Re: [PHP] multiple forms one page
On Mon, Aug 27, 2012 at 12:08 AM, Rosie Williams
wrote:
>
> Hi all,
> I am a newbie to PHP. I have several php forms which were originally on
> separate pages now included in the one page. Each form had the following code
> in it:
> function mysql_fix_string($string){ if (get_magic_quotes_gpc()) $string =
> stripslashes($string);return mysql_real_escape_string($string);}
> function mysql_entities_fix_string($string){return
> htmlentities(mysql_fix_string($string));}
> However I am only able to include it in one of the forms on the new page with
> multiple scripts due to the fatal error that I can only declare the function
> once.
You only have to declare the function(s) once, then you can use them
later in the page. You can also put code into files and then
dynamically include them in other files to make it easier to share
functionality.
> So for testing I have commented these lines out of the other scripts. I need
> to know what the security implications of > this are?
For security, the simple rule (at least in terms of statement of
intent, not necessarily in terms of implementation) is that you should
validate input and escape output according to context. Without seeing
more code, it's hard to tell what this means for your particular
example.
> Do the scripts that do not contain these lines run without it or is it
> included automatically every time the database is accessed regardless of
> which script is accessing it?
> If not how do I deal with it?
> thanks in advanceRosie
Hard to know from your example. There are some great resources
covering general PHP security practices that can help you get up to
speed a bit. Here's an oldie but goodie that might help shed some
light on some of the code you're seeing:
http://www.ibm.com/developerworks/opensource/library/os-php-secure-apps/index.html
Happy learning!
Adam
--
Nephtali: A simple, flexible, fast, and security-focused PHP framework
http://nephtaliproject.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] multiple forms one page
On Sun, Aug 26, 2012 at 11:08 PM, Rosie Williams
wrote:
>
> Hi all,
> I am a newbie to PHP. I have several php forms which were originally on
> separate pages now included in the one page. Each form had the following code
> in it:
> function mysql_fix_string($string){ if (get_magic_quotes_gpc()) $string =
> stripslashes($string);return mysql_real_escape_string($string);}
> function mysql_entities_fix_string($string){return
> htmlentities(mysql_fix_string($string));}
> However I am only able to include it in one of the forms on the new page with
> multiple scripts due to the fatal error that I can only declare the function
> once. So for testing I have commented these lines out of the other scripts. I
> need to know what the security implications of this are? Do the scripts that
> do not contain these lines run without it or is it included automatically
> every time the database is accessed regardless of which script is accessing
> it?
> If not how do I deal with it?
> thanks in advanceRosie
Hi, Rosie, welcome!
This is something you will likely encounter again, so it is good to
learn it now.
You can put the two functions into another php file, and include that
file in your main script using include_once or require_once (there is
a difference that you might want to read up on at some point). If you
include this before you start your form processing, the functions will
be available to you at the point you need them. You only need do this
once in the php script where you will be using them, so you can safely
delete all the other occurances of the function definitions.
The nice part is, really, that you can use that same include file in
other projects as you go along, saving retyping the code. This is
something that you may want to think about for other such functions as
well. Modularity and code reuse are one of the big ways to achieving
more efficiency in your work.
http://us.php.net/manual/en/function.include-once.php
http://us.php.net/manual/en/function.require-once.php
(cf. http://us.php.net/manual/en/function.require.php to learn how the
"require" differs from the "include")
Best of luck,
Tamara
aka tamouse__
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] multiple forms one page
Hi all,
I am a newbie to PHP. I have several php forms which were originally on
separate pages now included in the one page. Each form had the following code
in it:
function mysql_fix_string($string){ if (get_magic_quotes_gpc()) $string =
stripslashes($string);return mysql_real_escape_string($string);}
function mysql_entities_fix_string($string){return
htmlentities(mysql_fix_string($string));}
However I am only able to include it in one of the forms on the new page with
multiple scripts due to the fatal error that I can only declare the function
once. So for testing I have commented these lines out of the other scripts. I
need to know what the security implications of this are? Do the scripts that do
not contain these lines run without it or is it included automatically every
time the database is accessed regardless of which script is accessing it?
If not how do I deal with it?
thanks in advanceRosie
[PHP] What's the best way to make a dynamic plugin architecture?
Hi,
Envision the following plugin architecture:
class PluginLoader
{
}
interface PluginInterface
{
.. some function definitions ..
}
class PluginOne implements PluginInterface
{
}
class PluginTwo implements PluginInterface
{
}
The PluginLoader is loading the plugins.
The PluginInterface defines an interface which each plugin has to implement.
PluginOne and PluginTwo are plugins that implement the interface.
Each plugin (PluginOne and PluginTwo) are stored in their own folders.
So the folder structure would be somewhat like this:
|- Plugins
|- - PluginOne
|- - - PluginOne.php
|- - - other possible files
|- - PluginTwo
|- - - PluginTwo.php
|- - - other possible files
|- PluginLoader.php
|- PluginInterface.php
Now making this structure isn't an issue. I can do all of that just
fine. The place where i'm actually going to make a plugin instance is
where things get a little more complicated. The PluginLoader simply
reads all the dirs in the Plugins folder and tries to find a filename
with the same dir. So if it reads the dir Plugins/PluginOne it will
try to include the PHP file: Plugins/PluginOne/PluginOne.php. That's
fine and working.
To actually make a plugin instance i can do two things that i know of:
1. use eval like so: eval('$obj = new '.$pluginName.'();'); and
register it to the PluginLoader.
2. Let the plugin itself (so in this case PluginOne.php) open itself
and register it to the PluginLoader.
With the first option i have to do eval which i try to avoid if possible.
With the second solution the PluginLoader probably has to be a singlethon.
Now my question is: what is the right way of loading plugins like
this? Is there some other option then the two i described above? My
PHP limitations are the newest version so no limitation there :)
I'm kinda leaning towards the second option now since that seems to be
quite stable and not very error prone. The eval one is much easier to
break :p
Cheers,
Mark
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] syntax error breaking in and out of php into html code
On Sun, 2012-08-26 at 09:41 +0700, Duken Marga wrote:
> Can you tell us what is the error shown in browser or CLI?
>
> On Sun, Aug 26, 2012 at 5:54 AM, Ashley Sheridan
> wrote:
>
> > I've just inherited some (pretty awful code) that I have to make some
> > edits to, and came across a bit of a problem. A lot of the code breaks
> > in and out of PHP and into HTML code:
> >
> > > while(condition)
> > {
> > ?>
> > some html here
> > > }
> > ?>
> >
> > But when I check this my PHP parser is saying that this is a syntax
> > error (checked in the browser and CLI). I know this is code from a
> > working site, so it must be a setting within my PHP configuration.
> >
> > Now, I'm intending to re-write this anyway, as the logic is all over the
> > place (SQL queries within the HTML, no separation of code and content,
> > dozens of warnings all over the place) but I was wondering what setting
> > causes this. It's mostly a curiosity thing really, as this thing is
> > going to be re-written faster than an school project the eve before
> > hand-in.
> >
> > --
> > Thanks,
> > Ash
> > http://www.ashleysheridan.co.uk
> >
> >
> >
>
>
Well, it turns out that I'm just an idiot. I'd missed where a couple of
short tags had been used!
--
Thanks,
Ash
http://www.ashleysheridan.co.uk
Re: [PHP] syntax error breaking in and out of php into html code
On Sun, Aug 26, 2012 at 5:02 AM, Ashley Sheridan
wrote:
>
> On Sun, 2012-08-26 at 04:36 -0500, tamouse mailing lists wrote:
>
> On Sat, Aug 25, 2012 at 9:56 PM, Ashley Sheridan
> wrote:
> > On Sun, 2012-08-26 at 09:41 +0700, Duken Marga wrote:
> >
> >> Can you tell us what is the error shown in browser or CLI?
> >>
> >> On Sun, Aug 26, 2012 at 5:54 AM, Ashley Sheridan
> >> wrote:
> >>
> >> > I've just inherited some (pretty awful code) that I have to make some
> >> > edits to, and came across a bit of a problem. A lot of the code
> >> > breaks
> >> > in and out of PHP and into HTML code:
> >> >
> >> > >> > while(condition)
> >> > {
> >> > ?>
> >> > some html here
> >> > >> > }
> >> > ?>
> >> >
> >> > But when I check this my PHP parser is saying that this is a syntax
> >> > error (checked in the browser and CLI). I know this is code from a
> >> > working site, so it must be a setting within my PHP configuration.
> >> >
> >> > Now, I'm intending to re-write this anyway, as the logic is all over
> >> > the
> >> > place (SQL queries within the HTML, no separation of code and
> >> > content,
> >> > dozens of warnings all over the place) but I was wondering what
> >> > setting
> >> > causes this. It's mostly a curiosity thing really, as this thing is
> >> > going to be re-written faster than an school project the eve before
> >> > hand-in.
> >> >
> >> > --
> >> > Thanks,
> >> > Ash
> >> > http://www.ashleysheridan.co.uk
> >> >
> >> >
> >> >
> >>
> >>
> >
> >
> > Through the browser I get:
> >
> > Parse error: syntax error, unexpected $end
> > in /var/www/html/siteinquestion/index.php on line 356
> >
> > Through the CLI I get:
> >
> > PHP Parse error: syntax error, unexpected $end in index.php on line 356
> >
> > Parse error: syntax error, unexpected $end in index.php on line 356
> >
> > Errors parsing index.php
> >
> > I've narrowed it down to the lines that used the breaking in and out of
> > PHP style. As soon as I comment out those it runs fine, albeit without
> > the content that code was intended to add.
> >
> > --
> > Thanks,
> > Ash
> > http://www.ashleysheridan.co.uk
> >
> >
>
> I guess I would suspect errant spaces, or a missing closing tag, or
> even maybe a short code or something... very hard to say...
>
>
> None of the above. This is a working copy of code. It's just to do with
> these lines breaking in and out of PHP.
Byte encodings? Line endings? Sorry, I'm sure you've thought of all this..
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] syntax error breaking in and out of php into html code
On Sat, Aug 25, 2012 at 6:54 PM, Ashley Sheridan
wrote:
> I've just inherited some (pretty awful code) that I have to make some
> edits to, and came across a bit of a problem. A lot of the code breaks
> in and out of PHP and into HTML code:
>
> while(condition)
> {
> ?>
> some html here
> }
> ?>
>
> But when I check this my PHP parser is saying that this is a syntax
> error (checked in the browser and CLI). I know this is code from a
> working site, so it must be a setting within my PHP configuration.
>
> Now, I'm intending to re-write this anyway, as the logic is all over the
> place (SQL queries within the HTML, no separation of code and content,
> dozens of warnings all over the place) but I was wondering what setting
> causes this. It's mostly a curiosity thing really, as this thing is
> going to be re-written faster than an school project the eve before
> hand-in.
If it's not a violation of your arrangement with the owner of the
code, Ash, you can send it to me directly, off-list, and I'll take a
look at it. I'm curious to see what might be causing the syntax
errors between PHP deployments as well.
--
Network Infrastructure Manager
http://www.php.net/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] syntax error breaking in and out of php into html code
On Sun, 2012-08-26 at 09:21 -0300, Samuel Lopes Grigolato wrote: > Maybe you have a " allows short open tags? In production that setting could be disabled. > > > On Sun, Aug 26, 2012 at 9:20 AM, Ashley Sheridan > wrote: > > On Sun, 2012-08-26 at 11:02 +0100, Stuart Dallas wrote: > > > On 26 Aug 2012, at 03:56, Ashley Sheridan > wrote: > > > > > Through the browser I get: > > > > > > Parse error: syntax error, unexpected $end > > > in /var/www/html/siteinquestion/index.php on line 356 > > > > > > Through the CLI I get: > > > > > > PHP Parse error: syntax error, unexpected $end in > index.php on line 356 > > > > > > Parse error: syntax error, unexpected $end in index.php on > line 356 > > > > > > Errors parsing index.php > > > > > > I've narrowed it down to the lines that used the breaking > in and out of > > > PHP style. As soon as I comment out those it runs fine, > albeit without > > > the content that code was intended to add. > > > > > > Let me guess, line 356 is the last line of the file? That > error is only caused by mis-matched braces, so the code you > are deleting *must* contain either an errant opening brace or > be missing a closing brace. > > > > -Stuart > > > > -- > > Stuart Dallas > > 3ft9 Ltd > > http://3ft9.com/ > > > > > It is the last line of the file, but it's not caused by a > mismatched > brace. I've tested by deleting just the code in the section > where it > breaks out of PHP and it runs without errors. It's a very > weird issue, > because this is code that is currently working on another > server (which > I don't have access to to match my own setup) > > > -- > Thanks, > Ash > http://www.ashleysheridan.co.uk > > > > > I don't see any, but it could be something along those lines. I turn off short open tags on my machine, they cause more problems than they solve, but it's probable that this setting is enabled on the server. -- Thanks, Ash http://www.ashleysheridan.co.uk
Re: [PHP] syntax error breaking in and out of php into html code
Maybe you have a "wrote: > On Sun, 2012-08-26 at 11:02 +0100, Stuart Dallas wrote: > > > On 26 Aug 2012, at 03:56, Ashley Sheridan > wrote: > > > > > Through the browser I get: > > > > > > Parse error: syntax error, unexpected $end > > > in /var/www/html/siteinquestion/index.php on line 356 > > > > > > Through the CLI I get: > > > > > > PHP Parse error: syntax error, unexpected $end in index.php on line > 356 > > > > > > Parse error: syntax error, unexpected $end in index.php on line 356 > > > > > > Errors parsing index.php > > > > > > I've narrowed it down to the lines that used the breaking in and out of > > > PHP style. As soon as I comment out those it runs fine, albeit without > > > the content that code was intended to add. > > > > > > Let me guess, line 356 is the last line of the file? That error is only > caused by mis-matched braces, so the code you are deleting *must* contain > either an errant opening brace or be missing a closing brace. > > > > -Stuart > > > > -- > > Stuart Dallas > > 3ft9 Ltd > > http://3ft9.com/ > > > It is the last line of the file, but it's not caused by a mismatched > brace. I've tested by deleting just the code in the section where it > breaks out of PHP and it runs without errors. It's a very weird issue, > because this is code that is currently working on another server (which > I don't have access to to match my own setup) > > -- > Thanks, > Ash > http://www.ashleysheridan.co.uk > > >
Re: [PHP] syntax error breaking in and out of php into html code
On Sun, 2012-08-26 at 11:02 +0100, Stuart Dallas wrote: > On 26 Aug 2012, at 03:56, Ashley Sheridan wrote: > > > Through the browser I get: > > > > Parse error: syntax error, unexpected $end > > in /var/www/html/siteinquestion/index.php on line 356 > > > > Through the CLI I get: > > > > PHP Parse error: syntax error, unexpected $end in index.php on line 356 > > > > Parse error: syntax error, unexpected $end in index.php on line 356 > > > > Errors parsing index.php > > > > I've narrowed it down to the lines that used the breaking in and out of > > PHP style. As soon as I comment out those it runs fine, albeit without > > the content that code was intended to add. > > > Let me guess, line 356 is the last line of the file? That error is only > caused by mis-matched braces, so the code you are deleting *must* contain > either an errant opening brace or be missing a closing brace. > > -Stuart > > -- > Stuart Dallas > 3ft9 Ltd > http://3ft9.com/ It is the last line of the file, but it's not caused by a mismatched brace. I've tested by deleting just the code in the section where it breaks out of PHP and it runs without errors. It's a very weird issue, because this is code that is currently working on another server (which I don't have access to to match my own setup) -- Thanks, Ash http://www.ashleysheridan.co.uk
Re: [PHP] syntax error breaking in and out of php into html code
On 26 Aug 2012, at 03:56, Ashley Sheridan wrote: > Through the browser I get: > > Parse error: syntax error, unexpected $end > in /var/www/html/siteinquestion/index.php on line 356 > > Through the CLI I get: > > PHP Parse error: syntax error, unexpected $end in index.php on line 356 > > Parse error: syntax error, unexpected $end in index.php on line 356 > > Errors parsing index.php > > I've narrowed it down to the lines that used the breaking in and out of > PHP style. As soon as I comment out those it runs fine, albeit without > the content that code was intended to add. Let me guess, line 356 is the last line of the file? That error is only caused by mis-matched braces, so the code you are deleting *must* contain either an errant opening brace or be missing a closing brace. -Stuart -- Stuart Dallas 3ft9 Ltd http://3ft9.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] syntax error breaking in and out of php into html code
On Sun, 2012-08-26 at 04:36 -0500, tamouse mailing lists wrote:
> On Sat, Aug 25, 2012 at 9:56 PM, Ashley Sheridan
> wrote:
> > On Sun, 2012-08-26 at 09:41 +0700, Duken Marga wrote:
> >
> >> Can you tell us what is the error shown in browser or CLI?
> >>
> >> On Sun, Aug 26, 2012 at 5:54 AM, Ashley Sheridan
> >> wrote:
> >>
> >> > I've just inherited some (pretty awful code) that I have to make some
> >> > edits to, and came across a bit of a problem. A lot of the code breaks
> >> > in and out of PHP and into HTML code:
> >> >
> >> > >> > while(condition)
> >> > {
> >> > ?>
> >> > some html here
> >> > >> > }
> >> > ?>
> >> >
> >> > But when I check this my PHP parser is saying that this is a syntax
> >> > error (checked in the browser and CLI). I know this is code from a
> >> > working site, so it must be a setting within my PHP configuration.
> >> >
> >> > Now, I'm intending to re-write this anyway, as the logic is all over the
> >> > place (SQL queries within the HTML, no separation of code and content,
> >> > dozens of warnings all over the place) but I was wondering what setting
> >> > causes this. It's mostly a curiosity thing really, as this thing is
> >> > going to be re-written faster than an school project the eve before
> >> > hand-in.
> >> >
> >> > --
> >> > Thanks,
> >> > Ash
> >> > http://www.ashleysheridan.co.uk
> >> >
> >> >
> >> >
> >>
> >>
> >
> >
> > Through the browser I get:
> >
> > Parse error: syntax error, unexpected $end
> > in /var/www/html/siteinquestion/index.php on line 356
> >
> > Through the CLI I get:
> >
> > PHP Parse error: syntax error, unexpected $end in index.php on line 356
> >
> > Parse error: syntax error, unexpected $end in index.php on line 356
> >
> > Errors parsing index.php
> >
> > I've narrowed it down to the lines that used the breaking in and out of
> > PHP style. As soon as I comment out those it runs fine, albeit without
> > the content that code was intended to add.
> >
> > --
> > Thanks,
> > Ash
> > http://www.ashleysheridan.co.uk
> >
> >
>
> I guess I would suspect errant spaces, or a missing closing tag, or
> even maybe a short code or something... very hard to say...
>
None of the above. This is a working copy of code. It's just to do with
these lines breaking in and out of PHP.
--
Thanks,
Ash
http://www.ashleysheridan.co.uk
Re: [PHP] syntax error breaking in and out of php into html code
On Sat, Aug 25, 2012 at 9:56 PM, Ashley Sheridan
wrote:
> On Sun, 2012-08-26 at 09:41 +0700, Duken Marga wrote:
>
>> Can you tell us what is the error shown in browser or CLI?
>>
>> On Sun, Aug 26, 2012 at 5:54 AM, Ashley Sheridan
>> wrote:
>>
>> > I've just inherited some (pretty awful code) that I have to make some
>> > edits to, and came across a bit of a problem. A lot of the code breaks
>> > in and out of PHP and into HTML code:
>> >
>> > > > while(condition)
>> > {
>> > ?>
>> > some html here
>> > > > }
>> > ?>
>> >
>> > But when I check this my PHP parser is saying that this is a syntax
>> > error (checked in the browser and CLI). I know this is code from a
>> > working site, so it must be a setting within my PHP configuration.
>> >
>> > Now, I'm intending to re-write this anyway, as the logic is all over the
>> > place (SQL queries within the HTML, no separation of code and content,
>> > dozens of warnings all over the place) but I was wondering what setting
>> > causes this. It's mostly a curiosity thing really, as this thing is
>> > going to be re-written faster than an school project the eve before
>> > hand-in.
>> >
>> > --
>> > Thanks,
>> > Ash
>> > http://www.ashleysheridan.co.uk
>> >
>> >
>> >
>>
>>
>
>
> Through the browser I get:
>
> Parse error: syntax error, unexpected $end
> in /var/www/html/siteinquestion/index.php on line 356
>
> Through the CLI I get:
>
> PHP Parse error: syntax error, unexpected $end in index.php on line 356
>
> Parse error: syntax error, unexpected $end in index.php on line 356
>
> Errors parsing index.php
>
> I've narrowed it down to the lines that used the breaking in and out of
> PHP style. As soon as I comment out those it runs fine, albeit without
> the content that code was intended to add.
>
> --
> Thanks,
> Ash
> http://www.ashleysheridan.co.uk
>
>
I guess I would suspect errant spaces, or a missing closing tag, or
even maybe a short code or something... very hard to say...
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] UTC on php log bug
On Fri, Aug 24, 2012 at 8:48 PM, Martín Marqués wrote: > Whats up with this bug?: https://bugs.php.net/bug.php?id=60723 perhaps direct the query (such as it is) to php-development -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
