php-general Digest 17 May 2006 16:29:30 -0000 Issue 4133
Topics (messages 236319 through 236353):
Re: 404 After Setting session.save_path to /tmp
236319 by: Chris
236320 by: Chris
236323 by: Mark Sargent
236324 by: Chris
236325 by: Mark Sargent
236327 by: Chris
236328 by: Mark Sargent
236342 by: Ron Clark
Narorwed down my problem to one statement:
236321 by: John Meyer
236326 by: Paul Novitski
PHPEditIni now supports Linux/Unix
236322 by: Jeremy C O'Connor
A searching problem in lists
236329 by: mickb.free.fr
236331 by: Barry
Re : a searching problem in lists
236330 by: mickb.free.fr
236339 by: Jim Moseby
Converting characters
236332 by: Jonas Rosling
236333 by: Barry
Re: PHP daemons
236334 by: Martin Marques
PHP and mySQL getting smashed...
236335 by: Russell Jones
236336 by: Dave Goodchild
236337 by: Angelo Zanetti
236338 by: Jay Blanchard
236340 by: Alister Bulman
236347 by: Jochem Maas
Re: Regex Help for URL's [ANSWER]
236341 by: Edward Vermillion
Re: Security Concerns with Uploaded Images:
236343 by: Rory Browne
236344 by: George Pitcher
236353 by: Jason Wong
Ajax (xmlHttpRequest) and session_start() problem.
236345 by: Mathijs
236346 by: Robert Cummings
236348 by: Mathijs
236349 by: Thomas Munz
Warning: chmod(): Operation not permitted ?
236350 by: tedd
236351 by: Jochem Maas
236352 by: John Nichel
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
php-general@lists.php.net
----------------------------------------------------------------------
--- Begin Message ---
Mark Sargent wrote:
Jochem Maas wrote:
NO - DONT EVER DO THIS!!!! tmp/session files should not be stored in a
directory that
can be [potentially] read via http.
.htaccess directives can be used to block access to the dir BUT I
still would recommend
keeping 'tmp' outside of the web root.
just make sure 'tmp' is writable by the user the webserver is running as.
Hi All,
thanx. How do I determine what user httpd is running as? Cheers.
Edit your httpd.conf file and look for "user" and "group".
--
Postgresql & php tutorials
http://www.designmagick.com/
--- End Message ---
--- Begin Message ---
Mark Sargent wrote:
Jochem Maas wrote:
NO - DONT EVER DO THIS!!!! tmp/session files should not be stored in a
directory that
can be [potentially] read via http.
.htaccess directives can be used to block access to the dir BUT I
still would recommend
keeping 'tmp' outside of the web root.
just make sure 'tmp' is writable by the user the webserver is running as.
Hi All,
thanx. How do I determine what user httpd is running as? Cheers.
I should say check your httpd.conf file for "User" and "Group" - they
are capitalized.
Alternatively:
ps aux | grep httpd
or
ps aux | grep apache
the first column is the user it's running as.
or lastly, probably the quickest way, create a phpinfo page and look for
User/Group
--
Postgresql & php tutorials
http://www.designmagick.com/
--- End Message ---
--- Begin Message ---
Chris wrote:
I should say check your httpd.conf file for "User" and "Group" - they
are capitalized.
Alternatively:
ps aux | grep httpd
yes, did that one and see it as starting as root, then goijg to daemon.
Now, if I add daemon to the root group, isn't that a security issue?
Should I create a new group? Little confused? Cheers.
Mark Sargent.
--- End Message ---
--- Begin Message ---
Mark Sargent wrote:
Chris wrote:
I should say check your httpd.conf file for "User" and "Group" - they
are capitalized.
Alternatively:
ps aux | grep httpd
yes, did that one and see it as starting as root, then goijg to daemon.
Now, if I add daemon to the root group, isn't that a security issue?
Should I create a new group? Little confused? Cheers.
Big security issue - don't do it.
>ps au | grep apache
root .... /usr/sbin/apache
htdocs .... /usr/sbin/apache
htdocs .... /usr/sbin/apache
My apache is running as "htdocs". So as root create a temp folder and
chown it to "htdocs":
mkdir /my_temp_dir
chown htdocs. /my_temp_dir
Done.
--
Postgresql & php tutorials
http://www.designmagick.com/
--- End Message ---
--- Begin Message ---
Chris wrote:
Big security issue - don't do it.
>ps au | grep apache
root .... /usr/sbin/apache
htdocs .... /usr/sbin/apache
htdocs .... /usr/sbin/apache
My apache is running as "htdocs". So as root create a temp folder and
chown it to "htdocs":
mkdir /my_temp_dir
chown htdocs. /my_temp_dir
Hi All,
ok, created dir, added htdocs user/group and changed ownership of dir to
them. Thing I'm gettin is, every time I make an adjustment to either
php.ini or httpd.conf, and do a restart, I keep getting a 404 error for
all pages. Which only corrects when doing a reboot of the box. This was
happening before I just followed your last steps. Thoughts? Cheers.
Mark Sargent.
--- End Message ---
--- Begin Message ---
Mark Sargent wrote:
Chris wrote:
Big security issue - don't do it.
>ps au | grep apache
root .... /usr/sbin/apache
htdocs .... /usr/sbin/apache
htdocs .... /usr/sbin/apache
My apache is running as "htdocs". So as root create a temp folder and
chown it to "htdocs":
mkdir /my_temp_dir
chown htdocs. /my_temp_dir
Hi All,
ok, created dir, added htdocs user/group and changed ownership of dir to
them. Thing I'm gettin is, every time I make an adjustment to either
php.ini or httpd.conf, and do a restart, I keep getting a 404 error for
all pages. Which only corrects when doing a reboot of the box. This was
happening before I just followed your last steps. Thoughts? Cheers.
Sounds like you're using the wrong script to restart apache.
What command are you using?
Rebooting will most likely pick up the /etc/init.d/apache or
/etc/init.d/httpd script.
--
Postgresql & php tutorials
http://www.designmagick.com/
--- End Message ---
--- Begin Message ---
Chris wrote:
Sounds like you're using the wrong script to restart apache.
What command are you using?
service httpd restart
Rebooting will most likely pick up the /etc/init.d/apache or
/etc/init.d/httpd script.
Have this in /etc/rc.local on Fedora 5,
startApache=/usr/local/apache2/bin/apachectl
if [ -f "$startApache" ] ; then
$startApache start
fi
and I see that I have left off start at the end of startApache.
Cheers.
Mark Sargent.
--- End Message ---
--- Begin Message ---
Mark Sargent wrote:
Chris wrote:
Big security issue - don't do it.
>ps au | grep apache
root .... /usr/sbin/apache
htdocs .... /usr/sbin/apache
htdocs .... /usr/sbin/apache
My apache is running as "htdocs". So as root create a temp folder and
chown it to "htdocs":
mkdir /my_temp_dir
chown htdocs. /my_temp_dir
Hi All,
ok, created dir, added htdocs user/group and changed ownership of dir to
them. Thing I'm gettin is, every time I make an adjustment to either
php.ini or httpd.conf, and do a restart, I keep getting a 404 error for
all pages. Which only corrects when doing a reboot of the box. This was
happening before I just followed your last steps. Thoughts? Cheers.
Mark Sargent.
I thought you said in earlier email that your apache was running as user
daemon. The tmp directory has to be owned by the user running apache. If
you want to run apache as user apache group apache then you will have to
edit httpd.conf and change the User and Group directives. Otherwise
chown chgrp the tmp directory to the user/group that is listed in the
httpd.conf file.
--
Ron Clark
System Administrator
Armstrong Atlantic State University
11935 Abercorn Street
Savannah, Ga 31419
Phone: 912 961 3234
Fax: 912 927 5353
--- End Message ---
--- Begin Message ---
$sql = "INSERT INTO
BOOKS(CopyrightYear,CoverType,DatePurchased,EditionNumber,ISBNNumber,Notes,Pages,Publisher,LOCNumber)
VALUES(\"" . $_POST["copyrightyear"] . "\",\"" . $_POST["covertype"] .
"\",\"" . $_POST["datepurchased"] . "\"," . $_POST["editionnumber"] .
",\"" . $_POST["isbn"] . "\",\"" . addslashes($_POST["notes"]) . "\"," .
(isset($_POST["numberofpages"])?$_POST["numberofpages"]:0) . ",\"" .
$_POST["publisher"] . "\",\"" . $_POST["locnumber"] . "\")";
Okay, when $_POST["notes"] contains quotes, it seems to break the
series, ie returns an error at that point of the SQL statement, even
with addslashes(), am I doing something wrong there?
--- End Message ---
--- Begin Message ---
At 09:38 PM 5/16/2006, John Meyer wrote:
$sql = "INSERT INTO
BOOKS(CopyrightYear,CoverType,DatePurchased,EditionNumber,ISBNNumber,Notes,Pages,Publisher,LOCNumber)
VALUES(\"" . $_POST["copyrightyear"] . "\",\"" . $_POST["covertype"]
. "\",\"" . $_POST["datepurchased"] . "\"," .
$_POST["editionnumber"] . ",\"" . $_POST["isbn"] . "\",\"" .
addslashes($_POST["notes"]) . "\"," .
(isset($_POST["numberofpages"])?$_POST["numberofpages"]:0) . ",\"" .
$_POST["publisher"] . "\",\"" . $_POST["locnumber"] . "\")";
Okay, when $_POST["notes"] contains quotes, it seems to break the
series, ie returns an error at that point of the SQL statement, even
with addslashes(), am I doing something wrong there?
John,
I wasn't able to get your statement to break regardless of the
content of $_POST["notes"], so I'm inclined to think the problem
doesn't lie with embedded quotes alone. Try displaying the value of
$sql when it fails in MySQL. Without that evidence, your problem
seems impossible to solve.
I'm suspicious of this conditional expression:
(isset($_POST["numberofpages"])?$_POST["numberofpages"]:0)
If $_POST["numberofpages"] is set but contains non-numeric content,
the query will fail.
Here are two other points tangential to your question:
By feeding user input directly into an SQL query, you're creating an
unnecessary vulnerability in your code. See "SQL Injection" at
http://php.net/manual/en/security.database.sql-injection.php
I find the concatenation with escaped quotes messy and difficult to
proofread and modify. My example below is somewhat exaggerated for
effect, but consider using heredoc syntax for ease of reading and a
couple of custom functions to make strings & numbers SQL-safe:
___________________________
$copyrightyear = prepString($_POST["copyrightyear"]);
$covertype = prepString($_POST["covertype"]);
$datepurchased = prepString($_POST["datepurchased"]);
$editionnumber = prepNumber($_POST["editionnumber"]);
$notes = prepString($_POST["notes"]);
$numberofpages = prepNumber($_POST["numberofpages"]);
$publisher = prepString($_POST["publisher"]);
$locnumber = prepString($_POST["locnumber"]);
$sql = <<< heredocSQL
INSERT INTO BOOKS (
CopyrightYear,
CoverType,
DatePurchased,
EditionNumber,
ISBNNumber,
Notes,
Pages,
Publisher,
LOCNumber
) VALUES (
"$copyrightyear",
"$covertype",
"$datepurchased",
$editionnumber,
"$notes",
$numberofpages,
"$publisher",
"$locnumber"
);
heredocSQL;
___________________________
Paul
--- End Message ---
--- Begin Message ---
The PHPEditIni PHP script now supports Linux/Unix. Use this script to edit
your PHP.INI files in a browser based GUI. Visit http://phpeditini.net .
--
The PHP EditIni Project
[EMAIL PROTECTED]
--- End Message ---
--- Begin Message ---
Hello,
I'm not a Perl guru so I (still) have problems :-)
I use the following date structure, quite "classic" : a list of lists. I have
two instances of this structure, let's take a simple example :
list 1 : [ [toto,tata],[toto,titi] ]
list 2 : [ [toto,tutu],[tata,titi],[toto,titi] ]
My question is :
is there an efficient way to make this kind of research :
I want to know if [toto,titi] from list 1 is present in list 2.
Thanks for help.
--- End Message ---
--- Begin Message ---
[EMAIL PROTECTED] schrieb:
Hello,
I'm not a Perl guru so I (still) have problems :-)
And this is not a Perl mailinglist so we have the same problem :)
--
Smileys rule (cX.x)C --o(^_^o)
Dance for me! ^(^_^)o (o^_^)o o(^_^)^ o(^_^o)
--- End Message ---
--- Begin Message ---
Oops, sorry for my last mail. Not the good mailing-list :-)
--- End Message ---
--- Begin Message ---
>
> Oops, sorry for my last mail. Not the good mailing-list :-)
>
Au contraire. This *IS* the good mailing list. Just not the *right* one.
;-)
JM
--- End Message ---
--- Begin Message ---
Hi,
the PHP newbie is here again asking questions.
Is there anyway in PHP to convert none international characters so the are
displayed correct?
In my case I have lots of data in the database with å,ä and ö.
Thanks // Jonas
--- End Message ---
--- Begin Message ---
Jonas Rosling schrieb:
Hi,
the PHP newbie is here again asking questions.
Is there anyway in PHP to convert none international characters so the are
displayed correct?
In my case I have lots of data in the database with å,ä and ö.
Thanks // Jonas
displayed where?
in html with htmlentities.
otherwise you should use a utf-8 encoding
--
Smileys rule (cX.x)C --o(^_^o)
Dance for me! ^(^_^)o (o^_^)o o(^_^)^ o(^_^o)
--- End Message ---
--- Begin Message ---
On Tue, 16 May 2006, Richard Lynch wrote:
On Tue, May 16, 2006 6:27 am, Martin Marques wrote:
In the first daemon all I have to do to kill it is execute a
pkill server_name.
But with the new daemon (the object orientaded one) it doesn't die.
After you pkill it, does it still work?
Yes, I can still connect to the socket and send commands to it.
Or is it a zombie?
bugs:~# ps auxw | grep php
root 29327 0.0 0.5 16992 2288 ? S May15 0:00
/usr/bin/php -q /usr/local/php/printSocket/printSocket.php
root 4066 0.0 1.3 17424 5352 ? S May16 0:00
/usr/bin/php -q /usr/local/php/offline/offlineSocket.php
bugs:~# pkill printSocket.php
bugs:~# ps auxw | grep php
root 4066 0.0 1.3 17424 5352 ? S May16 0:00
/usr/bin/php -q /usr/local/php/offline/offlineSocket.php
bugs:~# pkill offlineSocket.php
bugs:~# ps auxw | grep php
root 4066 0.0 1.3 17424 5352 ? S May16 0:00
/usr/bin/php -q /usr/local/php/offline/offlineSocket.php
It's possible PHP's shutdown functions trying to close the sockets and
destroy the instances have a bug...
You could try to pastebin the code somewhere.
The code from the socket that accepts the kill is at:
http://bugs.unl.edu.ar/~martin/socket1.phps
The code of the socket that doesn't get killed is here:
http://bugs.unl.edu.ar/~martin/socket2.tar
--
21:50:04 up 2 days, 9:07, 0 users, load average: 0.92, 0.37, 0.18
---------------------------------------------------------
Lic. Martín Marqués | SELECT 'mmarques' ||
Centro de Telemática | '@' || 'unl.edu.ar';
Universidad Nacional | DBA, Programador,
del Litoral | Administrador
---------------------------------------------------------
--- End Message ---
--- Begin Message ---
I have a site that is getting 30K+ traffic daily and it is smashing mySQL -
any ideas on what to do to make the mysql connections more efficient, or
anything in general. No bandwidth issue here, just the server getting
killed.
Thanks
--- End Message ---
--- Begin Message ---
I have a site that is getting 30K+ traffic daily and it is smashing mySQL -
any ideas on what to do to make the mysql connections more efficient, or
anything in general. No bandwidth issue here, just the server getting
killed.
...I may be wrong but using persistent connections (mysql_pconnect) may
help. Also, optimise your tables and use the explain command to see how
efficient your queries are.
--
http://www.web-buddha.co.uk
dynamic web programming from Reigate, Surrey UK (php, mysql, xhtml, css)
look out for project karma, our new venture, coming soon!
--- End Message ---
--- Begin Message ---
perhaps post some code so we can look at how you doing your queries...
HTH
Angelo Zanetti
Z Logic
www.zlogic.co.za
[c] +27 72 441 3355
[t] +27 21 469 1052
[f] +27 86 681 5885
Dave Goodchild wrote:
I have a site that is getting 30K+ traffic daily and it is smashing mySQL -
any ideas on what to do to make the mysql connections more efficient, or
anything in general. No bandwidth issue here, just the server getting
killed.
...I may be wrong but using persistent connections (mysql_pconnect) may
help. Also, optimise your tables and use the explain command to see how
efficient your queries are.
--- End Message ---
--- Begin Message ---
[snip]
I have a site that is getting 30K+ traffic daily and it is smashing
mySQL -
any ideas on what to do to make the mysql connections more efficient, or
anything in general. No bandwidth issue here, just the server getting
killed.
[/snip]
Without seeing any code or table information my bet would be that none
of your tables are indexed properly.
--- End Message ---
--- Begin Message ---
On 17/05/06, Dave Goodchild <[EMAIL PROTECTED]> wrote:
I have a site that is getting 30K+ traffic daily and it is smashing mySQL -
> any ideas on what to do to make the mysql connections more efficient, or
> anything in general. No bandwidth issue here, just the server getting
> killed.
>
> ...I may be wrong but using persistent connections (mysql_pconnect) may
help. Also, optimise your tables and use the explain command to see how
efficient your queries are.
And caching things that don't need to looked up form the database
right now. Even the fastest server in the world would wilt under a
slashdotting, if it had to do a dozen big queries for every page
display. Meanwhile a Pentium3 with a decent network can serve
hundreds of requests a second of a few static pages.
Alister
--- End Message ---
--- Begin Message ---
Jay Blanchard wrote:
[snip]
I have a site that is getting 30K+ traffic daily and it is smashing
mySQL -
any ideas on what to do to make the mysql connections more efficient, or
anything in general. No bandwidth issue here, just the server getting
killed.
[/snip]
Without seeing any code or table information my bet would be that none
of your tables are indexed properly.
and/or that the OP is using some killing JOINS in his queries - these
often have a detremental effect regardless of indexes.
--- End Message ---
--- Begin Message ---
On May 16, 2006, at 7:53 PM, Chrome wrote:
-----Original Message-----
From: Robert Samuel White [mailto:[EMAIL PROTECTED]
Sent: 17 May 2006 01:42
To: php-general@lists.php.net
Subject: RE: [PHP] Regex Help for URL's [ANSWER]
That's what I was doing. I was parsing A:HREF, IMG:SRC, etc.
But when I implemented a new feature on my network, where you
could click
on
a row and have it take you to another domain, I need a better
solution.
Go to http://www.enetwizard.ws and it might make more sense.
All the links on the left have an ONCLICK=location.href = ''
attribute in
the TR tag.
This solution allowed me to make sure those links included the
session
information, just like the A:HREF links do.
It also had the advantage of updating the links in my CSS.
Ooooo that breaks accessibility standards! Compliment the
'onclick's with
onkeydown at least :)
But still you get a solid onclick=... scenario
If these are visible in the source then they are fairly easy to
pick out
Though you may need more than 1 regex ;)
My complaint here is, don't break accessibility :)
And don't forget the folks who have javascript turned off or are
using text based browsers too.
Ed
--- End Message ---
--- Begin Message ---
On 5/16/06, Richard Lynch <[EMAIL PROTECTED]> wrote:
On Mon, May 15, 2006 1:58 am, Jason Wong wrote:
> 2) the uploaded file is a "script" (perl/php/python/etc)
> In the case of (2), if the script relies on its shebang line to
> execute
Not necessarily -- What if I upload an "image" file named
"badscript.php" and then I surf to it, after it's in your /images
directory?
When using the php apache module, from a OS permissions, the Server reads as
opposed to executes php code. .php files don't generally need to be
executable IIRC.
Game Over
If you want Shifflet's view, just go to http://phpsec.org
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
> On Mon, May 15, 2006 1:58 am, Jason Wong wrote:
> > 2) the uploaded file is a "script" (perl/php/python/etc)
>
> > In the case of (2), if the script relies on its shebang line to
> > execute
>
> Not necessarily -- What if I upload an "image" file named
> "badscript.php" and then I surf to it, after it's in your /images
> directory?
On my sites, I know aht file extensions that I will allow, so block (by
script) anything that doesn't match - in my case, that's '.tif' and '.pdf'.
George
--- End Message ---
--- Begin Message ---
On Tuesday 16 May 2006 07:45, Richard Lynch wrote:
> On Mon, May 15, 2006 1:58 am, Jason Wong wrote:
> > 2) the uploaded file is a "script" (perl/php/python/etc)
> >
> > In the case of (2), if the script relies on its shebang line to
> > execute
>
> Not necessarily -- What if I upload an "image" file named
> "badscript.php" and then I surf to it, after it's in your /images
> directory?
I was assuming that any developer who allowed image files to be named
*.php would be hung, drawn & quartered and shot a few times for good
measure :)
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
------------------------------------------
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
------------------------------------------
New Year Resolution: Ignore top posted posts
--- End Message ---
--- Begin Message ---
I Have an very strange problem.
When i execute an very simple Ajax request to an PHP script wich just
print one line and i put an sleep(20) infront of it, it works perfectly
when i refresh the page.
BUT..
When i put session_start() at the top, i can't refresh the page anymore.
It won't refresh untill the server responed.
When i remove the session_start(), i can refresh anytime i want.
Is this a know problem?
Does someone knows an solution?
Thx for the help.
--- End Message ---
--- Begin Message ---
On Wed, 2006-05-17 at 10:11, Mathijs wrote:
> I Have an very strange problem.
>
> When i execute an very simple Ajax request to an PHP script wich just
> print one line and i put an sleep(20) infront of it, it works perfectly
> when i refresh the page.
>
> BUT..
> When i put session_start() at the top, i can't refresh the page anymore.
> It won't refresh untill the server responed.
>
> When i remove the session_start(), i can refresh anytime i want.
>
> Is this a know problem?
> Does someone knows an solution?
PHP sessions use locking to avoid race conditions. So you sleep for 20
seconds keeps the lock for just as long, this has the effect of blocking
all other scripts for the same session. To avoid this, grab the session
data you need, and close the session as fast as possible. Additionally,
it's probably a very bad idea to keep the web server waiting for 20
seconds for no good reason. Why not have your javascript do the waiting?
Cheers,
Rob.
--
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting |
| a powerful, scalable system for accessing system services |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for |
| creating re-usable components quickly and easily. |
`------------------------------------------------------------'
--- End Message ---
--- Begin Message ---
Robert Cummings wrote:
On Wed, 2006-05-17 at 10:11, Mathijs wrote:
I Have an very strange problem.
When i execute an very simple Ajax request to an PHP script wich just
print one line and i put an sleep(20) infront of it, it works perfectly
when i refresh the page.
BUT..
When i put session_start() at the top, i can't refresh the page anymore.
It won't refresh untill the server responed.
When i remove the session_start(), i can refresh anytime i want.
Is this a know problem?
Does someone knows an solution?
PHP sessions use locking to avoid race conditions. So you sleep for 20
seconds keeps the lock for just as long, this has the effect of blocking
all other scripts for the same session. To avoid this, grab the session
data you need, and close the session as fast as possible. Additionally,
it's probably a very bad idea to keep the web server waiting for 20
seconds for no good reason. Why not have your javascript do the waiting?
Cheers,
Rob.
This whas just an test example i talked about.
irl, i have an script that does an search on the server for texts in files.
This search goes through an ajax request.
The page that is requested uses $_SESSION.
Therefore i need session_start().
This search can take a while, and if i want to refresh the page, because
i want to have an other search or whatever, i just can't.
This because, for some reason, when session_start() gets called, it
locks the refreshing capeabileties of the browser.
Also, you say to close the session, mabye a stupid question, but how????
If you need more info, just ask :)..
Thx for the quick reply :).
Kind Regards,
--- End Message ---
--- Begin Message ---
session_write_close();
Ex:
session_start();
$asdf = $_SESSION; //-- get all datas
session_write_close(); //-- close session
on Wednesday 17 May 2006 16:36, Mathijs wrote:
> Robert Cummings wrote:
> > On Wed, 2006-05-17 at 10:11, Mathijs wrote:
> >> I Have an very strange problem.
> >>
> >> When i execute an very simple Ajax request to an PHP script wich just
> >> print one line and i put an sleep(20) infront of it, it works perfectly
> >> when i refresh the page.
> >>
> >> BUT..
> >> When i put session_start() at the top, i can't refresh the page anymore.
> >> It won't refresh untill the server responed.
> >>
> >> When i remove the session_start(), i can refresh anytime i want.
> >>
> >> Is this a know problem?
> >> Does someone knows an solution?
> >
> > PHP sessions use locking to avoid race conditions. So you sleep for 20
> > seconds keeps the lock for just as long, this has the effect of blocking
> > all other scripts for the same session. To avoid this, grab the session
> > data you need, and close the session as fast as possible. Additionally,
> > it's probably a very bad idea to keep the web server waiting for 20
> > seconds for no good reason. Why not have your javascript do the waiting?
> >
> > Cheers,
> > Rob.
>
> This whas just an test example i talked about.
> irl, i have an script that does an search on the server for texts in files.
>
> This search goes through an ajax request.
> The page that is requested uses $_SESSION.
> Therefore i need session_start().
>
> This search can take a while, and if i want to refresh the page, because
> i want to have an other search or whatever, i just can't.
> This because, for some reason, when session_start() gets called, it
> locks the refreshing capeabileties of the browser.
>
> Also, you say to close the session, mabye a stupid question, but how????
>
> If you need more info, just ask :)..
>
> Thx for the quick reply :).
>
> Kind Regards,
--- End Message ---
--- Begin Message ---
Hi (please insert your preference):
This should be simple, but I'm having problems.
I have a program that uploads an image file and then tries to set the
permissions for the image (to be altered later). However, I get a
"Warning: chmod(): Operation not permitted" error when trying to set
the permission, what gives? If my program created the file, shouldn't
it have permission to set the files permissions?
What am I not understanding?
Thanks.
tedd
--
------------------------------------------------------------------------------------
http://sperling.com http://ancientstones.com http://earthstones.com
--- End Message ---
--- Begin Message ---
tedd wrote:
Hi GANG:
:-)
This should be simple, but I'm having problems.
I have a program that uploads an image file and then tries to set the
permissions for the image (to be altered later). However, I get a
"Warning: chmod(): Operation not permitted" error when trying to set the
permission, what gives? If my program created the file, shouldn't it
have permission to set the files permissions?
chances are that the file is created as user nobody, your not nobody ;-),
ergo you can't chmod it ... can't remember the last time I didn't have root
access to configure/fuck (you pick) the server the way I wanted it.
I'm sure someone here knows exactly how to sort this issue without editing the
httpd.conf.
What am I not understanding?
Thanks.
tedd
--- End Message ---
--- Begin Message ---
tedd wrote:
Hi (please insert your preference):
This should be simple, but I'm having problems.
I have a program that uploads an image file and then tries to set the
permissions for the image (to be altered later). However, I get a
"Warning: chmod(): Operation not permitted" error when trying to set the
permission, what gives? If my program created the file, shouldn't it
have permission to set the files permissions?
What am I not understanding?
Without seeing code, permissions of the directories, what sticky bits
might or might not be set, etc., you could not be understanding many
things....or just one....who knows.
http://www.google.com/search?q=php+%22Warning%3A+chmod%28%29%3A+Operation+not+permitted%22&btnG=Search
--
John C. Nichel IV
Programmer/System Admin (ÜberGeek)
Dot Com Holdings of Buffalo
716.856.9675
[EMAIL PROTECTED]
--- End Message ---
