Re: [PHP] Re: [PHP-DEV] PHP 5.5.0 final has been released!
Awesome! On Thu, Jun 20, 2013 at 11:14 PM, Marco Pivetta ocram...@gmail.com wrote: Well done! Congratulations! On 20 Jun 2013 23:23, Julien Pauli jpa...@php.net wrote: Hello! The PHP Development Team would like to announce the immediate release of PHP 5.5.0. This release includes a large number of new features and bug fixes. A separate release announcement is also available. For changes in PHP 5.5.0 since PHP 5.4, please consult the PHP 5 ChangeLog. Release Announcement: http://www.php.net/release_5_5_0.php Downloads:http://www.php.net/downloads.php#v5.5 Changelog:http://www.php.net/ChangeLog-5.php#5.5.0 Thanks to all contributors that made this new version available. regards, David Soria Parra Julien Pauli
Re: [PHP] Accessing Files Outside the Web Root
Hello Dale, The spiders are not the only problem. The issue here is that anyone can download your files from your website and then make them available elsewhere. In order to address the problem, you should create a Members Restricted Area where members only could download your files. You can then make your PDF directory only visible through your Members Restricted Area. That directory would be invisible to the web. In some Linux distros, if the file/directory is not a member of www-data, it is not visible online. But you can still link the files to your PHP page. Ravi. On Wed, Mar 13, 2013 at 4:38 PM, Dale H. Cook radiot...@plymouthcolony.netwrote: Let me preface my question by noting that I am virtually a PHP novice. Although I am a long-time webmaster, and have used PHP for some years to give visitors access to information in my SQL database, this is my first attempt to use it for another purpose. I have browsed the mailing list archives and have searched online but have not yet succeeded in teaching myself how to do what I want to do. This need not provoke a lengthy discussion or involve extensive hand-holding - if someone can point to an appropriate code sample or online tutorial that might do the trick. I am the author of a number of PDF files that serve as genealogical reference works. My problem is that there are a number of sites which are posing as search engines and which display my PDF files in their entirety on their own sites. These pirate sites are not simply opening a window that displays my files as they appear on my site. They are using Google Docs to display copies of my files that are cached or stored elsewhere online. The proof of that is that I can modify one of my files and upload it to my site. The file, as seen on my site, immediately displays the modification. The same file, as displayed on the pirate sites, is unmodified and may remain unmodified for weeks. It is obvious that my files, which are stored under public_html, are being spidered and then stored or cached. This displeases me greatly. I want my files, some of which have cost an enormous amount of work over many years, to be available only on my site. Legitimate search engines, such as Google, may display a snippet, but they do not display the entire file - they link to my site so the visitor can get the file from me. A little study has indicated to me that if I store those files in a folder outside the web root and use PHP to provide access they will not be spidered. Writing a PHP script to provide access to the files in that folder is what I need help with. I have experimented with a number of code samples but have not been able to make things work. Could any of you point to code samples or tutorials that might help me? Remember that, aside from the code I have written to handle my SQL database I am a PHP novice. Dale H. Cook, Member, NEHGS and MA Society of Mayflower Descendants; Plymouth Co. MA Coordinator for the USGenWeb Project Administrator of http://plymouthcolony.net -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] [ad] [free+opensource] htmlMicroscope (nested array viewer/dumper) upgraded - now allows for even larger arrays
I like PHPUnit for that matter. It does a good job of debugging. Ravi. On Sat, Dec 22, 2012 at 8:41 AM, rene7705 rene7...@gmail.com wrote: Hi Folks. URL: http://fancywebapps.com/products/htmlMicroscope Just wanted to let you all know that I've completed a long overdue upgrade to my free htmlMicroscope web component. It is basically a fancy replacement for var_dump() which can show you the full depth of an array regardless of how large or deep your PHP array or javascript object is. I won't repeat the entire homepage content here, but I think this version could be useful for at least some of the programmers on this list. I'll only repeat this message for significant updates. This is a significant update because I've finally cracked the barrier of displaying an object with more than a few hundred key-value pairs on a single level. That used to crash all browsers, not anymore. i'll continue work on this, want to build in (in order of priority): - auto navigation options (auto smooth scroll to links within the data) - middle mouse button click - smooth offset scrolling - html source view - auto indented and colorcoded syntax-checked view for html + json Merry Christmas and a productive New Year to ya'll :D -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] static Logging class?
Hello Lars, I would apply the Singleton Pattern where you would have 1 instance for you entire application. As far as whether or not to use a static method, I would weigh the options. If you just want to call a method that you know will not have to be changed in the future and that method will not be using any pre-defined properties, then it makes sense to call a static method. Bear in mind that static methods can not be overridden. Best of luck, - [image: logo] *Ravi Gehlot * Mobile: 407-283-5282 Orlando, FL 32765-8085 http://www.RaviGehlot.Net/ https://github.com/ravigehlot *First, solve the problem. Then, write the code.* [image: Twitter] http://www.twitter.com/ravigehlot [image: LinkedIn]http://www.linkedin.com/in/ravigehlot [image: Amazon]https://www.amazon.com/gp/pdp/profile/A35NGY72YZSFR7?ie=UTF8ref_=ya_56 [image: Meetup] http://www.meetup.com/members/12029903/ [image: pinterest]http://pinterest.com/ravigehlot/ [image: reddit] http://www.reddit.com/user/ravigehlot/ Contact me: [image: Google Talk] ravigehlot [image: Skype] ravigehlot [image: Y! Messenger] ravigehlot On Sun, Mar 3, 2013 at 8:26 AM, Lars Nielsen l...@lfweb.dk wrote: Hi, I work on a little hobby-project, and i want to make a oo logging facility. (php5.3 oop) Is it best to make a class with static functions that i can call from my other classes? Or is it more appropriate to make a real logging-class i should instantiate every time i need to log something? (I just want to log to a file) Best regards Lars Nielsen -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] static Logging class?
Hello Larry, Thanks for sharing! - [image: logo] *Ravi Gehlot * Mobile: 407-283-5282 Orlando, FL 32765-8085 http://www.RaviGehlot.Net/ https://github.com/ravigehlot *First, solve the problem. Then, write the code.* [image: Twitter] http://www.twitter.com/ravigehlot [image: LinkedIn]http://www.linkedin.com/in/ravigehlot [image: Amazon]https://www.amazon.com/gp/pdp/profile/A35NGY72YZSFR7?ie=UTF8ref_=ya_56 [image: Meetup] http://www.meetup.com/members/12029903/ [image: pinterest]http://pinterest.com/ravigehlot/ [image: reddit] http://www.reddit.com/user/ravigehlot/ Contact me: [image: Google Talk] ravigehlot [image: Skype] ravigehlot [image: Y! Messenger] ravigehlot On Sun, Mar 3, 2013 at 1:48 PM, Larry Garfield la...@garfieldtech.comwrote: Make a real classed object that you pass to various objects that need it. Otherwise you make your life way harder for unit testing. Don't have a class that self-enforces that it's a singleton. That way lies pain. In particular, I recommend using or writing a class based on the PSR-3 recommendation: https://github.com/php-fig/**fig-standards/blob/master/** accepted/PSR-3-logger-**interface.mdhttps://github.com/php-fig/fig-standards/blob/master/accepted/PSR-3-logger-interface.md There's even stock code for the interface and some useful base classes available: https://packagist.org/**packages/psr/loghttps://packagist.org/packages/psr/log And for added fun, there are already publicly available open source libraries that implement PSR-3 that you can just drop in and use, such as: https://packagist.org/**packages/monolog/monologhttps://packagist.org/packages/monolog/monolog (If that's too heavy for you, writing your own PSR-3 compatible logger is dead-simple.) I'm sure you're about to say zOMG this is just a hobby project, I don't need something that fancy and all injected and shit! If it's a simple project, use a simple container to do all the hard work for you: https://packagist.org/**packages/pimple/pimplehttps://packagist.org/packages/pimple/pimple (That's 100 lines of executable code. Quite powerful, dead simple to use.) Cheers. --Larry Garfield, FIG member On 03/03/2013 07:26 AM, Lars Nielsen wrote: Hi, I work on a little hobby-project, and i want to make a oo logging facility. (php5.3 oop) Is it best to make a class with static functions that i can call from my other classes? Or is it more appropriate to make a real logging-class i should instantiate every time i need to log something? (I just want to log to a file) Best regards Lars Nielsen -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Introduction ... !
Hello Nick, Welcome to the list. I joined the list awhile back then unsubscribed for no apparent reason. This list was very active years ago. I came back about a few months ago just as a watcher. I didn't really post or participate at all. I guess, there are a lot of watchers only people here. They receive digest e-mails; they just don't participate in any way. Then, there are those who lost their jobs due to the recession and so they dropped off the list as well. There are a lot of developers unemployed. I would imagine that other developers didn't keep up with the changes. PHP has come a long way as far as Object Oriented Programming is concerned. There have been many discussions about Design Patterns and extending existing classes. So a lot has changed in the last 5 years. I do believe that the list will pick up again. Welcome back, Ravi. On Fri, Mar 1, 2013 at 10:57 AM, Nick Whiting prg...@gmail.com wrote: Hello PHP'ers! Just thought I would introduce myself to the mailing list since I've worked with PHP for almost 10 years now and yet haven't really been community active ... I've developed quite a few open-source projects over the years that I hope someone here will find as useful as I have ... they are all hosted on Github @prggmr. XPSPL - Signal Processor in PHP docpx - PHP Documentation Generator for Sphinx Again Hello Everyone! Cheers! -- Nickolas Whiting - prggmr.org - Remember to write less code that does more faster -
Re: [PHP] Re: Warning when calling session_start()
session_start (); should be before everything...first thing in the page. Ravi. On Wed, Dec 22, 2010 at 12:51 AM, web...@blaettner.com wrote: Hi, folks, On Tue, 21 Dec 2010 21:35:17 -0800 [06:35:17 AM CET], Michael Shadle mike...@gmail.com wrote: first - this is probably your culprit: don't output empty lines before you do anything (just a general good practice) Whow! This did the trick ! Warning vanished when I changed beginning of script to: 1 ?php session_start (); 2 I wasn't aware that the HTML comment and the following empty line are in fact written to output. But that's clear now :-) So I suppose my local PHP setup supressed this warning or is more compliant ... also i'd turn on output buffering. Since it worked without warning at 1st try, I haven't changed output buffering (yet). Mike, many thanks for Your PROMPT and HELPFUL answer! Have a nice day! Rolf -- Dipl.phys. Rudolf Otto Blättner, D 91074 Herzogenaurach, Germany. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] empty() in email message
Hello Gary,
Please research the difference between a single quote and a double quote.
Also, you can use the operator .=(dot + equal) in this manner:
if(!empty($_POST['fname'])) {
$msg .= $lname\n;
} else if(!empty($_POST['lname'])) {
$msg .= $lname\n;
}
On Tue, Dec 14, 2010 at 12:04 AM, Gary gp...@paulgdesigns.com wrote:
Daevid Vincent dae...@daevid.com wrote in message
news:7d7c84d94dd24035a620e68b5b937...@mascorp.com...
- Original message -
From: Gary gp...@paulgdesigns.com
To: php-general@lists.php.net php-general@lists.php.net
Date: Monday, December 13, 2010, 7:47:49 PM
Subject: [PHP] empty() in email message
I have an email message
$msg = 'Name: $fname ' . ' $lname\n'
. Phone: $phone\n
. Email: $email\n
and it works fine, however in this message there are about 30
variables that
are being called...as such
. Order: beefschnitzel $beefschnitzel\n
. Order: beefstrips $beefstrips\n
. Order: cheesesausage $cheesesausage\n
. Order: crumbedsausage $crumbedsausage\n
. Order: chucksteak $chucksteak\n
. Order: cornedbeef $cornedbeef\n
. Order: dicedsteak $dicedsteak\n
. Order: filletmignon $filletmignon\n
I want to only send the message if the submitter enters an
amount in the
form for the corresponding variable, instead of having a
bunch of empty
messages. So I have been trying to use the empty() function as such:
. if empty($beefolives){''} elseif (isset($beefolives)) {
'Order: beefolives
$beefolives\n'}
You are setting this up fundamentally wrong.
You should be using an array and looping through it.
Something like:
$myorder['cowface'] = 1;
$myorder['beefenweiner'] = 2;
$myorder['chucksteak'] = 1;
foreach ($myorder as $item = $quantity)
{
echo Order: $item x $quantity\n;
}
Then your array only contains the items someone actually puchased and how
many.
d
Daevid
I knew someone was going to point out this was a convoluted method, and I
agree. This was sent to me by someone that needed to make the mail form
work. My suggestion was to look into a pre-made shopping cart, however
that
was not going to work for them, so I made the mail() work for them.
I had thought about putting it into an array, but had not gotten that far
into it. I will look over the code to see how it works.
Thank you for your help.
gary
__ Information from ESET Smart Security, version of virus signature
database 5700 (20101213) __
The message was checked by ESET Smart Security.
http://www.eset.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] accessing magic parent set
Hello,
$this only calls variables inside of a method. In your function, you are
calling a variable that was defined inside of your function called
$columnName. You should past the whole class. Not just the methods.
The pseudo-variable $this is available when a method is called from within
an object context. $this is a reference to the calling object (usually the
object to which the method belongs, but possibly another object, if the
method is called statically from the context of a secondary object). taken
from http://www.php.net/manual/en/language.oop5.basic.php
The parent keyword indicates that this is an extended class. You are
referring back to the master class.
Ravi.
On Wed, Dec 22, 2010 at 9:35 AM, Alexandru Patranescu dreal...@gmail.comwrote:
Is this the only way to access the magic __set from the parent class:
public function __set($columnName, $value)
{
if ($value !== $this-$columnName) {
parent::__set($columnName, $value);
}
}
I would have liked to work this way:
public function __set($columnName, $value)
{
if ($value !== $this-$columnName) {
parent::$columnName = $value;
}
}
And another question.
There is a self, a static and a parent
Why is it only $this and not a $parent too?
Re: [PHP] Stripslashes
What are these magic quotes anyways?. What are they used for? escaping? Regards, Ravi. On Tue, Nov 16, 2010 at 11:44 PM, Adam Richardson simples...@gmail.comwrote: On Tue, Nov 16, 2010 at 10:10 PM, Gary gp...@paulgdesigns.com wrote: I was doing a test of stripslashes on a $_POST, when I recieved the email, all of the slashes were still in the data posted. I used : $fname = stripslashes($_POST['fname']); I input G\\a//r\y\\, and was expecting, according to the manuel G\a//r*y\, but got the original spelling. In this case, you should get the original, if I'm understanding correctly. Think of it like a basic math problem: Step 1: Happens automatically when you submit the form and PHP receives the form variables input + slashes = slashed_input Step 2: This happens when you call stripslashes. slashed_input - slashes = input The goal of stripslashes is that it will undo what happened automatically using magic_quotes_gpc (which essentially calls addslashes on the GPC vars behind the scenes) so you'll end up with the original input. So, working through your example: 1. You inputted into a form G\\a//r\y\\ and submitted the form. 2. PHP received G\\a//r\y\\ and added slashes (Ga//r\\y). 3. You called stripslashes (G\\a//r\y\\). I added: echo stripslashes($fname); and did get the expected result on the page, but not in the email from the $_POST. Here, you called stripslashes on something already stripped once, so you now have a new value (G\a//ry\). I also tried $fname = (stripslashes($_POST['fname'])); This would be no different than your attempt without enclosing parentheses. Now, let me just say that I detest magic_quotes, and it's best to run with them disabled so you don't even have to worry about this kind of issue (they've been deprecated.) But, perhaps you were just trying to learn about some piece of legacy code. Hope the explanation helps, Gary. Adam -- Nephtali: PHP web framework that functions beautifully http://nephtaliproject.com
Re: [PHP] [SOLVED] Re: Upgraded system and now $_SERVER['SERVER_NAME'] is not more working
You probably have error_reporting turned on and that caught on errors. There are new tougher rules/requirements with newer PHP versions. Ravi.
Re: [PHP] Stripslashes
On Wed, Dec 22, 2010 at 3:34 PM, Bob McConnell r...@cbord.com wrote:
From: Ravi Gehlot
What are these magic quotes anyways?. What are they used for?
escaping?
I wasn't there at the time, but I gather that the general idea was to
automagically insert escape characters into data submitted from a form.
However, they used a backslash as the escape character, which is not
universally recognized across database engines. Even the SQL standard
defines an escape as a single quote character.
We used to have magic quotes enabled, and came up with the following
code to clean up the mess it caused.
// If magic quotes is on, we want to remove slashes
if (get_magic_quotes_gpc()) {
// Magic quotes is on
$response = stripslashes($_POST[$key]);
} else {
$response = $_POST[$key];
}
For future releases of PHP, this will also need a check to see if
get_magic_quotes_gpc() exists first.
Bob McConnell
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Bob,
Thank you very much. This is good information. What I found out from
http://us2.php.net/manual/en/function.stripslashes.php was the following:
An example use of *stripslashes()* is when the PHP directive
magic_quotes_gpchttp://us2.php.net/manual/en/info.configuration.php#ini.magic-quotes-gpcis
*on* (it's on by default), and you aren't inserting this data into a place
(such as a database) that requires escaping. For example, if you're simply
outputting data straight from an HTML form.
So that means that stripslashes() isn't intended for DB insertions but only
straight output. So I will remove it from my code.
Thanks,
Ravi.
Re: [PHP] Stripslashes
On Wed, Dec 22, 2010 at 4:21 PM, Russell Dias rus...@gmail.com wrote:
stripslashes() is rife with gaping security holes. For mysql
insertion rely on mysql_real_escape_string() or alternatively, you can
use prepared statements.
For outputting data on the page you should ideally be using
htmlspecialchars($var, ENT_QUOTES);
cheers,
Russ
On Thu, Dec 23, 2010 at 6:48 AM, Ravi Gehlot r...@ravigehlot.net wrote:
On Wed, Dec 22, 2010 at 3:34 PM, Bob McConnell r...@cbord.com wrote:
From: Ravi Gehlot
What are these magic quotes anyways?. What are they used for?
escaping?
I wasn't there at the time, but I gather that the general idea was to
automagically insert escape characters into data submitted from a form.
However, they used a backslash as the escape character, which is not
universally recognized across database engines. Even the SQL standard
defines an escape as a single quote character.
We used to have magic quotes enabled, and came up with the following
code to clean up the mess it caused.
// If magic quotes is on, we want to remove slashes
if (get_magic_quotes_gpc()) {
// Magic quotes is on
$response = stripslashes($_POST[$key]);
} else {
$response = $_POST[$key];
}
For future releases of PHP, this will also need a check to see if
get_magic_quotes_gpc() exists first.
Bob McConnell
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Bob,
Thank you very much. This is good information. What I found out from
http://us2.php.net/manual/en/function.stripslashes.php was the
following:
An example use of *stripslashes()* is when the PHP directive
magic_quotes_gpc
http://us2.php.net/manual/en/info.configuration.php#ini.magic-quotes-gpc
is
*on* (it's on by default), and you aren't inserting this data into a
place
(such as a database) that requires escaping. For example, if you're
simply
outputting data straight from an HTML form.
So that means that stripslashes() isn't intended for DB insertions but
only
straight output. So I will remove it from my code.
Thanks,
Ravi.
Hello Russell,
When you use htmlspecialchars() it tries to escape single/double quotes with
a bunch of backslashes. I had stripslashes() in an attempt to try to get the
backslashes away but it didn't. So the solution was to disable magic quotes
in php.ini. With GoDaddy shared hosting, I had to rename php.ini over to
php5.ini in order to have this to work. Also had to include the command like
responsible for disabling magic quotes. Everything is good and clean now.
Now you type for example Hunter's Reserve Circle and it keeps it as it is.
Before it would print something like Hunter'///s Reserve Circle.
With double quote, the situation would be even worse.
mysql_real_escape_string() is a must in order to avoid SQL injections.
Regards,
Ravi.
Re: [PHP] Problem with Include
If something is working and you don't know exactly whats under the hood then you are wasting your time in trying to re-invent your own wheel and waste your time and resources to modify something that isn't needed to be touched. Good programmers make good use of their time as well. We need to keep in check with new technology, learn new trends and also master our weakness. If we keep changing this or that or moving that or this then oh well...there goes 1 day worth of work to figure stuff out. Just my take on this. If you think different, then no problems. Regards, Ravi. On Tue, Dec 21, 2010 at 10:23 AM, Paul M Foster pa...@quillandmouse.comwrote: On Tue, Dec 21, 2010 at 02:35:33AM -0500, David Hutto wrote: On Tue, Dec 21, 2010 at 2:29 AM, Ravi Gehlot r...@ravigehlot.net wrote: Why mess with something that is already working? If you are trying to make it pretty then you are not solving a problem. You are creating one. Define working. I've had programs 'work', but more experienced would say it's flawed in some respect. Does it perform the immediate task? Now define pretty. Is it aesthetically pleasing to you, or to someone else with less, or maybe more experience. By defining the two above, you then define whether it's a problem. To you, or to them, or to the original designer? Beware of more experienced programmers. I recently talked to an ex-boss of mine who had a programmer flake out on him. One of his customers threatened to take this flaky code to another company and get their opinion about whether it was good code or not. My ex-boss explained that, of course, they'd shoot it down. Because that's what programmers do-- they complain about other programmers' code. I'd never heard that idea expressed aloud. But when I thought about it, I realized it was true. Hell, look at the content of this list. ;-} Paul -- Paul M. Foster -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Common session for all subdomains?
Daniel, Good info. Ravi. On Tue, Dec 21, 2010 at 10:23 AM, Daniel Brown danbr...@php.net wrote: On Tue, Dec 21, 2010 at 02:27, Ravi Gehlot r...@ravigehlot.net wrote: That's a good question. There should be a setting on php.ini to allow cross session. Right. Because who needs to teach folks about computer security when we can just disable it for them anyway? Like Jonathan pointed out, it's a matter of adjusting the cookie parameters to match wildcard subdomains by preceding the part of the domain (usually the SLD, but some ccTLD or FQDN situations can be different) with a dot, like so:.example.com -- /Daniel P. Brown Network Infrastructure Manager Documentation, Webmaster Teams http://www.php.net/
Re: [PHP] Re: Session problem
Walter, Session variables may be using cookies which in turn create temp files for storing such cookies. Ravi. On Tue, Dec 21, 2010 at 11:32 AM, Walter Caielli walter.caie...@ars21.netwrote: I've fixed the problem. I don't know why, but suddenly windows prevents PHP from writing into C:\windows\temp directory. Moving the session and log files to another directory solved the problem. Until few days ago it worked. I've now to discovered what was changed in windows configuration. Walter Caielli walter.caie...@ars21.net ha scritto nel messaggio news:bd.40.31041.b7a60...@pb1.pair.com... I'm facing the following basic problem: I have made two simple sample files to explain it: 1st file: ?php session_start(); $_SESSION['SS_user'] = user000; echo $_SESSION['SS_user']; echo SID; echo br.session_id(); echo 'br /a href=home.phppage 1/a'; ? 2nd file ?php session_start(); echo file Homebr; echo session_name().'+'.session_id(); echo $_SESSION['SS_user']; ? $_SESSION seems to be empty. Nothing is print. Session Name and session ID are the same but it seems that $_SESSION is not shared across the two files. No HTML is made before sessioni_start(). Why? I'm using PHP 5.3.4 on IIS, windows XP SP3. Tested as localhost or from another PC inside a LAN. Many thanks Walter -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Problem with Include
Hello, Good points. If you are getting paid to do that then fine. There is a difference between enhancing code and wasting time. I do my best to come up with the best I can. I always take notes to perform better in upcoming projects. It is imperative to make good use of time. Unless it is a security issue, no need to waste time. Again, if you are getting paid for it then fine. People tune cars for a reason, they want the attention or the thrill. If you want to tune your code for fun then nobody is against that either :) Ravi. On Tue, Dec 21, 2010 at 1:28 PM, a...@ashleysheridan.co.uk a...@ashleysheridan.co.uk wrote: (Apologies for top posting; on my mobile just now.) Not true. Refactoring code is one of the main tasks of a developer. None of us produce perfect code, and some code is less perfect than other code. It's instinct to want to fix bad code when we're maintaining it or having to add new features to it. For the same reason car enthusiasts tinker with and tune their cars, good developers will do the same with code, be it in the form of consolidating common code to include files or other ways. To not do so seems to me to avoid ones nature really! Thanks, Ash http://www.ashleysheridan.co.uk - Reply message - From: Ravi Gehlot r...@ravigehlot.net Date: Tue, Dec 21, 2010 18:12 Subject: [PHP] Problem with Include To: Paul M Foster pa...@quillandmouse.com Cc: php-general@lists.php.net If something is working and you don't know exactly whats under the hood then you are wasting your time in trying to re-invent your own wheel and waste your time and resources to modify something that isn't needed to be touched. Good programmers make good use of their time as well. We need to keep in check with new technology, learn new trends and also master our weakness. If we keep changing this or that or moving that or this then oh well...there goes 1 day worth of work to figure stuff out. Just my take on this. If you think different, then no problems. Regards, Ravi. On Tue, Dec 21, 2010 at 10:23 AM, Paul M Foster pa...@quillandmouse.com wrote: On Tue, Dec 21, 2010 at 02:35:33AM -0500, David Hutto wrote: On Tue, Dec 21, 2010 at 2:29 AM, Ravi Gehlot r...@ravigehlot.net wrote: Why mess with something that is already working? If you are trying to make it pretty then you are not solving a problem. You are creating one. Define working. I've had programs 'work', but more experienced would say it's flawed in some respect. Does it perform the immediate task? Now define pretty. Is it aesthetically pleasing to you, or to someone else with less, or maybe more experience. By defining the two above, you then define whether it's a problem. To you, or to them, or to the original designer? Beware of more experienced programmers. I recently talked to an ex-boss of mine who had a programmer flake out on him. One of his customers threatened to take this flaky code to another company and get their opinion about whether it was good code or not. My ex-boss explained that, of course, they'd shoot it down. Because that's what programmers do-- they complain about other programmers' code. I'd never heard that idea expressed aloud. But when I thought about it, I realized it was true. Hell, look at the content of this list. ;-} Paul -- Paul M. Foster -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PDO Prepared Statements and stripslashes
Hello, The plug-in PDO has nothing to do with the backslashes being inserted into the database. The backslashes are used to escape characters like in D's...it would show D's. That's the safe behavior of it. You can change your programming code to fix that. Ravi. On Tue, Dec 21, 2010 at 12:59 AM, Rico Secada coolz...@it.dk wrote: On Tue, 21 Dec 2010 00:32:19 -0500 Paul M Foster pa...@quillandmouse.com wrote: On Tue, Dec 21, 2010 at 05:31:15AM +0100, Rico Secada wrote: Hi. In an article about SQL Injection by Chris Shiflett he mentions the following in a comment: The process of escaping should preserve data, so it should never be necessary to reverse it. When I'm auditing an application, things like stripslashes() alert me to design problems. Now, I'm always using PHP PDO with prepared statements and as such data with quotes gets slashed automatically by PDO when inserted into the database. Just out of idle curiosity, are you using MySQL? PDO shouldn't be backslashing quotes for PostgreSQL, as the PostgreSQL convention for values containing single quotes is to double the quotes, as: ''. Currently I'm working with MySQL, but I have just tested PDO with PostgreSQL 8.3 and in this case PDO backslashes PostgreSQL as well. When I need to pull out the data something might be slashed and I need to use stripslashes() or some str_replace() to make sure that the slashes are removed. So what's the mistake here and what's the correct way to do it? I don't see a mistake. If the values come out of the database backslashed, then you need to remove them to work with the data. My only question would be whether you're sure the data is backslashed before PDO ever sees it. In which case, yes, you have a problem. No, the data is not slashed before PDO sees them. I didn't see a mistake either, but then what does Chris mean? Stripping slashes from output from the DB alerts him to a design problem, and I'm just wondering if there another way of doing things I just haven't heard of then. Paul -- Paul M. Foster -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Common session for all subdomains?
That's a good question. There should be a setting on php.ini to allow cross session. Ravi. On Mon, Dec 20, 2010 at 7:05 PM, Jonathan Tapicer tapi...@gmail.com wrote: Hi! You should use the function session_set_cookie_params to set the session cookie domain to .oire.org like this comment explains: php.net/manual/en/function.session-set-cookie-params.php#94961 Regards, Jonathan On Mon, Dec 20, 2010 at 7:18 PM, Andre Polykanine an...@oire.org wrote: Hello php-general, I've got a question: I have a site http://oire.org/. Then we started developing some applications at http://apps.oire.org/. How can I manage it in the way so the session valid at http://oire.org/ would be also valid at http://apps.oire.org/? Thanks! -- With best regards from Ukraine, Andre Skype: Francophile Twitter: http://twitter.com/m_elensule Facebook: http://facebook.com/menelion -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Problem with Include
Why mess with something that is already working? If you are trying to make it pretty then you are not solving a problem. You are creating one. Ravi. On Mon, Dec 20, 2010 at 7:40 AM, Daniel P. Brown daniel.br...@parasane.netwrote: On Mon, Dec 20, 2010 at 02:49, Simcha Younger sim...@syounger.com wrote: Since it is being included by PHP, and not served by Apache, the extension is not important. Correct, but keep in mind that it will likely be served as plain text if accessed directly, if the web server is not properly configured (which, by default, it isn't). -- /Daniel P. Brown Dedicated Servers, Cloud and Cloud Hybrid Solutions, VPS, Hosting (866-) 725-4321 http://www.parasane.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] All records not displaying...
I would say enabled error_reporting(E_ALL); error_reporting(-1);
Then use die(mysql_error()); with your mysql function to get some debugging
data.
Also use var_dump($query_name) to find out what is spits out.
Debugging is your best friend here. If you don't use die() or
error_reporting() then you will see a blank screen.
Ravi.
On Sun, Dec 19, 2010 at 9:01 PM, Gary gp...@paulgdesigns.com wrote:
Tamara Temple tamouse.li...@gmail.com wrote in message
news:c6993909-dd90-4f52-bf6b-ab888c281...@gmail.com...
On Dec 19, 2010, at 9:46 AM, Gary wrote:
I have an issue that the first record in a query is not being
displayed.
It
seems that the first row in alphabetical order is not being brought to
the
screen.
I have run the query in the DB and it displays the correct result, so
it
has
to be in the php.
I have a MySQL DB that lists beers. I have a column for 'type' of beer
(imported, domestic, craft, light). The queries:
$result = MySQL_query(SELECT * FROM beer WHERE type = 'imported' AND
stock
= 'YES' ORDER by beername );
When I run the query
if (mysql_num_rows($result) == !'0') {
$row = mysql_fetch_array($result);
echo 'h3Imported Beers/h3';
echo 'table width=100% border=0 cellspacing=1 cellpadding=1
id=tableone summary=
thBeer/th
thMaker/th
thType/th
thSingles/th
th6-Packs/th
thCans/th
thBottles/th
thDraft/th
thSize/th
thDescription/th';
while ($row = mysql_fetch_array($result)) {
echo 'tr td' . $row['beername'].'/td';
echo 'td' . $row['manu'] . '/td';
echo 'td' . $row['type'] . '/td';
echo 'td width=40' . $row['singles'] . '/td';
echo 'td width=20' . $row['six'] . '/td';
echo 'td width=40' . $row['can'] . '/td';
echo 'td width=20' . $row['bottles'] . '/td';
echo 'td width=40' . $row['tap'] . '/td';
echo 'td' . $row['size'] . '/td';
echo 'td' . $row['descrip'] . '/td';
'/tr';
}
echo '/tablebr /';
}
All but the first row in alphabetical order are displayed properly.
Can anyone tell me where I am going wrong?
--
Gary
BTW, I do have a bonus question that is about javascript in this same
file,
so if anyone want to take a stab at that, I'll be happy to post it.
This code will totally eliminate the first row of data.
if (mysql_num_rows($result) == !'0') {
$row = mysql_fetch_array($result);
Fetches the first row, but is not output. Because:
while ($row = mysql_fetch_array($result)) {
Fetches the second row before you do any output of the data.
Eliminate the first fetch_array and you're code should work fine.
BTW, if you put the td attributes 'width=n' in the preceding th
tags, you won't have to output them for each row. You should also put
the
units those numbers are associated with.
Tamara
Thank you for your help and thank you for the explaination. I removed the
line and it works fine. I dont remember where or why I had that line in
there, it is code that I have recycled for a while now.
Gary
__ Information from ESET Smart Security, version of virus signature
database 5716 (20101219) __
The message was checked by ESET Smart Security.
http://www.eset.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] array question
Jim Lucas has it. You can use the preg_match function to find it. I would
use regexp for that reason. regexp is good for making sure things are typed
the way they need to (mostly used for).
Ravi.
On Sat, Dec 18, 2010 at 5:17 PM, Jim Lucas li...@cmsws.com wrote:
On 12/17/2010 12:52 PM, Sorin Buturugeanu wrote:
Hello all!
I have a question regarding arrays and the way I can use a value.
Let's say I have this string:
$s = 'banana,apple,mellon,grape,nut,orange'
I want to explode it, and get the third value. For this I would normally
do:
$a = explode(',', $s);
echo $s[2];
That's all fine, but is there a way to get the value directly, without
having to write another line in my script. I mean something like this:
echo explode(',', $s)[2];
or
echo {explode(',', $s)}[2];
I couldn't find out this answer anywhere, that's why I posted here.
Cheers and thanks!
Sure it CAN be done. Nobody laugh too loud here... But...
?php
$s = 'banana,apple,mellon,grape,nut,orange';
echo preg_replace('/([^,]+,){3}([^,]+).*/', '$2', $s);
?
Outputs: grape
The {3} part is equivalent to the array position. Change that number, and
you change which word will get displayed.
Jim Lucas
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHPInfo disabled due to security
Hello there, If you have a small to medium size web site then go to GoDaddy. Do not believe all that you see from php_info(). I will give you an example. The memory_limit it gives on shared hosting does not reflect the one intended for your shared account. It shows what was set for overall use. But blocking php_info() isn't right (at least I don't think so). Ravi. On Fri, Dec 17, 2010 at 10:25 AM, Daniel Brown danbr...@php.net wrote: On Thu, Dec 16, 2010 at 23:39, Paul S pau...@roadrunner.com wrote: Well, I was hoping for stronger arguments to get that DONE. I would think there be something in the PHP license that would FORBID disabling functionality. Really? You would really think that? Because we wouldn't. After all, 'phpinfo' is essential, really, to achieving secure applications, isn't it? No. Writing good code is essential. -- /Daniel P. Brown Network Infrastructure Manager Documentation, Webmaster Teams http://www.php.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Error Querying Database
Trying to connect to the database can involve setting up your database. Make
sure that you have a valid login/password that is recognized by MySQL.
Please keep in mind that MySQL works on permission by hosts. So your host IP
must be matched with the username/password on the database for a successful
authentication. One way to know that you can connect successfully to your
remote database is to actually test it. Download MySQL Workbench from
Mysql.com and then try to connect to remote from the same host that your php
application is sitting at. If it works, thumbs up. If it does not then you
have a permission issue there. Add your username/host appropriately.
If you can connect without a hitch then you are doing something wrong on
your code. Use mysql_connect(), mysql_select_db() and then send an statement
and use the resource to see if it returns TRUE or FALSE. At this point, on
FALSE it means that you have a bad written statement.
There is so much that can go wrong. Debug step by step.
Ravi.
On Thu, Dec 16, 2010 at 9:26 PM, Phred White phpl...@planetphred.comwrote:
It seems like there are several questions emerging, but ...
Try echoing your query to the page by putting echo $query in your code
before you call mysql, then copy it and run it in phpmyadmin. If it runs
then you know your problem is somewhere else like the connection. This can
really help you find typos that can cause mysterious results.
If you want to use the same page to process the form (my preference) then
put a hidden field in your form like:
input type=hidden name=phpaction id=phpaction value=process /
and wrap the form processing code like so:
if (isset($_POST['phpaction'])) {
//process submitted form data
} else {
//processing for initial form entry
}
When the form is initially loaded it will ignore the first part
There are a 1000 ways to do this, but this is pretty straightforward.
On Dec 15, 2010, at 1:34 PM, Gary wrote:
Steve Staples sstap...@mnsi.net wrote in message
news:1292440837.5460.8.ca...@webdev01...
On Wed, 2010-12-15 at 13:42 -0500, Gary wrote:
I cant seem to get this to connect. This is to my local testing
server,
which is on, so we need not worry that I have posted the UN/PW.
This is a duplicate of a script I have used countless times and it
worked.
The error message is 'Error querying database.'
Some one point out the error of my ways?
Gary
form action=?php echo $_SERVER[PHP_SELF]; ? method=post
tr
td
labelName of Beer/label/tdtdinput name=beername type=text
/
/td
/tr
tr
td
labelMaker of Beer/label/tdtdinput name=manu type=text /
/td
/tr
tr
td
labelType of Beer/label/td
tdselect name=type size=1 id=type
optionImported/option
optionDomestic/option
optionCraft/option
optionLight/option
/select
!--select name=avail size=1 id=avail
optionAvailable/option
optionSold/option
/select--
/td
/tr
tr
tdlabelSold in/label
/tdtdinput type=checkbox name=singles value=Yes /
Singlesbr
/
input type=checkbox name=six value=Yes / Six Packs br /
input type=checkbox name=can value=Yes / Cansbr /
input type=checkbox name=bottles value=Yes / Bottles br /
input type=checkbox name=tap value=Yes / Draft br /
tr
td
labelSize/label/tdtdinput name=size type=text /
/td/tr
trtd
labelDescription/label/tdtdtextarea name=desc cols=40
rows=5/textarea
/td/tr
trtd
input name=submit type=submit value=Submit //td/tr
/form
/table
/div
div id=list
?php
$beername = $_POST['beername'];
$manu = $_POST['manu'];
$type = $_POST['type'];
$singles = $_POST['singles'];
$six = $_POST['six'];
$can = $_POST['can'];
$bottles = $_POST['bottles'];
$tap = $_POST['tap'];
$size = $_POST['size'];
$desc = $_POST['desc'];
$ip= $_SERVER['REMOTE_ADDR'];
$dbc = mysqli_connect('localhost','root','','rr')or die('Error
connecting
with MySQL Database');
$query = INSERT INTO beer (beername, manu, type, singles, six, can,
bottles, tap, size, desc, ip ). VALUES ('$beername', '$manu',
'$type',
'$singles', '$six', '$can', '$bottles', '$tap', '$size', '$desc',
'$ip' );
$result = mysqli_query($dbc, $query)
or die('Error querying database.');
mysqli_close($dbc);
--
Gary
Read Ash's reply... but basically, you're running the query with POST
variables, and inserting them on page display as well as on form submit.
can you ensure that you can connect from the command line?
if you may take some criticism, you should rethink your database design,
as well as the page flow/design... you should either post the form to a
new page, or if it is back to itself, you should check to see that you
have in fact posted it before just blindly inserting into the database
(as currently, every time you view the page, you will insert into the
database, even if completely empty values).
Steve
Thank you for your reply.
I did not see a
Re: [PHP] Problem with Include
My point is that you tried to take code from one page and put it all organized in another page and the include that page of includes back into the pages that you want it to feed off from. If stuff works the way that it does then there a reason for it to have been done that way. That's why documenting code is so important. 99% doesn't do it (including me). Ravi. On Tue, Dec 21, 2010 at 2:35 AM, David Hutto smokefl...@gmail.com wrote: On Tue, Dec 21, 2010 at 2:29 AM, Ravi Gehlot r...@ravigehlot.net wrote: Why mess with something that is already working? If you are trying to make it pretty then you are not solving a problem. You are creating one. Define working. I've had programs 'work', but more experienced would say it's flawed in some respect. Does it perform the immediate task? Now define pretty. Is it aesthetically pleasing to you, or to someone else with less, or maybe more experience. By defining the two above, you then define whether it's a problem. To you, or to them, or to the original designer? Ravi. On Mon, Dec 20, 2010 at 7:40 AM, Daniel P. Brown daniel.br...@parasane.netwrote: On Mon, Dec 20, 2010 at 02:49, Simcha Younger sim...@syounger.com wrote: Since it is being included by PHP, and not served by Apache, the extension is not important. Correct, but keep in mind that it will likely be served as plain text if accessed directly, if the web server is not properly configured (which, by default, it isn't). -- /Daniel P. Brown Dedicated Servers, Cloud and Cloud Hybrid Solutions, VPS, Hosting (866-) 725-4321 http://www.parasane.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- They're installing the breathalyzer on my email account next week.
