php-general Digest 29 May 2007 08:28:36 -0000 Issue 4817
Topics (messages 255718 through 255740):
Re: php and Ajax problem
255718 by: Stut
255719 by: Tijnema
255736 by: Jim Lucas
Re: Unknown number of check boxes?
255720 by: Jared Farrish
255721 by: Jared Farrish
255738 by: Jim Lucas
Re: Upload a ppt file
255722 by: Tijnema
Tuning LAMP systems: Optimizing Apache and PHP
255723 by: Daevid Vincent
Web Application Design Literature
255724 by: Steve Finkelstein
255726 by: Jared Farrish
exec dont work for svn
255725 by: Manolet Gmail
255735 by: Greg Donald
php execute command on server
255727 by: Jody Gugelhupf
255734 by: Greg Donald
a question on session ID and security
255728 by: Davis Chan
255729 by: Jared Farrish
Client does not support authentication protocol...
255730 by: Tom
255731 by: Chris
255733 by: Chris
255740 by: Zoltán Németh
Streaming download to IE doesn't work
255732 by: Daniel Kasak
Re: Uploading Files into MySQL
255737 by: Greg Donald
Re: Form Validation Issues
255739 by: Greg Donald
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
--- Begin Message ---
Not even slightly a PHP question, but since it's a bank holiday I seem
to temporarily be in a more helpful mood.
Richard Kurth wrote:
<?php
$event['deleteevent']='<a
href="javascript:sendRequest(delete,32423434234234234324)">Delete this
event</a>';
echo $event['deleteevent'];
?>
I'm thinking you need some quotes aroung delete, and possibly around the
number given its size.
-Stut
--- End Message ---
--- Begin Message ---
On 5/28/07, Richard Kurth <[EMAIL PROTECTED]> wrote:
I can not figure out way this is not working can somebody help?
<html>
<head>
<title>Untitled</title>
<script language="JavaScript">
function createRequestObject() {
var req;
if(window.XMLHttpRequest){
// Firefox, Safari, Opera...
req = new XMLHttpRequest();
} else if(window.ActiveXObject) {
// Internet Explorer 5+
req = new ActiveXObject("Microsoft.XMLHTTP");
} else {
// There is an error creating the object,
// just as an old browser is being used.
alert('Problem creating the XMLHttpRequest object');
}
return req;
}
// Make the XMLHttpRequest object
var http = createRequestObject();
function sendRequest(action,arg) {
// Open PHP script for requests
http.open('get', 'eventaction.php?takeaction='+action+'&uid='+arg);
http.onreadystatechange = handleResponse;
http.send(null);
}
function handleResponse() {
if(http.readyState == 4){
var response = http.responseText;
var update = new Array();
if(response.indexOf('|' != -1)) {
update = response.split('|');
document.getElementById(update[0]).innerHTML = update[1];
}
}
}
</script>
</head>
<body>
<?php
$event['deleteevent']='<a
href="javascript:sendRequest(delete,32423434234234234324)">Delete this
event</a>';
echo $event['deleteevent'];
?>
</body>
</html>
this is the 'eventaction.php script yo test if the ajax script works
<?
if($_GET['takeaction']=="delete"){
$uid=$_GET['uid'];
echo $uid;
exit;
}
?>
Try firefox and take a look at the javascript console, it points you
to any javascript syntax errors.
Tijnema
--- End Message ---
--- Begin Message ---
Richard Kurth wrote:
I can not figure out way this is not working can somebody help?
<html>
<head>
<title>Untitled</title>
<script language="JavaScript">
function createRequestObject() {
var req;
if(window.XMLHttpRequest){
// Firefox, Safari, Opera...
req = new XMLHttpRequest();
} else if(window.ActiveXObject) {
// Internet Explorer 5+
req = new ActiveXObject("Microsoft.XMLHTTP");
} else {
// There is an error creating the object,
// just as an old browser is being used.
alert('Problem creating the XMLHttpRequest object');
}
return req;
}
// Make the XMLHttpRequest object
var http = createRequestObject();
function sendRequest(action,arg) {
// Open PHP script for requests
http.open('get', 'eventaction.php?takeaction='+action+'&uid='+arg);
http.onreadystatechange = handleResponse;
http.send(null);
}
function handleResponse() {
if(http.readyState == 4){
var response = http.responseText;
var update = new Array();
if(response.indexOf('|' != -1)) {
So, if it doesn't find a | (pipe) in the returned page, it won't do
anything!
update = response.split('|');
document.getElementById(update[0]).innerHTML = update[1];
}
}
}
</script>
</head>
<body>
<?php
$event['deleteevent']='<a
href="javascript:sendRequest(delete,32423434234234234324)">Delete this
event</a>';
echo $event['deleteevent'];
?>
</body>
</html>
this is the 'eventaction.php script yo test if the ajax script works
<?
Does your server allow for short_tags = On ???
if($_GET['takeaction']=="delete"){
$uid=$_GET['uid'];
echo $uid;
Well, as mentioned above, where is the | (pipe) that your JS code is
expecting???
Plus, where is the name of the object that you are wanting to take
action upon? Looks like your JS is needing something like this.
echo "{$div_id}|{$uid}";
Hope this helps
exit;
}
?>
--- End Message ---
--- Begin Message ---
Stephen Neigaard wrote:
I would like to have a unknown number of generated check boxes like this:
<input type="checkbox" name="chk01" />
<input type="checkbox" name="chk02" />
<input type="checkbox" name="chk0X" />
And the name will be generated "chk01 to chk99", but how do I make the
receiving PHP script that "scans" for post variables that are sent, so
that I can work on this information?
Inspect this code example to see a way to handle this problem using magic
form variables in contained POST arrays:
<code>
<h4>Test of Multiple Checkboxes</h4>
<form method="post" action="<?php echo($_SERVER['PHP_SELF']); ?>">
<?php
function getCheckboxes() {
for ($i = 100; $i > 0; $i--) {
$tr = $i % 5 === 0 ? Array('','') : Array('<tr>','</tr>');
$str .= "<label><input type=\"checkbox\" " .
"name=\"form[checks][]\" value=\"$i\" /> Input
#$i</label>\n";
}
return $str;
}
echo(getCheckBoxes());
?>
<p><input type="submit" /></p>
</form>
<hr />
<pre>
<?php
if (!empty($_POST)) {
print_r($_POST);
}
?>
</pre>
<h4>Consuming of form post</h4>
<p>An example of inverting a posted checkbox array to support $checked[45]
=== true behavior, making it easier to access and test the posted
content</p>
<pre>
<?php
// This will return an array that has inverted the posted
// items that were in checkboxes and had a state of
// checked=true
function consumeFormChecks($arr) {
$consume = Array();
for ($i = 0; $i < count($arr); $i++) {
$consume[$arr[$i]] = true;
}
return $consume;
}
if (!empty($_POST)) {
print_r(consumeFormChecks($_POST['form']['checks']));
}else {
echo('<h4>Please select some random checkboxes above' .
' and submit the form</h4>');
}
?>
</pre>
</code>
--
Jared Farrish
Intermediate Web Developer
Denton, Tx
Abraham Maslow: "If the only tool you have is a hammer, you tend to see
every problem as a nail." $$
--- End Message ---
--- Begin Message ---
On 5/28/07, Jared Farrish <[EMAIL PROTECTED]> wrote:
$tr = $i % 5 === 0 ? Array('','') : Array('<tr>','</tr>');
Ignore this line, it was from an earlier iteration of that function.
--
Jared Farrish
Intermediate Web Developer
Denton, Tx
Abraham Maslow: "If the only tool you have is a hammer, you tend to see
every problem as a nail." $$
--- End Message ---
--- Begin Message ---
Søren Neigaard wrote:
Hi
I would like to have a unknown number of generated check boxes like this:
<input type="checkbox" name="chk01" />
<input type="checkbox" name="chk02" />
<input type="checkbox" name="chk0X" />
<input type="checkbox" name="chk[]" value="Check box One" />
<input type="checkbox" name="chk[]" value="Check box Two" />
<input type="checkbox" name="chk[]" value="Check box Three" />
Then one the processor page, have it grab the "array" of indexed results
being submitted.
if ( isset( $_REQUEST['chk']) &&
is_array( $_REQUEST['chk']) &&
count( $_REQUEST['chk']) > 0 ) {
foreach ( $_REQUEST['chk'] AS $index => $value ) {
//Do something here with the checkboxes submitted
}
}
And the name will be generated "chk01 to chk99", but how do I make the
receiving PHP script that "scans" for post variables that are sent, so
that I can work on this information?
Best regards
Søren
--- End Message ---
--- Begin Message ---
On 5/28/07, tedd <[EMAIL PROTECTED]> wrote:
Hi Gang:
I can upload a text file and an image file via a html form, but I am
having problems uploading a PowerPoint file. Apparently, that's a
different critter.
Does any have any references or an example to show me?
Thanks,
Cheers,
tedd
It should work with the same form you used for image & text files, but
make sure you still have enctype set to multipart/form-data.
Also, like Jared said, make sure it isn't limited by any option, this
could be the upload filesize limit, but also memory limit if you were
planning to upload big files :)
Tijnema
--- End Message ---
--- Begin Message ---
I saw this on article on Digg.
Reposting here in case anyone is interested or missed it being a holiday
today and all...
http://digg.com/programming/Optimize_PHP_and_Accelerate_Apache
Direct links:
http://www.ibm.com/developerworks/linux/library/l-tune-lamp-1/index.html
http://www.ibm.com/developerworks/linux/library/l-tune-lamp-2.html
and it seems there will be one more on the way...
--- End Message ---
--- Begin Message ---
Hello -
I'm looking for recommendations on literature which will give me ideas
on best practices for design and implementation of web applications,
with if possible, PHP as its core reference language.
Syntax has never been the challenge for me, like for most, it's always
been the most practical and intelligent way to break up an application
and focus on how to putting it all together for reusability and
maintaining the application.
Anyhow, suggestions are appreciated.
Cheers!
- sf
--- End Message ---
--- Begin Message ---
I'm looking for recommendations on literature which will give me ideas
on best practices for design and implementation of web applications,
with if possible, PHP as its core reference language.
Syntax has never been the challenge for me, like for most, it's always
been the most practical and intelligent way to break up an application
and focus on how to putting it all together for reusability and
maintaining the application.
Anyhow, suggestions are appreciated.
Check out www.opensourcecms.org and look for the type of app you need for
suggestions of different prebuilt php projects.
http://www.opensourcecms.com/
I like the Harry Fuecks books on sitepoint, as well as the O'Reilly books.
Professional PHP5 from Wrox is pretty good, too.
For a general framework-style, I like seagull:
http://www.seagullproject.org
If you're going to be doing object-oriented programming techniques, keep in
mind PHP is quite a bit different from other languages (such as C#) in the
way it implements some details of objects, and that PHP4 and PHP5 are quite
significantly different versions, vis-a-vis objects and classes.
Good luck!
--
Jared Farrish
Intermediate Web Developer
Denton, Tx
Abraham Maslow: "If the only tool you have is a hammer, you tend to see
every problem as a nail." $$
--- End Message ---
--- Begin Message ---
hi, i want to do a svn update (subversion) from php using exec (or system)
now, this works:
exec("ls; pwd",$out);
foreach($out as $line)echo"<br/>$line\n";
and this also works and print me the help from subversion:
exec("svn help",$out);
foreach($out as $line)echo"<br/>$line\n";
but this doesnt work:
exec("svn update",$out);
foreach($out as $line)echo"<br/>$line\n";
dont print anything... dont update the files, pwd returns me the
correct path...
any ideas? im using cpanel... php5 and fedora 4 php runs as nobody...
--- End Message ---
--- Begin Message ---
On 5/28/07, Manolet Gmail <[EMAIL PROTECTED]> wrote:
but this doesnt work:
exec("svn update",$out);
foreach($out as $line)echo"<br/>$line\n";
dont print anything... dont update the files
Is it possible you need to provide some type of authentication? `svn
update` may be asking for input your exec call isn't providing.
--
Greg Donald
http://destiney.com/
--- End Message ---
--- Begin Message ---
hi ppl :)
i run apache 2 on ubuntu feisty with php 5, i have website on which i have 2
links, the first is a
php which should start a vlc stream server on my server (see below), streaming
from my tvcard, the
vlc command itself executed on my machine from the console shows that the
command works fine, this
probably means that somehting is wrong with my php file.
the second command opens the vlc stream from the server, which works fine too
anyhow back to the first command the vlc stream server executer, i can see it
in the list of the
running processes on my machine, but the stream does not work, i don't know
why, either there is
somehting wrong with my php:
<?php
// outputs the username that owns the running php/httpd process
// (on a system with the "whoami" executable in the path)
echo system('vlc
v4l:/dev/video0:norm=pal:frequency=767250:size=320x240:channel=0:adev=/dev/dsp:audio=0
--sout
\'#transcode{vcodec=mp4v,acodec=mpga,vb=3000,ab=256,vt=800000,keyint=80,deinterlace=blend}:std{access=http,mux=ts,url=10.0.0.1:8082}\'
--ttl 12 -I dummy');
?>
or does the www-data (apache) user needs special user permissions to access the
devices
/dev/video0 /dev/dsp ? i have no clue, is there a way to see some output? thx
for the help :)
katie
Get news delivered with the All new Yahoo! Mail. Enjoy RSS feeds right
on your Mail page. Start today at http://mrd.mail.yahoo.com/try_beta?.intl=ca
--- End Message ---
--- Begin Message ---
On 5/28/07, Jody Gugelhupf <[EMAIL PROTECTED]> wrote:
or does the www-data (apache) user needs special user permissions to access the
devices
/dev/video0 /dev/dsp ? i have no clue, is there a way to see some output? thx
for the help :)
You can become the user you want to test permissions for:
sudo su -
su - www-data
On my Feisty install the www-data user does not have the permissions
you require.
cat /dev/dsp
cat: /dev/dsp: Permission denied
To access /dev/dsp the www-data user needs to be a member of the audio
group. You can use usermod to add the audio group to the www-data
user:
usermod -G www-data,audio www-data
After this I begin to get output from /dev/dsp as the www-data user.
Hope that help.
--
Greg Donald
http://destiney.com/
--- End Message ---
--- Begin Message ---
Hi! I am developing a site with some authenticated users only features.
I would like to know if the following is true:
1. script for login process is located on a SSL-enabled server, so
usernames and passwords are encrypted.
2. upon successful login, user is relocated to a non-SSL-enabled server
which hosts the scripts that contain the authenticated-user-only features.
So, while usernames and passwords are protected by SSL, the PHPSESSID is
not. In other words, anyone who captures that HTTP GET packet can get
the session ID. Is that true?
Another question is while that session ID is valid only before an
unset() and a session_destroy(). So the attacker who has the session ID
must fake the session before the real user logout. Is that true?
Thanks in advance for any help offered.
--- End Message ---
--- Begin Message ---
1. script for login process is located on a SSL-enabled server, so
usernames and passwords are encrypted.
https:// is an envelope encryption, so POST data, which is a part of the
packet data, not packet headers, is encrypted. As long as you POST or COOKIE
data that needs encryption, you're fine. GET is not secure.
2. upon successful login, user is relocated to a non-SSL-enabled server
which hosts the scripts that contain the authenticated-user-only features.
If this is what you're doing (header() or a meta-refresh html tag).
So, while usernames and passwords are protected by SSL, the PHPSESSID is
not. In other words, anyone who captures that HTTP GET packet can get
the session ID. Is that true?
There are a few different attack vectors with SESSION data. Needless to say,
never store or authenticate by a PHP SESSION id only; use cookies or encrypt
a page with script and include() the content per page, and force users to
login every page change.
Another question is while that session ID is valid only before an
unset() and a session_destroy(). So the attacker who has the session ID
must fake the session before the real user logout. Is that true?
Before the session is destroyed and the temp file where it is stored is
deleted from the harddrive. Do not store sensitive information or use a
SESSION id to authenticate a user.
--
Jared Farrish
Intermediate Web Developer
Denton, Tx
Abraham Maslow: "If the only tool you have is a hammer, you tend to see
every problem as a nail." $$
--- End Message ---
--- Begin Message ---
Hi, as always, I'm trying to connect to a MySQL database in the following
way:
mysql_connect('host','user','password');
In my local PC this Works perfectly, but in the server I receipt the
following error:
mysql_connect(): Client does not support authentication protocol requested
by server; consider upgrading MySQL client
Which can the cause of this error be?
Am I able to make something to solve it or does a problem belong exclusively
to the administrator of the server?
Thank you very much,
Tom.
--- End Message ---
--- Begin Message ---
Tom wrote:
Hi, as always, I'm trying to connect to a MySQL database in the following
way:
mysql_connect('host','user','password');
In my local PC this Works perfectly, but in the server I receipt the
following error:
mysql_connect(): Client does not support authentication protocol requested
by server; consider upgrading MySQL client
Did you search google and look at the mysql website to see what the
problem is?
--
Postgresql & php tutorials
http://www.designmagick.com/
--- End Message ---
--- Begin Message ---
Firstly always CC the mailing list - others can learn from the info as well.
Ing. Tomás Liendo wrote:
Yes, but the solutions that figure in the Web are only applicable if one
has access like administrator to the server.
I can't make things like upgrade versions or configure MySQL or PHP.
What I want to know is if I can make something as programmer or I need
to contact the administrator of the server.
Basically you have a mismatch between the client library and the server
version.
eg you have something like:
mysql5-client
mysql4-server
which isn't going to work.
Nothing you can do as a programmer but point the server-admin to the
mysql site and say "please fix".
--
Postgresql & php tutorials
http://www.designmagick.com/
--- End Message ---
--- Begin Message ---
2007. 05. 28, hétfő keltezéssel 23.52-kor Tom ezt írta:
> Hi, as always, I'm trying to connect to a MySQL database in the following
> way:
>
> mysql_connect('host','user','password');
>
> In my local PC this Works perfectly, but in the server I receipt the
> following error:
>
> mysql_connect(): Client does not support authentication protocol requested
> by server; consider upgrading MySQL client
>
> Which can the cause of this error be?
> Am I able to make something to solve it or does a problem belong exclusively
> to the administrator of the server?
I've met this problem when I upgraded mysql-server from mysql 4.0 to
mysql 4.1
it was because mysql 4.1 and newer versions use a different password
encryption method. I think it can be solved by upgrading mysql-client
too. or you can issue the following mysql command on the server:
SET PASSWORD FOR [EMAIL PROTECTED] = OLD_PASSWORD('something');
which will solve it for that user without any upgrading
greets
Zoltán Németh
>
> Thank you very much,
>
> Tom.
>
--- End Message ---
--- Begin Message ---
Hi all.
I'm streaming a file ( location of which is to be hidden from clients,
hence the need to stream ). Basically I'm doing:
---
session_start();
// some authentication stuff and figuring out the path goes here
// ...
// ...
$source = "/accounts_reports/" . $_GET['id'] . ".bin";
header( "Content-Disposition: attachment; filename=\"" . $orig . "\"" );
header( "Content-Length: " .filesize( $source ) );
header( "Content-Type: application/octet-stream" );
header( "Pragma: no-cache" );
header( "Expires: 0" );
readfile( $source );
---
This works *perfectly* with firefox. It doesn't work at all with
Internet Explorer. Also ( not sure if this matters or not ), the site is
accessed via https ONLY.
When I click the link to my download php script, I get a dialog asking
if I want to open or save the file, and then whnatever I click, I get:
> Internet Explorer cannot download download.php?id=32 from IP_ADDRESS.
>
> Internet Explorer was not able to open this Internet site. The
> requested site is either unavailable or cannot be found. Please try
> again later.
However, a quick check of apache's ssl access log shows that IE did in
fact 'find' the site. Also, IE is producing the download dialog, which
suggests that it's 'found' the download.php script fine.
Now, before I get a litany of 'just use firefox then' responses, rest
assured that I would take this approach if I could, but the site is for
a customer, and they are in turn doing it for their customers, and this
just isn't going to fly. It MUST work with IE.
Who knows WTF is wrong and how I can work around it?
--
Daniel Kasak
IT Developer
NUS Consulting Group
Level 5, 77 Pacific Highway
North Sydney, NSW, Australia 2060
T: (+61) 2 9922-7676 / F: (+61) 2 9922 7989
email: [EMAIL PROTECTED]
website: http://www.nusconsulting.com.au
--- End Message ---
--- Begin Message ---
On 5/24/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
I am working on a script to upload files into MySQL db. The following
script uploads to a file system how do I go about uploading the file
into the DB? Where do I put the SQL statement in the code below?
move_uploaded_file($_FILES['myfile']['tmp_name'],
"/var/www/".$_FILES['myfile']['name']);
Right here you would read the file into a string with
file_get_contents(), then write an SQL query to insert the string.
--
Greg Donald
http://destiney.com/
--- End Message ---
--- Begin Message ---
On 5/24/07, Robert Cummings <[EMAIL PROTECTED]> wrote:
*lol* You must have missed the other thread... hence the wink on the
end :)
I'm guessing not everyone uses a threaded email client. And some
people always feel the need to post their 'thoughts' no matter how
well the question has already been beaten to death. :)
--
Greg Donald
http://destiney.com/
--- End Message ---
