Chris wrote:
David Tulloh wrote:
Dotan Cohen wrote:
If I have to perform 30 LIKE searches for different keywords in a
varchar field, which strategy would be recommended:
1) 30 searches, one for each keyword
2) To select the varchar field from all the rows, and search through
them with php
John Meyer wrote:
Is there a way to make a regular expression to match on a particular way
the letters are arranged? For instance, if you had a word:
THAT
It could match on any word in the dictionary that had the form:
1231
I think something like this might be possible using lookbehind
Dotan Cohen wrote:
If I have to perform 30 LIKE searches for different keywords in a
varchar field, which strategy would be recommended:
1) 30 searches, one for each keyword
2) To select the varchar field from all the rows, and search through
them with php's array functions?
It's not going to m
Breaking this down you have a hardcoded password.
In the script you store a hash of the password rather than the actual
password.
Upon first access you take a hash of the password and compare it against
your stored hash. If it's a match you have an authentic user.
The authentic user is then supp
Captain wrote:
> Hi geeks,
> i am uploading a file to server. Uploading part is working fine. i
> am struggle with minor part. actually before uploading file, i am checking
> for existance of a file. If it is not exists, directly i am uploading that
> file. If it exists, i sud ask user th
You can mingle double and singal quotes. So choose one for the PHP
quotes and one for the HTML quotes, HTML will use both interchangably.
For example your string could become:
$var = " Hey all.
>
> I'm overhauling my PHP based CMS and want to know how to set a variable
> equal to an HTML string
Martin Marques wrote:
> Does anyone have an idea on when PDO is going to be available in Debian?
>
not a clue...
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=348882
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Ross wrote:
> How can I get this line to work
>
> $mail_body .= " sans-serif\"> Title: $row['title'] ";
>
> The $row['title'] variable is the problem.
Drop the quotes when you are inside a quoted string.
$mail_body .= "... Title: $row[title] ";
--
PHP General Mailing List (http://www.php.net/)
extract() - http://www.php.net/extract - does what you are after.
However often it's easier to handle the array as you have a better idea
of what variables are available, particularily if you are working with
multiple tables.
Ross wrote:
> What I need is a quick way to assign variable names to th
You have a User table and a Product table, then a linking table that
joins users with products that they have bought.
Given product A you get all users {B} who have bought product A, you
then get a list of all products {C} that they have bought. You group
{C} by product and get a count, order by
Google Kreme wrote:
> On 25 Sep 2006, at 06:11 , Sancar Saran wrote:
> ...
>
> If this is generating hundred of K of HTML, use ' instead of "
>
> (yes, it's faster).
>
I've seen this stated several times and at first glance it seems to make
sense. The double quoted version has all the \n and r
Your email is going to the bulk mail folder because the email provider
believes that it's spam. It's nothing specifically wrong with your
email, there is no "this isn't spam" flag, otherwise everyone would set it.
To figure out why the email is being marked as spam, check the program
that is doin
With magic_quotes_gpc or addslashes it's harder to do injection attacks
but it's still possible. http://shiflett.org/archive/184 demonstrates
an attack using php and mysql with multi-byte characters.
I think the more likely attack is actually due to how annoying
magic_quotes is. You have to remo
Micky Hulse wrote:
> Hi,
>
> I am looking for the most secure/efficient way to compare these two
> strings:
>
> /folder1/folder2/folder3/folder4/
> /folder1/folder2/folder3/folder4/file.php
>
> Basically I am trying to setup as many security features as possible for
> a simplistic (home-grown/ha
Micky Hulse wrote:
> Hi,
>
> It is getting late, and I do not think I am thinking clearly...
>
> What would be the best way to wrap tag around the first letter
> of a string?
>
> I know it has to be a combination of str_replace() and substr(), but due
> to my level of sleepiness I am having a l
Chris G wrote:
> Hi all
>
> Having a prob with a php script...
>
> 3 arrays
>
> $datay1=array(140,110,50,60);
>
> $datay2=array(35,90,190,190);
>
> $datay3=array(20,60,70,140);
>
> which have to be passed to a class like this
>
> $gbarplot = new GroupBarPlot(array($bplot1,$bplot2,$bplot3));
Chris W. Parker wrote:
> Hello,
>
> After some "intense" searching of Google I found one example at
> http://us2.php.net/language.variables on how to get the name of a
> variable. But it looks pretty expensive.
>
>
>
> Anyone aware of a simple language construct(?) that can do this? I'm on
> PH
Chris W. Parker wrote:
> Hello,
>
> Generally (well, actually 100%) I just use whatever version of PHP is
> included with a certain distro (Redhat pre-Fedora, Fedora Core, CentOS).
> None of the versions I've used have come with PHP5 and I'd really like
> to get with the times and use PHP5.
>
> I
Dave M G wrote:
> PHP,
>
> Shouldn't this regular expression select everything from the start of
> the string to the first space character:
>
> $firstWord = preg_match('#^*(.*) #iU', $word);
>
> It doesn't, so clearly I'm wrong, but here's why I thought it would:
>
> The enclosing has marks, "#
Erik Gyepes wrote:
> ...
> $query = "INSERT INTO users SET uid = :uid, login = :login, password =
> :password";
> ...
> When running the script I get the following error message: Error!:
> SQLSTATE[42601]: Syntax error: 7 ERROR: syntax error at or near "SET" at
> character 19
>
The INSERT INT
Andy wrote:
> ...
> I want to know... is this a big performance issue or not(the image is handled
> by php and not by apache directly)
>
> OR...
>
> Is there any other way to handle this situation???
>
> Thanx,
> Andy.
I'd recomend doing a bit of benchmarking to figure out if the
performance h
Ville Mattila wrote:
> Hello readers,
>
> I have been thinking of making a simple web-based interface to control
> my media center box (running debian linux). Being a bit enthustiatic, I
> thought I could use some generic tools for playing media files and write
> the whole UI by my own.
>
> I fou
Robin Getz wrote:
> I am trying to debug a php script that I downloaded, which has a memory
> leak in it.
>
> I was looking for a way to find what variables were in php's memory, and
> what size, they were, but I couldn't find anything?
>
> The script is a off-line wiki conversion tool (walks thr
weetat wrote:
> Hi all ,
>
> I have array value as shown below, i have paste my test php code below:
> I have problem when doing usort() when 'country' = '', i would like to
> display records where country = '' last. Any ideas how to do that ?
> ...
You might try searching the list's archive's.
Larry Garfield wrote:
> Disable short tags.
>
> If short tags are enabled, the PHP parser sees the mode. It then starts parsing the "xml" and sees that it's not proper PHP,
> and freaks out.
>
> You can:
>
> a) Use PHP to print out the XML declaration as a string:
> '; ?>
>
> b) Disable sh
Luis MagaƱa wrote:
> I have the following code:
>
> pg_query($conn,"BEGIN TRANSACTION;
> DELETE FROM codigo_postal;
> COPY
> codigo_postal(codigo_postal,asentamiento,tipo_asentamiento,municipio,estado)
> FROM '$tmpfname2' DELIMITER '|';
> COMMIT");
>
> It is suppouse
This sounds like a Zend Studio problem and question.
It could possibly be a MySQL or even a phpMyAdmin question.
It doesn't really have anything to do with PHP.
You paid Zend for the product, ask them how it works.
David
Dave M G wrote:
> PHP List,
>
> I am trying out Zend Studio for editing a
Ezra Nugroho wrote:
> It was a long time since I post any question to this list, like back at
> php 3x time. Boy, a lot has change now.
>
> So I actually did kick some funny bones, not quite flames yet. And
> that's good, I don't really like that.
>
>
> We aren't going to take the time
> to answ
Sjef wrote:
> Hi there,
>
> I am starting a new, very small project. A simple question and answering
> form. In one screen, question and answer can be typed, the strings will be
> saved in a database table questions which holds question and answer (as
> there is only one answer to a question).
Martin Alterisio wrote:
> 2006/6/28, Jon Anderson <[EMAIL PROTECTED]>:
>
>>
>> I really don't understand why people have such disregard for PHP as a
>> template system... I'm not saying one way is better or worse (it's
>> really a matter of preference), just that the PHP way isn't implicitly
>> ba
Grae Wolfe - PHP wrote:
> ...
> want. Any help would be great!
>
>
> if($row[1]="none") {
> print("");
> print("$row[0] $row[2]");
> print("");
> } else
> if($row[1]=$row[2]) {
> print("");
> print("$row[0] $row[2]");
> print("");
> } else
> print("");
> print("$row[0]
It's currently a little bit late in the US and you only waited 2 hours
since your last post. While this is an international list the majority
of the posters are US based. Not getting a response within two hours at
this time is not unusual and you should probably be more patient.
As for your prob
[EMAIL PROTECTED] wrote:
> A while back I wrote a little read-eval-print loop that essentially
> constituted a very basic php shell:
>
> http://weston.canncentral.org/misc/phpsh.txt
>
> This has almost always run fine for me with the cgi versions of php 4, and
> often proves to be a great help
>From the dl page of the manual, "Note: dl() is not supported in
multithreaded Web servers..."
By passing the --enable-maintainer-zts flag you are forcing PHP into
running in multithreaded mode.
David
Artzi, Yoav (Yoav) wrote:
> In my phpinfo() I get (under standard):
> Dynamic Library support
Examine your function for the case of cmpcountry("Thailand", "");
if($country2 == '') is true
if($country1 < $country2) is false
Then ($country1 < $country2) is false again and 1 is returned.
This means that "" is less than "Thailand", and should be sorted higher.
The easiest way to fix this is
Are you sure that you don't want an array? Arrays are normally much
better for this type of thing.
That said,
${"p{$i}name"} = 'foo';
David
Albert Padley wrote:
> I have a regular for loop - for($i=1; $i<100; $i++)
>
> Within the loop I need to create variables named:
>
> $p1name;
> $p2name;
James Nunnerley wrote:
> ...
>
> It works a treat, however what I want to understand is how the session is
> kept relevant to that particular user's session - mainly because my boss
> wants to check there's no security implication.
>
> ...
>
The session is stored on the server, typically in a
I don't think that using request over post adds anything in the way of
security, at the most it's going to delay an attacker for up to a
minute. I advocate using request if it's convenient, it can also open a
few nice tricks for advanced users. Using request allows me to bookmark
a login page, so
Martin Marques wrote:
> Yesterday when reading some doc on PHP I noticed the $_REQUEST
> predefined array, which looked like a solution to having to check in GET
> and POST data (I'm not sure if it will really have an impact on my
> program yet).
Yes, request is simply a merge of these arrays. It
The example starting values
$existing = 181; # = 10110101
$new = 92; # = 01011100
$mask = 15; # =
Get the bits that will be changed
$changing = $new & $mask; # = 12 = 1100
Get the bits that won't be changed
$staying = $existing & ~$mask; # = 176 = 1011
Combine them together
$res
Jonas Rosling wrote:
> Is there any easy way to "trim" or pick out the none decimal values in a
> [numeric] value? Like:
>
> 1,333 = 1
> 5,667 = 5
> 12,145 = 12
> 15,997 = 15
$variable = "1,333";
$trimmed = (int)$variable; # = 1
David
--
PHP General Mailing List (http://www.php.net/)
To unsu
kartikay malhotra wrote:
> Hi all!
>
> I use HTTP POST to upload a file. I've a PHP script running on the server.
> Are HTTP headers passed with this request? How can I see the headers passed
> to the server?
Headers are passed by the client and server with every request. The
Firefox Tamper Data
Beauford wrote:
> Hi,
>
> I have a form with about 20 fields in it and have two drop down menus in
> which the second one changes depending on the previous one. This is done
> with a javascript which reloads the page.
>
> The problem with this is that everything the user has put in so far gets
>
suresh kumar wrote:
> I am facing one problem in my project.I am trying to call a javascript
> function from php.but it not executing.this is my code.
>
This is not a php problem, php produces a text file which is interpreted
by the browser as html and javascript. Have a look at your
html/ja
Pavleck, Jeremy D. wrote:
> how do I go through 2 arrays at
> once with different keys?
>
> for ( $i = 0; $i < sizeof($logicalDrive); $i++) {
> echo "$arrLogDrive[$i]\n";
> }
>
> for (reset($logicalDrive); $i = key($logicalDrive); next($logicalDrive))
> {
> echo "$i: $logical
Robert Cummings wrote:
> On Thu, 2006-05-11 at 13:48, tedd wrote:
>
>>At 12:11 PM -0400 5/11/06, Robert Cummings wrote:
>>
>>>On Thu, 2006-05-11 at 11:47, tedd wrote:
>>>
At 9:28 AM +0300 5/11/06, Dotan Cohen wrote:
>Hey all, it is possible to parse capcha's in php? I'm not asking how
>>
William Stokes wrote:
> Hello,
>
> Any idea how to sort this?
>
> I have a column in DB that contains this kind of data,
> A20,B16,B17C14,C15,D13,D12 etc.
>
> I would like to print this data to a page and sort it ascending by the
> letter an descending by the number. Can this be done?
PHP ha
David Doonan wrote:
> I'm having trouble getting the correct results on a list page.
>
> The first query is pulling the name of active authors from the d/b and
> linking to a list page that is supposed to return essay titles by the
> requested author. The list page however is displaying essay t
Alan Schneider wrote:
> I tired sending via name-value pairs with the following but it did not work
>
> require (DIR_WS_INCLUDES . 'filenames.php?lv_user_id=$user_id');
>
> "DIR_WS_INCLUDES" is a defined constant and filenames.php is NOT a web page;
> just a php file that sets the file names to
Angelo Zanetti wrote:
> Hi guys.
> ... So on my live server should I enable
> magic_quotes_gpc or should I use addslashes() and stripslashes()?
>
> Thanks in advance.
In addition to all the other replies saying that magic quotes are evil
which I completely agree with, it should also be noted that
I put all the generic include files such as the header and menu in their
own directory. Then I put that directory in the include_path ini
variable. I would normally set it in the virtualhost file but .htaccess
should work as well, you can even set it in the script.
This means I can simply includ
Ryan A wrote:
> ...
> 1.
> I start my CLI scripts with:
> #!/usr/local/etc/php
>
> as thats the path on my machine... the problem is some of these scripts will
> have to be installed on clients machines by them... any easy way for them
> to find out whats the path PHP is installed on their machin
recomend not using PHP. For a webpage, threads
typically aren't required.
David Tulloh
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
>>
>> If this is the value directly from the cookie, it's an example of a
>> cross-site scripting (XSS) vulnerability.
>>
>>> header("Location: $HTTP_REFERER");
>>
>>
>> This is an HTTP response splitting vulnerability, because the Referer
>> header (like the Cookie header) is provided by the clie
It's a fairly standard authentication problem.
I would solve it by using sessions.
In the page and video stream start by checking for an authenticated flag
in the session array.
If the flag is present, display the content.
If not, show a login page. When they login, set the authenticated flag
and
I don't think you can expire another file, I would consider any ability
to do so a bug in the browser. Someone with too much time on their
hands could possibly turn something like that into a security risk.
I would solve the changing javascript problem by subtly altering the
pages that use the ja
Curt Zirzow wrote:
> On Sat, Feb 25, 2006 at 01:41:06PM -0900, Chris Lott wrote:
>
>>I'm making the switch from Windows to Linux for mydesktop and
>>development environment and would greatly appreciate suggestions for
>>development tools on this platform. Ubuntu seems to be getting all the
>>press
Your example fails for me, Firefox and Mozilla. The rpc.php file
doesn't seem to return anything.
To answer your question though, a bot is capable of getting anything
that a human can, probably more. It's all a question of effort. As the
email scrapers get plenty of hits looking for standar
& 5 making upgrading an issue; I
suspect the devs will get tired of patching up version 4 soon, making
security an issue.
David Tulloh
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
I find __call() to be a nasty solution, particularily from a
self-documenting code point of view. I personally only use call when
the function names are defined at run time; as you clearly know the
function names, I would be implementing them as normal functions.
If there is a lot of repeated cod
(Don't you hate it when people forget to post back to the list...)
The secret is actually hidden in the docs,
http://php.net/manual/en/language.operators.comparison.php
When comparing $a < $b, you compare the first value of $a (0) to the
value with the same key in $b (1). 0 < 1 --> true
When yo
I assume that the text inside can change around a fair bit. If the
string is of a fixed with or simple format you can just use substr() and
friends, it's simpler and faster.
That said, there is really two approaches that I can see with this string.
You can match on the spaces to extract the 'RV-
try using php_flag, php_admin_flag as some restrictions on which files
it can be used in.
David
PHP wrote:
> Hi,
> I have php5 and apache2.2.
>
> In this directive:
>
>
> php_admin_flag engine on
> php_admin_flag register_globals on
> php_admin
You want to use sessions, they allow you to store information such as
login details between requests.
Have a look at a simple tutorial, like this Zend one.
http://www.zend.com/php/beginners/php101-10.php
News1 wrote:
> Rory,
>
> Thanks for the feedback -- I will try to be clearer.
>
> Yes, I w
That is some nasty code...
Anything that has repitition like that needs a substantial rewrite, but
I'm guessing that you know that, hence the e-mail.
I just knocked up the following function, powered by the magic of
recursion. It should be close to what you were trying to do.
function count_fil
The browsers use a whole bunch of different ways to figure out how it
should render the page and if it should do it on the fly or wait until
the page is fully downloaded.
Assuming the content you are testing is the same for the static and
dynamic pages you should probably start looking for little
Duncan Hill wrote:
>
> Use a shared file system such as NFS for upload storage.
> ...
> Shared storage is probably the better bet - perhaps with clever code that
> tries a local disk first, then the shared storage if not found on local. If
> found shared and not local, pull to local.
>
I thin
PHP doesn't natively support function redefining.
Functions with variable length arguments are a different ballgame in
PHP. Have a look at func_num_args[1] and the other functions in the
"Function handling" section of the manual.
1: http://php.net/func_num_args
Labunski wrote:
> "PHP does not
I find the LiveHTTPHeaders extension for firefox to be very good for
this kind of thing.
http://livehttpheaders.mozdev.org/
It gives you a realistic (as opposed to theoretical) view of exactly
what is being sent between the browser and the server. Networking
details that you listed like the m
I think you are doing it wrong, though reading other people's regex
easily is a skill I lack.
It is however very possible.
The php manual has a section on recursive regex where it explains how to
solve the bracket problem.
http://php.net/manual/en/reference.pcre.pattern.syntax.php#regexp.refer
Curt Zirzow wrote:
> On Wed, Nov 16, 2005 at 10:12:53AM -0600, [EMAIL PROTECTED] wrote:
>
>>Hi to all,
>>always wondered what's better way to mix html and php code. Here are
>>three "ways" of the same code. Which one you prefer? (And why, of caurse :))
>>
Personally, I present solution 2b. I al
The documentation[1] lists output_buffering as changeable PERDIR. This
means you can't set it in the file. Instead you should look into
setting it in the apache .htaccess file.
1: http://php.net/manual/en/ref.outcontrol.php
Todd Cary wrote:
> My client has switched to a shared server, so direc
Richard Lynch wrote:
On Fri, November 4, 2005 5:44 pm, Pablo Gosse wrote:
By setting the file readable only by root this problem is completely
eliminated. Unless a hacker has the root password, they will not be
able to compromise the information in this file.
This is how I understand it, a
Many linux distributions use a different php config file for the apache
and cli versions.
Using two different configurations might explain the problems you are
seeing.
David
Robbert van Andel wrote:
I run a linux webserver with Apache and PHP5. Does anyone out there know
why a php script wo
Angelo Zanetti wrote:
> ...
>
> I assume that I will use fwrite() to add the HTML to the file, I need to
> know how to actually create the file before adding the content to it.
>
You need to open the file before you can write to it, you do that using
fopen(). You can choose to create a file or
Kristopher Kane wrote:
I am currently in Afghanistan and don't have much access to look these
questions up. I consider them basic and regret having to post them here.
When passing variables using GET as in:
index.php?first=value?second=value
My script is reading the first value, however through
You have to view the file through the IIS server, not directly. So once
you have IIS configured to work with PHP you can access it by typing
http://127.0.0.1/filename in your browser.
Opening the file directly means that it doesn't get passed through the
IIS server and never gets parsed by PHP.
It looks like somebody is trying to launch an e-mail injection attack.
Looking at your code, I don't think you are vulnerable.
You can read more about e-mail injection at
http://securephp.damonkohler.com/index.php/Email_Injection
You could also send nasty e-mails to [EMAIL PROTECTED], telling
78 matches
Mail list logo