php-general Digest 19 Feb 2009 21:56:25 -0000 Issue 5968
php-general Digest 19 Feb 2009 21:56:25 - Issue 5968 Topics (messages 288595 through 288614): Re: Accessors 288595 by: German Geek 288604 by: Jochem Maas 288607 by: Philip Thompson 288608 by: Shawn McKenzie Re: Which file Included me? 288596 by: Michael A. Peters Re: PHP AS an FTP server 288597 by: paragasu Re: php cli memory leak error 288598 by: Jochem Maas 288599 by: Lewis Wright Re: Unique User Hashes 288600 by: tedd 288601 by: Martin Zvarík 288602 by: tedd 288603 by: Martin Zvarík 288605 by: tedd 288606 by: Martin Zvarík 288614 by: Chris Re: Secure File Paths, File System - (simplified question) 288609 by: Daniel Kolbo 288613 by: Shawn McKenzie Two troublesome fields 288610 by: Terion Miller 288612 by: Bastien Koert Re: How should I --its a date/timestamp issue (RESOLVED) 288611 by: Terion Miller Administrivia: To subscribe to the digest, e-mail: php-general-digest-subscr...@lists.php.net To unsubscribe from the digest, e-mail: php-general-digest-unsubscr...@lists.php.net To post to the list, e-mail: php-gene...@lists.php.net -- ---BeginMessage--- It's not a bad idea but usually having accessor and mutator methods are used to validate the data first before writing it to the properties. If you don't have validation, you might as well set them directly and make them public and don't really need a generic setter/getter method. Although, this way, if you decide later on to add a specific getter/setter for validation you wont need to change the code that accesses the properties. So, this is a valid approach to save some time. i believe php should have something like that built in... In fact actionscript (flash) has quite a clever way of doing this: With public class A { public function A(){} protected var _b:String = ; set function b(val:String):void { if (val.match(/([0-9])*/)) { _b = val; } } get function b():int { return int(_b); } // ... } you can write accessors and mutators which are pretty smart. With var instance:A = new A(); instance.b = 1234; you will call the set method and let it validate a string to be a number only string, so _b can only be set to a string with only numbers. I found that very neat in actionscript because instead of writing instance.setB(1234); you simply write instance.b = 1234; and yet you get the benefit of validation. Then it is safe in the getter method to return an integer (assuming the validation is right). Java (and a lot of other languages) seems a bit clumsy in that way to be honest although i like the language as such. A lot of frameworks and class diagram code generators generate the getter and setter methods for you, but if you look at the actionscript way, you see it's not really necessary. It just adds overhead. But actionscript just makes it short and you can safely make your members public until you provide a set method and then you wont have to change any of the code where you are setting (or getting) it, because it stays the same! Actionscript 3 has some very nice features like you can loosely type like in PHP but you can also give strict types like in Java, making it more flexible while still restrictive if necessary for stability. Maybe the PHP developers should think about giving optional return types with :String for example and get and set methods as in actionscript. ... I know PHP is not actionscript. But a famous German man who was criticised for changing his mind said: Why should i keep to my old statement if my knowlege about the matter has improved? (or similar..., sorry don't remember who). Optional return types wouldn't hurt performance wise would they? And also they wouldn't even change the current syntax! In fact, isn't everything strictly typed under the hood anyway? As far as i know, in php you can already strictly type function parameters as in: public function asd(string $mystr) { $this-hola = $mystr; } Why not make it complete? Or is it? Sorry for stealing the thread. ;-) Also, i know php is an interpreted language. But wouldn't it be possible to write a virtual machine for php and compile byte code... I know, php is not Java or Actionscript :-P but it could be an add on feature. i guess the eval wouldn't work then would it? Although eval could still be interpreted... This would be nice in case you need to protect your intellectual property. Regards, Tim Tim-Hinnerk Heuer http://www.ihostnz.com Emo Philips - I was the kid next door's imaginary friend. 2009/2/19 Philip Thompson philthath...@gmail.com Hi all. Maybe I'm wanting more Java-like functionality out of PHP, but I don't really like getting and setting members directly (even for public members) - I'd rather use accessors. This way you can
Re: [PHP] Which file Included me?
On Wed, 18 Feb 2009 10:37:53 -0800, Michael A. Peters wrote: http://www.gfx-depot.com/forum/-php-server-php-self-validation-t-1636.html explains a technique to validate the input as well (don't trust that is clean) Amazing! Not once did they mention htmlspecialchars(). /Nisse -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Accessors
Philip Thompson schreef: Hi all. What are your thoughts? Does this seem like a reasonable implementation? Useful? Pointless? Hit me up - I can handle *constructive* criticism. But for now, it's late and past my bedtime. how do you set a property to null? Cheers, ~Philip innerHTML is a string. The DOM is not a string, it's a hierarchal object structure. Shoving a string into an object is impure and similar to wrapping a spaghetti noodle around an orange and calling it lunch. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Accessors
It's not a bad idea but usually having accessor and mutator methods are used to validate the data first before writing it to the properties. If you don't have validation, you might as well set them directly and make them public and don't really need a generic setter/getter method. Although, this way, if you decide later on to add a specific getter/setter for validation you wont need to change the code that accesses the properties. So, this is a valid approach to save some time. i believe php should have something like that built in... In fact actionscript (flash) has quite a clever way of doing this: With public class A { public function A(){} protected var _b:String = ; set function b(val:String):void { if (val.match(/([0-9])*/)) { _b = val; } } get function b():int { return int(_b); } // ... } you can write accessors and mutators which are pretty smart. With var instance:A = new A(); instance.b = 1234; you will call the set method and let it validate a string to be a number only string, so _b can only be set to a string with only numbers. I found that very neat in actionscript because instead of writing instance.setB(1234); you simply write instance.b = 1234; and yet you get the benefit of validation. Then it is safe in the getter method to return an integer (assuming the validation is right). Java (and a lot of other languages) seems a bit clumsy in that way to be honest although i like the language as such. A lot of frameworks and class diagram code generators generate the getter and setter methods for you, but if you look at the actionscript way, you see it's not really necessary. It just adds overhead. But actionscript just makes it short and you can safely make your members public until you provide a set method and then you wont have to change any of the code where you are setting (or getting) it, because it stays the same! Actionscript 3 has some very nice features like you can loosely type like in PHP but you can also give strict types like in Java, making it more flexible while still restrictive if necessary for stability. Maybe the PHP developers should think about giving optional return types with :String for example and get and set methods as in actionscript. ... I know PHP is not actionscript. But a famous German man who was criticised for changing his mind said: Why should i keep to my old statement if my knowlege about the matter has improved? (or similar..., sorry don't remember who). Optional return types wouldn't hurt performance wise would they? And also they wouldn't even change the current syntax! In fact, isn't everything strictly typed under the hood anyway? As far as i know, in php you can already strictly type function parameters as in: public function asd(string $mystr) { $this-hola = $mystr; } Why not make it complete? Or is it? Sorry for stealing the thread. ;-) Also, i know php is an interpreted language. But wouldn't it be possible to write a virtual machine for php and compile byte code... I know, php is not Java or Actionscript :-P but it could be an add on feature. i guess the eval wouldn't work then would it? Although eval could still be interpreted... This would be nice in case you need to protect your intellectual property. Regards, Tim Tim-Hinnerk Heuer http://www.ihostnz.com Emo Philips - I was the kid next door's imaginary friend. 2009/2/19 Philip Thompson philthath...@gmail.com Hi all. Maybe I'm wanting more Java-like functionality out of PHP, but I don't really like getting and setting members directly (even for public members) - I'd rather use accessors. This way you can control what is getting set and what is returning. However, I also don't really want to create a million get/set accessor methods - this is no fun and takes up a lot of space. After reading around a little bit, it got me thinking about overloading in PHP (which I'm sure we all know is completely different than any other language... but that's another day). I didn't want to use the standard __get and __set methods because that still leaves me with the same notation for getting/setting members. So, instead, I used a close relative of __get and __set. Meet brother __call. Could it really be this trivial to get the notation I'm wanting? Yes. Yes it is. Ok, enough talking... onto the code. ?php class Person { public $age; private $first, $middle, $last; // Gotta have our construct public function __construct () {} // Here's the fun public function __call ($member, $args) { // Since I know members I want, force the user to only // access the ones I've created if (property_exists ('Person', $member)) { // If args is empty, I must be returning the value if (empty ($args)) { list ($value) = $this-$member; return $value; } // Oh, args is not empty! Set the value $this-$member =
Re: [PHP] Which file Included me?
Nisse Engström wrote: On Wed, 18 Feb 2009 10:37:53 -0800, Michael A. Peters wrote: http://www.gfx-depot.com/forum/-php-server-php-self-validation-t-1636.html explains a technique to validate the input as well (don't trust that is clean) Amazing! Not once did they mention htmlspecialchars(). /Nisse htmlspecialchars causes problems if you are going to use the data with DOMDocument. I believe the point was to produce a proper _SERVER['PHP_SELF'] - not a sanitized but still borked version. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP AS an FTP server
i successfully configure vsftp login using pam-mysql last time. http://pam-mysql.sourceforge.net/ http://www.linux.com/feature/125789 user can login to ftp server using the same password on web.. hope it help On 2/18/09, Michael Kubler mdk...@gmail.com wrote: Yeah, I don't want local user access (SSH, their own entries in passwd, etc..). Too much work to ensure they all have the correct file permissions, etc.. I think I'll just skip the PHP bit and use a proper FTP server. I've configured them a few times, but all the examples I found only had Anonymous FTP login, or MySQL (which is what I want), but the server wouldn't work with the MySQL plugin. Looks like I'll have to compile from source... joy. Thanks for all the replies though. Michael Kubler *G*rey *P*hoenix *P*roductions http://www.greyphoenix.biz Thodoris wrote: The local users part was about ssh-sftp access Ash not ftp. IMO when you add local users you add extra risks to your system than simple ftp (non-local) users may not cause. Of course if you secure your system carefully everything will work fine but I would avoid that and there are many security issues that here is not the place to discuss. Of course if this fits your needs I have no objections. -- Thodoris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php cli memory leak error
Thodoris schreef: seems to work fine here. What are your php.ini (memory related) settings? run: /usr/local/bin/php --ini and get the location of the php.ini file that is getting used. Check our the memory settings in that file. Some general options: max_input_time = 60 max_execution_time = 120 memory_limit = 128M and the last one I have just noticed (that is why it reports the leak): report_memleaks = On In case I set this to Off it just stops bugging me. But is there a memory leak? yes. And if yes should I report this as a bug ? if ( 1. report_memleaks is a core php.ini setting (not suhosin) (I don't recall) 2. you still get the leak if you disable suhosin extension 3. you can create a small reproduction script (seems you have one, but I'd check that it's the getopt() call that triggers the leak) 4. you can show the mem leak in 5.2.9RC2 and/or php5.3dev ) { report_a_bug(); } -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php cli memory leak error
2009/2/19 Jochem Maas joc...@iamjochem.com: Thodoris schreef: seems to work fine here. What are your php.ini (memory related) settings? run: /usr/local/bin/php --ini and get the location of the php.ini file that is getting used. Check our the memory settings in that file. Some general options: max_input_time = 60 max_execution_time = 120 memory_limit = 128M and the last one I have just noticed (that is why it reports the leak): report_memleaks = On In case I set this to Off it just stops bugging me. But is there a memory leak? yes. And if yes should I report this as a bug ? if ( 1. report_memleaks is a core php.ini setting (not suhosin) (I don't recall) 2. you still get the leak if you disable suhosin extension 3. you can create a small reproduction script (seems you have one, but I'd check that it's the getopt() call that triggers the leak) 4. you can show the mem leak in 5.2.9RC2 and/or php5.3dev ) { report_a_bug(); } Syntax error, unexpected T_STRING :( -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Unique User Hashes
At 1:49 AM +0100 2/19/09, Martin Zvarík wrote: Guys, I have not seen a poll where you need to input your email address - and if I would I would not vote - because it's a waste of my time... if you want me to vote you do everything you can to make it as pleasant as possible -- certainly that isn't requirement of an email validation. Okay, so you don't see the problem. It might do you well to try to figure out what we're talking about. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Unique User Hashes
tedd napsal(a): At 1:49 AM +0100 2/19/09, Martin Zvarík wrote: Guys, I have not seen a poll where you need to input your email address - and if I would I would not vote - because it's a waste of my time... if you want me to vote you do everything you can to make it as pleasant as possible -- certainly that isn't requirement of an email validation. Okay, so you don't see the problem. It might do you well to try to figure out what we're talking about. Cheers, tedd :) What world do you live in? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Unique User Hashes
At 5:10 PM +0100 2/19/09, Martin Zvarík wrote: tedd napsal(a): At 1:49 AM +0100 2/19/09, Martin Zvarík wrote: Guys, I have not seen a poll where you need to input your email address - and if I would I would not vote - because it's a waste of my time... if you want me to vote you do everything you can to make it as pleasant as possible -- certainly that isn't requirement of an email validation. Okay, so you don't see the problem. It might do you well to try to figure out what we're talking about. Cheers, tedd :) What world do you live in? The one that tries to understand and solve the problems presented. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Unique User Hashes
tedd napsal(a): At 5:10 PM +0100 2/19/09, Martin Zvarík wrote: tedd napsal(a): At 1:49 AM +0100 2/19/09, Martin Zvarík wrote: Guys, I have not seen a poll where you need to input your email address - and if I would I would not vote - because it's a waste of my time... if you want me to vote you do everything you can to make it as pleasant as possible -- certainly that isn't requirement of an email validation. Okay, so you don't see the problem. It might do you well to try to figure out what we're talking about. Cheers, tedd :) What world do you live in? The one that tries to understand and solve the problems presented. Cheers, tedd If that is true - you wouldn't say, you would do at least one of those things. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Accessors
please keep replies on list. Philip Thompson schreef: On Feb 19, 2009, at 2:59 AM, Jochem Maas wrote: Philip Thompson schreef: Hi all. What are your thoughts? Does this seem like a reasonable implementation? Useful? Pointless? Hit me up - I can handle *constructive* criticism. But for now, it's late and past my bedtime. how do you set a property to null? Oh sure, point that out! JK. I thought of that as well. For members where 'null' is an option, you may just want to create a definitive accessor or modify the __call() function. Use a string to represent null - I'll use 'nil' from objective-c. Something like this... yes but then someone might want to set the value to 'nil' or '__nil' or any other magic value you might want to use. what about capturing a method name prefix: $person-unsetFirst(); ?php public function __call ($member, $args) { if (property_exists ('Person', $member)) { if (empty ($args)) { list ($value) = $this-$member; return $value; } // Test to see if value is 'nil'. If so, set to null. if (!is_array ($args[0]) $args[0] == 'nil') { $args[0] = null; } $this-$member = $args; } else { die (Fatal Error: Call to undefined member: $member. Exiting...); } } $person = new Person(); $person-first('Billy'); $person-first('nil'); ? I suppose it's a possibility that someone will assign 'nil' to a member as an actual value, so put in some more checking or modify the null keyword - maybe '__nil' or whatever? That a possibility? Cheers, ~Phil -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Unique User Hashes
At 5:28 PM +0100 2/19/09, Martin Zvarík wrote: tedd napsal(a): At 5:10 PM +0100 2/19/09, Martin Zvarík wrote: tedd napsal(a): At 1:49 AM +0100 2/19/09, Martin Zvarík wrote: Guys, I have not seen a poll where you need to input your email address - and if I would I would not vote - because it's a waste of my time... if you want me to vote you do everything you can to make it as pleasant as possible -- certainly that isn't requirement of an email validation. Okay, so you don't see the problem. It might do you well to try to figure out what we're talking about. Cheers, tedd :) What world do you live in? The one that tries to understand and solve the problems presented. Cheers, tedd If that is true - you wouldn't say, you would do at least one of those things. You're trolling -- welcome to my kill file. tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Unique User Hashes
tedd napsal(a): At 5:28 PM +0100 2/19/09, Martin Zvarík wrote: tedd napsal(a): At 5:10 PM +0100 2/19/09, Martin Zvarík wrote: tedd napsal(a): At 1:49 AM +0100 2/19/09, Martin Zvarík wrote: Guys, I have not seen a poll where you need to input your email address - and if I would I would not vote - because it's a waste of my time... if you want me to vote you do everything you can to make it as pleasant as possible -- certainly that isn't requirement of an email validation. Okay, so you don't see the problem. It might do you well to try to figure out what we're talking about. Cheers, tedd :) What world do you live in? The one that tries to understand and solve the problems presented. Cheers, tedd If that is true - you wouldn't say, you would do at least one of those things. You're trolling -- welcome to my kill file. tedd My point is: don't say to others they don't see a problem, just because YOU see it differently (you said we, but that's basically just you only :))... plus, in this case, you are in my professional opinion wrong - the few (if any) of basic polls that require an email verification is its proof. Btw. google free temporary email address to see how unique email addresses really are - in case you meant it in reference to the poll voting - where you care about uniqueness of votes = people. ALOHA -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Accessors
On Feb 19, 2009, at 10:55 AM, Jochem Maas wrote: please keep replies on list. Sorry! Philip Thompson schreef: On Feb 19, 2009, at 2:59 AM, Jochem Maas wrote: Philip Thompson schreef: Hi all. What are your thoughts? Does this seem like a reasonable implementation? Useful? Pointless? Hit me up - I can handle *constructive* criticism. But for now, it's late and past my bedtime. how do you set a property to null? Oh sure, point that out! JK. I thought of that as well. For members where 'null' is an option, you may just want to create a definitive accessor or modify the __call() function. Use a string to represent null - I'll use 'nil' from objective-c. Something like this... yes but then someone might want to set the value to 'nil' or '__nil' or any other magic value you might want to use. what about capturing a method name prefix: $person-unsetFirst(); Yes, that is quite a viable option. I thought about the same thing, except for setting the member. Modify the __call method to check for 'set' before the member name $person-setFirst('John'); $person-setFirst(null); If you do it this way, there is no doubt that you are wanting to set the value. And it even allows null. ~Philip ?php public function __call ($member, $args) { if (property_exists ('Person', $member)) { if (empty ($args)) { list ($value) = $this-$member; return $value; } // Test to see if value is 'nil'. If so, set to null. if (!is_array ($args[0]) $args[0] == 'nil') { $args[0] = null; } $this-$member = $args; } else { die (Fatal Error: Call to undefined member: $member. Exiting...); } } $person = new Person(); $person-first('Billy'); $person-first('nil'); ? I suppose it's a possibility that someone will assign 'nil' to a member as an actual value, so put in some more checking or modify the null keyword - maybe '__nil' or whatever? That a possibility? Cheers, ~Phil -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Accessors
Also, i know php is an interpreted language. But wouldn't it be possible to write a virtual machine for php and compile byte code... I know, php is not Java or Actionscript :-P but it could be an add on feature. i guess the eval wouldn't work then would it? Although eval could still be interpreted... This would be nice in case you need to protect your intellectual property. I haven't tried it, but I might soon for an appliance I'm building. http://www.roadsend.com/ -- Thanks! -Shawn http://www.spidean.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Secure File Paths, File System - (simplified question)
Shawn McKenzie wrote: Daniel Kolbo wrote: Hello PHPers, I am quite ignorant about file system security. I was hoping you all could help me understand things. How does one restrict php script from going (reading, writing) files in the file system? As I see it, a php programmer could change the include_path, with ini_set(), use ../ etc..., and browse all the files on the server to which the php engine has access. This would clearly not be acceptable to a web host company, so how do most hosts restrict this kind of behaviour? Now, suppose i only have php access to my 'files' as defined by my host somehow. (again, my first part of the question is how do they do this?). Is it possible for me to further restrict this file accessibility for different sub-folders? Let me provide an example folder hierarchy and user scenario. Suppose there are two php programmers (me and you). I want full access, but I want to restrict you to your subdomain (subdomain2). +AllUsers (me and you) +Domain1 ++Subdomain1 (me only) ++Subdomain2 (me and you) ++SharedDomain (me and you) +ServerFile1 (me only) +ServerFile2 (me only) +SecretFile (no user) Thanks for helping understand how to restrict/limit different php programmers from going into places I'd rather them not go. dK Two methods come to mind, chroot and just setting perms for specific dirs. Hello, 1) chroot I don't understand how to specify to the php engine to chroot upon different scripts being executed (scripts that i don't control). Would you please clarify? 2)perms The php engine is what has access to specific dirs (not users, scripts,). That i know of, the php engine doesn't allow per user permissions. That is, it is one engine, one set of perms. Are you suggesting i have a separate php engine for each user? 3) Maybe i can simplify this question: How does a hosting company, in a shared virtual host server environment, prevent all their clients (php programmers) from snooping into all the other clients' folders? I am assuming we are all using the same php engine, as it is a shared apache host.
[PHP] Two troublesome fields
Hi all, I seem to be having a problem with getting two fields to insert into a table, the other fields insert but not these two its from a form that is a duplicate, basically I have a workorder that I want to make a copy of, I call it from the db, populate a form in case changes want to be made, and insert with a new unique ID as a new record, it's working great except Two fields will NOT insert and I'm at a loss for why ... the code is big so I will post snippets that I think may be the trouble spots Here is the insert: $sql = INSERT INTO workorders (CreatedDate, Location, WorkOrderName, AdminID, FormName, Status, Notes) VALUES (; $sql .= Now(), '$Location', '$WorkOrderName', '$AdminID', 'WorkOrder', 'New Order', '$Notes'); mysql_query($sql); $WorkOrderID = mysql_insert_id(); Here is the part where it calls the old values: $sql2 = SELECT Location, WorkOrderName FROM workorders WHERE WorkOrderID='$WorkOrderID'; $result2 = mysql_query ($sql2); $row2 = mysql_fetch_array($result2); Here is the form part: tr td align=left nowrapdiv class=CaptionReqProperty:/div/td td align=leftdivinput type=hidden name=Location value=?php echo $row2['Location']; ??php echo $row2['Location']; ? /div/td /tr tr td align=left nowrapdiv class=CaptionReqWork Order Name: ?php echo $row2['WorkOrderName']; ?/div/td td align=leftdivbrinput type=hidden name=WorkOrderName size=35 value=?php echo $row2['WorkOrderName']; ?//div/td /tr I need some clues, everything works except the two fields Location, and WorkOrderName. Thanks Terion Happy Freecycling Free the List !! www.freecycle.org Over Moderation of Freecycle List Prevents Post Timeliness. Twitter? http://twitter.com/terionmiller Facebook: a href=http://www.facebook.com/people/Terion-Miller/1542024891; title=Terion Miller's Facebook profile target=_TOPimg src= http://badge.facebook.com/badge/1542024891.237.919247960.png; border=0 alt=Terion Miller's Facebook profile/a Bill Watterson - There is not enough time to do all the nothing we want to do.
Re: [PHP] How should I ....--its a date/timestamp issue (RESOLVED)
Thanks Terion Happy Freecycling Free the List !! www.freecycle.org Over Moderation of Freecycle List Prevents Post Timeliness. Twitter? http://twitter.com/terionmiller Facebook: a href=http://www.facebook.com/people/Terion-Miller/1542024891; title=Terion Miller's Facebook profile target=_TOPimg src= http://badge.facebook.com/badge/1542024891.237.919247960.png; border=0 alt=Terion Miller's Facebook profile/a George Burns - I would go out with women my age, but there are no women my age. On Wed, Feb 18, 2009 at 8:29 PM, Paul M Foster pa...@quillandmouse.comwrote: On Wed, Feb 18, 2009 at 05:25:16PM -0600, Terion Miller wrote: snip What about just accepting any date in to the system, and defaulting to the current date if any numptys/users try to set one before? Do something maybe like this (untested) $userDate = strtotime($_REQUEST['date']); $startDate = ($userDate time())?time():$userDate; From there, you can use the timestamp how you wish. OOH found it: $startday = mktime(0, 0, 0, date(m) , date(d)+2, date(Y)); Well no, guess I didn't find it because that code above gives me this 1235109600 What is that?? It's a *nix timestamp number. Give it to date() this way: date('Y-m-d', $startday) And you'll see the date it represents. (It's actually the number of seconds since, the Unix epoch, in 1970.) Paul -- Paul M. Foster -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Two troublesome fields
On Thu, Feb 19, 2009 at 3:21 PM, Terion Miller webdev.ter...@gmail.comwrote: Hi all, I seem to be having a problem with getting two fields to insert into a table, the other fields insert but not these two its from a form that is a duplicate, basically I have a workorder that I want to make a copy of, I call it from the db, populate a form in case changes want to be made, and insert with a new unique ID as a new record, it's working great except Two fields will NOT insert and I'm at a loss for why ... the code is big so I will post snippets that I think may be the trouble spots Here is the insert: $sql = INSERT INTO workorders (CreatedDate, Location, WorkOrderName, AdminID, FormName, Status, Notes) VALUES (; $sql .= Now(), '$Location', '$WorkOrderName', '$AdminID', 'WorkOrder', 'New Order', '$Notes'); mysql_query($sql); $WorkOrderID = mysql_insert_id(); Here is the part where it calls the old values: $sql2 = SELECT Location, WorkOrderName FROM workorders WHERE WorkOrderID='$WorkOrderID'; $result2 = mysql_query ($sql2); $row2 = mysql_fetch_array($result2); Here is the form part: tr td align=left nowrapdiv class=CaptionReqProperty:/div/td td align=leftdivinput type=hidden name=Location value=?php echo $row2['Location']; ??php echo $row2['Location']; ? /div/td /tr tr td align=left nowrapdiv class=CaptionReqWork Order Name: ?php echo $row2['WorkOrderName']; ?/div/td td align=leftdivbrinput type=hidden name=WorkOrderName size=35 value=?php echo $row2['WorkOrderName']; ?//div/td /tr I need some clues, everything works except the two fields Location, and WorkOrderName. Thanks Terion Happy Freecycling Free the List !! www.freecycle.org Over Moderation of Freecycle List Prevents Post Timeliness. Twitter? http://twitter.com/terionmiller Facebook: a href=http://www.facebook.com/people/Terion-Miller/1542024891; title=Terion Miller's Facebook profile target=_TOPimg src= http://badge.facebook.com/badge/1542024891.237.919247960.png; border=0 alt=Terion Miller's Facebook profile/a Bill Watterson - There is not enough time to do all the nothing we want to do. Why not try a insert into table select fields from table where id = $id -- Bastien Cat, the other other white meat
Re: [PHP] Re: Secure File Paths, File System - (simplified question)
Daniel Kolbo wrote: Shawn McKenzie wrote: Daniel Kolbo wrote: Hello PHPers, I am quite ignorant about file system security. I was hoping you all could help me understand things. How does one restrict php script from going (reading, writing) files in the file system? As I see it, a php programmer could change the include_path, with ini_set(), use ../ etc..., and browse all the files on the server to which the php engine has access. This would clearly not be acceptable to a web host company, so how do most hosts restrict this kind of behaviour? Now, suppose i only have php access to my 'files' as defined by my host somehow. (again, my first part of the question is how do they do this?). Is it possible for me to further restrict this file accessibility for different sub-folders? Let me provide an example folder hierarchy and user scenario. Suppose there are two php programmers (me and you). I want full access, but I want to restrict you to your subdomain (subdomain2). +AllUsers (me and you) +Domain1 ++Subdomain1 (me only) ++Subdomain2 (me and you) ++SharedDomain (me and you) +ServerFile1 (me only) +ServerFile2 (me only) +SecretFile (no user) Thanks for helping understand how to restrict/limit different php programmers from going into places I'd rather them not go. dK Two methods come to mind, chroot and just setting perms for specific dirs. Hello, 1) chroot I don't understand how to specify to the php engine to chroot upon different scripts being executed (scripts that i don't control). Would you please clarify? 2)perms The php engine is what has access to specific dirs (not users, scripts,). That i know of, the php engine doesn't allow per user permissions. That is, it is one engine, one set of perms. Are you suggesting i have a separate php engine for each user? 3) Maybe i can simplify this question: How does a hosting company, in a shared virtual host server environment, prevent all their clients (php programmers) from snooping into all the other clients' folders? I am assuming we are all using the same php engine, as it is a shared apache host. O.K. I read and typed too fast. In short, suexec with apache will run a user's scripts as that user so long as php is run as cgi and not the apache mod. Also, virtual hosts in apache define the docroot for a virtual host (user/domain/etc.), so other virtual hosts can't access outside of that docroot into other virtual hosts. So the perms part of my previous reply was related to suexec and chroot was out of my ass because many times you would chroot apache for extra security from the webserver in general. -- Thanks! -Shawn http://www.spidean.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Unique User Hashes
Martin Zvarík wrote: tedd napsal(a): At 5:28 PM +0100 2/19/09, Martin Zvarík wrote: tedd napsal(a): At 5:10 PM +0100 2/19/09, Martin Zvarík wrote: tedd napsal(a): At 1:49 AM +0100 2/19/09, Martin Zvarík wrote: Guys, I have not seen a poll where you need to input your email address - and if I would I would not vote - because it's a waste of my time... if you want me to vote you do everything you can to make it as pleasant as possible -- certainly that isn't requirement of an email validation. snip Btw. google free temporary email address to see how unique email addresses really are - in case you meant it in reference to the poll voting - where you care about uniqueness of votes = people. So instead of trolling, offer a better suggestion. -- Postgresql php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Execute flash files with PHP
Hello. I have two scripts in php that reads a .swf or .flv movie file, like this: SCRIPT # 1 ?php $movie = movie.swf; readfile($movie); ? SCRIPT # 2 ?php $movie = movie.flv; readfile($movie); ? The script # 1 with the .swf file works fine: the video is executed with streaming. The script # 2 with the .flv file is executed but without streaming. If i execute the movie.flv directly (without the php script), then it´s executed with streaming. Do you know how can i do to execute the .flv file with php and with straming? I tried with fopen, readfile, but don´t works. Thank you
Re: [PHP] Unique User Hashes
Chris napsal(a): Martin Zvarík wrote: tedd napsal(a): At 5:28 PM +0100 2/19/09, Martin Zvarík wrote: tedd napsal(a): At 5:10 PM +0100 2/19/09, Martin Zvarík wrote: tedd napsal(a): At 1:49 AM +0100 2/19/09, Martin Zvarík wrote: Guys, I have not seen a poll where you need to input your email address - and if I would I would not vote - because it's a waste of my time... if you want me to vote you do everything you can to make it as pleasant as possible -- certainly that isn't requirement of an email validation. Btw. google free temporary email address to see how unique email addresses really are - in case you meant it in reference to the poll voting - where you care about uniqueness of votes = people. So instead of trolling, offer a better suggestion. Chris, if you would read the whole thread (my first comment), I bet you would consider more wisely your patronizing comment. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Unique User Hashes
Martin Zvarík wrote: Chris napsal(a): Martin Zvarík wrote: tedd napsal(a): At 5:28 PM +0100 2/19/09, Martin Zvarík wrote: tedd napsal(a): At 5:10 PM +0100 2/19/09, Martin Zvarík wrote: tedd napsal(a): At 1:49 AM +0100 2/19/09, Martin Zvarík wrote: Guys, I have not seen a poll where you need to input your email address - and if I would I would not vote - because it's a waste of my time... if you want me to vote you do everything you can to make it as pleasant as possible -- certainly that isn't requirement of an email validation. Btw. google free temporary email address to see how unique email addresses really are - in case you meant it in reference to the poll voting - where you care about uniqueness of votes = people. So instead of trolling, offer a better suggestion. Chris, if you would read the whole thread (my first comment), I bet you would consider more wisely your patronizing comment. Use the ip - which we've all said is useless. Where's the better suggestion? -- Postgresql php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Unique User Hashes
Chris napsal(a): Martin Zvarík wrote: Chris napsal(a): Martin Zvarík wrote: tedd napsal(a): At 5:28 PM +0100 2/19/09, Martin Zvarík wrote: tedd napsal(a): At 5:10 PM +0100 2/19/09, Martin Zvarík wrote: tedd napsal(a): At 1:49 AM +0100 2/19/09, Martin Zvarík wrote: Guys, I have not seen a poll where you need to input your email address - and if I would I would not vote - because it's a waste of my time... if you want me to vote you do everything you can to make it as pleasant as possible -- certainly that isn't requirement of an email validation. Btw. google free temporary email address to see how unique email addresses really are - in case you meant it in reference to the poll voting - where you care about uniqueness of votes = people. So instead of trolling, offer a better suggestion. Chris, if you would read the whole thread (my first comment), I bet you would consider more wisely your patronizing comment. Use the ip - which we've all said is useless. Where's the better suggestion? Nevermind, I was wrong - thank you for making me realize I am wasting time here. This useless IP solution is used by 80% of websites. I was trying to convice you that requirement of an email validation is just, let's say, unwise. So, don't bark if you don't agree.
Re: [PHP] Two troublesome fields
Thanks Terion Happy Freecycling Free the List !! www.freecycle.org Over Moderation of Freecycle List Prevents Post Timeliness. Twitter? http://twitter.com/terionmiller Facebook: a href=http://www.facebook.com/people/Terion-Miller/1542024891; title=Terion Miller's Facebook profile target=_TOPimg src= http://badge.facebook.com/badge/1542024891.237.919247960.png; border=0 alt=Terion Miller's Facebook profile/a Emo Philips - I was the kid next door's imaginary friend. On Thu, Feb 19, 2009 at 2:31 PM, Bastien Koert phps...@gmail.com wrote: On Thu, Feb 19, 2009 at 3:21 PM, Terion Miller webdev.ter...@gmail.comwrote: Hi all, I seem to be having a problem with getting two fields to insert into a table, the other fields insert but not these two its from a form that is a duplicate, basically I have a workorder that I want to make a copy of, I call it from the db, populate a form in case changes want to be made, and insert with a new unique ID as a new record, it's working great except Two fields will NOT insert and I'm at a loss for why ... the code is big so I will post snippets that I think may be the trouble spots Here is the insert: $sql = INSERT INTO workorders (CreatedDate, Location, WorkOrderName, AdminID, FormName, Status, Notes) VALUES (; $sql .= Now(), '$Location', '$WorkOrderName', '$AdminID', 'WorkOrder', 'New Order', '$Notes'); mysql_query($sql); $WorkOrderID = mysql_insert_id(); Here is the part where it calls the old values: $sql2 = SELECT Location, WorkOrderName FROM workorders WHERE WorkOrderID='$WorkOrderID'; $result2 = mysql_query ($sql2); $row2 = mysql_fetch_array($result2); Here is the form part: tr td align=left nowrapdiv class=CaptionReqProperty:/div/td td align=leftdivinput type=hidden name=Location value=?php echo $row2['Location']; ??php echo $row2['Location']; ? /div/td /tr tr td align=left nowrapdiv class=CaptionReqWork Order Name: ?php echo $row2['WorkOrderName']; ?/div/td td align=leftdivbrinput type=hidden name=WorkOrderName size=35 value=?php echo $row2['WorkOrderName']; ?//div/td /tr I need some clues, everything works except the two fields Location, and WorkOrderName. Thanks Terion Happy Freecycling Free the List !! www.freecycle.org Over Moderation of Freecycle List Prevents Post Timeliness. Twitter? http://twitter.com/terionmiller Facebook: a href=http://www.facebook.com/people/Terion-Miller/1542024891; title=Terion Miller's Facebook profile target=_TOPimg src= http://badge.facebook.com/badge/1542024891.237.919247960.png; border=0 alt=Terion Miller's Facebook profile/a Bill Watterson - There is not enough time to do all the nothing we want to do. Why not try a insert into table select fields from table where id = $id -- Bastien Cat, the other other white meat I just tried this and now it's not inserting at all where before everything EXCEPT two fields go in... $sql = INSERT INTO workorders ( CreatedDate, Location, WorkOrderName, AdminID, FormName, Status, Notes) VALUES (; $sql .= Now(), ; $sql .= '. mysql_real_escape_string($Location) .', ; $sql .= '. mysql_real_escape_string($WorkOrderName) .', ; $sql .= '. mysql_real_escape_string($AdminID) .', ; $sql .= '. mysql_real_escape_string(WorkOrder) .', ; $sql .= '. mysql_real_escape_string(New Order) .', ; $sql .= '. mysql_real_escape_string($Notes) .', ; $WorkOrderID = mysql_insert_id(); mysql_query($sql);
Re: [PHP] Execute flash files with PHP
R B wrote: Hello. I have two scripts in php that reads a .swf or .flv movie file, like this: SCRIPT # 1 ?php $movie = movie.swf; readfile($movie); ? SCRIPT # 2 ?php $movie = movie.flv; readfile($movie); ? The script # 1 with the .swf file works fine: the video is executed with streaming. The script # 2 with the .flv file is executed but without streaming. If i execute the movie.flv directly (without the php script), then it´s executed with streaming. If you change the filetype (from swf to flv) you need to change the headers php sends before it spits out the file. What headers are you sending? -- Postgresql php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Execute flash files with PHP
R B wrote: Hello. I have two scripts in php that reads a .swf or .flv movie file, like this: SCRIPT # 1 ?php $movie = movie.swf; readfile($movie); ? SCRIPT # 2 ?php $movie = movie.flv; readfile($movie); ? The script # 1 with the .swf file works fine: the video is executed with streaming. The script # 2 with the .flv file is executed but without streaming. There's a tutorial here: http://www.flashcomguru.com/index.cfm/2005/11/2/Streaming-flv-video-via-PHP-take-two (have not tested it myself). The php code is available for download from that page as well. -- Postgresql php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Execute flash files with PHP
There's a tutorial here: http://www.flashcomguru.com/index.cfm/2005/11/2/Streaming-flv-video-via-PHP-take-two (have not tested it myself). The php code is available for download from that page as well. And the video there is awesome! The narrator sounds like the one in my video: http://webbytedd.com/bb/ice/ Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php cli memory leak error
Lewis Wright schreef: 2009/2/19 Jochem Maas joc...@iamjochem.com: Thodoris schreef: seems to work fine here. What are your php.ini (memory related) settings? run: /usr/local/bin/php --ini and get the location of the php.ini file that is getting used. Check our the memory settings in that file. Some general options: max_input_time = 60 max_execution_time = 120 memory_limit = 128M and the last one I have just noticed (that is why it reports the leak): report_memleaks = On In case I set this to Off it just stops bugging me. But is there a memory leak? yes. And if yes should I report this as a bug ? if ( 1. report_memleaks is a core php.ini setting (not suhosin) (I don't recall) 2. you still get the leak if you disable suhosin extension 3. you can create a small reproduction script (seems you have one, but I'd check that it's the getopt() call that triggers the leak) 4. you can show the mem leak in 5.2.9RC2 and/or php5.3dev ) { report_a_bug(); } Syntax error, unexpected T_STRING :( sorry. try this instead: ?php if (!function_exists('readline')) { function readline( $prompt = '' ) { echo $prompt; return rtrim( fgets( STDIN ), \n ); } } function makeUserPerformSomeStuff($cmd) { $answer = null; echo compute this: $cmd\n\n; while (!in_array(strtolower($answer), array('n','y'))) $answer = readline(did it compute? [y/n]: ); return ($answer == 'y'); } function report_a_bug() { return makeUserPerformSomeStuff(report a bug.); } if (makeUserPerformSomeStuff( 1. report_memleaks is a core php.ini setting (not suhosin) (I don't recall) 2. you still get the leak if you disable suhosin extension 3. you can create a small reproduction script (seems you have one, but I'd check that it's the getopt() call that triggers the leak) 4. you can show the mem leak in 5.2.9RC2 and/or php5.3dev )) { report_a_bug(); } -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Unique User Hashes
On Thu, 2009-02-19 at 23:34 +0100, Martin Zvarík wrote: Chris napsal(a): Martin Zvarík wrote: Chris napsal(a): Martin Zvarík wrote: tedd napsal(a): At 5:28 PM +0100 2/19/09, Martin Zvarík wrote: tedd napsal(a): At 5:10 PM +0100 2/19/09, Martin Zvarík wrote: tedd napsal(a): At 1:49 AM +0100 2/19/09, Martin Zvarík wrote: Guys, I have not seen a poll where you need to input your email address - and if I would I would not vote - because it's a waste of my time... if you want me to vote you do everything you can to make it as pleasant as possible -- certainly that isn't requirement of an email validation. Btw. google free temporary email address to see how unique email addresses really are - in case you meant it in reference to the poll voting - where you care about uniqueness of votes = people. So instead of trolling, offer a better suggestion. Chris, if you would read the whole thread (my first comment), I bet you would consider more wisely your patronizing comment. Use the ip - which we've all said is useless. Where's the better suggestion? Nevermind, I was wrong - thank you for making me realize I am wasting time here. This useless IP solution is used by 80% of websites. I was trying to convice you that requirement of an email validation is just, let's say, unwise. So, don't bark if you don't agree. So you;'e saying that unless we agree with you, not to mention anything? Ash www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Unique User Hashes
Ashley Sheridan napsal(a): On Thu, 2009-02-19 at 23:34 +0100, Martin Zvarík wrote: Chris napsal(a): Martin Zvarík wrote: Chris napsal(a): Martin Zvarík wrote: tedd napsal(a): At 5:28 PM +0100 2/19/09, Martin Zvarík wrote: tedd napsal(a): At 5:10 PM +0100 2/19/09, Martin Zvarík wrote: tedd napsal(a): At 1:49 AM +0100 2/19/09, Martin Zvarík wrote: Guys, I have not seen a poll where you need to input your email address - and if I would I would not vote - because it's a waste of my time... if you want me to vote you do everything you can to make it as pleasant as possible -- certainly that isn't requirement of an email validation. Btw. google free temporary email address to see how unique email addresses really are - in case you meant it in reference to the poll voting - where you care about uniqueness of votes = people. So instead of trolling, offer a better suggestion. Chris, if you would read the whole thread (my first comment), I bet you would consider more wisely your patronizing comment. Use the ip - which we've all said is useless. Where's the better suggestion? Nevermind, I was wrong - thank you for making me realize I am wasting time here. This useless IP solution is used by 80% of websites. I was trying to convice you that requirement of an email validation is just, let's say, unwise. So, don't bark if you don't agree. So you;'e saying that unless we agree with you, not to mention anything? Ash www.ashleysheridan.co.uk I meant: You don't have to bark, if you don't agree. = We can discuss.
[PHP] What good is SoapClient-__getTypes() ?
Hi guys, I'm using PHP 5.1.6 and I'm calling a WSDL that has 4 functions. This is a brand new service opened by one of our vendors so I'm sure it is going to change. So I'm thinking I would like to build a page that pulls the data structures and builds html input forms automatically. So when I send the following code: $client = new SoapClient($wsdl, $options); $available_types = $client-__getTypes(); var_dump($available_types[4]); I get back: string(467) struct ProvisionNewTrunk { string DeviceID; string DeviceModel; string PublicIP; string LastName; string FirstName; string Address1; string Address2; string City; string State; string ZIP; string Country; string Phone; string Email; string Department; string Company; string PromotionCode; string CCName; string CCAddress1; string CCAddress2; string CCCity; string CCState; string CCZIP; string CCCountry; string CCNumber; string CCExpDate; } Normally I would just hard-code an array but is there any automatic way to iterate through this so I can build an input form? Besides hacking up a str_split or something? All my googling just turns up mirrors of php.net man pages:( Thanks a bunch, Shanon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Accessors
Also, i know php is an interpreted language. But wouldn't it be possible to write a virtual machine for php and compile byte code... I know, php is not Java or Actionscript :-P but it could be an add on feature. i guess the eval wouldn't work then would it? Although eval could still be interpreted... This would be nice in case you need to protect your intellectual property. I haven't tried it, but I might soon for an appliance I'm building. http://www.roadsend.com/ Actually might not have virtual machine as java does but it has an engine and it is possible to produce something similar to byte-code. You can some solutions to this and here is one of them (open source): http://www.php.net/manual/en/ref.bcompiler.php http://pecl.php.net/package/bcompiler and there is a script to make byte-code: http://bencoder.urdada.net/ I have used and it works. -- Thodoris