php-general Digest 22 Dec 2010 17:48:53 -0000 Issue 7099
php-general Digest 22 Dec 2010 17:48:53 - Issue 7099 Topics (messages 310211 through 310226): Warning when calling session_start() 310211 by: webdev.blaettner.com 310212 by: Michael Shadle 310213 by: webdev.blaettner.com 310222 by: Ravi Gehlot Re: goto - My comments 310214 by: Jim Lucas Re: Is there a simple way to enforce a private method in a subclass? 310215 by: Richard Quadling accessing magic parent set 310216 by: Alexandru Patranescu 310225 by: Ravi Gehlot MP3 Player and PHP 310217 by: Don Wieland 310219 by: a...@ashleysheridan.co.uk 310221 by: Richard Quadling Server response very poor again 310218 by: Al 310220 by: Steve Staples 310224 by: Nicholas Kell 310226 by: Daniel P. Brown Re: empty() in email message 310223 by: Ravi Gehlot Administrivia: To subscribe to the digest, e-mail: php-general-digest-subscr...@lists.php.net To unsubscribe from the digest, e-mail: php-general-digest-unsubscr...@lists.php.net To post to the list, e-mail: php-gene...@lists.php.net -- ---BeginMessage--- Hi, folks, good morning ! Since I'm a newbie with respect of sessions cookies I'm quite lost here getting always a warning when calling session_start(); I developed and tested some php code using a session to pass some values betwen different scripts on my local machine. All went O.K. But when I transferred the code to my provider's server where my website is hosted, I constantly get this warning when calling session_start(): Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /./sess.php:3) in /./sess.php on line 5 In line 5 is session_start(); I dotted-out the path prefices in this warning. Lines 1-5 of my script sess.php are as follows: 1 !-- PHP CODE - - 2 3 ?php 4 5 session_start (); In my browser (firefox) I've enabled cookies. There were some differences between my local machine and my provider's server in respect to session related PHP flags/variables. I adapted those by adding following lines in .htaccess on the webserver: php_flag session.bug_compat_42 off# Was On php_value session.bug_compat_42 off # Was On php_flag session.cookie_httponly on # Was off php_value session.cookie_httponly on # Was off php_flag session.use_only_cookies On # Was off php_value session.use_only_cookies On # Was off Can anybody give me some hints for resolving this issue and/or pointers where to dig further ?!? Thanks in advance ! Rolf -- Dipl.phys. Rudolf Otto Blättner, D 91074 Herzogenaurach, Germany. ---End Message--- ---BeginMessage--- On Tue, Dec 21, 2010 at 9:27 PM, web...@blaettner.com wrote: Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /./sess.php:3) in /./sess.php on line 5 first - this is probably your culprit: don't output empty lines before you do anything (just a general good practice) also i'd turn on output buffering. ---End Message--- ---BeginMessage--- Hi, folks, On Tue, 21 Dec 2010 21:35:17 -0800 [06:35:17 AM CET], Michael Shadle mike...@gmail.com wrote: first - this is probably your culprit: don't output empty lines before you do anything (just a general good practice) Whow! This did the trick ! Warning vanished when I changed beginning of script to: 1 ?php session_start (); 2 I wasn't aware that the HTML comment and the following empty line are in fact written to output. But that's clear now :-) So I suppose my local PHP setup supressed this warning or is more compliant ... also i'd turn on output buffering. Since it worked without warning at 1st try, I haven't changed output buffering (yet). Mike, many thanks for Your PROMPT and HELPFUL answer! Have a nice day! Rolf -- Dipl.phys. Rudolf Otto Blättner, D 91074 Herzogenaurach, Germany. ---End Message--- ---BeginMessage--- session_start (); should be before everything...first thing in the page. Ravi. On Wed, Dec 22, 2010 at 12:51 AM, web...@blaettner.com wrote: Hi, folks, On Tue, 21 Dec 2010 21:35:17 -0800 [06:35:17 AM CET], Michael Shadle mike...@gmail.com wrote: first - this is probably your culprit: don't output empty lines before you do anything (just a general good practice) Whow! This did the trick ! Warning vanished when I changed beginning of script to: 1 ?php session_start (); 2 I wasn't aware that the HTML comment and the following empty line are in fact written to output. But that's clear now :-) So I suppose my local PHP setup supressed this warning or is more compliant ... also i'd turn on output buffering. Since it worked without warning at 1st try, I haven't changed output buffering (yet). Mike, many
Re: [PHP] Re: Is there a simple way to enforce a private method in a subclass?
On 21 December 2010 19:12, Carlos Medina i...@simply-networks.de wrote: Am 21.12.2010 17:36, schrieb Richard Quadling: Hi. If I have an abstract class of Task and I want all subclasses of Task to have a private method _runTask, is there a way to enforce this? Currently an abstract private function in an abstract class isn't allowed. Fatal error: Abstract function Task::_runTask() cannot be declared private in D:\PHP\Includes\Task.php on line 91 Now I'm pretty sure there are valid reasons for this, but, for me, the key part here is the abstract modifier. This should be read first and foremost and simply say that somewhere in the subclasses, this method must defined. And if it must be defined as private, then so be it. Richard. Hi Richard, okay you want to use an abstract class (not instantiable) with a private abstract method. I think this doesnt make sense. And i think, PHP does not allow this because the inheritance constraint will be failed (you can use only in the class itself). Regards Carlos Thanks for that. Things were getting too complicated because I had 2 significantly different features in 1 class. Now I've got 2 interfaces (TaskInterface and TaskControllerInterface), things make more sense to me. Richard. -- Richard Quadling Twitter : EE : Zend @RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] accessing magic parent set
Is this the only way to access the magic __set from the parent class:
public function __set($columnName, $value)
{
if ($value !== $this-$columnName) {
parent::__set($columnName, $value);
}
}
I would have liked to work this way:
public function __set($columnName, $value)
{
if ($value !== $this-$columnName) {
parent::$columnName = $value;
}
}
And another question.
There is a self, a static and a parent
Why is it only $this and not a $parent too?
[PHP] MP3 Player and PHP
Hello, Can someone recommend a web MP3 player? I need the following options: 1) Location and Duration of mp3 display (seconds) 2) The ability to pass a start and end parameter and play a part of the song 3) Loop parameter 4) Call to the player to grab the mp3 Location and set it to a field so i can insert it via PHP to mySQL 5) Work is most popular browsers Free would be nice but I am will to pay a bit if it offers everything I need. Any suggestions would be appreciated. Don -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Server response very poor again
It was fixed about 3 or 4 weeks ago; but, has reverted to poor again. Many times outs etc. Took me 4 tries to post this. Al... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MP3 Player and PHP
You've missed a crucial part of php; its not a client-side language, its all run on the server. So you can't have a music player built in it running in a web browser. For that you need something like flash or java. There is a way potentially with html5, but not all support the audio tag (internet explorer for example) and not all support the same codecs. Thanks, Ash http://www.ashleysheridan.co.uk - Reply message - From: Don Wieland d...@dwdataconcepts.com Date: Wed, Dec 22, 2010 15:06 Subject: [PHP] MP3 Player and PHP To: php-general@lists.php.net Hello, Can someone recommend a web MP3 player? I need the following options: 1) Location and Duration of mp3 display (seconds) 2) The ability to pass a start and end parameter and play a part of the song 3) Loop parameter 4) Call to the player to grab the mp3 Location and set it to a field so i can insert it via PHP to mySQL 5) Work is most popular browsers Free would be nice but I am will to pay a bit if it offers everything I need. Any suggestions would be appreciated. Don -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Server response very poor again
On Wed, 2010-12-22 at 10:19 -0500, Al wrote: It was fixed about 3 or 4 weeks ago; but, has reverted to poor again. Many times outs etc. Took me 4 tries to post this. Al... Not trying to sound rude or prickish... but is it your ISP or connection to the intertubes? Or could it be an issue with your computer? I've never had any problems posting, or retrieving mail from this list, so I can't say/speak to a related issue. Steve -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MP3 Player and PHP
On 22 December 2010 15:06, Don Wieland d...@dwdataconcepts.com wrote: Hello, Can someone recommend a web MP3 player? I need the following options: 1) Location and Duration of mp3 display (seconds) 2) The ability to pass a start and end parameter and play a part of the song 3) Loop parameter 4) Call to the player to grab the mp3 Location and set it to a field so i can insert it via PHP to mySQL 5) Work is most popular browsers Free would be nice but I am will to pay a bit if it offers everything I need. Any suggestions would be appreciated. Don -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php For playing MP3s (I have an alert system running in our call centre), I use SoundManager2. It's a JS library which allows me to play mp3 files. They are controlled by an AJAX orientated request to PHP which gathers the data and determines what alert needs to be played. Was first running on IE6. -- Richard Quadling Twitter : EE : Zend @RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Warning when calling session_start()
session_start (); should be before everything...first thing in the page. Ravi. On Wed, Dec 22, 2010 at 12:51 AM, web...@blaettner.com wrote: Hi, folks, On Tue, 21 Dec 2010 21:35:17 -0800 [06:35:17 AM CET], Michael Shadle mike...@gmail.com wrote: first - this is probably your culprit: don't output empty lines before you do anything (just a general good practice) Whow! This did the trick ! Warning vanished when I changed beginning of script to: 1 ?php session_start (); 2 I wasn't aware that the HTML comment and the following empty line are in fact written to output. But that's clear now :-) So I suppose my local PHP setup supressed this warning or is more compliant ... also i'd turn on output buffering. Since it worked without warning at 1st try, I haven't changed output buffering (yet). Mike, many thanks for Your PROMPT and HELPFUL answer! Have a nice day! Rolf -- Dipl.phys. Rudolf Otto Blättner, D 91074 Herzogenaurach, Germany. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] empty() in email message
Hello Gary,
Please research the difference between a single quote and a double quote.
Also, you can use the operator .=(dot + equal) in this manner:
if(!empty($_POST['fname'])) {
$msg .= $lname\n;
} else if(!empty($_POST['lname'])) {
$msg .= $lname\n;
}
On Tue, Dec 14, 2010 at 12:04 AM, Gary gp...@paulgdesigns.com wrote:
Daevid Vincent dae...@daevid.com wrote in message
news:7d7c84d94dd24035a620e68b5b937...@mascorp.com...
- Original message -
From: Gary gp...@paulgdesigns.com
To: php-general@lists.php.net php-general@lists.php.net
Date: Monday, December 13, 2010, 7:47:49 PM
Subject: [PHP] empty() in email message
I have an email message
$msg = 'Name: $fname ' . ' $lname\n'
. Phone: $phone\n
. Email: $email\n
and it works fine, however in this message there are about 30
variables that
are being called...as such
. Order: beefschnitzel $beefschnitzel\n
. Order: beefstrips $beefstrips\n
. Order: cheesesausage $cheesesausage\n
. Order: crumbedsausage $crumbedsausage\n
. Order: chucksteak $chucksteak\n
. Order: cornedbeef $cornedbeef\n
. Order: dicedsteak $dicedsteak\n
. Order: filletmignon $filletmignon\n
I want to only send the message if the submitter enters an
amount in the
form for the corresponding variable, instead of having a
bunch of empty
messages. So I have been trying to use the empty() function as such:
. if empty($beefolives){''} elseif (isset($beefolives)) {
'Order: beefolives
$beefolives\n'}
You are setting this up fundamentally wrong.
You should be using an array and looping through it.
Something like:
$myorder['cowface'] = 1;
$myorder['beefenweiner'] = 2;
$myorder['chucksteak'] = 1;
foreach ($myorder as $item = $quantity)
{
echo Order: $item x $quantity\n;
}
Then your array only contains the items someone actually puchased and how
many.
d
Daevid
I knew someone was going to point out this was a convoluted method, and I
agree. This was sent to me by someone that needed to make the mail form
work. My suggestion was to look into a pre-made shopping cart, however
that
was not going to work for them, so I made the mail() work for them.
I had thought about putting it into an array, but had not gotten that far
into it. I will look over the code to see how it works.
Thank you for your help.
gary
__ Information from ESET Smart Security, version of virus signature
database 5700 (20101213) __
The message was checked by ESET Smart Security.
http://www.eset.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Server response very poor again
On Dec 22, 2010, at 10:09 AM, Steve Staples wrote: On Wed, 2010-12-22 at 10:19 -0500, Al wrote: It was fixed about 3 or 4 weeks ago; but, has reverted to poor again. Many times outs etc. Took me 4 tries to post this. Al... Not trying to sound rude or prickish... but is it your ISP or connection to the intertubes? Or could it be an issue with your computer? I've never had any problems posting, or retrieving mail from this list, so I can't say/speak to a related issue. Steve I am with Steve. Well, what I mean is, on this topic I am in agreement with Steve. My connection, etc. seems to be quite responsive. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] accessing magic parent set
Hello,
$this only calls variables inside of a method. In your function, you are
calling a variable that was defined inside of your function called
$columnName. You should past the whole class. Not just the methods.
The pseudo-variable $this is available when a method is called from within
an object context. $this is a reference to the calling object (usually the
object to which the method belongs, but possibly another object, if the
method is called statically from the context of a secondary object). taken
from http://www.php.net/manual/en/language.oop5.basic.php
The parent keyword indicates that this is an extended class. You are
referring back to the master class.
Ravi.
On Wed, Dec 22, 2010 at 9:35 AM, Alexandru Patranescu dreal...@gmail.comwrote:
Is this the only way to access the magic __set from the parent class:
public function __set($columnName, $value)
{
if ($value !== $this-$columnName) {
parent::__set($columnName, $value);
}
}
I would have liked to work this way:
public function __set($columnName, $value)
{
if ($value !== $this-$columnName) {
parent::$columnName = $value;
}
}
And another question.
There is a self, a static and a parent
Why is it only $this and not a $parent too?
Re: [PHP] Server response very poor again
On Wed, Dec 22, 2010 at 10:19, Al n...@ridersite.org wrote: It was fixed about 3 or 4 weeks ago; but, has reverted to poor again. Many times outs etc. Took me 4 tries to post this. Al, are you using NNTP? -- /Daniel P. Brown Dedicated Servers, Cloud and Cloud Hybrid Solutions, VPS, Hosting (866-) 725-4321 http://www.parasane.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Server response very poor again
On Wed, Dec 22, 2010 at 12:17, Nicholas Kell n...@monkeyknight.com wrote: I am with Steve. Well, what I mean is, on this topic I am in agreement with Steve. My connection, etc. seems to be quite responsive. Oh, that's what you mean! Several of us were speaking about it the other day and thought you two were dating. -- /Daniel P. Brown Dedicated Servers, Cloud and Cloud Hybrid Solutions, VPS, Hosting (866-) 725-4321 http://www.parasane.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Warning when calling session_start()
On Wed, Dec 22, 2010 at 11:43, Ravi Gehlot r...@ravigehlot.net wrote: session_start (); should be before everything...first thing in the page. Unlike the body of your email, Ravi, which is why I've asked you before not to top-post. Please follow the formats as outlined in the list rules. -- /Daniel P. Brown Dedicated Servers, Cloud and Cloud Hybrid Solutions, VPS, Hosting (866-) 725-4321 http://www.parasane.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Stripslashes
What are these magic quotes anyways?. What are they used for? escaping? Regards, Ravi. On Tue, Nov 16, 2010 at 11:44 PM, Adam Richardson simples...@gmail.comwrote: On Tue, Nov 16, 2010 at 10:10 PM, Gary gp...@paulgdesigns.com wrote: I was doing a test of stripslashes on a $_POST, when I recieved the email, all of the slashes were still in the data posted. I used : $fname = stripslashes($_POST['fname']); I input G\\a//r\y\\, and was expecting, according to the manuel G\a//r*y\, but got the original spelling. In this case, you should get the original, if I'm understanding correctly. Think of it like a basic math problem: Step 1: Happens automatically when you submit the form and PHP receives the form variables input + slashes = slashed_input Step 2: This happens when you call stripslashes. slashed_input - slashes = input The goal of stripslashes is that it will undo what happened automatically using magic_quotes_gpc (which essentially calls addslashes on the GPC vars behind the scenes) so you'll end up with the original input. So, working through your example: 1. You inputted into a form G\\a//r\y\\ and submitted the form. 2. PHP received G\\a//r\y\\ and added slashes (Ga//r\\y). 3. You called stripslashes (G\\a//r\y\\). I added: echo stripslashes($fname); and did get the expected result on the page, but not in the email from the $_POST. Here, you called stripslashes on something already stripped once, so you now have a new value (G\a//ry\). I also tried $fname = (stripslashes($_POST['fname'])); This would be no different than your attempt without enclosing parentheses. Now, let me just say that I detest magic_quotes, and it's best to run with them disabled so you don't even have to worry about this kind of issue (they've been deprecated.) But, perhaps you were just trying to learn about some piece of legacy code. Hope the explanation helps, Gary. Adam -- Nephtali: PHP web framework that functions beautifully http://nephtaliproject.com
Re: [PHP] [SOLVED] Re: Upgraded system and now $_SERVER['SERVER_NAME'] is not more working
You probably have error_reporting turned on and that caught on errors. There are new tougher rules/requirements with newer PHP versions. Ravi.
Re: [PHP] Server response very poor again
On 12/22/2010 12:17 PM, Nicholas Kell wrote: On Dec 22, 2010, at 10:09 AM, Steve Staples wrote: On Wed, 2010-12-22 at 10:19 -0500, Al wrote: It was fixed about 3 or 4 weeks ago; but, has reverted to poor again. Many times outs etc. Took me 4 tries to post this. Al... Not trying to sound rude or prickish... but is it your ISP or connection to the intertubes? Or could it be an issue with your computer? I've never had any problems posting, or retrieving mail from this list, so I can't say/speak to a related issue. Steve I am with Steve. Well, what I mean is, on this topic I am in agreement with Steve. My connection, etc. seems to be quite responsive. I should have been more explicit. I meant to say the newsgroup access. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Server response very poor again
On Wed, Dec 22, 2010 at 12:39, Al n...@ridersite.org wrote: I should have been more explicit. I meant to say the newsgroup access. Okay, that's what I figured. I've been saying for months now that I'd set up an NNTP-only mirror, and keep getting sidetracked with other things. I'll try to focus on that after the holidays. -- /Daniel P. Brown Network Infrastructure Manager Documentation, Webmaster Teams http://www.php.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Server response very poor again
On Wed, 2010-12-22 at 12:49 -0500, Daniel P. Brown wrote: On Wed, Dec 22, 2010 at 12:17, Nicholas Kell n...@monkeyknight.com wrote: I am with Steve. Well, what I mean is, on this topic I am in agreement with Steve. My connection, etc. seems to be quite responsive. Oh, that's what you mean! Several of us were speaking about it the other day and thought you two were dating. -- /Daniel P. Brown Dedicated Servers, Cloud and Cloud Hybrid Solutions, VPS, Hosting (866-) 725-4321 http://www.parasane.net/ whoa... wait a sec there... i seem to recall this statement... ;) This seems to be the most likely, and considering how all messages are permanently and independently archived and propagate throughout the Internet, it might be a good reason not to go nuts in sending unrelated and unintelligible messages of this nature in the future. this could be one of those situations ;) so now the whole world knows... GREAT! this was supposed to be a secret. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Server response very poor again
On Wed, Dec 22, 2010 at 13:07, Steve Staples sstap...@mnsi.net wrote: whoa... wait a sec there... i seem to recall this statement... ;) This seems to be the most likely, and considering how all messages are permanently and independently archived and propagate throughout the Internet, it might be a good reason not to go nuts in sending unrelated and unintelligible messages of this nature in the future. this could be one of those situations ;) Yes, you're right but mine was intelligible. ;-P so now the whole world knows... GREAT! this was supposed to be a secret. As they say, 'tis the season to be jolly. It's up to each individual to determine just *how* jolly. -- /Daniel P. Brown Dedicated Servers, Cloud and Cloud Hybrid Solutions, VPS, Hosting (866-) 725-4321 http://www.parasane.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Server response very poor again
On Wed, Dec 22, 2010 at 1:13 PM, Daniel P. Brown daniel.br...@parasane.net wrote: On Wed, Dec 22, 2010 at 13:07, Steve Staples sstap...@mnsi.net wrote: whoa... wait a sec there... i seem to recall this statement... ;) This seems to be the most likely, and considering how all messages are permanently and independently archived and propagate throughout the Internet, it might be a good reason not to go nuts in sending unrelated and unintelligible messages of this nature in the future. this could be one of those situations ;) Yes, you're right but mine was intelligible. ;-P so now the whole world knows... GREAT! this was supposed to be a secret. As they say, 'tis the season to be jolly. It's up to each individual to determine just *how* jolly. -- /Daniel P. Brown Dedicated Servers, Cloud and Cloud Hybrid Solutions, VPS, Hosting (866-) 725-4321 http://www.parasane.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Geez, and it ins't even Friday yet! -- Bastien Cat, the other other white meat -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] accessing magic parent set
On Wed, Dec 22, 2010 at 6:35 AM, Alexandru Patranescu dreal...@gmail.comwrote: Is this the only way to access the magic __set from the parent class: parent::__set($columnName, $value); Other than referencing the parent class by name which is worse, yes. I would have liked to work this way: parent::$columnName = $value; The problem is that attributes are all attached to the object instance ($this). Only those that were defined by a class are associated with it. The parent::method construct is used only to locate the method overridden by the current method. There is a self, a static and a parent Why is it only $this and not a $parent too? I would guess the reasoning is that $this is a value (an object instance) whereas the others are not. David
RE: [PHP] Stripslashes
From: Ravi Gehlot
What are these magic quotes anyways?. What are they used for?
escaping?
I wasn't there at the time, but I gather that the general idea was to
automagically insert escape characters into data submitted from a form.
However, they used a backslash as the escape character, which is not
universally recognized across database engines. Even the SQL standard
defines an escape as a single quote character.
We used to have magic quotes enabled, and came up with the following
code to clean up the mess it caused.
// If magic quotes is on, we want to remove slashes
if (get_magic_quotes_gpc()) {
// Magic quotes is on
$response = stripslashes($_POST[$key]);
} else {
$response = $_POST[$key];
}
For future releases of PHP, this will also need a check to see if
get_magic_quotes_gpc() exists first.
Bob McConnell
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Stripslashes
On Wed, Dec 22, 2010 at 3:34 PM, Bob McConnell r...@cbord.com wrote:
From: Ravi Gehlot
What are these magic quotes anyways?. What are they used for?
escaping?
I wasn't there at the time, but I gather that the general idea was to
automagically insert escape characters into data submitted from a form.
However, they used a backslash as the escape character, which is not
universally recognized across database engines. Even the SQL standard
defines an escape as a single quote character.
We used to have magic quotes enabled, and came up with the following
code to clean up the mess it caused.
// If magic quotes is on, we want to remove slashes
if (get_magic_quotes_gpc()) {
// Magic quotes is on
$response = stripslashes($_POST[$key]);
} else {
$response = $_POST[$key];
}
For future releases of PHP, this will also need a check to see if
get_magic_quotes_gpc() exists first.
Bob McConnell
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Bob,
Thank you very much. This is good information. What I found out from
http://us2.php.net/manual/en/function.stripslashes.php was the following:
An example use of *stripslashes()* is when the PHP directive
magic_quotes_gpchttp://us2.php.net/manual/en/info.configuration.php#ini.magic-quotes-gpcis
*on* (it's on by default), and you aren't inserting this data into a place
(such as a database) that requires escaping. For example, if you're simply
outputting data straight from an HTML form.
So that means that stripslashes() isn't intended for DB insertions but only
straight output. So I will remove it from my code.
Thanks,
Ravi.
Re: [PHP] Stripslashes
stripslashes() is rife with gaping security holes. For mysql
insertion rely on mysql_real_escape_string() or alternatively, you can
use prepared statements.
For outputting data on the page you should ideally be using
htmlspecialchars($var, ENT_QUOTES);
cheers,
Russ
On Thu, Dec 23, 2010 at 6:48 AM, Ravi Gehlot r...@ravigehlot.net wrote:
On Wed, Dec 22, 2010 at 3:34 PM, Bob McConnell r...@cbord.com wrote:
From: Ravi Gehlot
What are these magic quotes anyways?. What are they used for?
escaping?
I wasn't there at the time, but I gather that the general idea was to
automagically insert escape characters into data submitted from a form.
However, they used a backslash as the escape character, which is not
universally recognized across database engines. Even the SQL standard
defines an escape as a single quote character.
We used to have magic quotes enabled, and came up with the following
code to clean up the mess it caused.
// If magic quotes is on, we want to remove slashes
if (get_magic_quotes_gpc()) {
// Magic quotes is on
$response = stripslashes($_POST[$key]);
} else {
$response = $_POST[$key];
}
For future releases of PHP, this will also need a check to see if
get_magic_quotes_gpc() exists first.
Bob McConnell
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Bob,
Thank you very much. This is good information. What I found out from
http://us2.php.net/manual/en/function.stripslashes.php was the following:
An example use of *stripslashes()* is when the PHP directive
magic_quotes_gpchttp://us2.php.net/manual/en/info.configuration.php#ini.magic-quotes-gpcis
*on* (it's on by default), and you aren't inserting this data into a place
(such as a database) that requires escaping. For example, if you're simply
outputting data straight from an HTML form.
So that means that stripslashes() isn't intended for DB insertions but only
straight output. So I will remove it from my code.
Thanks,
Ravi.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Stripslashes
On Wed, Dec 22, 2010 at 4:21 PM, Russell Dias rus...@gmail.com wrote:
stripslashes() is rife with gaping security holes. For mysql
insertion rely on mysql_real_escape_string() or alternatively, you can
use prepared statements.
For outputting data on the page you should ideally be using
htmlspecialchars($var, ENT_QUOTES);
cheers,
Russ
On Thu, Dec 23, 2010 at 6:48 AM, Ravi Gehlot r...@ravigehlot.net wrote:
On Wed, Dec 22, 2010 at 3:34 PM, Bob McConnell r...@cbord.com wrote:
From: Ravi Gehlot
What are these magic quotes anyways?. What are they used for?
escaping?
I wasn't there at the time, but I gather that the general idea was to
automagically insert escape characters into data submitted from a form.
However, they used a backslash as the escape character, which is not
universally recognized across database engines. Even the SQL standard
defines an escape as a single quote character.
We used to have magic quotes enabled, and came up with the following
code to clean up the mess it caused.
// If magic quotes is on, we want to remove slashes
if (get_magic_quotes_gpc()) {
// Magic quotes is on
$response = stripslashes($_POST[$key]);
} else {
$response = $_POST[$key];
}
For future releases of PHP, this will also need a check to see if
get_magic_quotes_gpc() exists first.
Bob McConnell
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Bob,
Thank you very much. This is good information. What I found out from
http://us2.php.net/manual/en/function.stripslashes.php was the
following:
An example use of *stripslashes()* is when the PHP directive
magic_quotes_gpc
http://us2.php.net/manual/en/info.configuration.php#ini.magic-quotes-gpc
is
*on* (it's on by default), and you aren't inserting this data into a
place
(such as a database) that requires escaping. For example, if you're
simply
outputting data straight from an HTML form.
So that means that stripslashes() isn't intended for DB insertions but
only
straight output. So I will remove it from my code.
Thanks,
Ravi.
Hello Russell,
When you use htmlspecialchars() it tries to escape single/double quotes with
a bunch of backslashes. I had stripslashes() in an attempt to try to get the
backslashes away but it didn't. So the solution was to disable magic quotes
in php.ini. With GoDaddy shared hosting, I had to rename php.ini over to
php5.ini in order to have this to work. Also had to include the command like
responsible for disabling magic quotes. Everything is good and clean now.
Now you type for example Hunter's Reserve Circle and it keeps it as it is.
Before it would print something like Hunter'///s Reserve Circle.
With double quote, the situation would be even worse.
mysql_real_escape_string() is a must in order to avoid SQL injections.
Regards,
Ravi.
Re: [PHP] MP3 Player and PHP
search PHP、LAME keyword. Best regards, Sharl.Jimh.Tsin (From China **Obviously Taiwan INCLUDED**) 2010/12/23 Richard Quadling rquadl...@gmail.com: On 22 December 2010 15:06, Don Wieland d...@dwdataconcepts.com wrote: Hello, Can someone recommend a web MP3 player? I need the following options: 1) Location and Duration of mp3 display (seconds) 2) The ability to pass a start and end parameter and play a part of the song 3) Loop parameter 4) Call to the player to grab the mp3 Location and set it to a field so i can insert it via PHP to mySQL 5) Work is most popular browsers Free would be nice but I am will to pay a bit if it offers everything I need. Any suggestions would be appreciated. Don -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php For playing MP3s (I have an alert system running in our call centre), I use SoundManager2. It's a JS library which allows me to play mp3 files. They are controlled by an AJAX orientated request to PHP which gathers the data and determines what alert needs to be played. Was first running on IE6. -- Richard Quadling Twitter : EE : Zend @RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
