grab session data (for SESSION array) Meaning what? You say below that this is after the initial session load. What are you loading here and why is it being loaded on every page request if it's ending up in the $_SESSION array? Because I'm using your class, Stut, (at least as a reference) to store my sessions in the database. Hence, I have to pull them from the database. 3. Grab page id What does this do, how is it used, is it needed? I was able to add this to the SESSION. 4. Grab user privs IMHO you should only grab these when you need them. I will need these on most pages anyway. Because of the architecture, the security class (which uses these a lot) is a separate part. 5. Grab user session (for application) Again, why isn't this already in $_SESSION for every page request expect the first per visit? This "user session" deals with merely keeping up with the time - how long has it been since this user accessed the site? Keep logged in? Logged in elsewhere? This uses the db and cookies. Note, this was designed into the app from the beginning... using the _SESSION var is new to the app as of this week. Yes, we can probably move this functionality into the new _SESSION stuff 6. Begin transaction 7. Lock user session row 8. Update user session 9. Commit transaction If all you're doing is issuing an update command there is no need to do so in a transaction and definitely no need to lock the row. An update is atomic. Maybe what you actually mean to do here is lock it before you get the session data, make changes to it and then unlock it once you're done changing it. Doing that would likely keep the row locked for the entire duration of a request which can start causing problems as traffic increases. I'm starting the transaction because MySQL "SELECT... FOR UPDATE" requires a transaction to lock the row. But now that I think about it... the reason we use the lock is so that we don't have collisions in data - specifically here the user session. However, the user session row is only accessed by a single user (his/her own). And since they can only be logged in at one location, there's virtually no way for a collision. Right? I can remove queries 6, 7, and 9, right? 10. Add page tracking (an insert-only table that keeps track of pages you visit) I handle this using files and then have an offline processor to push that data into the database. If all you're doing is adding a row to the table you probably don't need this, but we do a fair amount of work for each page view to record the data in a set of tables designed for meaningful and speedy retrieval. Note that these are the 10 queries that happen after the initial SESSION load. I supposed I could reduce this by 1 or 2 queries - I could store the page id/information in the session. Now with that said, the queries are negligible (in elapsed time) and required. However, I'm always open up to suggestions/improvements =D You may think they're required, but I'm betting they're not if you really think about it. However, if your DB can handle it then why fix something that ain't broken. It can handle it now. But I'm not worried about now. We have less than 10 clients/offices using the app. This may grow up to 100 within the next year. That's when there's gonna be lots and lots of data and we may start to see a slow down. The way I approach this stuff is always with the knowledge that the database is the most expensive resource in the infrastructure, so anything I can do to avoid using it when it's not strictly necessary is something I consider well-worth the effort. With the rise of frameworks and the lazy architectures it's pretty common to end up with this mass of DB access at the start of each request, but it won't scale and it leads to assumptions that are extremely expensive to find and fix when you do need to scale. Trust me, I've been there many times and it's been painful every time! Can you explain why it won't scale and may lead to assumptions? Oh, and by scale I don't necessarily mean to tens of millions of page views a month. Scalability is as much about going from 10 visitor a day to 1000 as it is from 1000 to several million. -Stut Thanks, ~Philip -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSIONS vs. MySQL
On Fri, Sep 19, 2008 at 4:31 PM, Stut <[EMAIL PROTECTED]> wrote: > On 19 Sep 2008, at 21:22, Robert Cummings wrote: >> >> On Fri, 2008-09-19 at 16:15 -0400, tedd wrote: >>> >>> At 3:11 PM -0400 9/19/08, Eric Butera wrote: On Fri, Sep 19, 2008 at 2:50 PM, Robert Cummings <[EMAIL PROTECTED]> wrote: > > 4. lack of industry adoption There needs to be some sort of expensive test to certify one may wear the badge. Then it will have higher adoption rates. >>> >>> >>> I can modify this: >>> >>> http://webbytedd.com/bb/pdf/ >> >> He said EXPENSIVE you insensitive clod! > > Ahh, mood swings from ink poisoning? > > Tedd: Charge $100 per certificate, Rob'll buy one, maybe even two!! > > I've managed to avoid getting the Zend certification until now despite many > many people trying to convince me it's worth it. As both an employee and an > employer I just don't see the value. The last practice tests I saw were > primarily memory tests - that's not a useful measure in my book. > > -Stut > > -- > http://stut.net/ > Bingo. :) I can search php.net/ in 5 seconds to know the odd param order of some string function if I forget. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Calculation assistance.. :)
Eric ... I LOVE YOU... Thanks -- Stephen Johnson c | eh The Lone Coder http://www.thelonecoder.com continuing the struggle against bad code http://www.fortheloveofgeeks.com I¹m a geek and I¹m OK! -- > From: Eric Gorr <[EMAIL PROTECTED]> > Date: Fri, 19 Sep 2008 16:13:49 -0400 > To: Stephen Johnson <[EMAIL PROTECTED]> > Cc: PHP list - not junk > Subject: Re: [PHP] Calculation assistance.. :) > > You originally had: > > $nPrincipal * ( $nMonthlyInterest / (1 - (1 + $nMonthlyInterest) ^ - > $iMonths)) > > which, translate to in PHP > > $nPrincipal * ( $nMonthlyInterest / (1 - pow( ( 1 + > $nMonthlyInterest ), -$iMonths ) ) ) > > > > > On Sep 19, 2008, at 3:48 PM, Stephen Johnson wrote: > >> Right ... But that is producing even funkier results... >> >> doing pow( (1-(1+$nMonthlyInterest)) , ($iMonths*-1) ) ; >> >> Gives me : >> >> 4.2502451372964E-35 = 25000 * (0.00104167 / 6.1270975733019E >> +35); >> >> >>> From: Eric Gorr <[EMAIL PROTECTED]> >>> >>> I believe what you are looking is: >>> >>> http://us2.php.net/manual/en/function.pow.php >>> >>> number pow ( number $base , number $exp ) >>> Returns base raised to the power of exp >>> >>> >>> >>> On Sep 19, 2008, at 3:34 PM, Stephen Johnson wrote: >>> OK.. Math is NOT my forte ... I am converting a site from ASP to PHP ... And this calc is in the ASP Code : $nMonthlyInterest = $nRate / (12 * 100) //' Calculate monthly payment $nPayment = $nPrincipal * ( $nMonthlyInterest / (1 - (1 + $nMonthlyInterest) ^ -$iMonths)) Which then gives me in PHP 0.00104167 = 1.25 / (12 * 100); -2.170138889 = 25000 * ( 0.00104167 / (1 - (1 + 0.00104167) ^ -12)) :: ^ is the problem ... The solution SHOULD be 2,097.47 ... Not 2.17 Would be willing to help correct this and make it valid in PHP? >>> >> >> > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSIONS vs. MySQL
On 19 Sep 2008, at 21:22, Robert Cummings wrote: On Fri, 2008-09-19 at 16:15 -0400, tedd wrote: At 3:11 PM -0400 9/19/08, Eric Butera wrote: On Fri, Sep 19, 2008 at 2:50 PM, Robert Cummings <[EMAIL PROTECTED] > wrote: 4. lack of industry adoption There needs to be some sort of expensive test to certify one may wear the badge. Then it will have higher adoption rates. I can modify this: http://webbytedd.com/bb/pdf/ He said EXPENSIVE you insensitive clod! Ahh, mood swings from ink poisoning? Tedd: Charge $100 per certificate, Rob'll buy one, maybe even two!! I've managed to avoid getting the Zend certification until now despite many many people trying to convince me it's worth it. As both an employee and an employer I just don't see the value. The last practice tests I saw were primarily memory tests - that's not a useful measure in my book. -Stut -- http://stut.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSIONS vs. MySQL
On Fri, 2008-09-19 at 16:15 -0400, tedd wrote: > At 3:11 PM -0400 9/19/08, Eric Butera wrote: > >On Fri, Sep 19, 2008 at 2:50 PM, Robert Cummings <[EMAIL PROTECTED]> wrote: > >> 4. lack of industry adoption > > > >There needs to be some sort of expensive test to certify one may wear > >the badge. Then it will have higher adoption rates. > > > I can modify this: > > http://webbytedd.com/bb/pdf/ He said EXPENSIVE you insensitive clod! Cheers, Rob. -- http://www.interjinn.com Application and Templating Framework for PHP -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Calculation assistance.. :)
I think you need to do pow((1+$nMonthlyInterest),($iMonths*-1)) Eugene Stephen Johnson wrote: > Right ... But that is producing even funkier results... > > doing pow( (1-(1+$nMonthlyInterest)) , ($iMonths*-1) ) ; > > Gives me : > > 4.2502451372964E-35 = 25000 * (0.00104167 / 6.1270975733019E+35); > > > -- > Stephen Johnson c | eh > The Lone Coder > > http://www.thelonecoder.com > continuing the struggle against bad code > > http://www.fortheloveofgeeks.com > I¹m a geek and I¹m OK! > -- > > > > >> From: Eric Gorr <[EMAIL PROTECTED]> >> >> I believe what you are looking is: >> >> http://us2.php.net/manual/en/function.pow.php >> >> number pow ( number $base , number $exp ) >> Returns base raised to the power of exp >> >> >> >> On Sep 19, 2008, at 3:34 PM, Stephen Johnson wrote: >> >>> OK.. Math is NOT my forte ... >>> >>> I am converting a site from ASP to PHP ... And this calc is in the >>> ASP Code >>> : >>> >>>$nMonthlyInterest = $nRate / (12 * 100) >>> >>>//' Calculate monthly payment >>>$nPayment = $nPrincipal * ( $nMonthlyInterest / (1 - (1 + >>> $nMonthlyInterest) ^ -$iMonths)) >>> >>> Which then gives me in PHP >>> 0.00104167 = 1.25 / (12 * 100); >>> -2.170138889 = 25000 * ( 0.00104167 / (1 - (1 + >>> 0.00104167) ^ -12)) :: >>> >>> ^ is the problem ... >>> >>> The solution SHOULD be 2,097.47 ... Not 2.17 >>> >>> Would be willing to help correct this and make it valid in PHP? > > > -- - Eugene Mah, M.Sc., DABR [EMAIL PROTECTED] Medical Physicist/Misplaced Canuck[EMAIL PROTECTED] Department of Radiology [EMAIL PROTECTED] Medical University of South Carolina "For I am a Bear of Very Little Charleston, South Carolina Brain, and long words Bother http://www.netcom.com/~eugenem/me." Winnie the Pooh http://radinfo.musc.edu/~eugenem/blog/ PGP KeyID = 0x1F9779FD, 0x319393F4 PGP keys available on request ICQ 3113529 O- - -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSIONS vs. MySQL
At 3:11 PM -0400 9/19/08, Eric Butera wrote: On Fri, Sep 19, 2008 at 2:50 PM, Robert Cummings <[EMAIL PROTECTED]> wrote: 4. lack of industry adoption There needs to be some sort of expensive test to certify one may wear the badge. Then it will have higher adoption rates. I can modify this: http://webbytedd.com/bb/pdf/ Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Calculation assistance.. :)
You originally had: $nPrincipal * ( $nMonthlyInterest / (1 - (1 + $nMonthlyInterest) ^ - $iMonths)) which, translate to in PHP $nPrincipal * ( $nMonthlyInterest / (1 - pow( ( 1 + $nMonthlyInterest ), -$iMonths ) ) ) On Sep 19, 2008, at 3:48 PM, Stephen Johnson wrote: Right ... But that is producing even funkier results... doing pow( (1-(1+$nMonthlyInterest)) , ($iMonths*-1) ) ; Gives me : 4.2502451372964E-35 = 25000 * (0.00104167 / 6.1270975733019E +35); From: Eric Gorr <[EMAIL PROTECTED]> I believe what you are looking is: http://us2.php.net/manual/en/function.pow.php number pow ( number $base , number $exp ) Returns base raised to the power of exp On Sep 19, 2008, at 3:34 PM, Stephen Johnson wrote: OK.. Math is NOT my forte ... I am converting a site from ASP to PHP ... And this calc is in the ASP Code : $nMonthlyInterest = $nRate / (12 * 100) //' Calculate monthly payment $nPayment = $nPrincipal * ( $nMonthlyInterest / (1 - (1 + $nMonthlyInterest) ^ -$iMonths)) Which then gives me in PHP 0.00104167 = 1.25 / (12 * 100); -2.170138889 = 25000 * ( 0.00104167 / (1 - (1 + 0.00104167) ^ -12)) :: ^ is the problem ... The solution SHOULD be 2,097.47 ... Not –2.17 Would be willing to help correct this and make it valid in PHP? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSIONS vs. MySQL
On Sep 19, 2008, at 1:12 PM, Stut wrote: On 19 Sep 2008, at 18:47, Philip Thompson wrote: I've narrowed it down to 10 initial queries... 1. Grab system config data (that's used in lots of places) Does it change often? No? Then cache it in a PHP script. Use var_export to create a file that you can include which will create the configuration array. Alternatively cache it in a Memcache instance which is where my system-wide config usually lives. 2. Grab session data (for SESSION array) Meaning what? You say below that this is after the initial session load. What are you loading here and why is it being loaded on every page request if it's ending up in the $_SESSION array? 3. Grab page id What does this do, how is it used, is it needed? 4. Grab user privs IMHO you should only grab these when you need them. 5. Grab user session (for application) Again, why isn't this already in $_SESSION for every page request expect the first per visit? 6. Begin transaction 7. Lock user session row 8. Update user session 9. Commit transaction If all you're doing is issuing an update command there is no need to do so in a transaction and definitely no need to lock the row. An update is atomic. Maybe what you actually mean to do here is lock it before you get the session data, make changes to it and then unlock it once you're done changing it. Doing that would likely keep the row locked for the entire duration of a request which can start causing problems as traffic increases. 10. Add page tracking (an insert-only table that keeps track of pages you visit) I handle this using files and then have an offline processor to push that data into the database. If all you're doing is adding a row to the table you probably don't need this, but we do a fair amount of work for each page view to record the data in a set of tables designed for meaningful and speedy retrieval. Note that these are the 10 queries that happen after the initial SESSION load. I supposed I could reduce this by 1 or 2 queries - I could store the page id/information in the session. Now with that said, the queries are negligible (in elapsed time) and required. However, I'm always open up to suggestions/improvements =D You may think they're required, but I'm betting they're not if you really think about it. However, if your DB can handle it then why fix something that ain't broken. The way I approach this stuff is always with the knowledge that the database is the most expensive resource in the infrastructure, so anything I can do to avoid using it when it's not strictly necessary is something I consider well-worth the effort. With the rise of frameworks and the lazy architectures it's pretty common to end up with this mass of DB access at the start of each request, but it won't scale and it leads to assumptions that are extremely expensive to find and fix when you do need to scale. Trust me, I've been there many times and it's been painful every time! Oh, and by scale I don't necessarily mean to tens of millions of page views a month. Scalability is as much about going from 10 visitor a day to 1000 as it is from 1000 to several million. -Stut Robert/Stut, Thanks for your words of wisdom. ;) I will take what you've said back to my team for us to discuss. That's why I like this list - allows me to view the problem(s) from a different angle, or two. ;) ~Philip -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Calculation assistance.. :)
Right ... But that is producing even funkier results... doing pow( (1-(1+$nMonthlyInterest)) , ($iMonths*-1) ) ; Gives me : 4.2502451372964E-35 = 25000 * (0.00104167 / 6.1270975733019E+35); -- Stephen Johnson c | eh The Lone Coder http://www.thelonecoder.com continuing the struggle against bad code http://www.fortheloveofgeeks.com I¹m a geek and I¹m OK! -- > From: Eric Gorr <[EMAIL PROTECTED]> > > I believe what you are looking is: > > http://us2.php.net/manual/en/function.pow.php > > number pow ( number $base , number $exp ) > Returns base raised to the power of exp > > > > On Sep 19, 2008, at 3:34 PM, Stephen Johnson wrote: > >> OK.. Math is NOT my forte ... >> >> I am converting a site from ASP to PHP ... And this calc is in the >> ASP Code >> : >> >>$nMonthlyInterest = $nRate / (12 * 100) >> >>//' Calculate monthly payment >>$nPayment = $nPrincipal * ( $nMonthlyInterest / (1 - (1 + >> $nMonthlyInterest) ^ -$iMonths)) >> >> Which then gives me in PHP >> 0.00104167 = 1.25 / (12 * 100); >> -2.170138889 = 25000 * ( 0.00104167 / (1 - (1 + >> 0.00104167) ^ -12)) :: >> >> ^ is the problem ... >> >> The solution SHOULD be 2,097.47 ... Not 2.17 >> >> Would be willing to help correct this and make it valid in PHP? > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Calculation assistance.. :)
I believe what you are looking is: http://us2.php.net/manual/en/function.pow.php number pow ( number $base , number $exp ) Returns base raised to the power of exp On Sep 19, 2008, at 3:34 PM, Stephen Johnson wrote: OK.. Math is NOT my forte ... I am converting a site from ASP to PHP ... And this calc is in the ASP Code : $nMonthlyInterest = $nRate / (12 * 100) //' Calculate monthly payment $nPayment = $nPrincipal * ( $nMonthlyInterest / (1 - (1 + $nMonthlyInterest) ^ -$iMonths)) Which then gives me in PHP 0.00104167 = 1.25 / (12 * 100); -2.170138889 = 25000 * ( 0.00104167 / (1 - (1 + 0.00104167) ^ -12)) :: ^ is the problem ... The solution SHOULD be 2,097.47 ... Not –2.17 Would be willing to help correct this and make it valid in PHP? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Calculation assistance.. :)
OK.. Math is NOT my forte ... I am converting a site from ASP to PHP ... And this calc is in the ASP Code : $nMonthlyInterest = $nRate / (12 * 100) //' Calculate monthly payment $nPayment = $nPrincipal * ( $nMonthlyInterest / (1 - (1 + $nMonthlyInterest) ^ -$iMonths)) Which then gives me in PHP 0.00104167 = 1.25 / (12 * 100); -2.170138889 = 25000 * ( 0.00104167 / (1 - (1 + 0.00104167) ^ -12)) :: ^ is the problem ... The solution SHOULD be 2,097.47 ... Not 2.17 Would be willing to help correct this and make it valid in PHP? -- Stephen Johnson c | eh The Lone Coder http://www.thelonecoder.com continuing the struggle against bad code http://www.fortheloveofgeeks.com I¹m a geek and I¹m OK! --
Re: [PHP] SESSIONS vs. MySQL
On 19 Sep 2008, at 19:50, Robert Cummings wrote: On Fri, 2008-09-19 at 19:32 +0100, Stut wrote: Anyways, where can I get a coder badge, they sound cool!! ;) I just draw one with a pen on my chest to show interviewers. So far it really hasn't worked out well but I've narrowed the problem down to the following four possibilities: 1. they don't like to see my pudgy body when I take my shirt off to show it off I'll take your word for that! 2. they're blinded by the light... my glowing white northern European complexion exacerbated by flourescent office lighting Yeah, I'm gonna ignore that one too. 3. they're not impressed enough with my ball point pen artwork Possible. I've always found it difficult to draw on myself in the mirror. 4. lack of industry adoption This one sounds like a winner. In my experience employers don't assign any importance to non-standard qualifications, even if they are hand- drawn badges. So far I'm leaning towards a combination of 1 and 2 ;) Yeah, probably 1 more than 2. This makes me wonder if there really are any idiots out there who've had the PHP logo tattooed somewhere on their person. Scary thought. -Stut -- http://stut.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] how to recognize CSV file?
Eric Butera wrote: > On Fri, Sep 19, 2008 at 3:14 PM, Afan Pasalic <[EMAIL PROTECTED]> wrote: > >> Eric Butera wrote: >> >>> On Fri, Sep 19, 2008 at 2:59 PM, Afan Pasalic <[EMAIL PROTECTED]> wrote: >>> >>> hi, I have form where administrator has toupload csv file to update dome data in mysql. I was trying to validate entered file but got some crazy stuff I don't understand: for the same uploaded csv file, in different browser I'll get different results: Windows machine and IE: $_FILES['UploadedFile']['type'] = 'text/plain' Windows machine and Firefox: $_FILES['UploadedFile']['type'] = 'application/octet-stream' Windows machine and Opera: $_FILES['UploadedFile']['type'] = 'comma-separated-values' Windows machine and Chrome: $_FILES['UploadedFile']['type'] = '' (doesn't show anything! empty?!?!!??) openSuse machine and Firefox: $_FILES['UploadedFile']['type'] = 'text/csv' openSuse machine and Opera: $_FILES['UploadedFile']['type'] = 'text/comma-separated-values' openSuse machine and Konqueror: $_FILES['UploadedFile']['type'] = 'text/csv' ok. what's CORRECT way to validate uploaded file? thanks. -afan >>> Get the mime type of the uploaded tmp file, no what the browser sends. >>> >>> >> Fatal error: Call to undefined function mime_content_type() in /srv/www/... >> >> it looks like Mimetype is not installed on my server >> :-) >> >> >> >> >> > > Do you have fileinfo? It's a php5 pecl extension. Aside from that > I'm not really sure. This is how I always test files since browser > mime type is unreliable/spoofable. > Fatal error: Call to undefined function finfo_open() in /srv/www/... no luck :-) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSIONS vs. MySQL
On Fri, Sep 19, 2008 at 2:50 PM, Robert Cummings <[EMAIL PROTECTED]> wrote: >4. lack of industry adoption There needs to be some sort of expensive test to certify one may wear the badge. Then it will have higher adoption rates. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] how to recognize CSV file?
On Fri, Sep 19, 2008 at 2:59 PM, Afan Pasalic <[EMAIL PROTECTED]> wrote: > hi, > I have form where administrator has toupload csv file to update dome > data in mysql. > I was trying to validate entered file but got some crazy stuff I don't > understand: > > for the same uploaded csv file, in different browser I'll get different > results: > > Windows machine and IE: $_FILES['UploadedFile']['type'] = 'text/plain' > Windows machine and Firefox: $_FILES['UploadedFile']['type'] = > 'application/octet-stream' > Windows machine and Opera: $_FILES['UploadedFile']['type'] = > 'comma-separated-values' > Windows machine and Chrome: $_FILES['UploadedFile']['type'] = '' > (doesn't show anything! empty?!?!!??) > openSuse machine and Firefox: $_FILES['UploadedFile']['type'] = 'text/csv' > openSuse machine and Opera: $_FILES['UploadedFile']['type'] = > 'text/comma-separated-values' > openSuse machine and Konqueror: $_FILES['UploadedFile']['type'] = 'text/csv' > > ok. what's CORRECT way to validate uploaded file? > > thanks. > > -afan Get the mime type of the uploaded tmp file, no what the browser sends. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] how to recognize CSV file?
hi, I have form where administrator has toupload csv file to update dome data in mysql. I was trying to validate entered file but got some crazy stuff I don't understand: for the same uploaded csv file, in different browser I'll get different results: Windows machine and IE: $_FILES['UploadedFile']['type'] = 'text/plain' Windows machine and Firefox: $_FILES['UploadedFile']['type'] = 'application/octet-stream' Windows machine and Opera: $_FILES['UploadedFile']['type'] = 'comma-separated-values' Windows machine and Chrome: $_FILES['UploadedFile']['type'] = '' (doesn't show anything! empty?!?!!??) openSuse machine and Firefox: $_FILES['UploadedFile']['type'] = 'text/csv' openSuse machine and Opera: $_FILES['UploadedFile']['type'] = 'text/comma-separated-values' openSuse machine and Konqueror: $_FILES['UploadedFile']['type'] = 'text/csv' ok. what's CORRECT way to validate uploaded file? thanks. -afan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Associative array issues with loading values after initialization
I found the issue. The whitespace in between $list as $k => $V was all not truly whitespace. Gotta love BBEdit... Thomas Bolioli wrote: I hav ebeen able to track down that this is the part not working. It throws a parse error: PHP Parse error: syntax error, unexpected T_VARIABLE on the line where the foreach loop starts. function dropbox_from_list(&$list, $selected_index){ foreach ($list as $k => $v) { if (strcmp($selected_index, $k) == 0) { $select = ' SELECTED'; } else { $select = ''; } print "$v"; } } b wrote: Thomas Bolioli wrote: I should add, it is not working with this funciton, which could be the source of the issue. function dropbox_from_list($list, $selected_index){ while ($nex = next($list)) { I'd use foreach() here and avoid next(). At least, reset the array first. And maybe pass the array by reference: function dropbox_from_list(&$list, $selected_index) { foreach($list as $k => $v) { $k = key($nex); if (strcmp($selected_index, $k) == 0) { $select = ' SELECTED'; } else { $select = ''; } print("value='".$k."'".$select.">".$nex[$k].""); } } Maybe you should also add what it is that's "not working". Thomas Bolioli wrote: The below function is not working. function crm_get_country_list(){ global $dbh; $result = mysql_query("SELECT * FROM countries ORDER BY pk_country_id ASC", $dbh) or die(mysql_error()); $country_list = array(' ' =>' '); Are you starting with an empty key & value so that you'll have an empty option in your select list? Why not just print an empty one? while ($row = mysql_fetch_assoc($result)){ $country_list[$row['pk_countryID']] = $row['country_name']; } return $country_list; } Start with the obvious: what does $country_list contain when it's returned? Again, some details about what you're getting would go a long way toward getting some advice. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSIONS vs. MySQL
On Fri, 2008-09-19 at 19:32 +0100, Stut wrote: > On 19 Sep 2008, at 19:20, Robert Cummings wrote: > > On Fri, 2008-09-19 at 19:12 +0100, Stut wrote: > >> > >> Oh, and by scale I don't necessarily mean to tens of millions of page > >> views a month. > > > > Someone needs to take away your coder badge if you make a site that > > can't handle 1000 views a day :) > > > > Not withstanding extreme edge cases doing unlikely processing for the > > typical website :B > > Have you seen some of the "advanced" websites kicked out by design > companies? > > Also consider the sites that get stuck on shared servers with 1000's > of sites per machine using database servers with 1000's of DBs where > limiting your resource usage can become the difference between a > snappy site and one that nobody will use! And then try convincing your > local plumber that it's worth paying more than £2 a month for their > hosting! > > Actually, scrap that. It's usually the design company that's > overloading their dedicated server, the plumber is then stuck paying > £25+ a month + content change charges when they don't know any better. > > Anyways, where can I get a coder badge, they sound cool!! ;) I just draw one with a pen on my chest to show interviewers. So far it really hasn't worked out well but I've narrowed the problem down to the following four possibilities: 1. they don't like to see my pudgy body when I take my shirt off to show it off 2. they're blinded by the light... my glowing white northern European complexion exacerbated by flourescent office lighting 3. they're not impressed enough with my ball point pen artwork 4. lack of industry adoption So far I'm leaning towards a combination of 1 and 2 ;) Cheers, Rob. -- http://www.interjinn.com Application and Templating Framework for PHP -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSIONS vs. MySQL
On 19 Sep 2008, at 19:20, Robert Cummings wrote: On Fri, 2008-09-19 at 19:12 +0100, Stut wrote: Oh, and by scale I don't necessarily mean to tens of millions of page views a month. Someone needs to take away your coder badge if you make a site that can't handle 1000 views a day :) Not withstanding extreme edge cases doing unlikely processing for the typical website :B Have you seen some of the "advanced" websites kicked out by design companies? Also consider the sites that get stuck on shared servers with 1000's of sites per machine using database servers with 1000's of DBs where limiting your resource usage can become the difference between a snappy site and one that nobody will use! And then try convincing your local plumber that it's worth paying more than £2 a month for their hosting! Actually, scrap that. It's usually the design company that's overloading their dedicated server, the plumber is then stuck paying £25+ a month + content change charges when they don't know any better. Anyways, where can I get a coder badge, they sound cool!! ;) -Stut -- http://stut.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSIONS vs. MySQL
On Fri, 2008-09-19 at 19:12 +0100, Stut wrote: > > Oh, and by scale I don't necessarily mean to tens of millions of page > views a month. Someone needs to take away your coder badge if you make a site that can't handle 1000 views a day :) Not withstanding extreme edge cases doing unlikely processing for the typical website :B Cheers, Rob. -- http://www.interjinn.com Application and Templating Framework for PHP -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSIONS vs. MySQL
On 19 Sep 2008, at 18:47, Philip Thompson wrote: I've narrowed it down to 10 initial queries... 1. Grab system config data (that's used in lots of places) Does it change often? No? Then cache it in a PHP script. Use var_export to create a file that you can include which will create the configuration array. Alternatively cache it in a Memcache instance which is where my system-wide config usually lives. 2. Grab session data (for SESSION array) Meaning what? You say below that this is after the initial session load. What are you loading here and why is it being loaded on every page request if it's ending up in the $_SESSION array? 3. Grab page id What does this do, how is it used, is it needed? 4. Grab user privs IMHO you should only grab these when you need them. 5. Grab user session (for application) Again, why isn't this already in $_SESSION for every page request expect the first per visit? 6. Begin transaction 7. Lock user session row 8. Update user session 9. Commit transaction If all you're doing is issuing an update command there is no need to do so in a transaction and definitely no need to lock the row. An update is atomic. Maybe what you actually mean to do here is lock it before you get the session data, make changes to it and then unlock it once you're done changing it. Doing that would likely keep the row locked for the entire duration of a request which can start causing problems as traffic increases. 10. Add page tracking (an insert-only table that keeps track of pages you visit) I handle this using files and then have an offline processor to push that data into the database. If all you're doing is adding a row to the table you probably don't need this, but we do a fair amount of work for each page view to record the data in a set of tables designed for meaningful and speedy retrieval. Note that these are the 10 queries that happen after the initial SESSION load. I supposed I could reduce this by 1 or 2 queries - I could store the page id/information in the session. Now with that said, the queries are negligible (in elapsed time) and required. However, I'm always open up to suggestions/improvements =D You may think they're required, but I'm betting they're not if you really think about it. However, if your DB can handle it then why fix something that ain't broken. The way I approach this stuff is always with the knowledge that the database is the most expensive resource in the infrastructure, so anything I can do to avoid using it when it's not strictly necessary is something I consider well-worth the effort. With the rise of frameworks and the lazy architectures it's pretty common to end up with this mass of DB access at the start of each request, but it won't scale and it leads to assumptions that are extremely expensive to find and fix when you do need to scale. Trust me, I've been there many times and it's been painful every time! Oh, and by scale I don't necessarily mean to tens of millions of page views a month. Scalability is as much about going from 10 visitor a day to 1000 as it is from 1000 to several million. -Stut -- http://stut.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSIONS vs. MySQL
On Fri, 2008-09-19 at 12:47 -0500, Philip Thompson wrote: > > > > Why do you have so many queries? Perhaps we can attack this issue > > from another angle. > > I've narrowed it down to 10 initial queries... > > 1. Grab system config data (that's used in lots of places) Why not use some form of cache system that writes the config data to a file containing PHP code. Then this can be included at run-time and benefit from compile cachee accelerators like eAccelerator and APC? > 2. Grab session data (for SESSION array) Fine. > 3. Grab page id Grab the page ID? Don't you already have it if you're on the page? > 4. Grab user privs This should be cached. Cache can be updated when you detect that user information has changed (do this when verifying user session). > 5. Grab user session (for application) How is this different than the session data? > 6. Begin transaction > 7. Lock user session row > 8. Update user session > 9. Commit transaction Are you performing a transaction with locking for a single table row update? Seems wasteful. I'm sure the above could just consist of the update. > 10. Add page tracking (an insert-only table that keeps track of pages > you visit) Fair enough. > Note that these are the 10 queries that happen after the initial > SESSION load. I supposed I could reduce this by 1 or 2 queries - I > could store the page id/information in the session. Now with that > said, the queries are negligible (in elapsed time) and required. > > However, I'm always open up to suggestions/improvements =D I agree, these queries are probably quite negligible. If your page is taking a long time to load there's probably lower hanging fruit for optmization attempts. The problem is determining what they are. Another thing to improve database queries btw, if you're not already doing it... is to use the direct socket connection if you are on the same server as the database. Cheers, Rob. -- http://www.interjinn.com Application and Templating Framework for PHP -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSIONS vs. MySQL
On Sep 19, 2008, at 11:10 AM, Eric Butera wrote: On Fri, Sep 19, 2008 at 12:05 PM, Philip Thompson <[EMAIL PROTECTED]> wrote: On Sep 19, 2008, at 10:54 AM, Wolf wrote: Philip Thompson <[EMAIL PROTECTED]> wrote: Hi all. Let me start out by saying, I have STFW and read through the list archives. Now that that's out of the way. To speed up our application, we want to implement using SESSIONs in some locations. Beforehand, on every page, we would run approximately 30-40 queries just to get the page setup - user information and other stuff. Now while we can't take away all of the setup queries, we would like to reduce the startup number. Ok, so I've implemented this in several places where information basically does not change from page to page. Jumping to the point/ question... when does it become more inefficient to store lots of information in SESSION variables than to run several more queries? Note, we are actually storing sessions in the database - so a read/ write is required on each page load - it's not file sessions. Now I know this can depend on the complexity of the queries and how much data is actually stored inside the sessions... but initial thoughts? To give you a number, the strlen of the _SESSION array is 325463 - which is equivalent to the number of bytes (I think). Thanks, ~Philip We carry a sh!tload of information in our session, without slowing anything down. In fact, it takes the servers longer to run a full query then to use the session information. But we use the $_SESSION information. Our first query sets everything up in the session and we take on from there, and use stuff from the $_SESSION to actually make the rest of the pages faster. 30-40 queries just to set up a page? That's an abomination that shouldn't see the light of day. Anything slower then 2 seconds without any interaction back to the users will be short-lived Wolf Even with 30-40 queries upon setup, it's very fast - less than 1 second... for now. We starting having speed issues in other locations. Hence, we decided to address every potential reason and possible slowndown in the future. Thanks for your input, Wolf. Any others storing sh!tloads in their SESSION array? =D ~Philip -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php I used to store objects in the session. I figured I used it a lot so why not. Then my app got really nasty and slow. Now I only store enough of the state to render the page. So instead of storing a complete user object I store the auth details to load a user object if needed. Only very simple parts of the state get loaded into my apps now. Now things are quite snappy again. Why do you have so many queries? Perhaps we can attack this issue from another angle. I've narrowed it down to 10 initial queries... 1. Grab system config data (that's used in lots of places) 2. Grab session data (for SESSION array) 3. Grab page id 4. Grab user privs 5. Grab user session (for application) 6. Begin transaction 7. Lock user session row 8. Update user session 9. Commit transaction 10. Add page tracking (an insert-only table that keeps track of pages you visit) Note that these are the 10 queries that happen after the initial SESSION load. I supposed I could reduce this by 1 or 2 queries - I could store the page id/information in the session. Now with that said, the queries are negligible (in elapsed time) and required. However, I'm always open up to suggestions/improvements =D Thanks, ~Phil -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Associative array issues with loading values after initialization
I hav ebeen able to track down that this is the part not working. It throws a parse error: PHP Parse error: syntax error, unexpected T_VARIABLE on the line where the foreach loop starts. function dropbox_from_list(&$list, $selected_index){ foreach ($list as $k => $v) { if (strcmp($selected_index, $k) == 0) { $select = ' SELECTED'; } else { $select = ''; } print "$v"; } } b wrote: Thomas Bolioli wrote: I should add, it is not working with this funciton, which could be the source of the issue. function dropbox_from_list($list, $selected_index){ while ($nex = next($list)) { I'd use foreach() here and avoid next(). At least, reset the array first. And maybe pass the array by reference: function dropbox_from_list(&$list, $selected_index) { foreach($list as $k => $v) { $k = key($nex); if (strcmp($selected_index, $k) == 0) { $select = ' SELECTED'; } else { $select = ''; } print("".$nex[$k].""); } } Maybe you should also add what it is that's "not working". Thomas Bolioli wrote: The below function is not working. function crm_get_country_list(){ global $dbh; $result = mysql_query("SELECT * FROM countries ORDER BY pk_country_id ASC", $dbh) or die(mysql_error()); $country_list = array(' ' =>' '); Are you starting with an empty key & value so that you'll have an empty option in your select list? Why not just print an empty one? while ($row = mysql_fetch_assoc($result)){ $country_list[$row['pk_countryID']] = $row['country_name']; } return $country_list; } Start with the obvious: what does $country_list contain when it's returned? Again, some details about what you're getting would go a long way toward getting some advice. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Associative array issues with loading values after initialization
Thomas Bolioli wrote: I should add, it is not working with this funciton, which could be the source of the issue. function dropbox_from_list($list, $selected_index){ while ($nex = next($list)) { I'd use foreach() here and avoid next(). At least, reset the array first. And maybe pass the array by reference: function dropbox_from_list(&$list, $selected_index) { foreach($list as $k => $v) { $k = key($nex); if (strcmp($selected_index, $k) == 0) { $select = ' SELECTED'; } else { $select = ''; } print("".$nex[$k].""); } } Maybe you should also add what it is that's "not working". Thomas Bolioli wrote: The below function is not working. function crm_get_country_list(){ global $dbh; $result = mysql_query("SELECT * FROM countries ORDER BY pk_country_id ASC", $dbh) or die(mysql_error()); $country_list = array(' ' =>' '); Are you starting with an empty key & value so that you'll have an empty option in your select list? Why not just print an empty one? while ($row = mysql_fetch_assoc($result)){ $country_list[$row['pk_countryID']] = $row['country_name']; } return $country_list; } Start with the obvious: what does $country_list contain when it's returned? Again, some details about what you're getting would go a long way toward getting some advice. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Passing variables between pages
At 12:42 PM -0400 9/19/08, Dan Joseph wrote: On Fri, Sep 19, 2008 at 12:35 PM, tedd <[EMAIL PROTECTED]> wrote: At 12:22 PM -0400 9/19/08, Jason Pruim wrote: It's interesting that another topic (i.e. [PHP] SESSIONS vs. MySQL) is discussing the differences in storing variables in SESSIONS as compared to > storing them in MySQL when using this technique would not require either. You've definitely raised an interesting topic. Question though... a system requires different levels of access to see various parts of the system. How does your method of doing things w/o sessions accomidate that? Does it use that information from the origin POST? Also, is this secure? Any loop holes? I don't see any loop holes and it's secure as any other php script. The technique holds all variables intact, including POST, GET, SESSION, et all arrays. This does work -- as shown by this: http://www.webbytedd.com/bb/tedd/index.php Here's another example: http://www.webbytedd.com/bb/php-run-php/ Note that $test is defined and populated with "This is a test" at the start of the parent script -- however, the contents of the variable remain regardless of which script you choose. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Associative array issues with loading values after initialization
This came straight out of the docs and it doesn't even work. It throws PHP Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING on the line "'one' => 1," What is wrong with how I am trying to do this loop?? Thanks, Tom $a = array( 'one' => 1, 'two' => 2, 'three' => 3, 'seventeen' => 17 ); foreach ($a as $k => $v) { echo "\$a[$k] => $v.\n"; } Thomas Bolioli wrote: I should add, it is not working with this funciton, which could be the source of the issue. function dropbox_from_list($list, $selected_index){ while ($nex = next($list)) { $k = key($nex); if (strcmp($selected_index, $k) == 0) { $select = ' SELECTED'; } else { $select = ''; } print("".$nex[$k].""); } } Thomas Bolioli wrote: The below function is not working. function crm_get_country_list(){ global $dbh; $result = mysql_query("SELECT * FROM countries ORDER BY pk_country_id ASC", $dbh) or die(mysql_error()); $country_list = array(' ' =>' '); while ($row = mysql_fetch_assoc($result)){ $country_list[$row['pk_countryID']] = $row['country_name']; } return $country_list; } I know how to write this in perl but for some reason, when I write it in PHP it doesn't work. In perl it would be (roughly): function crm_get_country_list(){ global $dbh; $result = mysql_query("SELECT * FROM countries ORDER BY pk_country_id ASC", $dbh) or die(mysql_error()); my %country_list; while ($row = mysql_fetch_assoc($result)){ $country_list[$row['pk_countryID']] = $row['country_name']; } return \%country_list; } What am I doing wrong here? Thanks in advance, Tom -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Associative array issues with loading values after initialization
I should add, it is not working with this funciton, which could be the source of the issue. function dropbox_from_list($list, $selected_index){ while ($nex = next($list)) { $k = key($nex); if (strcmp($selected_index, $k) == 0) { $select = ' SELECTED'; } else { $select = ''; } print("".$nex[$k].""); } } Thomas Bolioli wrote: The below function is not working. function crm_get_country_list(){ global $dbh; $result = mysql_query("SELECT * FROM countries ORDER BY pk_country_id ASC", $dbh) or die(mysql_error()); $country_list = array(' ' =>' '); while ($row = mysql_fetch_assoc($result)){ $country_list[$row['pk_countryID']] = $row['country_name']; } return $country_list; } I know how to write this in perl but for some reason, when I write it in PHP it doesn't work. In perl it would be (roughly): function crm_get_country_list(){ global $dbh; $result = mysql_query("SELECT * FROM countries ORDER BY pk_country_id ASC", $dbh) or die(mysql_error()); my %country_list; while ($row = mysql_fetch_assoc($result)){ $country_list[$row['pk_countryID']] = $row['country_name']; } return \%country_list; } What am I doing wrong here? Thanks in advance, Tom -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSIONS vs. MySQL
Use memcached based session handler Regards Sancar -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Associative array issues with loading values after initialization
The below function is not working. function crm_get_country_list(){ global $dbh; $result = mysql_query("SELECT * FROM countries ORDER BY pk_country_id ASC", $dbh) or die(mysql_error()); $country_list = array(' ' =>' '); while ($row = mysql_fetch_assoc($result)){ $country_list[$row['pk_countryID']] = $row['country_name']; } return $country_list; } I know how to write this in perl but for some reason, when I write it in PHP it doesn't work. In perl it would be (roughly): function crm_get_country_list(){ global $dbh; $result = mysql_query("SELECT * FROM countries ORDER BY pk_country_id ASC", $dbh) or die(mysql_error()); my %country_list; while ($row = mysql_fetch_assoc($result)){ $country_list[$row['pk_countryID']] = $row['country_name']; } return \%country_list; } What am I doing wrong here? Thanks in advance, Tom -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] wrong behaviour with is_subclass_of() ??
Johannes Mueller schreef: Jochem Maas wrote: B implements I because B subclasses A and A implements I, I is not a base class. try the experiment with is_a() instead. This was my starting point and is_subclass_of() was a sub-ordinate target, because i needed it on the class-side of life and not the instantiated way. also you should preferablly use the instanceof syntax: class_implements() would solve all these problems were well! specifically looks at base classes ("extends"), I'm a little surprised that it even returns true for interfaces at all ("implements"). And this was the reason where it stops to make sense for me. And if you hadn't pointed this out, this would have been in my next email. I think the reason for the current behaviour is that interface can be seen as an 'is a' relationship. is_subclass_of() looks specifically for an 'is a' relationship with regard to whatever is above in the class heriarchy ... there is nothing above A so it will always return false for A. so it's a little odd, but logical at the same time ... now the namespaces implementation as it currently stands ... that's a little psychotic :-) Johannes -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Passing variables between pages
On Fri, Sep 19, 2008 at 12:35 PM, tedd <[EMAIL PROTECTED]> wrote: > At 12:22 PM -0400 9/19/08, Jason Pruim wrote: > > It's interesting that another topic (i.e. [PHP] SESSIONS vs. MySQL) is > discussing the differences in storing variables in SESSIONS as compared to > storing them in MySQL when using this technique would not require either. > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > You've definitely raised an interesting topic. Question though... a system requires different levels of access to see various parts of the system. How does your method of doing things w/o sessions accomidate that? Does it use that information from the origin POST? Also, is this secure? Any loop holes? -- -Dan Joseph www.canishosting.com - Plans start @ $1.99/month. "Build a man a fire, and he will be warm for the rest of the day. Light a man on fire, and will be warm for the rest of his life."
Re: [PHP] Passing variables between pages
At 12:22 PM -0400 9/19/08, Jason Pruim wrote: So if I'm understanding you right... You're suggesting that in my timecard app which has index.php (user login) and timecard.php (Actual time card app) I could simply load index.php and then on submit have it do this: ob_clean; include("timecard.php"); exit(); Putting that in a function, or a separate file... And then I have my variable intact and I still get to the second page without having to use sessions? Very interesting... This is something that I will have to play with more later... Yes, that's exactly right. You can go from script, to script, to script without ever using sessions -- everything remains in memory as if it's one large script. Of course, you still have to respect the scope of variables, such as being required to provide them to functions -- but all variables and arrays (even POST, GET and SESSION) will still have all their contents intact. It's interesting that another topic (i.e. [PHP] SESSIONS vs. MySQL) is discussing the differences in storing variables in SESSIONS as compared to storing them in MySQL when using this technique would not require either. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] wrong behaviour with is_subclass_of() ??
Jochem Maas wrote: B implements I because B subclasses A and A implements I, I is not a base class. try the experiment with is_a() instead. This was my starting point and is_subclass_of() was a sub-ordinate target, because i needed it on the class-side of life and not the instantiated way. also you should preferablly use the instanceof syntax: class_implements() would solve all these problems were well! specifically looks at base classes ("extends"), I'm a little surprised that it even returns true for interfaces at all ("implements"). And this was the reason where it stops to make sense for me. And if you hadn't pointed this out, this would have been in my next email. Johannes -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Passing variables between pages
On Sep 19, 2008, at 12:11 PM, tedd wrote: At 11:15 AM -0400 9/19/08, Jason Pruim wrote: It makes perfect sense... Was just trying to avoid sessions since this application will be limited to about 10 people and restricted to the company intranet :) But the script is still stateless regardless of the number of people or if it's limited to the company's intranet. In either event, when the user moves from one page to another page, all the variables are lost. So, you need to use sessions or cookies. However, there is another way, but it takes a little forethought. The technique is simply to continue the flow of a "single" script by using includes. Here's an example: http://www.webbytedd.com/bb/tedd/index.php The code behind this is very simple. You simply branch to other scripts by doing this: ob_clean; include('the-next-script.php"); exit(); This keeps ALL the variables intact because it acts like one large script. -- it's not stateless and this technique works. However, what I don't understand is why it isn't used more often? Unless there is something here I don't understand, I believe I could use this technique to write all the scripts I currently use without ever using a session variable. So if I'm understanding you right... You're suggesting that in my timecard app which has index.php (user login) and timecard.php (Actual time card app) I could simply load index.php and then on submit have it do this: ob_clean; include("timecard.php"); exit(); Putting that in a function, or a separate file... And then I have my variable intact and I still get to the second page without having to use sessions? Very interesting... This is something that I will have to play with more later... -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 11287 James St Holland, MI 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Passing variables between pages
At 11:20 AM -0400 9/19/08, Wolf wrote: But why go around your elbow to blow your nose? Wolf Yeah, "That's like pounding sand in a gopher hole" -- a phrase (one of many) that my wife uses that I have yet to understand. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Passing variables between pages
At 11:15 AM -0400 9/19/08, Jason Pruim wrote: It makes perfect sense... Was just trying to avoid sessions since this application will be limited to about 10 people and restricted to the company intranet :) But the script is still stateless regardless of the number of people or if it's limited to the company's intranet. In either event, when the user moves from one page to another page, all the variables are lost. So, you need to use sessions or cookies. However, there is another way, but it takes a little forethought. The technique is simply to continue the flow of a "single" script by using includes. Here's an example: http://www.webbytedd.com/bb/tedd/index.php The code behind this is very simple. You simply branch to other scripts by doing this: ob_clean; include('the-next-script.php"); exit(); This keeps ALL the variables intact because it acts like one large script. -- it's not stateless and this technique works. However, what I don't understand is why it isn't used more often? Unless there is something here I don't understand, I believe I could use this technique to write all the scripts I currently use without ever using a session variable. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSIONS vs. MySQL
On Fri, Sep 19, 2008 at 12:05 PM, Philip Thompson <[EMAIL PROTECTED]> wrote: > On Sep 19, 2008, at 10:54 AM, Wolf wrote: > >> Philip Thompson <[EMAIL PROTECTED]> wrote: >>> >>> Hi all. >>> >>> Let me start out by saying, I have STFW and read through the list >>> archives. Now that that's out of the way. >>> >>> To speed up our application, we want to implement using SESSIONs in >>> some locations. Beforehand, on every page, we would run approximately >>> 30-40 queries just to get the page setup - user information and other >>> stuff. Now while we can't take away all of the setup queries, we would >>> like to reduce the startup number. >>> >>> Ok, so I've implemented this in several places where information >>> basically does not change from page to page. Jumping to the point/ >>> question... when does it become more inefficient to store lots of >>> information in SESSION variables than to run several more queries? >>> Note, we are actually storing sessions in the database - so a read/ >>> write is required on each page load - it's not file sessions. >>> >>> Now I know this can depend on the complexity of the queries and how >>> much data is actually stored inside the sessions... but initial >>> thoughts? To give you a number, the strlen of the _SESSION array is >>> 325463 - which is equivalent to the number of bytes (I think). >>> >>> Thanks, >>> ~Philip >> >> We carry a sh!tload of information in our session, without slowing >> anything down. In fact, it takes the servers longer to run a full query >> then to use the session information. >> >> But we use the $_SESSION information. Our first query sets everything up >> in the session and we take on from there, and use stuff from the $_SESSION >> to actually make the rest of the pages faster. >> >> 30-40 queries just to set up a page? That's an abomination that shouldn't >> see the light of day. >> >> Anything slower then 2 seconds without any interaction back to the users >> will be short-lived >> >> Wolf > > Even with 30-40 queries upon setup, it's very fast - less than 1 second... > for now. We starting having speed issues in other locations. Hence, we > decided to address every potential reason and possible slowndown in the > future. > > Thanks for your input, Wolf. Any others storing sh!tloads in their SESSION > array? =D > > ~Philip > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > I used to store objects in the session. I figured I used it a lot so why not. Then my app got really nasty and slow. Now I only store enough of the state to render the page. So instead of storing a complete user object I store the auth details to load a user object if needed. Only very simple parts of the state get loaded into my apps now. Now things are quite snappy again. Why do you have so many queries? Perhaps we can attack this issue from another angle. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSIONS vs. MySQL
On Fri, Sep 19, 2008 at 12:05 PM, Philip Thompson <[EMAIL PROTECTED]>wrote: > On Sep 19, 2008, at 10:54 AM, Wolf wrote: > > Philip Thompson <[EMAIL PROTECTED]> wrote: >> >>> Hi all. >>> >>> Let me start out by saying, I have STFW and read through the list >>> archives. Now that that's out of the way. >>> >>> To speed up our application, we want to implement using SESSIONs in >>> some locations. Beforehand, on every page, we would run approximately >>> 30-40 queries just to get the page setup - user information and other >>> stuff. Now while we can't take away all of the setup queries, we would >>> like to reduce the startup number. >>> >>> Ok, so I've implemented this in several places where information >>> basically does not change from page to page. Jumping to the point/ >>> question... when does it become more inefficient to store lots of >>> information in SESSION variables than to run several more queries? >>> Note, we are actually storing sessions in the database - so a read/ >>> write is required on each page load - it's not file sessions. >>> >>> Now I know this can depend on the complexity of the queries and how >>> much data is actually stored inside the sessions... but initial >>> thoughts? To give you a number, the strlen of the _SESSION array is >>> 325463 - which is equivalent to the number of bytes (I think). >>> >>> Thanks, >>> ~Philip >>> >> >> We carry a sh!tload of information in our session, without slowing >> anything down. In fact, it takes the servers longer to run a full query >> then to use the session information. >> >> But we use the $_SESSION information. Our first query sets everything up >> in the session and we take on from there, and use stuff from the $_SESSION >> to actually make the rest of the pages faster. >> >> 30-40 queries just to set up a page? That's an abomination that shouldn't >> see the light of day. >> >> Anything slower then 2 seconds without any interaction back to the users >> will be short-lived >> >> Wolf >> > > Even with 30-40 queries upon setup, it's very fast - less than 1 second... > for now. We starting having speed issues in other locations. Hence, we > decided to address every potential reason and possible slowndown in the > future. > > Thanks for your input, Wolf. Any others storing sh!tloads in their SESSION > array? =D > > ~Philip > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > I'm storing a lot also. I store sessions in the database also, and utilize session_set_save_handler(). Works well, and less overhead. Like you said, you're under 1 second *NOW*. 1 second might actually even be a long time. -- -Dan Joseph www.canishosting.com - Plans start @ $1.99/month. "Build a man a fire, and he will be warm for the rest of the day. Light a man on fire, and will be warm for the rest of his life."
Re: [PHP] SESSIONS vs. MySQL
On 19 Sep 2008, at 17:05, Philip Thompson wrote: On Sep 19, 2008, at 10:54 AM, Wolf wrote: Philip Thompson <[EMAIL PROTECTED]> wrote: Hi all. Let me start out by saying, I have STFW and read through the list archives. Now that that's out of the way. To speed up our application, we want to implement using SESSIONs in some locations. Beforehand, on every page, we would run approximately 30-40 queries just to get the page setup - user information and other stuff. Now while we can't take away all of the setup queries, we would like to reduce the startup number. Ok, so I've implemented this in several places where information basically does not change from page to page. Jumping to the point/ question... when does it become more inefficient to store lots of information in SESSION variables than to run several more queries? Note, we are actually storing sessions in the database - so a read/ write is required on each page load - it's not file sessions. Now I know this can depend on the complexity of the queries and how much data is actually stored inside the sessions... but initial thoughts? To give you a number, the strlen of the _SESSION array is 325463 - which is equivalent to the number of bytes (I think). Thanks, ~Philip We carry a sh!tload of information in our session, without slowing anything down. In fact, it takes the servers longer to run a full query then to use the session information. But we use the $_SESSION information. Our first query sets everything up in the session and we take on from there, and use stuff from the $_SESSION to actually make the rest of the pages faster. 30-40 queries just to set up a page? That's an abomination that shouldn't see the light of day. Anything slower then 2 seconds without any interaction back to the users will be short-lived Wolf Even with 30-40 queries upon setup, it's very fast - less than 1 second... for now. We starting having speed issues in other locations. Hence, we decided to address every potential reason and possible slowndown in the future. Thanks for your input, Wolf. Any others storing sh!tloads in their SESSION array? =D How much of that data do you actually need on each request? I can't believe you need it all for every single page so why bother loading it? My take on storing stupid amounts of data in sessions: http:// stut.net/blog/2008/07/26/sessionless-sessions-2/ - take it or leave it. -Stut -- http://stut.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSIONS vs. MySQL
On Sep 19, 2008, at 10:54 AM, Wolf wrote: Philip Thompson <[EMAIL PROTECTED]> wrote: Hi all. Let me start out by saying, I have STFW and read through the list archives. Now that that's out of the way. To speed up our application, we want to implement using SESSIONs in some locations. Beforehand, on every page, we would run approximately 30-40 queries just to get the page setup - user information and other stuff. Now while we can't take away all of the setup queries, we would like to reduce the startup number. Ok, so I've implemented this in several places where information basically does not change from page to page. Jumping to the point/ question... when does it become more inefficient to store lots of information in SESSION variables than to run several more queries? Note, we are actually storing sessions in the database - so a read/ write is required on each page load - it's not file sessions. Now I know this can depend on the complexity of the queries and how much data is actually stored inside the sessions... but initial thoughts? To give you a number, the strlen of the _SESSION array is 325463 - which is equivalent to the number of bytes (I think). Thanks, ~Philip We carry a sh!tload of information in our session, without slowing anything down. In fact, it takes the servers longer to run a full query then to use the session information. But we use the $_SESSION information. Our first query sets everything up in the session and we take on from there, and use stuff from the $_SESSION to actually make the rest of the pages faster. 30-40 queries just to set up a page? That's an abomination that shouldn't see the light of day. Anything slower then 2 seconds without any interaction back to the users will be short-lived Wolf Even with 30-40 queries upon setup, it's very fast - less than 1 second... for now. We starting having speed issues in other locations. Hence, we decided to address every potential reason and possible slowndown in the future. Thanks for your input, Wolf. Any others storing sh!tloads in their SESSION array? =D ~Philip -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Passing variables between pages
Jason Pruim wrote: Hi everyone, Stupid question of the week... A array variable is not being passed between 2 pages. Are my options: #1. Use sessions? #2. Use cookies? #3. Use a hidden form to pass the variable's around? Here's some context... I am working on a timecard system where they are presented the main page, where they login they are brought to a screen where they need to clock in/out. It all starts working great, but when they clock in/out it loses the variable that says they are logged in so it tries to re-authenticate them which doesn't work since the username/password are no longer in the $_POST array... I can provide code if needed, but I think it's just a logic problem on my end :) -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 11287 James St Holland, MI 49424 www.raoset.com [EMAIL PROTECTED] Well actually these are the *obvious* options but by far not the only. These two for e.g. are extra options you have: http://www.php.net/manual/en/intro.msession.php http://www.php.net/manual/en/intro.memcache.php -- Thodoris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: __toString & friends
thx Thiago . I suggested there http://bugs.php.net/bug.php?id=46128 ""Thiago H. Pojda"" <[EMAIL PROTECTED]> a écrit dans le message de news: [EMAIL PROTECTED] http://bugs.php.net should help you out. In the bug reporting page there's a Feature request item (It's the 3rd item in the Type of bug select). Btw, I liked this idea :) On Fri, Sep 19, 2008 at 8:58 AM, Leurent Francois <[EMAIL PROTECTED]>wrote: > Is there any feature submission process were we could discuss of this > subject ? > > > "Colin Guthrie" <[EMAIL PROTECTED]> a écrit dans le message de news: > [EMAIL PROTECTED] > > Nathan Rixham wrote: > >> concurred; I recently made a class that turn's all objects into XML; > >> and > >> implented it in my __toString()'s :) > > > > In that case rather than __toBool() __toInt() etc. it should really > > support a magic __cast() method or similar. > > > > This method would contain a single argument that represents the type > (e.g. > > a class name or a builtin type > > > > function __cast($type) > > { > > switch ($type) > > { > > case 'string': > > return 'Foo'; > > case 'array': > > return array('Foo'); > > case 'DomDocument': > > // etc. > > } > > } > > > > And if you did: > > > > $foo = new MyClass; > > > > $xml = (DomDocument)$foo; > > > > It would return the result of __cast called with $type == 'DomDocument'. > > > > That would be nice and generic. > > > > I could see that being quite useful (tho' arguably, itmplementing a > cast() > > method is not that hard: > > > > $xml = $foo->cast('DomDocument'); > > > > It's not as neat tho' :) > > > > col > > > > -- > > > > Colin Guthrie > > gmane(at)colin.guthr.ie > > http://colin.guthr.ie/ > > > > Day Job: > > Tribalogic Limited [http://www.tribalogic.net/] > > Open Source: > > Mandriva Linux Contributor [http://www.mandriva.com/] > > PulseAudio Hacker [http://www.pulseaudio.org/] > > Trac Hacker [http://trac.edgewall.org/] > > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- Thiago Henrique Pojda -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSIONS vs. MySQL
Philip Thompson <[EMAIL PROTECTED]> wrote: > Hi all. > > Let me start out by saying, I have STFW and read through the list > archives. Now that that's out of the way. > > To speed up our application, we want to implement using SESSIONs in > some locations. Beforehand, on every page, we would run approximately > 30-40 queries just to get the page setup - user information and other > stuff. Now while we can't take away all of the setup queries, we would > like to reduce the startup number. > > Ok, so I've implemented this in several places where information > basically does not change from page to page. Jumping to the point/ > question... when does it become more inefficient to store lots of > information in SESSION variables than to run several more queries? > Note, we are actually storing sessions in the database - so a read/ > write is required on each page load - it's not file sessions. > > Now I know this can depend on the complexity of the queries and how > much data is actually stored inside the sessions... but initial > thoughts? To give you a number, the strlen of the _SESSION array is > 325463 - which is equivalent to the number of bytes (I think). > > Thanks, > ~Philip We carry a sh!tload of information in our session, without slowing anything down. In fact, it takes the servers longer to run a full query then to use the session information. But we use the $_SESSION information. Our first query sets everything up in the session and we take on from there, and use stuff from the $_SESSION to actually make the rest of the pages faster. 30-40 queries just to set up a page? That's an abomination that shouldn't see the light of day. Anything slower then 2 seconds without any interaction back to the users will be short-lived Wolf -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] wrong behaviour with is_subclass_of() ??
Johannes Müller schreef: Why does the following code outputs: B implements I because B subclasses A and A implements I, I is not a base class. try the experiment with is_a() instead. also you should preferablly use the instanceof syntax: I would expect the following output: A implements I B implements I Johannes -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Adding encryption to passwords
On Sep 19, 2008, at 9:00 AM, Nathan Rixham wrote: Per Jessen wrote: Thodoris wrote: So what do you think is the best way to use crypt, mcrypt, hash or perhaps md5 and what are really the differences because I am not sure if I get it right. We use md5 for that sort of thing. /Per Jessen, Zürich sha 256 is my prefered encryption, no collision to speak of or decrytion tables; also returns back a 64char string; which can be stored in a mysql BINARY(64) column which is v fast with the appropriate index. If you're using MySQL: http://dev.mysql.com/doc/refman/5.0/en/encryption-functions.html We use AES de/encryption. Works well. =D ~Philip -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Passing variables between pages
> Main page, login, $_SESSION gets set. What Dan says, Sessions is the way to go with anything where you have logins and need to do more stuff with the person. Easy to set up, easy to handle... Of course, if you want to do it without sessions, you could get the session ID when they login to the server, store it in a DB table that they are logged in, then if the session ID goes away, then you log them out and push them to the login page. But why go around your elbow to blow your nose? Wolf -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] SESSIONS vs. MySQL
Hi all. Let me start out by saying, I have STFW and read through the list archives. Now that that's out of the way. To speed up our application, we want to implement using SESSIONs in some locations. Beforehand, on every page, we would run approximately 30-40 queries just to get the page setup - user information and other stuff. Now while we can't take away all of the setup queries, we would like to reduce the startup number. Ok, so I've implemented this in several places where information basically does not change from page to page. Jumping to the point/ question... when does it become more inefficient to store lots of information in SESSION variables than to run several more queries? Note, we are actually storing sessions in the database - so a read/ write is required on each page load - it's not file sessions. Now I know this can depend on the complexity of the queries and how much data is actually stored inside the sessions... but initial thoughts? To give you a number, the strlen of the _SESSION array is 325463 - which is equivalent to the number of bytes (I think). Thanks, ~Philip -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Passing variables between pages
On Sep 19, 2008, at 11:08 AM, Dan Joseph wrote: On Fri, Sep 19, 2008 at 10:54 AM, Jason Pruim <[EMAIL PROTECTED]> wrote: Hi everyone, Stupid question of the week... A array variable is not being passed between 2 pages. Are my options: #1. Use sessions? #2. Use cookies? #3. Use a hidden form to pass the variable's around? Here's some context... I am working on a timecard system where they are presented the main page, where they login they are brought to a screen where they need to clock in/out. It all starts working great, but when they clock in/out it loses the variable that says they are logged in so it tries to re-authenticate them which doesn't work since the username/password are no longer in the $_POST array... I can provide code if needed, but I think it's just a logic problem on my end :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php If I am understanding correctly... It sounds like you need to pass that variable in your $_SESSION's. You'll want to carry that $_SESSION you established upon login over to the page that handles clicking in and out. From what I gather here, this is what I'd do. Main page, login, $_SESSION gets set. Click on check in, page to check in comes up, does a session_start(), and then you check for that $_SESSION variable to make sure its still them. Check on each page for that session var, if its gone, put 'em back to the log in page. Make sense? It makes perfect sense... Was just trying to avoid sessions since this application will be limited to about 10 people and restricted to the company intranet :) But I may just go down the session's route since I know how to work with those quite well... Thanks for the info! -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 11287 James St Holland, MI 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] wrong behaviour with is_subclass_of() ??
On 19 Sep 2008, at 15:58, Johannes Mueller wrote: Stut wrote: outputs: B implements I I would expect the following output: A implements I B implements I Because there is a big difference between extends and implements, one of which being that the class is not considered to be a subclass of an interface it implements. Seems entirely logical to me. But B is also no subclass of I - it just implements I as well as A. So there could be two possible straight solutions: 1. Neither A nor B is a subclass of I. 2. Both A and B are subclasses of I. A implements I therefore A *is not* a subclass of I. B extends I therefore B *is* a subclass of I. In the case of A it's simply stating that it implements every method defined by I. B on the other hand does not necessarily implement the methods defined in I, but those methods will still be available on instances of B but the code in I will be used. I don't see what's difficult to understand here. -Stut -- http://stut.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Passing variables between pages
On Fri, Sep 19, 2008 at 10:54 AM, Jason Pruim <[EMAIL PROTECTED]> wrote: > Hi everyone, > > Stupid question of the week... > > A array variable is not being passed between 2 pages. Are my options: > > #1. Use sessions? > > #2. Use cookies? > > #3. Use a hidden form to pass the variable's around? > > Here's some context... I am working on a timecard system where they are > presented the main page, where they login they are brought to a screen where > they need to clock in/out. It all starts working great, but when they clock > in/out it loses the variable that says they are logged in so it tries to > re-authenticate them which doesn't work since the username/password are no > longer in the $_POST array... > > I can provide code if needed, but I think it's just a logic problem on my > end :) > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > If I am understanding correctly... It sounds like you need to pass that variable in your $_SESSION's. You'll want to carry that $_SESSION you established upon login over to the page that handles clicking in and out. >From what I gather here, this is what I'd do. Main page, login, $_SESSION gets set. Click on check in, page to check in comes up, does a session_start(), and then you check for that $_SESSION variable to make sure its still them. Check on each page for that session var, if its gone, put 'em back to the log in page. Make sense? -- -Dan Joseph www.canishosting.com - Plans start @ $1.99/month. "Build a man a fire, and he will be warm for the rest of the day. Light a man on fire, and will be warm for the rest of his life."
Re: [PHP] wrong behaviour with is_subclass_of() ??
Stut wrote: outputs: B implements I I would expect the following output: A implements I B implements I Because there is a big difference between extends and implements, one of which being that the class is not considered to be a subclass of an interface it implements. Seems entirely logical to me. But B is also no subclass of I - it just implements I as well as A. So there could be two possible straight solutions: 1. Neither A nor B is a subclass of I. 2. Both A and B are subclasses of I. Johannes -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Passing variables between pages
Hi everyone, Stupid question of the week... A array variable is not being passed between 2 pages. Are my options: #1. Use sessions? #2. Use cookies? #3. Use a hidden form to pass the variable's around? Here's some context... I am working on a timecard system where they are presented the main page, where they login they are brought to a screen where they need to clock in/out. It all starts working great, but when they clock in/out it loses the variable that says they are logged in so it tries to re-authenticate them which doesn't work since the username/password are no longer in the $_POST array... I can provide code if needed, but I think it's just a logic problem on my end :) -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 11287 James St Holland, MI 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] wrong behaviour with is_subclass_of() ??
On 19 Sep 2008, at 15:19, Johannes Müller wrote: Why does the following code outputs: B implements I I would expect the following output: A implements I B implements I Because there is a big difference between extends and implements, one of which being that the class is not considered to be a subclass of an interface it implements. Seems entirely logical to me. -Stut -- http://stut.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] wrong behaviour with is_subclass_of() ??
Why does the following code outputs: B implements I I would expect the following output: A implements I B implements I Johannes -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: __toString & friends
http://bugs.php.net should help you out. In the bug reporting page there's a Feature request item (It's the 3rd item in the Type of bug select). Btw, I liked this idea :) On Fri, Sep 19, 2008 at 8:58 AM, Leurent Francois <[EMAIL PROTECTED]>wrote: > Is there any feature submission process were we could discuss of this > subject ? > > > "Colin Guthrie" <[EMAIL PROTECTED]> a écrit dans le message de news: > [EMAIL PROTECTED] > > Nathan Rixham wrote: > >> concurred; I recently made a class that turn's all objects into XML; and > >> implented it in my __toString()'s :) > > > > In that case rather than __toBool() __toInt() etc. it should really > > support a magic __cast() method or similar. > > > > This method would contain a single argument that represents the type > (e.g. > > a class name or a builtin type > > > > function __cast($type) > > { > > switch ($type) > > { > > case 'string': > > return 'Foo'; > > case 'array': > > return array('Foo'); > > case 'DomDocument': > > // etc. > > } > > } > > > > And if you did: > > > > $foo = new MyClass; > > > > $xml = (DomDocument)$foo; > > > > It would return the result of __cast called with $type == 'DomDocument'. > > > > That would be nice and generic. > > > > I could see that being quite useful (tho' arguably, itmplementing a > cast() > > method is not that hard: > > > > $xml = $foo->cast('DomDocument'); > > > > It's not as neat tho' :) > > > > col > > > > -- > > > > Colin Guthrie > > gmane(at)colin.guthr.ie > > http://colin.guthr.ie/ > > > > Day Job: > > Tribalogic Limited [http://www.tribalogic.net/] > > Open Source: > > Mandriva Linux Contributor [http://www.mandriva.com/] > > PulseAudio Hacker [http://www.pulseaudio.org/] > > Trac Hacker [http://trac.edgewall.org/] > > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- Thiago Henrique Pojda
Re: [PHP] Adding encryption to passwords
Per Jessen wrote: Thodoris wrote: So what do you think is the best way to use crypt, mcrypt, hash or perhaps md5 and what are really the differences because I am not sure if I get it right. We use md5 for that sort of thing. /Per Jessen, Zürich sha 256 is my prefered encryption, no collision to speak of or decrytion tables; also returns back a 64char string; which can be stored in a mysql BINARY(64) column which is v fast with the appropriate index. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Version Control Software
Maciek Sokolewicz wrote: David Lidstone wrote: [snip] smartSVN (www.syntevo.com) instead of TortoiseSVN. [/snip] cheers for that one; will give it a go; tortoiseSVN is 90% there but lacks something and as you say clutter's things up a bit too much. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Version Control Software
> -Original Message- > From: David Lidstone [mailto:[EMAIL PROTECTED] > Sent: Friday, September 19, 2008 3:50 AM > To: php-general@lists.php.net; Benjamin Darwin > Cc: php-general@lists.php.net > Subject: [PHP] Re: Version Control Software > > Benjamin Darwin wrote: > > After reading a topic on the list here about someone losing their > website, > > and having a minor mistake on my own that cost me a week's work on a > file > > (basically, tested the file, then uploaded to the live site and took > the > > daily backup off the live site.. only to find the file was messed > up.. and > > had to go to the weekly backup off cd to recover it, losing a week of > > work).. > > > > I'm wondering if anybody knows of a version control software program > that > > may fit my needs. > > > > Basically, I'm looking for something that runs locally, not on the > live > > site, that I can edit the files on the dev computer, and store old > versions > > on the dev computer, and then just publish off of the local onto the > live > > site whenever I need to. > > > > Anybody have any suggestons/ideas on how this should be done, and > what > > program is a good fit? > > > > Thanks for any help, > > Ben > > > > Hi Ben > > Late reply, but... this could give you a really easy start: > > http://www.jumpbox.com/app/trac > > If you are not familiar with VMWare, you just need the VMWare Player > (or > above), which is free. All you do is 'play' the server image on your > computer and you are away. Even if it won't suit your needs (I think > there is no SSL or multiple project support on the jumpbox version > unless you buy a subscription), it will give you a handy taster of what > you get with SVN, Apache serving SVN and Trac before going through > installing it yourself. > > If no-one else has mentioned it... > > http://svnbook.red-bean.com/ > > I also like TortoiseSVN when using Windows. Good luck. I would also like to throw my recommendation in the hat for TortoiseSVN. Yes, it does add context menus to your explorer shell, but I find it's very easy to use... and integrated quite easily with Visual Studio 2008. As for a web front, I've been using Tomcat (Apache's answer to JSP) and a package called "svnwebclient" from Polarion: http://www.polarion.org/index.php?page=overview&project=svnwebclient . Smooth interface, and it's got all of the major features you would expect from an SVN client--web app or not. HTH, Todd Boyd Web Programmer -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Adding encryption to passwords
> -Original Message- > From: Thodoris [mailto:[EMAIL PROTECTED] > Sent: Friday, September 19, 2008 7:42 AM > To: [EMAIL PROTECTED] > Cc: php-general@lists.php.net > Subject: Re: [PHP] Adding encryption to passwords > > > > I use SHA-256 (use hash - php.net/manual/en/function.hash.php), > > because its a little bit more secure then md5 or SHA-1. > > > > BTW: Don't forget the salts.. > > > > Thanks for the feedback guys it was quite helpful. Be wary, though--the salt suggestion is good advice. It helps to avoid what is known as "rainbow cracking," where basically a dictionary is hashed and used to brute-force your encrypted hash by comparison. "Salt" is just a bit of extra text (a difficult combination to "guess") hashed in with the text you are crypting. I.e., imagine you have a function "hash()" which receives input text and generates a hash from it (md5, sha-1, whatever): $hashedText = hash("1-+ThiS/iS[[My&592SaLT!!/" . $textToHash); You could take it to the next level like phpBB does and lock it down further: $salt = "1-+ThiS/iS[[My&592SaLT!!/"; $hashedText = hash(hash($salt) . hash($salt . $textToHash) ...either example makes it much more difficult for a cracker than just hashing a dictionary and trying each result. HTH, Todd Boyd Web Programmer
Re: [PHP] Adding encryption to passwords
I use SHA-256 (use hash - php.net/manual/en/function.hash.php), because its a little bit more secure then md5 or SHA-1. BTW: Don't forget the salts.. Thanks for the feedback guys it was quite helpful. -- Thodoris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Version Control Software
David Lidstone wrote: Benjamin Darwin wrote: After reading a topic on the list here about someone losing their website, and having a minor mistake on my own that cost me a week's work on a file (basically, tested the file, then uploaded to the live site and took the daily backup off the live site.. only to find the file was messed up.. and had to go to the weekly backup off cd to recover it, losing a week of work).. I'm wondering if anybody knows of a version control software program that may fit my needs. Basically, I'm looking for something that runs locally, not on the live site, that I can edit the files on the dev computer, and store old versions on the dev computer, and then just publish off of the local onto the live site whenever I need to. Anybody have any suggestons/ideas on how this should be done, and what program is a good fit? Thanks for any help, Ben Hi Ben Late reply, but... this could give you a really easy start: http://www.jumpbox.com/app/trac If you are not familiar with VMWare, you just need the VMWare Player (or above), which is free. All you do is 'play' the server image on your computer and you are away. Even if it won't suit your needs (I think there is no SSL or multiple project support on the jumpbox version unless you buy a subscription), it will give you a handy taster of what you get with SVN, Apache serving SVN and Trac before going through installing it yourself. If no-one else has mentioned it... http://svnbook.red-bean.com/ I also like TortoiseSVN when using Windows. Good luck. David May I also suggest smartSVN (www.syntevo.com) instead of TortoiseSVN. I already have too many programs cluttering my context menus, adding a ton via TortoiseSVN (coupled with its acentral windows behaviour) was just annoying to me. SmartSVN works a lot easier imo. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Adding encryption to passwords
I use SHA-256 (use hash - php.net/manual/en/function.hash.php), because its a little bit more secure then md5 or SHA-1. BTW: Don't forget the salts.. -- Viele Grüße Dominik Strauß - www.n3or.de Webentwicklung, PHP und Linux Mobil: 0178 4940605 Internet: www.n3or.de E-Mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: __toString & friends
Is there any feature submission process were we could discuss of this subject ? "Colin Guthrie" <[EMAIL PROTECTED]> a écrit dans le message de news: [EMAIL PROTECTED] > Nathan Rixham wrote: >> concurred; I recently made a class that turn's all objects into XML; and >> implented it in my __toString()'s :) > > In that case rather than __toBool() __toInt() etc. it should really > support a magic __cast() method or similar. > > This method would contain a single argument that represents the type (e.g. > a class name or a builtin type > > function __cast($type) > { > switch ($type) > { > case 'string': > return 'Foo'; > case 'array': > return array('Foo'); > case 'DomDocument': > // etc. > } > } > > And if you did: > > $foo = new MyClass; > > $xml = (DomDocument)$foo; > > It would return the result of __cast called with $type == 'DomDocument'. > > That would be nice and generic. > > I could see that being quite useful (tho' arguably, itmplementing a cast() > method is not that hard: > > $xml = $foo->cast('DomDocument'); > > It's not as neat tho' :) > > col > > -- > > Colin Guthrie > gmane(at)colin.guthr.ie > http://colin.guthr.ie/ > > Day Job: > Tribalogic Limited [http://www.tribalogic.net/] > Open Source: > Mandriva Linux Contributor [http://www.mandriva.com/] > PulseAudio Hacker [http://www.pulseaudio.org/] > Trac Hacker [http://trac.edgewall.org/] > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Adding encryption to passwords
Per Jessen wrote: We use md5 for that sort of thing. there is also SHA-1 bit more overhead, bit more secure than md5 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Adding encryption to passwords
You can try the MySQL built in functions. Ie encode(str, key) insert into test (password) values (encode("mypass","some key")); You can then use the decode() functions in your matching queries. You also need to consider security of your php code, as the key to decode will be in the query strings. There are other built-in encryptions functions in MySQL you can explore. -Original Message- From: Thodoris [mailto:[EMAIL PROTECTED] Sent: 19 September 2008 10:25 AM To: PHP General list Subject: [PHP] Adding encryption to passwords Hi guys I have developed an intranet web interface with user access. I am storing the passwords into a mysql table as raw text (I know not so secure). So I am adding group access features and I am thinking to encrypt the passwords because this seems to grow as a project although it started as a simple web tool. So what do you think is the best way to use crypt, mcrypt, hash or perhaps md5 and what are really the differences because I am not sure if I get it right. -- Thodoris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Adding encryption to passwords
> Thanks Richard for clearing this out but I meant hashing on the first place. And yet you mentioned mcrypt. Clue is in the name. > Can you please give a some sample piece on how you do this. There's undoubtedly numerous examples out there. Try the PHP manual to start with. -- Richard Heyes HTML5 Graphing for IE7, FF, Chrome, Opera and Safari: http://www.phpguru.org/RGraph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Adding encryption to passwords
Hi guys I have developed an intranet web interface with user access. I am storing the passwords into a mysql table as raw text (I know not so secure). So I am adding group access features and I am thinking to encrypt the passwords because this seems to grow as a project although it started as a simple web tool. So what do you think is the best way to use crypt, mcrypt, hash or perhaps md5 and what are really the differences because I am not sure if I get it right. Encryption is reversible, hashing is not. So hashing is probably the best bet as an evil hacker will never be able to reverse them. The process using hashes is: 1. Get the clear text password 2. Hash it 3. Store the hash and throw away the clear text version Now when it comes to verifying a login the process is: 1. Get what the user has provided 2. Hash it (using the same as what you did when you first got the password) 3. Compare it to what you already have. If they match, then the result is good, if not, then not. Store the hashed version in the database, it's not reversible. You should still be careful with it though (ie don't go around disclosing it to Mr. Joe Hacker). BTW md5() is a form of hashing. Thanks Richard for clearing this out but I meant hashing on the first place. I was aware of the process but I was wondering what is the best way to do it. Can you please give a some sample piece on how you do this. PS I will be extra careful with the terms cause it really makes a difference. -- Thodoris
[PHP] Re: Version Control Software
Benjamin Darwin wrote: After reading a topic on the list here about someone losing their website, and having a minor mistake on my own that cost me a week's work on a file (basically, tested the file, then uploaded to the live site and took the daily backup off the live site.. only to find the file was messed up.. and had to go to the weekly backup off cd to recover it, losing a week of work).. I'm wondering if anybody knows of a version control software program that may fit my needs. Basically, I'm looking for something that runs locally, not on the live site, that I can edit the files on the dev computer, and store old versions on the dev computer, and then just publish off of the local onto the live site whenever I need to. Anybody have any suggestons/ideas on how this should be done, and what program is a good fit? Thanks for any help, Ben Hi Ben Late reply, but... this could give you a really easy start: http://www.jumpbox.com/app/trac If you are not familiar with VMWare, you just need the VMWare Player (or above), which is free. All you do is 'play' the server image on your computer and you are away. Even if it won't suit your needs (I think there is no SSL or multiple project support on the jumpbox version unless you buy a subscription), it will give you a handy taster of what you get with SVN, Apache serving SVN and Trac before going through installing it yourself. If no-one else has mentioned it... http://svnbook.red-bean.com/ I also like TortoiseSVN when using Windows. Good luck. David -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Adding encryption to passwords
> Hi guys I have developed an intranet web interface with user access. I am > storing the passwords into a mysql table as raw text (I know not so secure). > So I am adding group access features and I am thinking to encrypt the > passwords because this seems to grow as a project although it started as a > simple web tool. > > So what do you think is the best way to use crypt, mcrypt, hash or perhaps > md5 and what are really the differences because I am not sure if I get it > right. Encryption is reversible, hashing is not. So hashing is probably the best bet as an evil hacker will never be able to reverse them. The process using hashes is: 1. Get the clear text password 2. Hash it 3. Store the hash and throw away the clear text version Now when it comes to verifying a login the process is: 1. Get what the user has provided 2. Hash it (using the same as what you did when you first got the password) 3. Compare it to what you already have. If they match, then the result is good, if not, then not. Store the hashed version in the database, it's not reversible. You should still be careful with it though (ie don't go around disclosing it to Mr. Joe Hacker). BTW md5() is a form of hashing. -- Richard Heyes HTML5 Graphing for IE7, FF, Chrome, Opera and Safari: http://www.phpguru.org/RGraph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Adding encryption to passwords
Thodoris wrote: So what do you think is the best way to use crypt, mcrypt, hash or perhaps md5 and what are really the differences because I am not sure if I get it right. We use md5 for that sort of thing. /Per Jessen, Zürich I've noticed that crypt uses all the available encryption algorithms that you have. The manual gives an example to check what is available: "; if (CRYPT_STD_DES == 1) { echo 'Standard DES: ' . crypt('rasmuslerdorf', 'rl') . "\n"; } if (CRYPT_EXT_DES == 1) { echo 'Extended DES: ' . crypt('rasmuslerdorf', '_J9..rasm') . "\n"; } if (CRYPT_MD5 == 1) { echo 'MD5: ' . crypt('rasmuslerdorf', '$1$rasmusle$') . "\n"; } if (CRYPT_BLOWFISH == 1) { echo 'Blowfish: ' . crypt('rasmuslerdorf', '$2a$07$rasmuslerd...$') . "\n"; } ?> I addition to that I know that md5 is not the strongest way to encrypt but I guess it is enough for me. -- Thodoris
Re: [PHP] Adding encryption to passwords
Thodoris wrote: > So what do you think is the best way to use crypt, mcrypt, hash or > perhaps md5 and what are really the differences because I am not sure > if I get it right. We use md5 for that sort of thing. /Per Jessen, Zürich -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] ANSI to ISO-8859-2
Robert Cummings wrote: > On Fri, 2008-09-19 at 09:39 +0200, Per Jessen wrote: >> Bc. Radek Krejca wrote: >> >> > Hello, >> > >> > I get from webservice strings like this: >> > >> > Česko anglické gymnázium >> > >> > I think, that is ANSI, but how to convert it to something else >> > (the best is iso-8859-2). I am trying iconv function, but ANSI >> > parameter is not supported. >> >> ANSI is not a character set, it's a standards organisation. You may >> have meant ASCII, and the string does look as if it could be ASCII. >> The sequences like NNN are HTML-style symbolic entities. Take a >> look at htmlentities(). > > http://en.wikipedia.org/wiki/ANSI_art > > You may be too young to have known ;) I'm 43 - but I never really got much into the BBS world. I think I first encountered ANSI escape sequences on DEC VT100 terminals sometime in the mid-80s. I've even still got a working VT100 somewhere :-) /Per Jessen, Zürich -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Adding encryption to passwords
Hi guys I have developed an intranet web interface with user access. I am storing the passwords into a mysql table as raw text (I know not so secure). So I am adding group access features and I am thinking to encrypt the passwords because this seems to grow as a project although it started as a simple web tool. So what do you think is the best way to use crypt, mcrypt, hash or perhaps md5 and what are really the differences because I am not sure if I get it right. -- Thodoris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] ANSI to ISO-8859-2
On Fri, 2008-09-19 at 09:39 +0200, Per Jessen wrote: > Bc. Radek Krejca wrote: > > > Hello, > > > > I get from webservice strings like this: > > > > Česko anglické gymnázium > > > > I think, that is ANSI, but how to convert it to something else (the > > best is iso-8859-2). I am trying iconv function, but ANSI parameter > > is not supported. > > ANSI is not a character set, it's a standards organisation. You may > have meant ASCII, and the string does look as if it could be ASCII. > The sequences like NNN are HTML-style symbolic entities. Take a > look at htmlentities(). http://en.wikipedia.org/wiki/ANSI_art You may be too young to have known ;) Cheers, Rob. -- http://www.interjinn.com Application and Templating Framework for PHP -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re[2]: [PHP] ANSI to ISO-8859-2
Hello, PJ> ANSI is not a character set, it's a standards organisation. You may PJ> have meant ASCII, and the string does look as if it could be ASCII. PJ> The sequences like NNN are HTML-style symbolic entities. Take a PJ> look at htmlentities(). Yes, youre right, my mistake, of course that ASCII. I go try you hint and I will write result. Thank you, Radek -- S pozdravem, Bc. Radek Krejca ICQ: 65895541 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] ANSI to ISO-8859-2
Bc. Radek Krejca wrote: > Hello, > > I get from webservice strings like this: > > Česko anglické gymnázium > > I think, that is ANSI, but how to convert it to something else (the > best is iso-8859-2). I am trying iconv function, but ANSI parameter > is not supported. ANSI is not a character set, it's a standards organisation. You may have meant ASCII, and the string does look as if it could be ASCII. The sequences like NNN are HTML-style symbolic entities. Take a look at htmlentities(). /Per Jessen, Zürich -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] ANSI to ISO-8859-2
Hello, I get from webservice strings like this: Česko anglické gymnázium I think, that is ANSI, but how to convert it to something else (the best is iso-8859-2). I am trying iconv function, but ANSI parameter is not supported. Thank you Radek -- Regards, Bc. Radek Krejca ICQ: 65895541 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Error message
Terry J Daichendt schreef: You have a real attitude problem, please don't bother with me again. actually it's you who has a problem with my attitude, not me. although I'll grant you that people like you are usually 'bother' ... and I won't anymore. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php