php-general Digest 10 Nov 2009 18:03:47 -0000 Issue 6436

2009-11-10 Thread php-general-digest-help 

php-general Digest 10 Nov 2009 18:03:47 - Issue 6436

Topics (messages 299764 through 299768):

Re: Hash function
299764 by: Hans Åhlin

Re: Multilingual website, texts in external JavaScriptproblem
299765 by: Peter Ford

Form Validation filter - Regex Q
299766 by: Haig Davis
299767 by: Al
299768 by: Nathan Rixham

Administrivia:

To subscribe to the digest, e-mail:
php-general-digest-subscr...@lists.php.net

To unsubscribe from the digest, e-mail:
php-general-digest-unsubscr...@lists.php.net

To post to the list, e-mail:
php-gene...@lists.php.net


--
---BeginMessage---
Hope this is what your looking for...

?php
/**
 * This is a part of the SN1000 System
 *
 * @author Hans Åhlin
 * @copyright (C)2009 Hans Åhlin
 * @owner Hans Åhlin
 * @version 1.000.000
 * @contact i...@sn1000.com
 *
 * Copyrighted by the owner of SN1000
 * ALL COPYING, PUBLISHING AND EDITING WITH OUT THE
 * COPYRIGHT HOLDERS WRITTEN PERMISSION IS FORBIDDEN,
 * THIS INCLUDES THE CODE, TEXT, GRAPHICS AND SOUNDS.
 * For more information and/or questions please
 * contact us at i...@sn1000.com Including the
 * concerning page file name and dns address
 */ 

if(__DEBUG__ == 1){

$TestPW = 'This is the test password!!!';

echo \n*\n;
echo ** PASSWORD HASH FUNCTION\n;
echo ** snlib_hash_password()\n;
echo *\n;
echo The test password: $TestPW;
echo \n;
echo snlib_hash_password($TestPW);
echo \n*\n;
}

/**
 * This function salts and scrambles the password for higher security
 *
 * @version 1.000.000
 * @param $Password
 * @return SHA1
 */
function snlib_hash_password($Password){

$PWLength = strlen($Password);

if(__DEBUG__ == 1){

echo 'The length of the test password: ';
echo $PWLength;
echo \n;
}

$ScrambledPW = ;
$i = 0;

while($PWLength != 0){

$PWLength--;

$ScrambledPW .= $PWLength . $Password[$PWLength] . 
$Password[$i] . $i;

$i++;

}

if(__DEBUG__ == 1){

echo 'The scrambled test password: ';
echo $ScrambledPW;
echo \n;
}

$PasswordHASH = sha1($ScrambledPW);

return $PasswordHASH;
}
?

For legal purposes i her grant you all to use this file fore any
purpose, and for the same reason i can not take away the copyright
notice...

2009/11/9 Ali Asghar Toraby Parizy aliasghar.tor...@gmail.com:
 hi friends
 I need a hash function to build a Unique serial number by mixing a request
 code and a user name
 request codes are strings like this: They are literally HEX codes of MAC mac
 addresses.
 002314EFD000544AB05345300045675609782123C3254B312123D12312EE13123F123D123123EEE000E000E000EE
 i want to create a function that mix together this request code with user
 name that user entered and create new serial number.
 What implications i have to satisfy to create such hash function in php?
 Thanks for any suggestion




-- 
MvH / Hans Åhlin
Tel: +46761488019
http//www.kronan-net.com/
---End Message---
---BeginMessage---
leledumbo wrote:
 I don't see why you can't use inline script in XHTML 1.0 Strict
 
 Because I don't know about CDATA, thanks.

Glad to be of service!
As another regular contributor to this list often points out, there's always
something new to learn :)

-- 
Peter Ford  phone: 01580 89
Developer   fax:   01580 893399
Justcroft International Ltd., Staplehurst, Kent
---End Message---
---BeginMessage---
 Morning All,

I've been figthing with this little problem for two days now, so far no luck
with google and am beginning to question my own sanity.

I have a application that has over one hundred forms some quite lengthy so
what I'm trying to achieve rather than writing a bunch of individual
sanitize statements then form validation statemenst that I could run $_POST
through a foreach loop and filter the values by form class i.e.is it an
emaill addreess or simply a text block with letters and numbers. The regex's
alone work fine as does the foreach loop the only issue I have is the IF
statement comparing $key to expected varieable names.

Heres the bit of code envolved.

if(isset($_POST['submit'])){
foreach($_POST as $keyTemp = $valueTemp){
$key = mysqlclean($keyTemp);
$value = mysqlclean($valueTemp);
$$key = $key;
$$key = $value;

if($key !=

Re: [PHP] Hash function

2009-11-10 Thread Hans Åhlin 
Hope this is what your looking for...

?php
/**
 * This is a part of the SN1000 System
 *
 * @author Hans Åhlin
 * @copyright (C)2009 Hans Åhlin
 * @owner Hans Åhlin
 * @version 1.000.000
 * @contact i...@sn1000.com
 *
 * Copyrighted by the owner of SN1000
 * ALL COPYING, PUBLISHING AND EDITING WITH OUT THE
 * COPYRIGHT HOLDERS WRITTEN PERMISSION IS FORBIDDEN,
 * THIS INCLUDES THE CODE, TEXT, GRAPHICS AND SOUNDS.
 * For more information and/or questions please
 * contact us at i...@sn1000.com Including the
 * concerning page file name and dns address
 */ 

if(__DEBUG__ == 1){

$TestPW = 'This is the test password!!!';

echo \n*\n;
echo ** PASSWORD HASH FUNCTION\n;
echo ** snlib_hash_password()\n;
echo *\n;
echo The test password: $TestPW;
echo \n;
echo snlib_hash_password($TestPW);
echo \n*\n;
}

/**
 * This function salts and scrambles the password for higher security
 *
 * @version 1.000.000
 * @param $Password
 * @return SHA1
 */
function snlib_hash_password($Password){

$PWLength = strlen($Password);

if(__DEBUG__ == 1){

echo 'The length of the test password: ';
echo $PWLength;
echo \n;
}

$ScrambledPW = ;
$i = 0;

while($PWLength != 0){

$PWLength--;

$ScrambledPW .= $PWLength . $Password[$PWLength] . 
$Password[$i] . $i;

$i++;

}

if(__DEBUG__ == 1){

echo 'The scrambled test password: ';
echo $ScrambledPW;
echo \n;
}

$PasswordHASH = sha1($ScrambledPW);

return $PasswordHASH;
}
?

For legal purposes i her grant you all to use this file fore any
purpose, and for the same reason i can not take away the copyright
notice...

2009/11/9 Ali Asghar Toraby Parizy aliasghar.tor...@gmail.com:
 hi friends
 I need a hash function to build a Unique serial number by mixing a request
 code and a user name
 request codes are strings like this: They are literally HEX codes of MAC mac
 addresses.
 002314EFD000544AB05345300045675609782123C3254B312123D12312EE13123F123D123123EEE000E000E000EE
 i want to create a function that mix together this request code with user
 name that user entered and create new serial number.
 What implications i have to satisfy to create such hash function in php?
 Thanks for any suggestion




-- 
MvH / Hans Åhlin
Tel: +46761488019
http//www.kronan-net.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Multilingual website, texts in external JavaScriptproblem

2009-11-10 Thread Peter Ford 
leledumbo wrote:
 I don't see why you can't use inline script in XHTML 1.0 Strict
 
 Because I don't know about CDATA, thanks.

Glad to be of service!
As another regular contributor to this list often points out, there's always
something new to learn :)

-- 
Peter Ford  phone: 01580 89
Developer   fax:   01580 893399
Justcroft International Ltd., Staplehurst, Kent

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Form Validation filter - Regex Q

2009-11-10 Thread Haig Davis 
 Morning All,

I've been figthing with this little problem for two days now, so far no luck
with google and am beginning to question my own sanity.

I have a application that has over one hundred forms some quite lengthy so
what I'm trying to achieve rather than writing a bunch of individual
sanitize statements then form validation statemenst that I could run $_POST
through a foreach loop and filter the values by form class i.e.is it an
emaill addreess or simply a text block with letters and numbers. The regex's
alone work fine as does the foreach loop the only issue I have is the IF
statement comparing $key to expected varieable names.

Heres the bit of code envolved.

if(isset($_POST['submit'])){
foreach($_POST as $keyTemp = $valueTemp){
$key = mysqlclean($keyTemp);
$value = mysqlclean($valueTemp);
$$key = $key;
$$key = $value;

if($key != ($customerServiceEmail) || ($billingEmail) ||
($website)){
if(preg_match(/[^a-zA-Z0-9\s]/, $value)){
$style = yellow;
$formMsg = Invalid Characters;
$bad = $key;

}
}
if($key = ($customerServiceEmail) || ($billingEmail)){

if(preg_match(/^([a-za-z0-9._%...@[a-za-z0-9.-]+\.[a-za-z]{2,4})*$/,
$value)){
$style = yellow;
$formMsg = Invalid Characters;
$bad = $key;
}
}

}
}

Thanks for taking a peek.

Haig

[PHP] Re: Form Validation filter - Regex Q

2009-11-10 Thread Al 



Haig Davis wrote:

 Morning All,

I've been figthing with this little problem for two days now, so far no luck
with google and am beginning to question my own sanity.

I have a application that has over one hundred forms some quite lengthy so
what I'm trying to achieve rather than writing a bunch of individual
sanitize statements then form validation statemenst that I could run $_POST
through a foreach loop and filter the values by form class i.e.is it an
emaill addreess or simply a text block with letters and numbers. The regex's
alone work fine as does the foreach loop the only issue I have is the IF
statement comparing $key to expected varieable names.

Heres the bit of code envolved.

if(isset($_POST['submit'])){
foreach($_POST as $keyTemp = $valueTemp){
$key = mysqlclean($keyTemp);
$value = mysqlclean($valueTemp);
$$key = $key;
$$key = $value;

if($key != ($customerServiceEmail) || ($billingEmail) ||
($website)){
if(preg_match(/[^a-zA-Z0-9\s]/, $value)){
$style = yellow;
$formMsg = Invalid Characters;
$bad = $key;

}
}
if($key = ($customerServiceEmail) || ($billingEmail)){

if(preg_match(/^([a-za-z0-9._%...@[a-za-z0-9.-]+\.[a-za-z]{2,4})*$/,
$value)){
$style = yellow;
$formMsg = Invalid Characters;
$bad = $key;
}
}

}
}

Thanks for taking a peek.

Haig



1] Pear has several classes that will help you from reinventing the wheel.

2] I always, when possible, restrict what users are allowed to enter.  Then, I 
simply delete or warn them about anything that is not permissible. e.g., they 
can enter any of the plain html tags. Any tags not in this list are removed.


//region Usable XHTML elements for user admin prepared user instructions 
[Only these XHTML tags can be used] /


$inlineHtmlTagsArray = array('a', 'b', 'img', 'em', 'object', 'option', 
'select', 'span', 'strong',);//Note img is both empty and inline

$blockHtmlTagsArray = array('div', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'p', 
'pre',);
$emptyHtmlTagsArray = array('br', 'hr', 'img',);
$listHtmlTagsArray = array('li', 'ol', 'ul');
$tableHtmlTagsArray = array('col', 'table', 'tbody', 'td', 'th', 'thead', 
'tr',);

I also do syntax and reverse DNS tests for all links and email addresses.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Form Validation filter - Regex Q

2009-11-10 Thread Nathan Rixham 
Haig Davis wrote:
 alone work fine as does the foreach loop the only issue I have is the IF
 statement comparing $key to expected varieable names.
 
 if($key != ($customerServiceEmail) || ($billingEmail) ||

multiple points here..

1: is the key name held in a php variable called $customerServiceEmail?

if you have input name=customerServiceEmail / then use:
?php
if( $key != 'customerServiceEmail' )
?

if you have input name=$customerServiceEmail / then use:
?php
if( $key != '$customerServiceEmail' )
?


2: if you need to compare multiples then you need to use either..

?php
if( !in_array( $key , array('customerServiceEmail' , 'billingEmail' ,
'website') ) ) {
?

?php
if( $key != 'customerServiceEmail'  $key != 'billingEmail'  $key !=
'website' )
?

note in the above I've *ass*umed some mistyped logic, in that only
proceed if not ('customerServiceEmail' || 'billingEmail' || 'website') -
which is in correct because string || string || string *always* equals 1
- hence you need the 3 comparisons achieved by using and() or in_array.


3: these two lines override each other, and variable variables aren't
needed here
$$key = $key;
$$key = $value;


here's a full version for you that should work as you expect:

?php
if( isset($_POST['submit']) ) {
  foreach($_POST as $keyTemp = $valueTemp){
$key = mysqlclean($keyTemp);
$value = mysqlclean($valueTemp);
if( in_array( $key , array( 'customerServiceEmail' , 'billingEmail'
) ) ) {
  // only email validate if its an email field
  if(
preg_match(/^([a-za-z0-9._%...@[a-za-z0-9.-]+\.[a-za-z]{2,4})*$/,
$value) ) {
$style = yellow;
$formMsg = Invalid Characters;
$bad = $key;
  }
} else if( $key == 'website' ) {
  // placeholder incase you want URL validation
} else {
  // only gets here if not and email field, and not a website address
  if(preg_match(/[^a-zA-Z0-9\s]/, $value)){
$style = yellow;
$formMsg = Invalid Characters;
$bad = $key;
  }
}
  }
}
?

regards;

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Checkbox in PHP form

2009-11-10 Thread Adam Randall 
INPUT class=text id=myCheck1 type=checkbox?php echo( $row[33] ==
'no' ? ' checked=checked' : '' ); ? value=PFDs
name=f_sequipment1/bfont size=2PFDsb
Or with short tags:

INPUT class=text id=myCheck1 type=checkbox?= $row[33] == 'no' ? '
checked=checked' : '' ? value=PFDs name=f_sequipment1/bfont
size=2PFDsb
Adam.

On Sun, Nov 8, 2009 at 5:39 PM, Ernie Kemp ernie.k...@sympatico.ca wrote:

   Need some help here with checkboxes in an html form.



 My issue is I have a form that needs to be viewed with checkboxes filled in
 depending on the values in the table.



 I tried:

 INPUT class=text id=myCheck1 type=checkbox ?php if ( $row[33] = 'no')
 { echo checked=yes;  } else { echo '';  } ? value=PFDs
 name=f_sequipment1/bfont size=2PFDsb

 but the checkbox field is always checked.



 I thought of JavaScript also but it would have to be a “if $row[33] then
 run a JavaScript function” .  This is not working for me neither.



 Sorry if this seems trivial but I need your help.



 Thanks in advance.












-- 
Adam Randall
http://www.xaren.net
AIM: blitz574

Re: [PHP] Re: Checkbox in PHP form

2009-11-10 Thread Adam Randall 
On Sun, Nov 8, 2009 at 9:52 PM, Brian Hazelton bdh_2...@comcast.net wrote:
 input class=text id=myCheck1 type=checkbox ?php if ( $row[33] ==
 'no') { echo checked=checked;  } ? value=PFDs
 name=f_sequipment1/bfont size=2PFDsb


 --
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php





-- 
Adam Randall
http://www.xaren.net
AIM: blitz574

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] How to create CA certificate with PHP

2009-11-10 Thread Tanveer Chowdhury 
Hello all,

Using openssl, I can create CA certificate by using the linux command line.

But this thing I want to do using PHP that is I want to add some information
in the openldap regarding a user and also would like to insert his public
key certificate along with the other information.

Can you please suggest any link or documentation on this topic. For your
information I can insert information like user,email,phone,email in openldap
but haven't tried to insert the certificate in openldap yet. The issue is, I
want to make the whole process automated like all user information user will
input in a form and upon clicking submit button all those information along
with his certificate which will be generated then and there will be inserted
in openldap.

Thanks in advance.