RE: [PHP] exec / mkdir question
> > i'm using the following code to create a directory :-
> >
> > $temp = exec("mkdir $path");
> >
> > it doesn't work...
> >
> > i've validated the $path var which is correct. i suspect it is a
> > permissions issue.
> >
> > what should i look for to resolve this?
>
> Try using the mkdir function:
That is good practice, but if the problem is with the permissions, the
program will just be better written when it fails.
A note of the error message and some information about the host environment
would help. However ...
The user running the PHP script needs to be able to create the file. If
this is a UNIX system and the web server is run by the user nobody, then
that user needs write access to the directory which will contain the file.
To grant that access, your user (the one you, er, use to connect to the
server) must own the directory
The worst case is when your user and the web server user are not in the same
group. In that case, you will need to grant write access to all users.
This introduces potential security risks - any user can also remove or
rename files in that directory.
Simon Ritchie
Download my introduction to PHP for $25:
http://merrowinternet.com/downloads?source=ml
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] sort results into two columns
> how can i sort data from mysql into two columns. Thanks. > > eg: > > link1linka > link linke Do you mean how can you get MySQL to present the data in sorted order or how can you get the browser to display the results in neat columns? Depending upon the question, you either want to use a SELECT query with an ORDER BY clause or you want to output the result within HTML table tags. Simon Ritchie Download my introduction to PHP for $25: http://merrowinternet.com/downloads?source=ml -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] calculating psysical path (a first try)
I think that you have something like this: $HTTP_SERVER_VARS['SCRIPT_NAME] == '\foo\bar.php' $HTTP_SERVER_VARS["SCRIPT_FILENAME"] == 'c:\wwwroot\foo\bar.php' and you want to use this to derive the root 'c:\wwwroot'. You can use one of the standard string edit functions. Something like this: $baseName = ereg_replace( $HTTP_SERVER_VARS['SCRIPT_NAME' . '$', '', $HTTP_SERVER_VARS["SCRIPT_FILENAME"]); The first argument is regular expression. This one matches the script name as long as it appears at the end of the string. The second argument is the replacement string (nothing), the third is the string to search. I cover regular expression pattern matching in my introduction to PHP (see below). However, the root directory is an Apache variable and these are passed to PHP in another array. I can't remember which right now! Simon Ritchie Download my introduction to PHP for $25: http://merrowinternet.com/downloads?source=ml -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] include()
> "Other users on the same server *shouldn't* be able to include() in this way" > > How? > > Would their $_SERVER['HTTP_HOST'] not be the same? You did not specify your circumstances in your original posting, so there is some confusion. One web server can handle many domains. An ISP offering shared hosting will run their server this way, because it is cheap. So, there are at least two cases: (1) Several webmasters running the same domain. They should be part of a disciplined team, so this should not be a problem. (2) Several domains, each run by one webmaster (or one team), possibly each in a different organisation. If you run the domain www.somedomainorother.com, that will be in the HTTP_HOST entry. If somebody running another domain calls the function that opens your database, the HTTP_HOST setting will be different. The suggestion is to write your open function to check for this. Simon Ritchie Download my introduction to PHP for $25: http://merrowinternet.com/downloads?source=ml -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] include()
> I suppose include() can be used to include files from remote > systems(not on > WINDOWS). Only if the sysadmin running your web server allows it, which they should not. > A webmaster on the same server can always use a path like > "/home/htdocs/.../config.php" and include my config .php which contains my > database password !! Not quite, but if you are on a shared server hosted by somebody else, there is a potential problem. If somebody can figure out the name of the function that opens the database, they could call it, potemtially giving access to the data. You could use the solution posted by Justin French to make sure that the function does nothing for them when they call it. As other people have said, your hosting organisation should set the system up so that nobody can read your PHP code, and that nobody outside the host computer can include it. However, I think it would be difficult for them to stop another user on the same server including your code. If you run your own server, you can set it up so that each webmaster is locked into a private environment, but it's messy. According to me, you would need a separate copy of apache for each site, each running under a different user, and they would need to run on separate ports, which is a nuisance. Simon Ritchie Download my introduction to PHP for $25: http://merrowinternet.com/downloads?source=ml -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Page title changes when call functions!!
> I have a bad experience coding in PHP. I create a home page in PHP,
> index.php. Within this PHP code, it calls functions which are placed in
> other file. I notice that the page title changes to something
> that I don't
> want it to be.
This is probably an HTML problem, not a PHP problem. To see what is going
on, run your program, save the resulting HTML into a file ("save as" in the
edit menu on your browser) and look at it with a text editor.
It could be that you are confused about the way your browser displays the
title. It should appear at the very top of your browser window, not in the
address line.
Simon Ritchie
Download my introduction to PHP for $25:
http://merrowinternet.com/downloads?source=ml
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] need help reg. User Accounts
> I am using PHP-4.1.1 on Linux, > I wanted to know the difference between "nobody" user and normal user of > operating system. None. Nobody is an ordinary user. However, ordinary UNIX users can be set up in all sorts of ways. > > This question just came to mind when, neither nobody's directory nor any > entry was not found in /home or elsewhere. That's deliberate. The nobody user is set up with very few resources or privileges and is then used to run things like the web server. If a hacker can exploit a weakness in the server to gain control and issue commands as the user running it, the potential damage is limited to what that user can do, which is not much. Simon Ritchie Download my introduction to PHP for $25: http://merrowinternet.com/downloads?source=ml -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] probelm : delete files using PHP
> I am using PHP 4.1.1, Postgresql 7.2 and Perl 5.6.0 on Linux. > > I want to delete files in a directory,which were created 15 days back. > > I can not do it, with PHP filesystem and directory functions, as > PHP runs as > "nobody" user. To delete a file the user running the web server needs to be able to write to the directory containing the file. Either the directory should be owned by the user nobody and writable by its owner, or in the group nobody and writable by group, or (the most dangerous choice) writable by any user. To change the ownership, you need to be able to log in as the user root. Simon Download my introduction to PHP for $25: http://merrowinternet.com/downloads?source=ml -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] SMS Again, UK
Oh yes, I forgot about email, which was mentioned in another answer to this FAQ. Some providers give you an email address with your phone, for example I believe that One2One (or whatever it's called today) give you @one2one.com. Email sent to that address arrives at your phone as an SMS. Somebody has to pay for the message, so it's probably you. By the way, there is no guarantees on how long it will take to deliver an SMS, or if it will ever arrive. Typically 1% never arrive, more if the network is very busy because something interesting has just happened on "Big Brother" and everybody below 35 in the UK is sending a text (to somebody who is busy sending them one). That means it's wise to send a text, wait a few minutes and send it again. Buy a UPS with plenty of capacity ... Oh yes, and don't forget to put all of the network access devices on the UPS - the router, the switch and so on. Otherwise when the power fails, you won't be able to access the message gateway across the web. Simon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] SMS Again, UK
Well, funnily enough, your question has much the same answer ... If you have a mobile phone and your service provider offers a web gateway, you can use it to send SMS messages. They will provide a script that you can use. If you have an Orange phone, see the Orange web site. If it's a Voda, see their web site, and so on. The charge is usually the same as it would be if you sent the message from your phone, but if you have a contract it may include "free" messages. There are services such as NovelSoft (http://www.sms-wap.com) that are independant of provider, but you have to pay for them too. Novelsoft is quite cheap, and there are PHP scripts on the site, but some providers don't accept their messages. I have a NovelSoft account, but I can't use it to send messages to my Orange phone. I read somewhere that this is because some of their customers used the service to send spam. Simon > -Original Message- > From: Andy Whittlestone [mailto:[EMAIL PROTECTED]] > Sent: 01 July 2002 16:49 > To: [EMAIL PROTECTED] > Subject: [PHP] SMS Again, UK > > > Hi i'm from the uk, is there any free php scripts that will allow txt > messages to be sent within the uk. > > Couldn't get the other one posted here to work either, > > Wanna do a similiar idea to what that other guy was doing, but > when the UPS > Kicks in send a txt, but also so i can goto my site and access it > and send a > txt for free, :-) > > Cheers Andy > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Online PHP training course
Merrow Internet Services run online training courses. We use a web conferencing system to create a virtual classroom where we hold live interactive seminars. You can connect to the conference with an ordinary telephone modem, so you can take part at home or at work. Our Introduction to PHP Programming starts on the 13th June 2002. It runs for one day (eight hours) in total. We have scheduled times to suit customers in a wide range of timezones including the UK, mainland Europe and the USA. The course costs 212 Pounds, 341 Euros or $310. Prices include VAT (sales tax) at the UK rate of 17.5%. For more details visit http://www.merrowinternet.com. Simon Ritchie Merrow Internet Services -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] apache authentication
Aaron and I have discussed this offline. He has a PHP front-end running on
one server which he is using to control access to pages on another server
(the target). He wants the front-end code to collect and check the user's
credentials, then request an appropriate URL from the target and relay the
result back to the client. This is a reverse proxy arrangement.
However, the pages on his target are password-protected, so he has to send
the credentials in the URL. I recently looked at the same problem. I
couldn't see how to get the standard apache proxy to send the credentials
across, so I wrote my own proxy in PHP. It's not very pretty and it's slow,
but it does the trick. The only difficult bit is sending the credentials.
HTTP expects the password in base64 encoding.
SECURITY WARNING: This code uses a hard-coded user-name and password, which
begs the question of where they would come from in the real world. You
could collect them via a form, but then they will be sent to the PHP script
as arguments and so the password will be visible in the URL box of the
browser window. (Any better suggestions?)
This is part of a bigger project, so I have to edit the code for
publication, and I haven't checked it. Let's hope my fingers are working
properly tonight.
I have put the code onto the end of this note. I would welcome any
feedback.
Simon
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: 14 January 2002 17:41
> To: [EMAIL PROTECTED]
> Subject: [PHP] apache authentication
>
>
> Hi,
>
> I am using the Nusphere application server with apache user directories.
> I have several protected user
> directories that are of different realms. When a user logs into the
> 'secure area' i would like to send them
> to pages contained in a secure directory but pass the encoded user:pass
> in the URL as to avoid the pop-up
> apache authentication dialogue. Is this possible and how do i achieve
> this?
>
> TIA,
>
> Aaron Lake
> Programmer/Analyst
> Kvaerner Chemetics
> A Division of Kvaerner Canada Inc
> (604) 730 4206
- proxy.php---
Login
// Host:intra.local.sys
//
//
// where is authName:authPassword in base 64 form. The PHP
// manual entry for fsockopen(0 advises you to put CR chars at the
// end of each line as well as LFs.
//
// Copyright 2002 Simon Ritchie, Merrow Internet Services
// (www.merrowinternet.com)
$server = "intra.local.sys";
$authName = "foo"; // In a real application, you would
$authPassword = "bar"; // get these from somewhere.
$cred = $authName . ":" . $authPassword;
$b64cred = base64_encode($cred);
$req1 = "GET /" . $URL . " HTTP:/1.1\r\n";
$req2 = "Authorization: Basic " . $b64cred . "\r\n";
$req3 = "Host:" . $server . "\r\n";
$intra = fsockopen($server, 80) or
die("cannot access " . $server);
if (strlen($cred) > 0) {
// send authenticated request
fputs($intra, $req1);
fputs($intra, $req2);
fputs($intra, $req3);
fputs($intra, "\r\n");
} else {
// send anonymous request
fputs($intra, $req1);
fputs($intra, $req3);
fputs($intra, "\r\n");
}
// the server returns a set of headers, a blank lines separator
// and the HTML page. This PHP code will send appropriate
// headers back to the client, so here we just want to print
// the HTML page.
$text = fgets($intra, 4096);
while (!feof($intra)) { // eat headers until ...
$text = fgets($intra, 4096);
if (strcmp($text, "\n") == 0 ||
strcmp($text, "\r\n") == 0) { // ... blank line
break;
}
}
while (!feof($intra)) { // present the rest
$text = fgets($intra, 4096);
echo($text);
}
exit;
?>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Job Needed !!!
> However, have you considered that this guy was maybe offering > to help in a free > software project? Call me cynical, but I think the clue was in his use of the phrase "Any on can hire me". I interpreted that to mean "can anyone hire me?" rather than "I would like to make my enforced period of spare time useful to the PHP community". Simon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Extending PHP
For what they are worth, here are some notes that I took. I don't think
they answer the actual question you asked, but they may be useful.
Extensions to PHP are written in C. (I haven't seen a statement to that
effect anywhere in the documentation, but I mave missed something.)
Assume that your package is called .
Need libtool 1.4 or better - get it from www.gnu.org or a mirror
You need to write a set of interface functions. Function names must be ALL
lower case. Before you do that, prepare a prototype file - can be just the
names of the functions, one per line, no semicolons, NO BLANK LINES. The
entries can be full C prototypes, but complicated prototypes screw it up
(char thing() is OK, but char * thing() is not).
run ext_skel --extname= proto=
That creates a directory ext/ containing a Makefile, skeleton C
source and a header (.h)file.
edit config.m4 to switch on the lines that enable . Until you do
that, nothing will work.
cd .. (root of PHP source)
./buildconf
./configure with-
make
The first time I did this, the make failed because of problems in the .h
file. These were caused by stuff in the proto file that the tools couldn't
handle.
./php -f ext//.php confirms that the skeleton has been added.
Reinstall your PHP module. ("make install" as root)
In the ext/ you now have lots of files including .c and
php_.h. .c contains a set of wrapper functions, one for each
name that you put into your prototype list.
Write a test script to call the functions. At this stage, you should get a
warning telling you that the function is not yet implemented. This is
printed by the skeleton wrapper function.
You now need to edit each function. Take out the line that prints the "not
implemented" warning and replace it with the code that you want.
BEWARE. If you find half-way through the work that you got the prototype
file wrong (say, you want to put an extra function in), you have to start
all over again. Change the name of the directory, create a new one
and manually copy the stuff you have produced into it. To avoid this, I put
my code into a separate file, got that working in isolation (so that I knew
what the function names were going to be) and then made my interface
functions very simple wrappers.
I could not make any sense of the stuff about parameter passing in the zend
documents. I suspect that it doesn't match the standard released PHP.
(Somebody said elsewhere in this thread to use a different distribution.
That may help.) I figured out how to pass parameters by looking at working
examples, such as the LDAP extension.
Simon
> > -Original Message-
> > From: Anas Mughal [mailto:[EMAIL PROTECTED]]
> > Sent: 15 January 2002 21:12
> > To: [EMAIL PROTECTED]
> > Subject: [PHP] Extending PHP
> >
> >
> > I am looking into building a dynamically loadable
> > module under PHP4. The documentation on extending PHP4
> > is unclear or is missing instructions on how to
> > generate dynamic loadable module file. I have followed
> > the instructions but I can't seem to be able to create
> > the module.
> > (I even looked at Sterling Hughes article on
> > WebTechniques.)
> > Is there a step that I am missing or what?
> > Do I need to modify the m4 file or the makefile?
> > Please advise...
> >
> > =
> > Anas Mughal
> > [EMAIL PROTECTED]
> > [EMAIL PROTECTED]
> > Tel: 973-249-6665
> >
> > __
> > Do You Yahoo!?
> > Send FREE video emails in Yahoo! Mail!
> > http://promo.yahoo.com/videomail/
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> > To contact the list administrators, e-mail: [EMAIL PROTECTED]
> >
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Extending PHP
The PHP system is built using GNU tools, which are described on the GNU web site www.gnu.org. The documentation on extending PHP on the zend web site is not terribly clear and I suspect that does not match the current system. However, it does refer you to the gnu web site for information about the build tools. I have done some work extending PHP4 and I also found it very hard going. Simon > -Original Message- > From: Anas Mughal [mailto:[EMAIL PROTECTED]] > Sent: 15 January 2002 21:12 > To: [EMAIL PROTECTED] > Subject: [PHP] Extending PHP > > > I am looking into building a dynamically loadable > module under PHP4. The documentation on extending PHP4 > is unclear or is missing instructions on how to > generate dynamic loadable module file. I have followed > the instructions but I can't seem to be able to create > the module. > (I even looked at Sterling Hughes article on > WebTechniques.) > Is there a step that I am missing or what? > Do I need to modify the m4 file or the makefile? > Please advise... > > = > Anas Mughal > [EMAIL PROTECTED] > [EMAIL PROTECTED] > Tel: 973-249-6665 > > __ > Do You Yahoo!? > Send FREE video emails in Yahoo! Mail! > http://promo.yahoo.com/videomail/ > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > To contact the list administrators, e-mail: [EMAIL PROTECTED] > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Compile problems php 4.1.1
> I'm trying to compile php 4.1.1 and when it gets to the > --with-apxs option it errors out with the following: > > Sorry, I was not able to successfully run APXS. Possible reasons: > > 1. Perl is not installed; . . . Some systems (eg Red Hat Linux) come with a version of the apxs tool, but not the one that the PHP builder expects. The builder is trying to use this apxs, but it doesn't work as it expects. Do a minimal build of apache from source code (without PHP) and install it. This installs a working apxs into /usr/local/bin. Now build PHP, then build apache again, this time including the PHP module. In my system, the builder found the working apxs without help. If yours does not, you have to tell the builder where to find it. Simon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] apache authentication
Your question is not very clear, not to me anyway. Are you trying to write some PHP code that remembers a user name and password over several requests? If so, I can answer that. According to me, it's hard. The problem is that PHP (in fact Apache itself) doesn't remember any information between requests - there is (almost) no persistent storage. In any case, an apache web server machine runs several copies of Apache, and you would have to share the data between all the copies. Furthermore, there can be more than one physical server. Your PHP could remember the credentials in a shared database, but that would be slow. Once you have some persistent storage, you need to be sure that the incoming requests are really coming from where you think they are - some sort of secure session management. Without that, a hacker can break into somebody else's logged-in session by sending suitable fake requests. All this is easier in HTTPS. I am working on some code that implements persistent storage with HTTPS, but I haven't got the shared memory part working yet. Simon > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: 14 January 2002 17:41 > To: [EMAIL PROTECTED] > Subject: [PHP] apache authentication > > > Hi, > > I am using the Nusphere application server with apache user directories. > I have several protected user > directories that are of different realms. When a user logs into the > 'secure area' i would like to send them > to pages contained in a secure directory but pass the encoded user:pass > in the URL as to avoid the pop-up > apache authentication dialogue. Is this possible and how do i achieve > this? > > TIA, > > Aaron Lake > Programmer/Analyst > Kvaerner Chemetics > A Division of Kvaerner Canada Inc > (604) 730 4206 > > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] work with mobile by PHP !!
> How can I send msg to PHP ?=20 > what I need and what I must read ?? Try http://www.sms-wap.com Simon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
