[PHP] Securing suexec PHP against local attacks by the webserver user

Hi, I am trying to set up a site which can run securely on a shared hosting environment where users have a choice of running PHP scripts using suexec and FastCGI, or using mod_php and running the scripts as the same user as the webserver. My scripts need to read a local file with the databas

Re: [PHP] maybe we could all?

Nathan Rixham wrote: Project: PHP Common Objects and Datatypes Has anything been setup for project COD-pieces yet? I like this name! ;) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: php get rss tag using DOM

Morris wrote: I know rss_php, but it doesn't fit my solution. Is anyone able to help me with my question? thx 2009/2/8 Nathan Rixham Morris wrote: Hi, I am trying to write a programme to read a rss xml file. ... ... scan anyone tell me how to get the url attribute? I wrote some co

[PHP] xls to pdf conversion in unix

Hi gang, I did a little research to find out how can someone convert an xls file into pdf and I found that you can use openoffice to do that (already done that in perl). My problem is that I need to find a way for doing this without openoffice by using just PHP. I know that I could probabl

Re: [PHP] maybe we could all?

Marcus Gnaß wrote: Nathan Rixham wrote: Project: PHP Common Objects and Datatypes Has anything been setup for project COD-pieces yet? I like this name! ;) Hi Markus, Actually, yes it has - the project, well working group, has been called "voom". So far there are 8 developers including m

[PHP] [PHP]: php validate user password

Hi, Can some body help out on how to validate user password from the database? Thanks Andrew

Re: [PHP] [PHP]: php validate user password

2009/2/9 Andrew Williams : > Hi, > Hi, > Can some body help out on how to validate user password from the database? There are several possibilities. This would be one. > > Thanks > Andrew > Bye,bye -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/u

[PHP] php validate user password

These days SHA should really be used instead of MD5, and you should be SALTing the password as well. Here's a great guide : http://phpsec.org/articles/2005/password-hashing.html Michael Kubler *G*rey *P*hoenix *P*roductions Jan G.B. wrote: 2009/2/9 Andrew William

Re: [PHP] php validate user password

2009/2/9 Michael Kubler : > These days SHA should really be used instead of MD5, and you should be > SALTing the password as well. > Here's a great guide : http://phpsec.org/articles/2005/password-hashing.html Good advice. I would also advise against stripping and trimming anything from passwords.

Re: [PHP] PHP usage stats

> Now maybe you didn't mean it that way, but IMO that appears more demeaning of the poster than providing help. I'm surprised, because that's not typical of you nor this list. Indeed. Not really sure what I was thinking when I wrote it and I apologise for the attitude. We all have off days

Re: [PHP] php validate user password

2009/2/9 Stuart : > 2009/2/9 Michael Kubler : >> These days SHA should really be used instead of MD5, and you should be >> SALTing the password as well. >> Here's a great guide : http://phpsec.org/articles/2005/password-hashing.html > > Good advice. Absolutley. I used mysqls md5() function only as

Re: [PHP] Adding Records & Capture The New Record ID

At 9:00 AM +1100 2/9/09, Chris wrote: Person a signs up with em...@example.com Before you are able to fetch the result (which is possible in a high traffic site), person b also signs up with em...@example.com Going back to person a, when you fetch, you get record #2 instead of #1. They are n

Re: [PHP] php validate user password

2009/2/9 Jan G.B. : > 2009/2/9 Stuart : >> I would also advise against stripping and trimming >> anything from passwords. By removing characters you're significantly >> reducing the number of possible passwords. > > Surely, the stripping should only be done when when magic_quotes is > enabled! (e.g

Re: [PHP] PHP usage stats

2009/2/9 tedd : >> > Now maybe you didn't mean it that way, but IMO that appears more >> demeaning >>> >>> of the poster than providing help. I'm surprised, because that's not >>> typical >>> of you nor this list. >> >> Indeed. Not really sure what I was thinking when I wrote it and I >> apologi

Re: [PHP] Re: require() causing strange characters ?

Thanks Nisse, - Original Message - From: "Nisse Engström" To: Sent: Sunday, February 08, 2009 6:06 PM Subject: Re: [PHP] Re: require() causing strange characters ? On Fri, 6 Feb 2009 10:11:49 +0100, cr.vege...@gmail.com wrote: I saved both scripts with ANSI in stead of UTF-8 and

[PHP] Newbie Help - No .php file extension

Hello,I have been asked to install an existing PHP/MySQL application on a system using Windows Vista. I have installed PHP 5.2.8, MySQL 5.1.31 and IIS 7.0. PHP is working as expected (I created a test page which displays the output from phpinfo()). The application in question posts to a login pag

Re: [PHP] Adding Records & Capture The New Record ID

On Mon, Feb 9, 2009 at 9:25 AM, tedd wrote: > At 9:00 AM +1100 2/9/09, Chris wrote: >> >> Person a signs up with em...@example.com >> >> Before you are able to fetch the result (which is possible in a high >> traffic site), person b also signs up with em...@example.com >> >> Going back to person a

Re: [PHP] PHP usage stats

On Sun, Feb 8, 2009 at 3:37 PM, Paul M Foster wrote: > On Sun, Feb 08, 2009 at 03:20:48PM -0500, tedd wrote: > >> At 3:54 PM + 2/8/09, Stuart wrote: >>> 2009/2/8 tedd : >>> >>> > I wasn't able to find a lot of information, but here's a useful link: >>> > http://www.tiobe.com/index.php/c

Re: [PHP] php validate user password

At 2:02 PM + 2/9/09, Stuart wrote: 2009/2/9 Michael Kubler : These days SHA should really be used instead of MD5, and you should be SALTing the password as well. Here's a great guide : http://phpsec.org/articles/2005/password-hashing.html Good advice. I would also advise against strippi

Re: [PHP] php validate user password

tedd, I think that the problem of the "duplicated hashes" in the database (in the case of two users using the same password) persists with a constant prefix in the passwords. Although the random salt portion get stored in the database concatenated to the hash, the attacker don't know the string le

Re: [PHP] Adding Records & Capture The New Record ID

At 9:54 AM -0500 2/9/09, Andrew Ballard wrote: You are right, but the point is that if you intend something to be unique then you should declare it as such in the database. We didn't discuss that. You are saying that if I checked my database for a email address and find it's not there [1] and

Fwd: [PHP] Interface OOP

Hi, I am working on a back end OOP project with about about 18 classes of Object but some of the Objects shear one or two functions in common, like external login system . What is the best way to avoid a repeatable function among the classes without using global object instance. class a{ functio

Re: [PHP] Securing suexec PHP against local attacks by the webserver user

Andrew schreef: > Hi, > > > As an example of the attack... > $ whoami > www-data isn't the whole point of suexec/PHP/FastCGI that the local user has no access to the www-data account ... suexec switches to the users account from the webserver account not the other way around. so the atta

Re: [PHP] Adding Records & Capture The New Record ID

On Mon, Feb 9, 2009 at 10:27 AM, tedd wrote: > At 9:54 AM -0500 2/9/09, Andrew Ballard wrote: >> >> You are right, but the point is that if you intend something to be >> unique then you should declare it as such in the database. > > We didn't discuss that. > > You are saying that if I checked my d

[PHP] PHP OOP

Hi gang: At the college where I teach, they are considering teaching OOP, but they don't want to settle on a specific language. My thoughts are it's difficult to teach OOP without a language -- while the general concepts of OOP are interesting, people need to see how concepts are applied to

Re: [PHP] PHP usage stats

At 2:41 PM + 2/9/09, Stuart wrote: I think people are like that everywhere, particularly above a certain level of management in my experience. I wish you luck in convincing them but I've found that PHP rarely wins when put up against the sales and marketing budgets available to Microsoft and

Re: [PHP] Adding Records & Capture The New Record ID

At 10:55 AM -0500 2/9/09, Andrew Ballard wrote: -snip- Andrew As I said many times before. I've learned something new every day of my life -- and I'm getting damned tried of it. Thanks for the lesson. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthston

Re: [PHP] PHP OOP

On Mon, Feb 9, 2009 at 8:02 AM, tedd wrote: > Hi gang: > > At the college where I teach, they are considering teaching OOP, but they > don't want to settle on a specific language. > > My thoughts are it's difficult to teach OOP without a language -- while the > general concepts of OOP are interest

Re: [PHP] Using DLL with PHP

> > Check out the com [www.php.net/com] functionality > > Bastien > Alrighty, I'm trying to use the COM function, but not getting much of anywhere. This is what I have: DTM_CONVDMSToMultiTIFF("C:\TEST\04186177.dms", "C:\TEST\04186177.tiff"); } DMStoTIFF(); ?> But I am getting the error below: *

Re: [PHP] PHP usage stats

At 10:02 AM -0500 2/9/09, Andrew Ballard wrote: On Sun, Feb 8, 2009 at 3:37 PM, Paul M Foster wrote: > Perhaps a better question then might be how many IIS servers are there out there compared to Apache. Apache servers uniformly support PHP, but I think only IIS servers support ASP (I could

Re: [PHP] Interface OOP

On Mon, Feb 9, 2009 at 8:46 AM, Andrew Williams wrote: > Hi, > > I am working on a back end OOP project with about about 18 classes of > Object > but some of the Objects shear one or two functions in common, like external > login system . What is the best way to avoid a repeatable function among >

Re: [PHP] Adding Records & Capture The New Record ID

On Mon, Feb 9, 2009 at 11:05 AM, tedd wrote: > At 10:55 AM -0500 2/9/09, Andrew Ballard wrote: >> >> -snip- >> >> Andrew > > As I said many times before. > > I've learned something new every day of my life -- and I'm getting damned > tried of it. > > Thanks for the lesson. > > Cheers, > > tedd We

Re: [PHP] PHP OOP

Hi gang: At the college where I teach, they are considering teaching OOP, but they don't want to settle on a specific language. My thoughts are it's difficult to teach OOP without a language -- while the general concepts of OOP are interesting, people need to see how concepts are applied t

Re: [PHP] PHP usage stats

On Mon, Feb 9, 2009 at 11:10 AM, tedd wrote: > At 10:02 AM -0500 2/9/09, Andrew Ballard wrote: >> >> On Sun, Feb 8, 2009 at 3:37 PM, Paul M Foster >> wrote: >> >> > Perhaps a better question then might be how many IIS servers are there >>> >>> out there compared to Apache. Apache servers unifor

Re: [PHP] PHP OOP

On Mon, Feb 9, 2009 at 11:20 AM, Thodoris wrote: > >> Hi gang: >> >> At the college where I teach, they are considering teaching OOP, but they >> don't want to settle on a specific language. >> >> My thoughts are it's difficult to teach OOP without a language -- while >> the general concepts of OO

Re: [PHP] php validate user password

At 12:20 PM -0300 2/9/09, Bruno Fajardo wrote: tedd, I think that the problem of the "duplicated hashes" in the database (in the case of two users using the same password) persists with a constant prefix in the passwords. Although the random salt portion get stored in the database concatenated t

Re: [PHP] Using DLL with PHP

On Mon, Feb 9, 2009 at 11:10 AM, Dan Shirah wrote: >> >> Check out the com [www.php.net/com] functionality >> >> Bastien >> > Alrighty, I'm trying to use the COM function, but not getting much of > anywhere. > > This is what I have: > > // The VB function for reference > /*function DTM_CONVDMSToM

Re: [PHP] Adding Records & Capture The New Record ID

At 11:15 AM -0500 2/9/09, Andrew Ballard wrote: On Mon, Feb 9, 2009 at 11:05 AM, tedd wrote: > I've learned something new every day of my life -- and I'm getting damned > tried of it. Well, you probably know what they say about the day you stop learning Yeah, you got a job with the gov

Re: [PHP] Adding Records & Capture The New Record ID

On Mon, Feb 9, 2009 at 11:32 AM, tedd wrote: > At 11:15 AM -0500 2/9/09, Andrew Ballard wrote: >> >> On Mon, Feb 9, 2009 at 11:05 AM, tedd wrote: >> >> > I've learned something new every day of my life -- and I'm getting >> damned >> > tried of it. >> >> Well, you probably know what they say ab

RE: [PHP] Using DLL with PHP

> -Original Message- > From: Andrew Ballard [mailto:aball...@gmail.com] > Sent: Monday, February 09, 2009 10:30 AM > To: Dan Shirah > Cc: Phpster; PHP-General list > Subject: Re: [PHP] Using DLL with PHP > > On Mon, Feb 9, 2009 at 11:10 AM, Dan Shirah > wrote: > >> > >> Check out the com

RE: [PHP] php validate user password

> -Original Message- > From: tedd [mailto:tedd.sperl...@gmail.com] > Sent: Monday, February 09, 2009 10:30 AM > To: Bruno Fajardo > Cc: PHP General > Subject: Re: [PHP] php validate user password > > At 12:20 PM -0300 2/9/09, Bruno Fajardo wrote: > >tedd, > > > >I think that the problem of

Re: [PHP] PHP OOP

Eric Butera wrote: On Mon, Feb 9, 2009 at 11:20 AM, Thodoris wrote: Hi gang: At the college where I teach, they are considering teaching OOP, but they don't want to settle on a specific language. My thoughts are it's difficult to teach OOP without a language -- while the general concepts of O

Re: [PHP] Securing suexec PHP against local attacks by the webserveruser

Jochem Maas wrote: > Andrew schreef: >> Hi, >> > > > >> As an example of the attack... >> $ whoami >> www-data > > isn't the whole point of suexec/PHP/FastCGI that the local user > has no access to the www-data account ... suexec switches to the > users account from the webserver account no

Re: [PHP] PHP OOP

tedd wrote: > I lean toward C++ because I wrote in it for a few years AND C++ > appears to be the most common, widespread, and popular OOP language. I would agree, although I suspect Java is also a good candidate. > However, while I don't know PHP OOP, I am open to considering it > because of th

Re: Fwd: [PHP] Interface OOP

each class should focus on a single area of responsibility. therefore the login check doesn't belong in class A or B, instead it belongs in the code consuming the functionality of said classes. validate()) $bee->ExtractRawData(); ?> you could alternatively look into either extending the

Re: [PHP] PHP OOP

tedd wrote: > I lean toward C++ because I wrote in it for a few years AND C++ > appears to be the most common, widespread, and popular OOP language. I would agree, although I suspect Java is also a good candidate. > However, while I don't know PHP OOP, I am open to considering it > because of th

Re: [PHP] PHP usage stats

2009/2/9 Andrew Ballard : > On Mon, Feb 9, 2009 at 11:10 AM, tedd wrote: >> At 10:02 AM -0500 2/9/09, Andrew Ballard wrote: >>> >>> On Sun, Feb 8, 2009 at 3:37 PM, Paul M Foster >>> wrote: >>> >>> > Perhaps a better question then might be how many IIS servers are there out there compa

Re: [PHP] PHP OOP

2009/2/9 tedd : > Hi gang: > > At the college where I teach, they are considering teaching OOP, but they > don't want to settle on a specific language. > > My thoughts are it's difficult to teach OOP without a language -- while the > general concepts of OOP are interesting, people need to see how c

Re: [PHP] Using DLL with PHP

On Mon, Feb 9, 2009 at 12:10 PM, Dan Shirah wrote: >> I can't help much, but this might get you started. >> >> 1) Does the DLL you are trying to use actually supports COM. I know some >> don't. >> >> 2) I'm pretty sure that the string you pass to new COM('...') should >> be the name the class as r

Re: [PHP] PHP OOP

On Mon, Feb 09, 2009 at 11:02:37AM -0500, tedd wrote: > Hi gang: > > At the college where I teach, they are considering teaching OOP, but > they don't want to settle on a specific language. > > My thoughts are it's difficult to teach OOP without a language -- > while the general concepts of OOP ar

Re: [PHP] PHP OOP

On Mon, Feb 9, 2009 at 12:19 PM, Stuart wrote: > 2009/2/9 tedd : >> Hi gang: >> >> At the college where I teach, they are considering teaching OOP, but they >> don't want to settle on a specific language. >> >> My thoughts are it's difficult to teach OOP without a language -- while the >> general

RE: [PHP] php validate user password

At 10:41 AM -0600 2/9/09, Boyd, Todd M. wrote: > -Original Message- > From: tedd [mailto:tedd.sperl...@gmail.com] > Granted, there are things here that are above my head -- I am not passing myself off as an expert but rather as someone proposing ideas to see if they pass or fail.

Re: [PHP] PHP OOP

Paul M Foster wrote: > PHP is *not* a good example for OO. There are a lot of OO principles > it doesn't follow. > > I would have suggested Smalltalk, the original OO language, except > that no one uses it any more, and other languages don't necessarily > fully implement OO as done in Smalltalk.

Re: [PHP] php validate user password

2009/2/9 Stuart : > 2009/2/9 Jan G.B. : >> 2009/2/9 Stuart : >>> I would also advise against stripping and trimming >>> anything from passwords. >>> >> Trimming could be left out but it minimizes user errors and users >> pretending to know their password. >> (Like copy/paste from a passwords-file w

RE: [PHP] Using DLL with PHP

> -Original Message- > From: Andrew Ballard [mailto:aball...@gmail.com] > Sent: Monday, February 09, 2009 11:21 AM > To: Dan Shirah > Cc: Phpster; PHP-General list > Subject: Re: [PHP] Using DLL with PHP > > On Mon, Feb 9, 2009 at 12:10 PM, Dan Shirah > wrote: > >> I can't help much, but

Re: [PHP] Using DLL with PHP

> > I can't help much, but this might get you started. > > 1) Does the DLL you are trying to use actually supports COM. I know some > don't. > > 2) I'm pretty sure that the string you pass to new COM('...') should > be the name the class as registered with Windows, not the actual file > name. They

Re: [PHP] Using DLL with PHP

> > I believe you do have to register it with regsvr32 for it to be visible. > > I think the GUID that Todd mentioned might even work, but I've only > ever used the ProgID. If you don't know the ProgID that is registered, > you should be able to find it in the Windows registry after you've > regist

[PHP] mysql_query - CREATE DATABASE

Hello, When i create a mysql database with the next command: mysql_query("CREATE DATABASE my_db",$con) In the server is created the database, but usually the name is created with a prefix. In this case: someuser_my_db How can i detect with PHP the complete name of the new database created? Th

Re: [PHP] Newbie Help - No .php file extension

Hibbert Miller wrote: > Hello,I have been asked to install an existing PHP/MySQL application on a > system using Windows Vista. > What application are we talking about here? Is it a known Open/Closed source application? Is it supposed to run on windows? > I have installed PHP 5.2.8, MySQL 5.1.31

[PHP] sqlsrv vs Mssql

Hi, Can somebody help me with why I have communication problem using MSSQL with SQLserver 2005. Instead I am now using SQLSRV -- Best Wishes Andrew Williams -- Best Wishes Andrew Williams

Re: [PHP] sqlsrv vs Mssql

On Mon, Feb 9, 2009 at 1:11 PM, Andrew Williams wrote: > Hi, > > Can somebody help me with why I have communication problem using MSSQL with > SQLserver 2005. Instead I am now using SQLSRV > > -- > Best Wishes > Andrew Williams Care to be more specific? Andrew -- PHP General Mailing List (http

[PHP] Re: mysql_query - CREATE DATABASE

R B wrote: > Hello, > > When i create a mysql database with the next command: > > mysql_query("CREATE DATABASE my_db",$con) > > In the server is created the database, but usually the name is created with > a prefix. > > In this case: someuser_my_db > > How can i detect with PHP the complete na

Re: [PHP] sqlsrv vs Mssql

MSsql unable to connect to the SQLserver2005 but not SQLserver2008 On Mon, Feb 9, 2009 at 6:11 PM, Andrew Williams wrote: > Hi, > > Can somebody help me with why I have communication problem using MSSQL with > SQLserver 2005. Instead I am now using SQLSRV > > -- > Best Wishes > Andrew Williams >

Re: [PHP] Re: mysql_query - CREATE DATABASE

I´m creating a software that use a database, and i want to include a install.php file to install the database of the software. I can create the database in the install.php file with mysql_query("CREATE DATABASE my_db",$con) But when is created, i don´t know the complete name of the database, beca

[PHP] Re: mysql_query - CREATE DATABASE

Shawn McKenzie wrote: > R B wrote: >> Hello, >> >> When i create a mysql database with the next command: >> >> mysql_query("CREATE DATABASE my_db",$con) >> >> In the server is created the database, but usually the name is created with >> a prefix. >> >> In this case: someuser_my_db >> >> How can i

Re: [PHP] Securing suexec PHP against local attacks by the webserver user

Jochem Maas wrote: Andrew schreef: Hi, As an example of the attack... $ whoami www-data isn't the whole point of suexec/PHP/FastCGI that the local user has no access to the www-data account ... suexec switches to the users account from the webserver account not the ot

Re: [PHP] PHP usage stats

On Sun, Feb 8, 2009 at 09:35, Richard Heyes wrote: > Hi, > > Can anyone point out some general statistics on PHP usage compared to > other server languages? I've tried Netcraft, but they only appear (or > I've only found) to have statistics on the httpd server used. All @php.net addresses rej

Re: [PHP] Re: mysql_query - CREATE DATABASE

I´m looking that i have another problem: I´m making a software to install in any server. The software needs a database, so i want to create a script install.php to create the database when this script is executed. At this point of the instalation, i don´t know none of the users that are defined

[PHP] Re: mysql_query - CREATE DATABASE

Shawn McKenzie wrote: > Shawn McKenzie wrote: >> R B wrote: >>> Hello, >>> >>> When i create a mysql database with the next command: >>> >>> mysql_query("CREATE DATABASE my_db",$con) >>> >>> In the server is created the database, but usually the name is created with >>> a prefix. >>> >>> In this ca

Re: [PHP] PHP OOP

2009/2/9 tedd : > Hi gang: > > At the college where I teach, they are considering teaching OOP, but they > don't want to settle on a specific language. > I guess that is not a good idea, you should really combine it with a language, as some students will be curious enough to play around with it at

Re: [PHP] Re: mysql_query - CREATE DATABASE

R B wrote: > I´m looking that i have another problem: > > I´m making a software to install in any server. > > The software needs a database, so i want to create a script install.php > to create the database when this script is executed. > > At this point of the instalation, i don´t know none of

Re: [PHP] PHP usage stats

On Mon, Feb 9, 2009 at 11:03 AM, Daniel Brown wrote: > On Sun, Feb 8, 2009 at 09:35, Richard Heyes wrote: >> Hi, >> >> Can anyone point out some general statistics on PHP usage compared to >> other server languages? I've tried Netcraft, but they only appear (or >> I've only found) to have statist

Re: [PHP] PHP usage stats

On Mon, Feb 9, 2009 at 2:03 PM, Daniel Brown wrote: > On Sun, Feb 8, 2009 at 09:35, Richard Heyes wrote: >> Hi, >> >> Can anyone point out some general statistics on PHP usage compared to >> other server languages? I've tried Netcraft, but they only appear (or >> I've only found) to have statisti

Re: [PHP] Re: require() causing strange characters ?

On Mon, 2009-02-09 at 15:46 +0100, cr.vege...@gmail.com wrote: > Thanks Nisse, > > - Original Message - > From: "Nisse Engström" > To: > Sent: Sunday, February 08, 2009 6:06 PM > Subject: Re: [PHP] Re: require() causing strange characters ? > > > > On Fri, 6 Feb 2009 10:11:49 +0100, c

Re: [PHP] PHP usage stats

On Mon, Feb 9, 2009 at 14:39, Andrew Ballard wrote: > > For what it's worth, you missed .do, .dll, .exe, and I'm sure others > (yes, I've seen web sites running what I assume to be compiled web > applications with all of these extensions) as well as anything using > URL rewriting such as Zend Fram

Re: [PHP] PHP usage stats

Daniel Brown wrote: > On Mon, Feb 9, 2009 at 14:39, Andrew Ballard wrote: >> For what it's worth, you missed .do, .dll, .exe, and I'm sure others >> (yes, I've seen web sites running what I assume to be compiled web >> applications with all of these extensions) as well as anything using >> URL rew

Re: [PHP] PHP usage stats

On Mon, Feb 9, 2009 at 14:58, Shawn McKenzie wrote: >> > And HTM shows 701M, so it is now beating out ASP :-) Another bone of contention is the masking --- I mentioned it briefly in my original remarks in this thread, but on further investigation, it may actually have a substantial impact on

Re: [PHP] Re: mysql_query - CREATE DATABASE

thank you. On Mon, Feb 9, 2009 at 1:14 PM, Shawn McKenzie wrote: > R B wrote: > > I´m looking that i have another problem: > > > > I´m making a software to install in any server. > > > > The software needs a database, so i want to create a script install.php > > to create the database when thi

Re: [PHP] Using DLL with PHP

H, maybe it's not a problem with the DLL I'm trying to access because just doing a simple: $my_com = new COM("Excel.Application"); Gives me the same error: *Fatal error*: Uncaught exception 'com_exception' with message 'Failed to create COM object `Excel.Application': Invalid syntax ' I've c

Re: [PHP] PHP usage stats

2009/2/9 Daniel Brown : > On Mon, Feb 9, 2009 at 14:58, Shawn McKenzie wrote: >>> >> And HTM shows 701M, so it is now beating out ASP :-) > >Another bone of contention is the masking --- I mentioned it > briefly in my original remarks in this thread, but on further > investigation, it may actu

Re: [PHP] PHP usage stats

On Mon, Feb 9, 2009 at 15:21, Stuart wrote: > > I would advise you against wasting your time because there is no > reliable way to tell what systems a server is actually using to serve > pages. Nearly all sites I work on these days use techniques to remove > extensions from URLs, and a fair few hi

Re: [PHP] Using DLL with PHP

On Mon, Feb 9, 2009 at 3:21 PM, Dan Shirah wrote: > H, maybe it's not a problem with the DLL I'm trying to access because > just doing a simple: > $my_com = new COM("Excel.Application"); > > Gives me the same error: > *Fatal error*: Uncaught exception 'com_exception' with message 'Failed to >

Re: [PHP] PHP usage stats

2009/2/9 Daniel Brown : > On Mon, Feb 9, 2009 at 15:21, Stuart wrote: >> >> I would advise you against wasting your time because there is no >> reliable way to tell what systems a server is actually using to serve >> pages. Nearly all sites I work on these days use techniques to remove >> extensio

Re: [PHP] PHP usage stats

On Mon, Feb 9, 2009 at 15:41, Stuart wrote: > > Indeed, but I find coding without QA requirements is a great way to relax. It's what I do to take a break from coding for The Job[tm]. I suppose that makes us seem a little ill, eh? -- daniel.br...@parasane.net || danbr...@php.net http://www

Re: [PHP] PHP usage stats

On Mon, Feb 9, 2009 at 3:28 PM, Daniel Brown wrote: > On Mon, Feb 9, 2009 at 15:21, Stuart wrote: >> >> I would advise you against wasting your time because there is no >> reliable way to tell what systems a server is actually using to serve >> pages. Nearly all sites I work on these days use tec

[PHP] DOCUMENT_ROOT errors

I updated fedora core from FC5 to TC6, thus httpd and php were updated in the process. My pages worked with no errors before the upgrade. My php pages are no not displaying and generating this error in the httpd logs PHP Notice: Undefined variable: DOCUMENT_ROOT in /var/www/html/studentjobs/ind

[PHP] Re: DOCUMENT_ROOT errors

Marc Fromm wrote: > I updated fedora core from FC5 to TC6, thus httpd and php were updated in the > process. My pages worked with no errors before the upgrade. > My php pages are no not displaying and generating this error in the httpd logs > > PHP Notice: Undefined variable: DOCUMENT_ROOT in >

[PHP] Re: DOCUMENT_ROOT errors

Shawn McKenzie wrote: > Marc Fromm wrote: >> I updated fedora core from FC5 to TC6, thus httpd and php were updated in >> the process. My pages worked with no errors before the upgrade. >> My php pages are no not displaying and generating this error in the httpd >> logs >> >> PHP Notice: Undefin

[PHP] strtr array replace issue...

Apache: 2.2.8 threaded PHP: 5.2.4-2 mySQL: 5.051.a Ubuntu 8.04 minimal with everything needed installed via apt-get. Using SMF forum, I'm having an issue with the strtr command... Here's the code... $ftp_file = strtr($filename, array ($_SESSION['pack_ftp']['root'] =>'')); The $_SESSION[

Re: [PHP] maybe we could all?

Nathan Rixham wrote: Marcus Gnaß wrote: Nathan Rixham wrote: Project: PHP Common Objects and Datatypes Has anything been setup for project COD-pieces yet? I like this name! ;) Actually, yes it has - the project, well working group, has been called "voom". Sounds fine too! ;) If you're inte

RES: [PHP] maybe we could all?

Me too.. Zechim from Brazil. -Mensagem original- De: Marcus Gnaß [mailto:gona...@gmx.de] Enviada em: segunda-feira, 9 de fevereiro de 2009 19:59 Para: nrix...@gmail.com Cc: PHP-General; Paul M Foster Assunto: Re: [PHP] maybe we could all? Nathan Rixham wrote: > Marcus Gnaß wrote: >> Nat

Re: [PHP] PHP usage stats

At 3:44 PM -0500 2/9/09, Daniel Brown wrote: On Mon, Feb 9, 2009 at 15:41, Stuart wrote: Indeed, but I find coding without QA requirements is a great way to relax. It's what I do to take a break from coding for The Job[tm]. I suppose that makes us seem a little ill, eh? -- Daniel:

Re: [PHP] maybe we could all?

On Mon, Feb 9, 2009 at 2:02 PM, Jônatas Zechim wrote: > Me too.. > > Zechim from Brazil. > > -Mensagem original- > De: Marcus Gnaß [mailto:gona...@gmx.de] > Enviada em: segunda-feira, 9 de fevereiro de 2009 19:59 > Para: nrix...@gmail.com > Cc: PHP-General; Paul M Foster > Assunto: Re: [PH

Re: [PHP] php validate user password

onlist this time... tedd wrote: > > > > > > I think the MD5() hash is a pretty good way and if the weakness is the > > user's lack of uniqueness in determining their passwords, then we can > > focus on that problem instead of looking to another hash. And besides, > > the solution presented was t

Re: [PHP] php validate user password

Or, like the article suggested, a random portion for the hash... I agree with you, Micah. The hash collision is a problem, and must be avoided. Same password hashes for different users are very good candidates for a dictionary attack. Probably, in most of this cases, users picked "easy" passwords,

[PHP] Enquiry

Greetings All, We write with reference to our website at http://www.warcrimes.info/shop/html/. Our web host tells us that our website currently runs on php 5.2.8. We recently faced this error: Fatal error: Call to a member function sql_query() on a non-object in /home/warcrime/public_html/sho

Re: [PHP] Securing suexec PHP against local attacks by the webserver user

Andrew schreef: > Jochem Maas wrote: >> Andrew schreef: >> >>> Hi, >>> >>> >> >> >> >> >>> As an example of the attack... >>> $ whoami >>> www-data >>> >> >> isn't the whole point of suexec/PHP/FastCGI that the local user >> has no access to the www-data account ... suexec switch

[PHP] Generate unique login token

I have a login system that I am coding. I need it to generate a unique token on login to be stored in the browser's cookie. I currently use a script that generates a MD5 hash of the current unix timestamp, then checks the mysql database to see if the token already exists. It loops this generate/che

Re: [PHP] Generate unique login token

On Mon, Feb 9, 2009 at 8:52 PM, sean greenslade wrote: > I have a login system that I am coding. I need it to generate a unique token > on login to be stored in the browser's cookie. I currently use a script that > generates a MD5 hash of the current unix timestamp, then checks the mysql > databas

Re: [PHP] Generate unique login token

sean greenslade wrote: I have a login system that I am coding. I need it to generate a unique token on login to be stored in the browser's cookie. I currently use a script that generates a MD5 hash of the current unix timestamp, then checks the mysql database to see if the token already exists. I

  1   2   >