Re: [PHP] Accessors

2009-02-19 Thread Thodoris 



Also, i know php is an interpreted language. But wouldn't it be possible to
write a virtual machine for php and compile byte code... I know, php is not
Java or Actionscript :-P but it could be an add on feature. i guess the eval
wouldn't work then would it? Although eval could still be interpreted...

This would be nice in case you need to protect your intellectual property.



I haven't tried it, but I might soon for an appliance I'm building.

http://www.roadsend.com/

  


Actually might not have "virtual machine" as java does but it has an 
engine and  it is possible to produce something similar to byte-code. 
You can some solutions to this and here is one of them (open source):


http://www.php.net/manual/en/ref.bcompiler.php
http://pecl.php.net/package/bcompiler

and there is a script to make "byte-code":

http://bencoder.urdada.net/

I have used and it works.

--
Thodoris

[PHP] What good is SoapClient->__getTypes() ?

2009-02-19 Thread Shanon Swafford 
Hi guys,

I'm using PHP 5.1.6 and I'm calling a WSDL that has 4 functions.

This is a brand new service opened by one of our vendors so I'm sure it is
going to change.  So I'm thinking I would like to build a page that pulls
the data structures and builds html input forms automatically.

So when I send the following code:

$client = new SoapClient($wsdl, $options);
$available_types = $client->__getTypes();
var_dump($available_types[4]);

I get back:

string(467) "struct ProvisionNewTrunk {
 string DeviceID;
 string DeviceModel;
 string PublicIP;
 string LastName;
 string FirstName;
 string Address1;
 string Address2;
 string City;
 string State;
 string ZIP;
 string Country;
 string Phone;
 string Email;
 string Department;
 string Company;
 string PromotionCode;
 string CCName;
 string CCAddress1;
 string CCAddress2;
 string CCCity;
 string CCState;
 string CCZIP;
 string CCCountry;
 string CCNumber;
 string CCExpDate;
}"

Normally I would just hard-code an array but is there any "automatic" way to
iterate through this so I can build an input form?  Besides hacking up a
str_split or something?

All my googling just turns up mirrors of php.net man pages:(

Thanks a bunch,
Shanon



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Unique User Hashes

2009-02-19 Thread Martin Zvarík 

Ashley Sheridan napsal(a):

On Thu, 2009-02-19 at 23:34 +0100, Martin Zvarík wrote:
  

Chris napsal(a):


Martin Zvarík wrote:
  

Chris napsal(a):


Martin Zvarík wrote:
  

tedd napsal(a):


At 5:28 PM +0100 2/19/09, Martin Zvarík wrote:
  

tedd napsal(a):


At 5:10 PM +0100 2/19/09, Martin Zvarík wrote:
  

tedd napsal(a):


At 1:49 AM +0100 2/19/09, Martin Zvarík wrote:
  
Guys, I have not seen a poll where you need to input your 
email address - and if I would I would not vote - because 
it's a waste of my time... if you want me to vote you do 
everything you can to make it as pleasant as possible -- 
certainly that isn't requirement of an email validation.

Btw. google "free temporary email address" to see how unique email 
addresses really are - in case you meant it in reference to the 
poll voting - where you care about uniqueness of votes = people.


So instead of trolling, offer a better suggestion.
  
Chris, if you would read the whole thread (my first comment), I bet 
you would consider more wisely your patronizing comment.


"Use the ip" - which we've all said is useless.
Where's the better suggestion?
  
Nevermind, I was wrong - thank you for making me realize I am wasting 
time here.


This useless IP solution is used by 80% of websites. I was trying to 
convice you that requirement of an email validation is just, let's say, 
unwise. So, don't bark if you don't agree.


So you;'e saying that unless we agree with you, not to mention anything?


Ash
www.ashleysheridan.co.uk

I meant: You don't have to bark, if you don't agree. = We can discuss.

Re: [PHP] Unique User Hashes

2009-02-19 Thread Ashley Sheridan 
On Thu, 2009-02-19 at 23:34 +0100, Martin Zvarík wrote:
> Chris napsal(a):
> > Martin Zvarík wrote:
> >> Chris napsal(a):
> >>> Martin Zvarík wrote:
>  tedd napsal(a):
> > At 5:28 PM +0100 2/19/09, Martin Zvarík wrote:
> >> tedd napsal(a):
> >>> At 5:10 PM +0100 2/19/09, Martin Zvarík wrote:
>  tedd napsal(a):
> > At 1:49 AM +0100 2/19/09, Martin Zvarík wrote:
> >> Guys, I have not seen a poll where you need to input your 
> >> email address - and if I would I would not vote - because 
> >> it's a waste of my time... if you want me to vote you do 
> >> everything you can to make it as pleasant as possible -- 
> >> certainly that isn't requirement of an email validation.
>  Btw. google "free temporary email address" to see how unique email 
>  addresses really are - in case you meant it in reference to the 
>  poll voting - where you care about uniqueness of votes = people.
> >>>
> >>> So instead of trolling, offer a better suggestion.
> >> Chris, if you would read the whole thread (my first comment), I bet 
> >> you would consider more wisely your patronizing comment.
> >
> > "Use the ip" - which we've all said is useless.
> > Where's the better suggestion?
> Nevermind, I was wrong - thank you for making me realize I am wasting 
> time here.
> 
> This useless IP solution is used by 80% of websites. I was trying to 
> convice you that requirement of an email validation is just, let's say, 
> unwise. So, don't bark if you don't agree.
So you;'e saying that unless we agree with you, not to mention anything?


Ash
www.ashleysheridan.co.uk


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php cli memory leak error

2009-02-19 Thread Jochem Maas 
Lewis Wright schreef:
> 2009/2/19 Jochem Maas :
>> Thodoris schreef:

 seems to work fine here.

 What are your php.ini (memory related) settings?

 run:

 /usr/local/bin/php --ini

 and get the location of the php.ini file that is getting used.  Check
 our the memory settings in that file.




>>> Some general options:
>>> max_input_time = 60
>>> max_execution_time = 120
>>> memory_limit = 128M
>>>
>>> and the last one I have just noticed (that is why it reports the leak):
>>>
>>> report_memleaks = On
>>>
>>> In case I set this to Off it just stops bugging me. But is there a
>>> memory leak?
>> yes.
>>
>>> And if yes should I report this as a bug ?
>> if (
>>
>>1. report_memleaks is a core php.ini setting (not suhosin) (I don't 
>> recall)
>>2. you still get the leak if you disable suhosin extension
>>3. you can create a small reproduction script (seems you have one, 
>> but I'd
>>   check that it's the getopt() call that triggers the leak)
>>4. you can show the mem leak in 5.2.9RC2 and/or php5.3dev
>> ) {
>>report_a_bug();
>> }
>>
> 
> Syntax error, unexpected T_STRING :(
> 

sorry. try this instead:

http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Execute flash files with PHP

2009-02-19 Thread tedd 

There's a tutorial here:

http://www.flashcomguru.com/index.cfm/2005/11/2/Streaming-flv-video-via-PHP-take-two

(have not tested it myself). The php code is available for download 
from that page as well.


And the video there is awesome!

The narrator sounds like the one in my video:

http://webbytedd.com/bb/ice/

Cheers,

tedd
--
---
http://sperling.com  http://ancientstones.com  http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Execute flash files with PHP

2009-02-19 Thread Chris 

R B wrote:

Hello.

I have two scripts in php that reads a .swf or .flv movie file, like this:

SCRIPT # 1



SCRIPT # 2



The script # 1 with the .swf file works fine: the video is executed with
streaming.
The script # 2 with the .flv file  is executed but without streaming.


There's a tutorial here:

http://www.flashcomguru.com/index.cfm/2005/11/2/Streaming-flv-video-via-PHP-take-two

(have not tested it myself). The php code is available for download from 
that page as well.


--
Postgresql & php tutorials
http://www.designmagick.com/


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Execute flash files with PHP

2009-02-19 Thread Chris 

R B wrote:

Hello.

I have two scripts in php that reads a .swf or .flv movie file, like this:

SCRIPT # 1



SCRIPT # 2



The script # 1 with the .swf file works fine: the video is executed with
streaming.
The script # 2 with the .flv file  is executed but without streaming.

If i execute the movie.flv directly (without the php script), then it´s
executed with streaming.


If you change the filetype (from swf to flv) you need to change the 
headers php sends before it spits out the file.


What headers are you sending?

--
Postgresql & php tutorials
http://www.designmagick.com/


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Two troublesome fields

2009-02-19 Thread Terion Miller 
Thanks
Terion

Happy Freecycling
Free the List !!
www.freecycle.org
Over Moderation of Freecycle List Prevents Post Timeliness.

Twitter?
http://twitter.com/terionmiller

Facebook:
http://www.facebook.com/people/Terion-Miller/1542024891";
title="Terion Miller's Facebook profile" target=_TOP>http://badge.facebook.com/badge/1542024891.237.919247960.png"; border=0
alt="Terion Miller's Facebook profile">
Emo Philips  - "I was the kid next door's imaginary friend."

On Thu, Feb 19, 2009 at 2:31 PM, Bastien Koert  wrote:

>
>
> On Thu, Feb 19, 2009 at 3:21 PM, Terion Miller wrote:
>
>> Hi all, I seem to be having a problem with getting two fields to insert
>> into
>> a table, the other fields insert but not these two
>> its from a form that is a duplicate, basically I have a workorder that I
>> want to make a copy of, I call it from the db, populate a form in case
>> changes want to be made, and insert with a new unique ID as a new record,
>> it's working great except Two fields will NOT insert and I'm at a loss for
>> why ...
>> the code is big so I will post snippets that I think may be the trouble
>> spots
>>
>> Here is the insert:
>>$sql = "INSERT INTO workorders (CreatedDate, Location, WorkOrderName,
>> AdminID, FormName, Status, Notes) VALUES (";
>>$sql .= "Now(), '$Location', '$WorkOrderName', '$AdminID', 'WorkOrder',
>> 'New Order', '$Notes')";
>>mysql_query($sql);
>>$WorkOrderID = mysql_insert_id();
>>
>> Here is the part where it calls the old values:
>>
>>$sql2 = "SELECT Location, WorkOrderName FROM workorders WHERE
>> WorkOrderID='$WorkOrderID'";
>>$result2 = mysql_query ($sql2);
>>$row2 = mysql_fetch_array($result2);
>>
>>
>> Here is the form part:
>>
>>
>>> class="CaptionReq">Property:
>>> name="Location" value="">> $row2['Location']; ?> 
>>
>>
>>> class="CaptionReq">Work
>> Order Name: 
>>> name="WorkOrderName" size="35 " value="> ?>"/>
>>
>>
>> I need some clues, everything works except the two fields Location, and
>> WorkOrderName.
>>
>> Thanks
>> Terion
>>
>> Happy Freecycling
>> Free the List !!
>> www.freecycle.org
>> Over Moderation of Freecycle List Prevents Post Timeliness.
>> 
>> Twitter?
>> http://twitter.com/terionmiller
>> 
>> Facebook:
>> http://www.facebook.com/people/Terion-Miller/1542024891";
>> title="Terion Miller's Facebook profile" target=_TOP>http://badge.facebook.com/badge/1542024891.237.919247960.png"; border=0
>> alt="Terion Miller's Facebook profile">
>> Bill Watterson  - "There is not enough time to do all the nothing we want
>> to
>> do."
>>
>
> Why not try a
>
> insert into table select fields from table where id = $id
>
> --
>
> Bastien
>
> Cat, the other other white meat
>
I just tried this and now it's not inserting at all where before everything
EXCEPT two fields go in...

$sql = "INSERT INTO workorders ( CreatedDate, Location, WorkOrderName,
AdminID, FormName, Status, Notes) VALUES (";

$sql .= "Now(), ";
$sql .= "'". mysql_real_escape_string($Location) ."', ";
$sql .= "'". mysql_real_escape_string($WorkOrderName) ."', ";
$sql .= "'". mysql_real_escape_string($AdminID) ."', ";
$sql .= "'". mysql_real_escape_string("WorkOrder") ."', ";
$sql .= "'". mysql_real_escape_string("New Order") ."', ";
$sql .= "'". mysql_real_escape_string($Notes) ."', ";

$WorkOrderID = mysql_insert_id();
mysql_query($sql);

Re: [PHP] Unique User Hashes

2009-02-19 Thread Martin Zvarík 

Chris napsal(a):

Martin Zvarík wrote:

Chris napsal(a):

Martin Zvarík wrote:

tedd napsal(a):

At 5:28 PM +0100 2/19/09, Martin Zvarík wrote:

tedd napsal(a):

At 5:10 PM +0100 2/19/09, Martin Zvarík wrote:

tedd napsal(a):

At 1:49 AM +0100 2/19/09, Martin Zvarík wrote:
Guys, I have not seen a poll where you need to input your 
email address - and if I would I would not vote - because 
it's a waste of my time... if you want me to vote you do 
everything you can to make it as pleasant as possible -- 
certainly that isn't requirement of an email validation.
Btw. google "free temporary email address" to see how unique email 
addresses really are - in case you meant it in reference to the 
poll voting - where you care about uniqueness of votes = people.


So instead of trolling, offer a better suggestion.
Chris, if you would read the whole thread (my first comment), I bet 
you would consider more wisely your patronizing comment.


"Use the ip" - which we've all said is useless.
Where's the better suggestion?
Nevermind, I was wrong - thank you for making me realize I am wasting 
time here.


This useless IP solution is used by 80% of websites. I was trying to 
convice you that requirement of an email validation is just, let's say, 
unwise. So, don't bark if you don't agree.

Re: [PHP] Unique User Hashes

2009-02-19 Thread Chris 

Martin Zvarík wrote:

Chris napsal(a):

Martin Zvarík wrote:

tedd napsal(a):

At 5:28 PM +0100 2/19/09, Martin Zvarík wrote:

tedd napsal(a):

At 5:10 PM +0100 2/19/09, Martin Zvarík wrote:

tedd napsal(a):

At 1:49 AM +0100 2/19/09, Martin Zvarík wrote:
Guys, I have not seen a poll where you need to input your email 
address - and if I would I would not vote - because it's a 
waste of my time... if you want me to vote you do everything 
you can to make it as pleasant as possible -- certainly that 
isn't requirement of an email validation.
Btw. google "free temporary email address" to see how unique email 
addresses really are - in case you meant it in reference to the poll 
voting - where you care about uniqueness of votes = people.


So instead of trolling, offer a better suggestion.
Chris, if you would read the whole thread (my first comment), I bet you 
would consider more wisely your patronizing comment.


"Use the ip" - which we've all said is useless.
Where's the better suggestion?

--
Postgresql & php tutorials
http://www.designmagick.com/


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Unique User Hashes

2009-02-19 Thread Martin Zvarík 

Chris napsal(a):

Martin Zvarík wrote:

tedd napsal(a):

At 5:28 PM +0100 2/19/09, Martin Zvarík wrote:

tedd napsal(a):

At 5:10 PM +0100 2/19/09, Martin Zvarík wrote:

tedd napsal(a):

At 1:49 AM +0100 2/19/09, Martin Zvarík wrote:
Guys, I have not seen a poll where you need to input your email 
address - and if I would I would not vote - because it's a 
waste of my time... if you want me to vote you do everything 
you can to make it as pleasant as possible -- certainly that 
isn't requirement of an email validation.
Btw. google "free temporary email address" to see how unique email 
addresses really are - in case you meant it in reference to the poll 
voting - where you care about uniqueness of votes = people.


So instead of trolling, offer a better suggestion.
Chris, if you would read the whole thread (my first comment), I bet you 
would consider more wisely your patronizing comment.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Execute flash files with PHP

2009-02-19 Thread R B 
Hello.

I have two scripts in php that reads a .swf or .flv movie file, like this:

SCRIPT # 1



SCRIPT # 2



The script # 1 with the .swf file works fine: the video is executed with
streaming.
The script # 2 with the .flv file  is executed but without streaming.

If i execute the movie.flv directly (without the php script), then it´s
executed with streaming.

Do you know how can i do to execute the .flv file with php and with
straming?
I tried with fopen, readfile, but don´t works.

Thank you

Re: [PHP] Unique User Hashes

2009-02-19 Thread Chris 

Martin Zvarík wrote:

tedd napsal(a):

At 5:28 PM +0100 2/19/09, Martin Zvarík wrote:

tedd napsal(a):

At 5:10 PM +0100 2/19/09, Martin Zvarík wrote:

tedd napsal(a):

At 1:49 AM +0100 2/19/09, Martin Zvarík wrote:
Guys, I have not seen a poll where you need to input your email 
address - and if I would I would not vote - because it's a waste 
of my time... if you want me to vote you do everything you can to 
make it as pleasant as possible -- certainly that isn't 
requirement of an email validation.




Btw. google "free temporary email address" to see how unique email 
addresses really are - in case you meant it in reference to the poll 
voting - where you care about uniqueness of votes = people.


So instead of trolling, offer a better suggestion.

--
Postgresql & php tutorials
http://www.designmagick.com/


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Secure File Paths, File System - (simplified question)

2009-02-19 Thread Shawn McKenzie 
Daniel Kolbo wrote:
> 
> 
> Shawn McKenzie wrote:
>> Daniel Kolbo wrote:
>>  
>>> Hello PHPers,
>>>
>>> I am quite ignorant about file system security.   I was hoping you all
>>> could help me understand things.
>>>
>>> How does one restrict php script from going (reading, writing) files in
>>> the file system?
>>> As I see it, a php programmer could change the include_path, with
>>> ini_set(), use "../" etc..., and browse all the files on the server to
>>> which the php engine has access.  This would clearly not be acceptable
>>> to a web host company, so how do most hosts restrict this kind of
>>> behaviour?
>>>
>>> Now, suppose i only have php access to my 'files' as defined by my host
>>> somehow.  (again, my first part of the question is how do they do
>>> this?).  Is it possible for me to further restrict this file
>>> accessibility for different sub-folders?  Let me provide an example
>>> folder hierarchy and user scenario.
>>> Suppose there are two php programmers (me and you).  I want full access,
>>> but I want to restrict you to your subdomain (subdomain2).
>>>
>>> +AllUsers (me and you)
>>> +Domain1
>>> ++Subdomain1 (me only)
>>> ++Subdomain2 (me and you)
>>> ++SharedDomain (me and you)
>>> +ServerFile1 (me only)
>>> +ServerFile2 (me only)
>>> +SecretFile (no user)
>>>
>>> Thanks for helping understand how to restrict/limit different php
>>> programmers from going into places I'd rather them not go.
>>> dK
>>>
>>> 
>>
>> Two methods come to mind, chroot and just setting perms for specific
>> dirs.
>>
>>   
> 
> Hello,
> 1) chroot
> I don't understand how to specify to the php engine to chroot upon
> different scripts being executed (scripts that i don't control).  Would
> you please clarify?
> 2)perms
> The php engine is what has access to specific dirs (not users,
> scripts,).  That i know of, the php engine doesn't allow per user
> permissions.  That is, it is one engine, one set of perms.  Are you
> suggesting i have a separate php engine for each user?
> 
> 3) Maybe i can simplify this question:  How does a hosting company, in a
> shared virtual host server environment, prevent all their clients (php
> programmers) from snooping into all the other clients' folders?  I am
> assuming we are all using the same php engine, as it is a shared apache
> host.
> 

O.K.  I read and typed too fast.  In short, suexec with apache will run
a user's scripts as that user so long as php is run as cgi and not the
apache mod.  Also, virtual hosts in apache define the docroot for a
virtual host (user/domain/etc.), so other virtual hosts can't access
outside of that docroot into other virtual hosts.

So the perms part of my previous reply was related to suexec and chroot
was out of my ass because many times you would chroot apache for extra
security from the webserver in general.

-- 
Thanks!
-Shawn
http://www.spidean.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Two troublesome fields

2009-02-19 Thread Bastien Koert 
On Thu, Feb 19, 2009 at 3:21 PM, Terion Miller wrote:

> Hi all, I seem to be having a problem with getting two fields to insert
> into
> a table, the other fields insert but not these two
> its from a form that is a duplicate, basically I have a workorder that I
> want to make a copy of, I call it from the db, populate a form in case
> changes want to be made, and insert with a new unique ID as a new record,
> it's working great except Two fields will NOT insert and I'm at a loss for
> why ...
> the code is big so I will post snippets that I think may be the trouble
> spots
>
> Here is the insert:
>$sql = "INSERT INTO workorders (CreatedDate, Location, WorkOrderName,
> AdminID, FormName, Status, Notes) VALUES (";
>$sql .= "Now(), '$Location', '$WorkOrderName', '$AdminID', 'WorkOrder',
> 'New Order', '$Notes')";
>mysql_query($sql);
>$WorkOrderID = mysql_insert_id();
>
> Here is the part where it calls the old values:
>
>$sql2 = "SELECT Location, WorkOrderName FROM workorders WHERE
> WorkOrderID='$WorkOrderID'";
>$result2 = mysql_query ($sql2);
>$row2 = mysql_fetch_array($result2);
>
>
> Here is the form part:
>
>
> class="CaptionReq">Property:
> name="Location" value=""> $row2['Location']; ?> 
>
>
>Work
> Order Name: 
> name="WorkOrderName" size="35 " value=" ?>"/>
>
>
> I need some clues, everything works except the two fields Location, and
> WorkOrderName.
>
> Thanks
> Terion
>
> Happy Freecycling
> Free the List !!
> www.freecycle.org
> Over Moderation of Freecycle List Prevents Post Timeliness.
> 
> Twitter?
> http://twitter.com/terionmiller
> 
> Facebook:
> http://www.facebook.com/people/Terion-Miller/1542024891";
> title="Terion Miller's Facebook profile" target=_TOP>http://badge.facebook.com/badge/1542024891.237.919247960.png"; border=0
> alt="Terion Miller's Facebook profile">
> Bill Watterson  - "There is not enough time to do all the nothing we want
> to
> do."
>

Why not try a

insert into table select fields from table where id = $id

-- 

Bastien

Cat, the other other white meat

Re: [PHP] How should I ....--its a date/timestamp issue (RESOLVED)

2009-02-19 Thread Terion Miller 
Thanks
Terion

Happy Freecycling
Free the List !!
www.freecycle.org
Over Moderation of Freecycle List Prevents Post Timeliness.

Twitter?
http://twitter.com/terionmiller

Facebook:
http://www.facebook.com/people/Terion-Miller/1542024891";
title="Terion Miller's Facebook profile" target=_TOP>http://badge.facebook.com/badge/1542024891.237.919247960.png"; border=0
alt="Terion Miller's Facebook profile">
George Burns  - "I would go out with women my age, but there are no women my
age."

On Wed, Feb 18, 2009 at 8:29 PM, Paul M Foster wrote:

> On Wed, Feb 18, 2009 at 05:25:16PM -0600, Terion Miller wrote:
>
> 
>
> >  What about just accepting any date in to the system, and defaulting
> to
> >  the current date if any numptys/users try to set one before?
> >
> >  Do something maybe like this (untested)
> >
> >  $userDate = strtotime($_REQUEST['date']);
> >  $startDate = ($userDate < time())?time():$userDate;
> >
> >  >From there, you can use the timestamp how you wish.
> >
> >  OOH found it:
> >  $startday  = mktime(0, 0, 0, date("m")  , date("d")+2, date("Y"));
> >
> >  Well no, guess I didn't find it because that code above gives me
> >  this 1235109600
> >
> >  What is that??
>
> It's a *nix timestamp number. Give it to date() this way:
>
> date('Y-m-d', $startday)
>
> And you'll see the date it represents. (It's actually the number of
> seconds since, the Unix epoch, in 1970.)
>
> Paul
>
> --
> Paul M. Foster
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

[PHP] Two troublesome fields

2009-02-19 Thread Terion Miller 
Hi all, I seem to be having a problem with getting two fields to insert into
a table, the other fields insert but not these two
its from a form that is a duplicate, basically I have a workorder that I
want to make a copy of, I call it from the db, populate a form in case
changes want to be made, and insert with a new unique ID as a new record,
it's working great except Two fields will NOT insert and I'm at a loss for
why ...
the code is big so I will post snippets that I think may be the trouble
spots

Here is the insert:
$sql = "INSERT INTO workorders (CreatedDate, Location, WorkOrderName,
AdminID, FormName, Status, Notes) VALUES (";
$sql .= "Now(), '$Location', '$WorkOrderName', '$AdminID', 'WorkOrder',
'New Order', '$Notes')";
mysql_query($sql);
$WorkOrderID = mysql_insert_id();

Here is the part where it calls the old values:

$sql2 = "SELECT Location, WorkOrderName FROM workorders WHERE
WorkOrderID='$WorkOrderID'";
$result2 = mysql_query ($sql2);
$row2 = mysql_fetch_array($result2);


Here is the form part:


Property:
 


Work
Order Name: 



I need some clues, everything works except the two fields Location, and
WorkOrderName.

Thanks
Terion

Happy Freecycling
Free the List !!
www.freecycle.org
Over Moderation of Freecycle List Prevents Post Timeliness.

Twitter?
http://twitter.com/terionmiller

Facebook:
http://www.facebook.com/people/Terion-Miller/1542024891";
title="Terion Miller's Facebook profile" target=_TOP>http://badge.facebook.com/badge/1542024891.237.919247960.png"; border=0
alt="Terion Miller's Facebook profile">
Bill Watterson  - "There is not enough time to do all the nothing we want to
do."

Re: [PHP] Re: Secure File Paths, File System - (simplified question)

2009-02-19 Thread Daniel Kolbo 



Shawn McKenzie wrote:

Daniel Kolbo wrote:
  

Hello PHPers,

I am quite ignorant about file system security.   I was hoping you all
could help me understand things.

How does one restrict php script from going (reading, writing) files in
the file system?
As I see it, a php programmer could change the include_path, with
ini_set(), use "../" etc..., and browse all the files on the server to
which the php engine has access.  This would clearly not be acceptable
to a web host company, so how do most hosts restrict this kind of
behaviour?

Now, suppose i only have php access to my 'files' as defined by my host
somehow.  (again, my first part of the question is how do they do
this?).  Is it possible for me to further restrict this file
accessibility for different sub-folders?  Let me provide an example
folder hierarchy and user scenario.
Suppose there are two php programmers (me and you).  I want full access,
but I want to restrict you to your subdomain (subdomain2).

+AllUsers (me and you)
+Domain1
++Subdomain1 (me only)
++Subdomain2 (me and you)
++SharedDomain (me and you)
+ServerFile1 (me only)
+ServerFile2 (me only)
+SecretFile (no user)

Thanks for helping understand how to restrict/limit different php
programmers from going into places I'd rather them not go.
dK




Two methods come to mind, chroot and just setting perms for specific dirs.

  


Hello,
1) chroot
I don't understand how to specify to the php engine to chroot upon 
different scripts being executed (scripts that i don't control).  Would 
you please clarify?

2)perms
The php engine is what has access to specific dirs (not users, 
scripts,).  That i know of, the php engine doesn't allow per user 
permissions.  That is, it is one engine, one set of perms.  Are you 
suggesting i have a separate php engine for each user?


3) Maybe i can simplify this question:  How does a hosting company, in a 
shared virtual host server environment, prevent all their clients (php 
programmers) from snooping into all the other clients' folders?  I am 
assuming we are all using the same php engine, as it is a shared apache 
host.

Re: [PHP] Accessors

2009-02-19 Thread Shawn McKenzie 
> Also, i know php is an interpreted language. But wouldn't it be possible to
> write a virtual machine for php and compile byte code... I know, php is not
> Java or Actionscript :-P but it could be an add on feature. i guess the eval
> wouldn't work then would it? Although eval could still be interpreted...
> 
> This would be nice in case you need to protect your intellectual property.

I haven't tried it, but I might soon for an appliance I'm building.

http://www.roadsend.com/

-- 
Thanks!
-Shawn
http://www.spidean.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Accessors

2009-02-19 Thread Philip Thompson 

On Feb 19, 2009, at 10:55 AM, Jochem Maas wrote:


please keep replies on list.


Sorry!


Philip Thompson schreef:

On Feb 19, 2009, at 2:59 AM, Jochem Maas wrote:


Philip Thompson schreef:

Hi all.






What are your thoughts? Does this seem like a reasonable  
implementation?
Useful? Pointless? Hit me up - I can handle *constructive*  
criticism.

But for now, it's late and past my bedtime.


how do you set a property to null?


Oh sure, point that out! JK. I thought of that as well. For members
where 'null' is an option, you may just want to create a definitive
accessor or modify the __call() function. Use a string to represent  
null

- I'll use 'nil' from objective-c. Something like this...


yes but then someone might want to set the value to 'nil' or '__nil'
or any other magic value you might want to use.

what about capturing a method name prefix:

$person->unsetFirst();


Yes, that is quite a viable option. I thought about the same thing,  
except for setting the member. Modify the __call method to check for  
'set' before the member name


$person->setFirst('John');
$person->setFirst(null);

If you do it this way, there is no doubt that you are wanting to set  
the value. And it even allows null.


~Philip



$member;
   return $value;
   }

   // Test to see if value is 'nil'. If so, set to null.
   if (!is_array ($args[0]) && $args[0] == 'nil') {
   $args[0] = null;
   }

   $this->$member = $args;
   }
   else {
   die ("Fatal Error: Call to undefined member: $member.  
Exiting...");

   }
}

$person = new Person();
$person->first('Billy');
$person->first('nil');
?>

I suppose it's a possibility that someone will assign 'nil' to a  
member

as an actual value, so put in some more checking or modify the null
keyword - maybe '__nil' or whatever? That a possibility?

Cheers,
~Phil


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Unique User Hashes

2009-02-19 Thread Martin Zvarík 

tedd napsal(a):

At 5:28 PM +0100 2/19/09, Martin Zvarík wrote:

tedd napsal(a):

At 5:10 PM +0100 2/19/09, Martin Zvarík wrote:

tedd napsal(a):

At 1:49 AM +0100 2/19/09, Martin Zvarík wrote:
Guys, I have not seen a poll where you need to input your email 
address - and if I would I would not vote - because it's a waste 
of my time... if you want me to vote you do everything you can to 
make it as pleasant as possible -- certainly that isn't 
requirement of an email validation.




Okay, so you don't see the problem.

It might do you well to try to figure out what we're talking about.

Cheers,

tedd

:) What world do you live in?


The one that tries to understand and solve the problems presented.

Cheers,

tedd



If that is true - you wouldn't say, you would do at least one of 
those things.


You're trolling -- welcome to my kill file.

tedd
My point is: don't say to others they don't see a problem, just because 
YOU see it differently (you said we, but that's basically just you only 
:))... plus, in this case, you are in my professional opinion wrong - 
the few (if any) of basic polls that require an email verification is 
its proof.


Btw. google "free temporary email address" to see how unique email 
addresses really are - in case you meant it in reference to the poll 
voting - where you care about uniqueness of votes = people.


ALOHA


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Unique User Hashes

2009-02-19 Thread tedd 

At 5:28 PM +0100 2/19/09, Martin Zvarík wrote:

tedd napsal(a):

At 5:10 PM +0100 2/19/09, Martin Zvarík wrote:

tedd napsal(a):

At 1:49 AM +0100 2/19/09, Martin Zvarík wrote:
Guys, I have not seen a poll where you need 
to input your email address - and if I would 
I would not vote - because it's a waste of 
my time... if you want me to vote you do 
everything you can to make it as pleasant as 
possible -- certainly that isn't requirement 
of an email validation.




Okay, so you don't see the problem.

It might do you well to try to figure out what we're talking about.

Cheers,

tedd

:) What world do you live in?


The one that tries to understand and solve the problems presented.

Cheers,

tedd



If that is true - you wouldn't say, you would do at least one of those things.


You're trolling -- welcome to my kill file.

tedd

--
---
http://sperling.com  http://ancientstones.com  http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Accessors

2009-02-19 Thread Jochem Maas 
please keep replies on list.

Philip Thompson schreef:
> On Feb 19, 2009, at 2:59 AM, Jochem Maas wrote:
> 
>> Philip Thompson schreef:
>>> Hi all.
>>
>> 
>>
>>>
>>> What are your thoughts? Does this seem like a reasonable implementation?
>>> Useful? Pointless? Hit me up - I can handle *constructive* criticism.
>>> But for now, it's late and past my bedtime.
>>
>> how do you set a property to null?
> 
> Oh sure, point that out! JK. I thought of that as well. For members
> where 'null' is an option, you may just want to create a definitive
> accessor or modify the __call() function. Use a string to represent null
> - I'll use 'nil' from objective-c. Something like this...

yes but then someone might want to set the value to 'nil' or '__nil'
or any other magic value you might want to use.

what about capturing a method name prefix:

$person->unsetFirst();

>  public function __call ($member, $args)
> {
> if (property_exists ('Person', $member)) {
> if (empty ($args)) {
> list ($value) = $this->$member;
> return $value;
> }
> 
> // Test to see if value is 'nil'. If so, set to null.
> if (!is_array ($args[0]) && $args[0] == 'nil') {
> $args[0] = null;
> }
> 
> $this->$member = $args;
> }
> else {
> die ("Fatal Error: Call to undefined member: $member. Exiting...");
> }
> }
> 
> $person = new Person();
> $person->first('Billy');
> $person->first('nil');
> ?>
> 
> I suppose it's a possibility that someone will assign 'nil' to a member
> as an actual value, so put in some more checking or modify the null
> keyword - maybe '__nil' or whatever? That a possibility?



> 
> Cheers,
> ~Phil


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Unique User Hashes

2009-02-19 Thread Martin Zvarík 

tedd napsal(a):

At 5:10 PM +0100 2/19/09, Martin Zvarík wrote:

tedd napsal(a):

At 1:49 AM +0100 2/19/09, Martin Zvarík wrote:
Guys, I have not seen a poll where you need to input your email 
address - and if I would I would not vote - because it's a waste of 
my time... if you want me to vote you do everything you can to make 
it as pleasant as possible -- certainly that isn't requirement of an 
email validation.




Okay, so you don't see the problem.

It might do you well to try to figure out what we're talking about.

Cheers,

tedd

:) What world do you live in?


The one that tries to understand and solve the problems presented.

Cheers,

tedd



If that is true - you wouldn't say, you would do at least one of those 
things.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Unique User Hashes

2009-02-19 Thread tedd 

At 5:10 PM +0100 2/19/09, Martin Zvarík wrote:

tedd napsal(a):

At 1:49 AM +0100 2/19/09, Martin Zvarík wrote:
Guys, I have not seen a poll where you need to 
input your email address - and if I would I 
would not vote - because it's a waste of my 
time... if you want me to vote you do 
everything you can to make it as pleasant as 
possible -- certainly that isn't requirement 
of an email validation.




Okay, so you don't see the problem.

It might do you well to try to figure out what we're talking about.

Cheers,

tedd

:) What world do you live in?


The one that tries to understand and solve the problems presented.

Cheers,

tedd

--
---
http://sperling.com  http://ancientstones.com  http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Unique User Hashes

2009-02-19 Thread Martin Zvarík 

tedd napsal(a):

At 1:49 AM +0100 2/19/09, Martin Zvarík wrote:
Guys, I have not seen a poll where you need to input your email 
address - and if I would I would not vote - because it's a waste of 
my time... if you want me to vote you do everything you can to make 
it as pleasant as possible -- certainly that isn't requirement of an 
email validation.




Okay, so you don't see the problem.

It might do you well to try to figure out what we're talking about.

Cheers,

tedd

:) What world do you live in?

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Unique User Hashes

2009-02-19 Thread tedd 

At 1:49 AM +0100 2/19/09, Martin Zvarík wrote:
Guys, I have not seen a poll where you need to 
input your email address - and if I would I 
would not vote - because it's a waste of my 
time... if you want me to vote you do everything 
you can to make it as pleasant as possible -- 
certainly that isn't requirement of an email 
validation.




Okay, so you don't see the problem.

It might do you well to try to figure out what we're talking about.

Cheers,

tedd
--
---
http://sperling.com  http://ancientstones.com  http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php cli memory leak error

2009-02-19 Thread Lewis Wright 
2009/2/19 Jochem Maas :
> Thodoris schreef:
>>>
>>>
>>> seems to work fine here.
>>>
>>> What are your php.ini (memory related) settings?
>>>
>>> run:
>>>
>>> /usr/local/bin/php --ini
>>>
>>> and get the location of the php.ini file that is getting used.  Check
>>> our the memory settings in that file.
>>>
>>>
>>>
>>>
>>
>> Some general options:
>> max_input_time = 60
>> max_execution_time = 120
>> memory_limit = 128M
>>
>> and the last one I have just noticed (that is why it reports the leak):
>>
>> report_memleaks = On
>>
>> In case I set this to Off it just stops bugging me. But is there a
>> memory leak?
>
> yes.
>
>> And if yes should I report this as a bug ?
>
> if (
>
>1. report_memleaks is a core php.ini setting (not suhosin) (I don't 
> recall)
>2. you still get the leak if you disable suhosin extension
>3. you can create a small reproduction script (seems you have one, but 
> I'd
>   check that it's the getopt() call that triggers the leak)
>4. you can show the mem leak in 5.2.9RC2 and/or php5.3dev
> ) {
>report_a_bug();
> }
>

Syntax error, unexpected T_STRING :(

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php cli memory leak error

2009-02-19 Thread Jochem Maas 
Thodoris schreef:
>>
>>
>> seems to work fine here.
>>
>> What are your php.ini (memory related) settings?
>>
>> run:
>>
>> /usr/local/bin/php --ini
>>
>> and get the location of the php.ini file that is getting used.  Check
>> our the memory settings in that file.
>>
>>
>>
>>   
> 
> Some general options:
> max_input_time = 60
> max_execution_time = 120
> memory_limit = 128M
> 
> and the last one I have just noticed (that is why it reports the leak):
> 
> report_memleaks = On
> 
> In case I set this to Off it just stops bugging me. But is there a
> memory leak?

yes.

> And if yes should I report this as a bug ?

if (

1. report_memleaks is a core php.ini setting (not suhosin) (I don't 
recall)
2. you still get the leak if you disable suhosin extension
3. you can create a small reproduction script (seems you have one, but 
I'd
   check that it's the getopt() call that triggers the leak)
4. you can show the mem leak in 5.2.9RC2 and/or php5.3dev
) {
report_a_bug();
}


> 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP AS an FTP server

2009-02-19 Thread paragasu 
i successfully configure vsftp login using pam-mysql last time.

http://pam-mysql.sourceforge.net/
http://www.linux.com/feature/125789

user can login to ftp server using the same password on web..

hope it help

On 2/18/09, Michael Kubler  wrote:
> Yeah, I don't want local user access (SSH, their own entries in passwd,
> etc..). Too much work to ensure they all have the correct file
> permissions, etc..
> I think I'll just skip the PHP bit and use a proper FTP server. I've
> configured them a few times, but all the examples I found only had
> Anonymous FTP login, or MySQL (which is what I want), but the server
> wouldn't work with the MySQL plugin.
> Looks like I'll have to compile from source... joy.
>
> Thanks for all the replies though.
>
> Michael Kubler
> *G*rey *P*hoenix *P*roductions 
>
>
>
> Thodoris wrote:
>>
>> The local users part was about ssh-sftp access Ash not ftp.
>>
>> IMO when you add local users you add extra risks to your system than
>> simple ftp (non-local) users may not cause. Of course if you secure
>> your system carefully everything will work fine but I would avoid that
>> and there are many security issues that here is not the place to discuss.
>>
>> Of course if this fits your needs I have no objections.
>> --
>> Thodoris
>

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Which file "Included" me?

2009-02-19 Thread Michael A. Peters 

Nisse Engström wrote:

On Wed, 18 Feb 2009 10:37:53 -0800, "Michael A. Peters" wrote:


http://www.gfx-depot.com/forum/-php-server-php-self-validation-t-1636.html

explains a technique to validate the input as well (don't trust that is 
clean)


Amazing! Not once did they mention htmlspecialchars().


/Nisse



htmlspecialchars causes problems if you are going to use the data with 
DOMDocument.


I believe the point was to produce a proper _SERVER['PHP_SELF'] - not a 
sanitized but still borked version.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Accessors

2009-02-19 Thread German Geek 
It's not a bad idea but usually having accessor and mutator methods are used
to validate the data first before writing it to the properties. If you don't
have validation, you might as well set them directly and make them public
and don't really need a generic setter/getter method.

Although, this way, if you decide later on to add a specific getter/setter
for validation you wont need to change the code that accesses the
properties. So, this is a valid approach to save some time.

i believe php should have something like that built in...

In fact actionscript (flash) has quite a clever way of doing this:

With

public class A {
  public function A(){}
  protected var _b:String = "";
  set function b(val:String):void {
if (val.match(/([0-9])*/)) {
  _b = val;
}
  }
  get function b():int {
return int(_b);
  }
  // ...
}

you can write accessors and mutators which are pretty smart.

With

var instance:A = new A();
instance.b = "1234";

you will call the set method and let it validate a string to be a number
only string, so _b can only be set to a string with only numbers.

I found that very neat in actionscript because instead of writing

instance.setB("1234");

you simply write

instance.b = "1234";

and yet you get the benefit of validation. Then it is safe in the getter
method to return an integer (assuming the validation is right).

Java (and a lot of other languages) seems a bit clumsy in that way to be
honest although i like the language as such. A lot of frameworks and class
diagram code generators generate the getter and setter methods for you, but
if you look at the actionscript way, you see it's not really necessary. It
just adds overhead.

But actionscript just makes it short and you can safely make your members
public until you provide a set method and then you wont have to change any
of the code where you are setting (or getting) it, because it stays the
same!

Actionscript 3 has some very nice features like you can loosely type like in
PHP but you can also give strict types like in Java, making it more flexible
while still restrictive if necessary for stability.

Maybe the PHP developers should think about giving optional return types
with :String for example and get and set methods as in actionscript. ... I
know PHP is not actionscript. But a famous German man who was criticised for
changing his mind said: "Why should i keep to my old statement if my
knowlege about the matter has improved?" (or similar..., sorry don't
remember who).

Optional return types wouldn't hurt performance wise would they? And also
they wouldn't even change the current syntax! In fact, isn't everything
strictly typed under the hood anyway?

As far as i know, in php you can already strictly type function parameters
as in:

public function asd(string $mystr) {
  $this->hola = $mystr;
}

Why not make it complete? Or is it?

Sorry for stealing the thread. ;-)

Also, i know php is an interpreted language. But wouldn't it be possible to
write a virtual machine for php and compile byte code... I know, php is not
Java or Actionscript :-P but it could be an add on feature. i guess the eval
wouldn't work then would it? Although eval could still be interpreted...

This would be nice in case you need to protect your intellectual property.

Regards,
Tim

Tim-Hinnerk Heuer

http://www.ihostnz.com
Emo Philips  - "I was the kid next door's imaginary friend."

2009/2/19 Philip Thompson 

> Hi all.
>
> Maybe I'm wanting more Java-like functionality out of PHP, but I don't
> really like getting and setting members directly (even for public members) -
> I'd rather use accessors. This way you can control what is getting set and
> what is returning. However, I also don't really want to create a million
> get/set accessor methods - this is no fun and takes up a lot of space. After
> reading around a little bit, it got me thinking about overloading in PHP
> (which I'm sure we all know is completely different than any other
> language... but that's another day). I didn't want to use the standard __get
> and __set methods because that still leaves me with the same notation for
> getting/setting members. So, instead, I used a close relative of __get and
> __set. Meet brother __call. Could it really be this trivial to get the
> notation I'm wanting? Yes. Yes it is. Ok, enough talking... onto the code.
>
>  class Person
> {
>public $age;
>private $first, $middle, $last;
>
>// Gotta have our construct
>public function __construct () {}
>
>// Here's the fun
>public function __call ($member, $args)
>{
>// Since I know members I want, force the user to only
>// access the ones I've created
>if (property_exists ('Person', $member)) {
>// If args is empty, I must be returning the value
>if (empty ($args)) {
>list ($value) = $this->$member;
>return $value;
>}
>
>// Oh, args is not empty! Set the value
>

Re: [PHP] Accessors

2009-02-19 Thread Jochem Maas 
Philip Thompson schreef:
> Hi all.



> 
> What are your thoughts? Does this seem like a reasonable implementation?
> Useful? Pointless? Hit me up - I can handle *constructive* criticism.
> But for now, it's late and past my bedtime.

how do you set a property to null?

> Cheers,
> ~Philip
> 
> "innerHTML is a string. The DOM is not a string, it's a hierarchal
> object structure. Shoving a string into an object is impure and similar
> to wrapping a spaghetti noodle around an orange and calling it lunch."


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Which file "Included" me?

2009-02-19 Thread Nisse Engström 
On Wed, 18 Feb 2009 10:37:53 -0800, "Michael A. Peters" wrote:

> http://www.gfx-depot.com/forum/-php-server-php-self-validation-t-1636.html
> 
> explains a technique to validate the input as well (don't trust that is 
> clean)

Amazing! Not once did they mention htmlspecialchars().


/Nisse

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php