php-general Digest 24 Nov 2005 06:58:48 -0000 Issue 3812
Topics (messages 226375 through 226397):
Re: Is there an alternative for $_FILES['guildimage']['type'] == "image/jpeg"
226375 by: Ben
226377 by: Stephen Leaf
Re: Is there an alternative for $_FILES['guildimage']['type']
226376 by: eric van blokland
Re: Assistance debugging php 5.x.x
226378 by: Jochem Maas
226379 by: eric van blokland
226381 by: Jochem Maas
226383 by: eric van blokland
preg_match_all for dummies
226380 by: Kristen G. Thorson
Re: Can't execute external program
226382 by: Henry Castillo
226384 by: comex
226386 by: Henry Castillo
Re: PHP and email
226385 by: Anas Mughal
226389 by: Manuel Lemos
Code generators
226387 by: Danny
226397 by: Thiago Silva
readfile and get_file_contents don't work
226388 by: Richard K. Miller
Re: mysqli unclonable object
226390 by: Matt Monaco
226394 by: Curt Zirzow
226396 by: Matt Monaco
Re: NTLM, PHP and Apache
226391 by: Manuel Lemos
http protocols defining what gets sent between web server and browser
226392 by: bruce
226393 by: David Tulloh
226395 by: Curt Zirzow
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
php-general@lists.php.net
----------------------------------------------------------------------
--- Begin Message ---
Curt Zirzow wrote:
You should really consider using the fileinfo extension, or mabey
even http://php.net/getimagesize. The ['type'] information
can't be trusted to be what it says it is.
Any reason why no one is suggesting the use of mime_content_type?
http://ca.php.net/mime_content_type
It seems to work well for me and there's no need to trust whatever the
browser claims a file is or having to worry about different browsers
inconsistently describing a mime type.
- Ben
--- End Message ---
--- Begin Message ---
I'd say because it's been depreciated.
LXXVI. Mimetype Functions
Introduction
Warning
This extension has been deprecated as the PECL extension fileinfo provides
the same functionality (and more) in a much cleaner way.
On Wednesday 23 November 2005 12:45 pm, Ben wrote:
> Curt Zirzow wrote:
> > You should really consider using the fileinfo extension, or mabey
> > even http://php.net/getimagesize. The ['type'] information
> > can't be trusted to be what it says it is.
>
> Any reason why no one is suggesting the use of mime_content_type?
> http://ca.php.net/mime_content_type
>
> It seems to work well for me and there's no need to trust whatever the
> browser claims a file is or having to worry about different browsers
> inconsistently describing a mime type.
>
> - Ben
--- End Message ---
--- Begin Message ---
You could use the exif_imagetype() function
http://nl2.php.net/manual/en/function.exif-imagetype.php
--- End Message ---
--- Begin Message ---
eric van blokland wrote:
LOL @ Jochem
Well I sure can't argue with that! (serious)
But with or without comments, the code is broken or breaks
something. I've tracked down the weird bevahiour a little further. Now I
would sure like, if one of you has about 30 minutes time to look at my
problem with me, using VNC and Skype
If you got the spare time I would really appreciate it and as I've been
unable to create some actual reproduce code, the only thing that's left
is looking at the real thing. I'm still sure it's related to the way I
use references, wheter it is or isn't a bug in the compiler, it sure
would be nice to know this particular DON'T about references.
Please let me know
1. it could be considered over-engineered
2. you seem to be reinventing the wheel (templating?)
3. you are lacking knowledge regarding php5 OO
(for starters why are not you using __construct() for the ctors?)
4. YOU ARE USING REFERENCES ALL OVER THE PLACE!!! ;-)
regarding no. 4, some examples:
function fs_handle_object_properties(&$object) {
// ^--- destroy it
// why bother sticking the object in a 'serialize container'?
// and where was the class defined in the example code???
function fs_serialize(&$object) {
// ^--- destroy it
$container=new fs_serialize_container();
$container->object=&$object;
// ^--- destroy it
return serialize($container);
}
// what happens in this code when $name
// is 'properties' or some other value that
// is the name of pre-defined object attribute?
function fs_handle_object_properties(&$object) {
global $stdo;
$changed=false;
if(isset($object->properties) && is_array($object->properties))
{
foreach($object->properties as $name=> $property) {
if(isset($property->changed) &&
$property->changed==true){
$object->changed=true;
$changed=true;
$object->$name=$property->value;
}
}
// if you are already using $_SESSION why complicate matters
// by also storing duplicate stuff in $_COOKIE? _seems_ a
// waste of time.
function fs_process_properties() {
if(isset($_COOKIE['fs_properties'])) {
$properties=explode(';',$_COOKIE['fs_properties']);
function &fs_unserialize($string) {
// ^-- destroy it
class std_page {
/* ... */
function edit(&$structure) {
// ^-- ???
global $stdo;
foreach($this->properties as $key=>&$property) {
// ^-- $property is an object
!!!!
print $property->parse();
}
and so on. getting rid of all the referencing of objects will most
probably get rid of your problems - I'll pass on the argument
as to whether it should work as it is.
-------------------------------------
you might also want to read up on __call(), __set()
and __get(). oh and there are the functions is_array(),
is_object() and the keyword 'instanceof' which you
might want to consider making more use of in order to
check your variables.
On 11/23/05, *Jochem Maas* <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>> wrote:
Eric,
everything you have written suggests to me that the problem is in
your code
(that may be being caused by changes to the engine, which have
either removed
an ability due to the fact that it was dangerous [e.g. reference
issues], or
abilities that have been changed because they were deemed wrong)
regardless of whether that is the case or not you are best off by
assuming that
the problem is in your code:
1. if its your code you have the power to fix it, which is a better
situation
to be in than have to rely on third parties to fix an underlying
texchnology.
2. it avoids 'blaming' core developers until such time as you can
_prove_ the
engine has a bug.
eric van blokland wrote:
> 1. That's what I've warned about from the beginning, that outside the
> complete project environment the error probably wouldn't occur.
> 2. I understand this completely, naturally. I would like to thank
everybody
> spending time in reading my posts, particulary you, Jay. But
that's why I
> would like to give you, or anyone else for that matter, an
attended tour
> through the project.
> 3. I'm beeing pushed to present results, writting comments in my
code would
> take almost twice the time writing the code itself. And in most
cases, it's
> faster just to read my code instead of reading the comment. And
finally, you
the last 3 lines are bullshit on all counts (apart from the implied
deadline
pressure), do yourself a favor and starting commenting! :-)
> wouldn't be able to read my comments, as my comments would be in
dutch.
I'd be happy to translate for you Jay ;-)
having said that there is no reason to write comments in dutch if your
english is as good as it is, but comments in any language are always
better than
none. (assuming the comments actually have some baring on the actual
code -
i.e. comments like '// Bill Gates has lots of money' don't really
help!)
--- End Message ---
--- Begin Message ---
1. Overengineering perhaps...
2. Reinventing the wheel? Probably, but I just like to know every single
"bit" of the wheel I use
3. I do get confused every now and then about PHP5 OO
4. References everywhere? Yes, the code was originally written for PHP4 I
have already started removing them, but seriously, does PHP5 cares about
passing an object reference by reference (it's useless and overhead, ok, but
does it matter?)
Because the code originates from PHP4, I don't have __constructor functions
On 11/23/05, Jochem Maas <[EMAIL PROTECTED]> wrote:
>
> eric van blokland wrote:
> > LOL @ Jochem
> >
> > Well I sure can't argue with that! (serious)
> >
> > But with or without comments, the code is broken or breaks
> > something. I've tracked down the weird bevahiour a little further. Now I
> > would sure like, if one of you has about 30 minutes time to look at my
> > problem with me, using VNC and Skype
> > If you got the spare time I would really appreciate it and as I've been
> > unable to create some actual reproduce code, the only thing that's left
> > is looking at the real thing. I'm still sure it's related to the way I
> > use references, wheter it is or isn't a bug in the compiler, it sure
> > would be nice to know this particular DON'T about references.
> >
> > Please let me know
>
> 1. it could be considered over-engineered
> 2. you seem to be reinventing the wheel (templating?)
> 3. you are lacking knowledge regarding php5 OO
> (for starters why are not you using __construct() for the ctors?)
> 4. YOU ARE USING REFERENCES ALL OVER THE PLACE!!! ;-)
>
> regarding no. 4, some examples:
>
> function fs_handle_object_properties(&$object) {
> // ^--- destroy it
I will
// why bother sticking the object in a 'serialize container'?
> // and where was the class defined in the example code???
> function fs_serialize(&$object) {
> // ^--- destroy it
> $container=new fs_serialize_container();
>
> $container->object=&$object;
> // ^--- destroy it
> return serialize($container);
> }
The container is used so references within $object to $object will remain
intact, the class is missing from the example code, because the example
isn't going to serialize or unserialize anything
// what happens in this code when $name
> // is 'properties' or some other value that
> // is the name of pre-defined object attribute?
> function fs_handle_object_properties(&$object) {
> global $stdo;
> $changed=false;
> if(isset($object->properties) &&
> is_array($object->properties)) {
> foreach($object->properties as $name=> $property) {
> if(isset($property->changed) &&
> $property->changed==true){
> $object->changed=true;
> $changed=true;
> $object->$name=$property->value;
> }
> }
This is most definitely a bug, or overlook issue, however, this is not the
cause of my problem
// if you are already using $_SESSION why complicate matters
> // by also storing duplicate stuff in $_COOKIE? _seems_ a
> // waste of time.
> function fs_process_properties() {
> if(isset($_COOKIE['fs_properties'])) {
> $properties=explode(';',$_COOKIE['fs_properties']);
This function is used for external data input from the clients. I do not
post all forms, some are sent by cookie
function &fs_unserialize($string) {
> // ^-- destroy it
I will
class std_page {
>
> /* ... */
> function edit(&$structure) {
> // ^-- ???
> global $stdo;
> foreach($this->properties as $key=>&$property) {
> // ^-- $property is an
> object !!!!
> print $property->parse();
> }
>
>
> and so on. getting rid of all the referencing of objects will most
> probably get rid of your problems - I'll pass on the argument
> as to whether it should work as it is.
>
> -------------------------------------
I will remove them
you might also want to read up on __call(), __set()
> and __get(). oh and there are the functions is_array(),
> is_object() and the keyword 'instanceof' which you
> might want to consider making more use of in order to
> check your variables.
But still I would like to ask you to take a look with me
>
> > On 11/23/05, *Jochem Maas* <[EMAIL PROTECTED]
> > <mailto:[EMAIL PROTECTED]>> wrote:
> >
> > Eric,
> >
> > everything you have written suggests to me that the problem is in
> > your code
> > (that may be being caused by changes to the engine, which have
> > either removed
> > an ability due to the fact that it was dangerous [e.g. reference
> > issues], or
> > abilities that have been changed because they were deemed wrong)
> >
> > regardless of whether that is the case or not you are best off by
> > assuming that
> > the problem is in your code:
> >
> > 1. if its your code you have the power to fix it, which is a better
> > situation
> > to be in than have to rely on third parties to fix an underlying
> > texchnology.
> >
> > 2. it avoids 'blaming' core developers until such time as you can
> > _prove_ the
> > engine has a bug.
> >
> > eric van blokland wrote:
> > > 1. That's what I've warned about from the beginning, that outside
> the
> > > complete project environment the error probably wouldn't occur.
> > > 2. I understand this completely, naturally. I would like to thank
> > everybody
> > > spending time in reading my posts, particulary you, Jay. But
> > that's why I
> > > would like to give you, or anyone else for that matter, an
> > attended tour
> > > through the project.
> > > 3. I'm beeing pushed to present results, writting comments in my
> > code would
> > > take almost twice the time writing the code itself. And in most
> > cases, it's
> > > faster just to read my code instead of reading the comment. And
> > finally, you
> >
> > the last 3 lines are bullshit on all counts (apart from the implied
> > deadline
> > pressure), do yourself a favor and starting commenting! :-)
> >
> > > wouldn't be able to read my comments, as my comments would be in
> > dutch.
> >
> > I'd be happy to translate for you Jay ;-)
> >
> > having said that there is no reason to write comments in dutch if
> your
> > english is as good as it is, but comments in any language are always
> > better than
> > none. (assuming the comments actually have some baring on the actual
> > code -
> > i.e. comments like '// Bill Gates has lots of money' don't really
> > help!)
> >
> >
>
>
--- End Message ---
--- Begin Message ---
eric van blokland wrote:
1. Overengineering perhaps...
2. Reinventing the wheel? Probably, but I just like to know every single
"bit" of the wheel I use
hmm, did you build your own PC? and the CPU did you build that? do you
know exactly how it works? me niether.
3. I do get confused every now and then about PHP5 O
we have a club. :-)
4. References everywhere? Yes, the code was originally written for PHP4 I
have already started removing them, but seriously, does PHP5 cares about
passing an object reference by reference (it's useless and overhead, ok, but
does it matter?)
its not my code, I haven't even seen it run, how do I know if it will
actually help? but I have a strong feeling that it will fix the issue.
so change the code and find out. given the fact that you are migrating
php4 OO code to php5 you might consider reading up on all the potential
problems that might occur.
Because the code originates from PHP4, I don't have __constructor functions
its __construct(), and given that the code contains php5 only syntax
I would suggest removing anything that is there for the benefit of
php4.
--- End Message ---
--- Begin Message ---
I will start with removing obsolete references from my code. But if the
problem persist, could you please try to find some time to look at the issue
with me. Thank you for the support so far. I'll be back here in one or two
days
Have a nice evening!
On 11/23/05, Jochem Maas <[EMAIL PROTECTED]> wrote:
>
>
>
> eric van blokland wrote:
> > 1. Overengineering perhaps...
> > 2. Reinventing the wheel? Probably, but I just like to know every single
> > "bit" of the wheel I use
>
> hmm, did you build your own PC? and the CPU did you build that? do you
> know exactly how it works? me niether.
>
> > 3. I do get confused every now and then about PHP5 O
>
> we have a club. :-)
>
> > 4. References everywhere? Yes, the code was originally written for PHP4
> I
> > have already started removing them, but seriously, does PHP5 cares about
> > passing an object reference by reference (it's useless and overhead, ok,
> but
> > does it matter?)
>
> its not my code, I haven't even seen it run, how do I know if it will
> actually help? but I have a strong feeling that it will fix the issue.
>
> so change the code and find out. given the fact that you are migrating
> php4 OO code to php5 you might consider reading up on all the potential
> problems that might occur.
>
> > Because the code originates from PHP4, I don't have __constructor
> functions
>
> its __construct(), and given that the code contains php5 only syntax
> I would suggest removing anything that is there for the benefit of
> php4.
>
>
--- End Message ---
--- Begin Message ---
I am a regex retard.
I am trying to pull keywords out of this crazy bbcode-like file, but
only for bbcode-like code NOT enclosed in HTML comments. I currently
have managed to create this regex:
'/(?<!<!--)\[!(\w+)::.*!\](?!-->)/U'
Which matches
[!keyword::crazy bbcode!]
and not
<!--[!keyword::crazy bbcode!]-->
That's a step in the right direction. But it includes in the match
keywords within phrases like this:
<!-- A sentence including some [!keyword::crazy bbcode!]. -->
I want to ignore all bbcode within HTML quotes. How do I do this?
thanks
kgt
--- End Message ---
--- Begin Message ---
Hi
Still desperate
DOCUMENT_ROOT is /var/www/html
Check all settings at http://provi.voicenetworx.net:8080/t.php
>From the command line it runs perfectly:
[EMAIL PROTECTED] html]# /var/www/html/myprog -E 123456789098.dat sample1.txt
sample1.new
(no output, it just creates the file .new)
Here is the php I've created, fairly simple:
<?php
exec("/var/www/html/myprog -E 123456789098.dat sample1.txt
sample1.new");
phpinfo();
?>
On 11/22/05, n.g. <[EMAIL PROTECTED]> wrote:
>
> is /var/www/html your web root dir ?
> maybe its the plobrem.
>
> On 11/23/05, Henry Castillo <[EMAIL PROTECTED]> wrote:
> > That was on of the first things I checked:
> > safe mode is set to off
> > Any ideas...
> > Henry
> > Voip tech said the following on 11/20/2005 10:31 PM:
> > > Hello,
> > > I cannot get exec(), system() or passthru() to run an extenal program.
> > > From the command line it runs perfectly:
> >
> > <snip>
> >
> > > I'm getting frustrated, Any help will be deeply appreciated
> > > Henry
> >
> > The answer is probably in your php.ini. Look into whether you are
> > running in safe mode or not, and if you are whether you have your
> > program in the safe_mode_exec_dir or not. Also check disable_functions
> > to see if any of the ones you are having trouble with are listed.
> >
> > - Ben
> >
> >
>
>
> --
> Tomorrow will be a good day :-)
>
--- End Message ---
--- Begin Message ---
> Hi
> Still desperate
Try adding 2>&1 to the command line; maybe that will show an error.
--- End Message ---
--- Begin Message ---
I added 2>&1 but still nothing... as a matter of fact it won't execute
anything. I put echo exec('asdf');
and nothing happend either ( i should've echoed an error)
However it'll execute some other commands echo exec('ls -lart'); will
output correctly.
Any ohter Idea?
Henry
--- End Message ---
--- Begin Message ---
I have implemeted a system that dispatches between 600 to 2000 emails every
night. An email is sent for each recepient. My system is hosted on a shared
Linus server. I have not heard any complaints from the hosting company so
far.
Here are my recommendations:
- Have a cron job that kicks off your PHP script at intervals long enough to
guarantee the completion of an earlier execution of the script.
- Have a sleep interval between a predefined number of emails sent. You need
to figure out what works well for you depending on your dispatch frequency,
etc. (I would keep the sleep interval short.)
- No need to nice anything. The problem is the load on the smtp server. You
need to give it some time to process what you sent already before sending
more emails.
- Log all outbound activity. We log the email addresses of who receives each
message. That provides auditing and helps in recovering any failures.
- We use flags in our database to flag what messages were sent successfully.
That way, we can search and resend any failed messages.
Hope this helps.
--
Anas Mughal
--- End Message ---
--- Begin Message ---
Hello,
on 11/24/2005 11:38 AM Angelo Zanetti said the following:
Thanks to those who have replied so far, yes our main concern is the
smtp server falling over or dying. So to come back to John Nichel's answer:
John, have you done this personally and I assume the effects were
good?? IE everything ran smoothly?
I think you are making a big confusion. SMTP servers do not send e-mail.
SMTP servers only receive e-mail. What sends e-mail are MTA (Mail
Transfer Agents). Some MTA come with SMTP servers but those are
independent operations.
There is no reason for an SMTP server or MTA to die unless it is not
configure to work upto the operating system limits.
What mail server do you use?
--
Regards,
Manuel Lemos
Metastorage - Data object relational mapping layer generator
http://www.metastorage.net/
PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/
--- End Message ---
--- Begin Message ---
Hi there,
There´s a lot of manufacturers, about PHP code generators. What do you think
about that?
I mean, it seems like PHP Nuke fashion or other portal systems. Everybody
has its portal, but all web pages seems to be the same, because all are
under the same design.
I would like to gather opinions about it.
Example: http://www.yessoftware.com/index2.php
Thank you
P.S. Please sorry my poor english, I´m trying to improve my skills
--
dpc
--- End Message ---
--- Begin Message ---
Danny wrote:
> Hi there,
>
> There´s a lot of manufacturers, about PHP code generators. What do you
> think about that?
>
> I mean, it seems like PHP Nuke fashion or other portal systems. Everybody
> has its portal, but all web pages seems to be the same, because all are
> under the same design.
>
> I would like to gather opinions about it.
>
> Example: http://www.yessoftware.com/index2.php
>
> Thank you
>
> P.S. Please sorry my poor english, I´m trying to improve my skills
> --
> dpc
Funny.
This is getting more and more popular, in many different levels.
I've seen RAD pop up here and there on PHP....(I'm planning/developing one
since 2003).
Now, i'm not sure, but maybe this is getting a lot of atention, these days,
because ruby on rails way of doing things....
Or simply, people are tired of doing the same old things the same old way.
(Ok, we are tired for a long time, but seems that only now, tools like that
are having attention).
I think that what ever can do the boring work for you the exacly same way
(maybe, better) that you would, is welcome.
I'm having a look right now in that app (from yessoftware).
Seems interesting. Too bad is commercial/for-windows product :(
Thiago
--- End Message ---
--- Begin Message ---
I compiled PHP from source on Fedora Core 4, but I must have left
something out because readfile and get_file_contents aren't working.
If I try to connect to a "http://"; address I get the error "failed to
open stream: HTTP request failed". Any ideas why?
Richard
--- End Message ---
--- Begin Message ---
Thanks for your attention Curt, but unfortunatly that is not the issue.
Compatibility mode is not on.
For documentation's sake, I think the problem is that there are other links
in the code using the same credentials. When you declare a link resource to
a database, PHP first searches to see if there is already one open,
therefore despite the fact that this link wasn't even using the same library
(mysql vs mysqli) it didn't matter; only one connection to the database
could be made (as root in this case).
If this is incorrect or anyone has additional insight, please reply.
Thanks,
Matt
"Curt Zirzow" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> On Wed, Nov 23, 2005 at 01:13:22AM -0500, Matt Monaco wrote:
>> On a Fedora 4 machine running MySQL 4.1 I am having trouble declaring an
>> instance of a mysqli extension.
>>
>> class Data extends mysqli {
>> ....
>>
>> $link = new Data("localhost", "user", "password", "db");
>>
>> This invokes the error "Trying to clone unclonable object of type Data."
>> However if I create the link with a reference ...
>> $link =& new Data(....);
>> ...everything works fine.
>
> This is because you have the ini option:
>
> zend.ze1_compatibility_mode = On
>
>
> Curt.
> --
> cat .signature: No such file or directory
--- End Message ---
--- Begin Message ---
On Wed, Nov 23, 2005 at 06:48:50PM -0500, Matt Monaco wrote:
> Thanks for your attention Curt, but unfortunatly that is not the issue.
> Compatibility mode is not on.
What does this say just before you do $link = new ...:
var_dump(ini_get('zend.ze1_compatibility_mode'));
If it says string(1) "0", then either your using php4 or some buggy
version of php5.
> For documentation's sake, I think the problem is that there are other links
> in the code using the same credentials. When you declare a link resource to
> a database, PHP first searches to see if there is already one open,
> therefore despite the fact that this link wasn't even using the same library
> (mysql vs mysqli) it didn't matter; only one connection to the database
> could be made (as root in this case).
>
> If this is incorrect or anyone has additional insight, please reply.
Only the old mysql extension has any sort of credential checking
and if they are the same, returns the same connection (which can be
bypassed with an option to mysql_connect(). mysqli has no such
credential checking.
Curt.
--
cat .signature: No such file or directory
--- End Message ---
--- Begin Message ---
I get string(1) "", should that be taken just the same as 0? In addition
phpinfo() indicates php 5.0.4 - does the upgrade to .5 involve remove .4
first?
btw, as I'm new to the mailing list thing, why do some names appear in
quotes and others do not?
Thanks,
Matt
"Curt Zirzow" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> On Wed, Nov 23, 2005 at 06:48:50PM -0500, Matt Monaco wrote:
>> Thanks for your attention Curt, but unfortunatly that is not the issue.
>> Compatibility mode is not on.
>
> What does this say just before you do $link = new ...:
>
> var_dump(ini_get('zend.ze1_compatibility_mode'));
>
> If it says string(1) "0", then either your using php4 or some buggy
> version of php5.
>
>> For documentation's sake, I think the problem is that there are other
>> links
>> in the code using the same credentials. When you declare a link resource
>> to
>> a database, PHP first searches to see if there is already one open,
>> therefore despite the fact that this link wasn't even using the same
>> library
>> (mysql vs mysqli) it didn't matter; only one connection to the database
>> could be made (as root in this case).
>>
>> If this is incorrect or anyone has additional insight, please reply.
>
> Only the old mysql extension has any sort of credential checking
> and if they are the same, returns the same connection (which can be
> bypassed with an option to mysql_connect(). mysqli has no such
> credential checking.
>
>
> Curt.
> --
> cat .signature: No such file or directory
--- End Message ---
--- Begin Message ---
Hello,
on 11/23/2005 02:58 AM Joe Wollard said the following:
I'm running a rogue (the company knows about it but doesn't support it) web
server for my dept and I'd like to be able to authenticate users
transparently. The company is currently doing this on their own supported
Intranet servers via NTLM on IIS. All I'm really looking for here is a way
to extract the user name from the 'Authentication:' HTTP header using PHP on
Apache (FC4). It seems that some of the string can be extracted using
base64_decode(). Unfortunately it is not the part of the string that I need.
It's just the domain name, the computer's NET BIOS name and the Auth-type
which of course is NTLMSSP.
I found a mod_ntlm for Apache, but even if I could compile it on FC4 (yes, I
tried) I'm not sure I need/want the full functionality of NTLM - just a way
to extract the user name of the user logged into the client machine from the
HTTP header using apache.
mod_ntlm is exactly what tou need.
It seems that there are many sites out there that do this in Java and Perl,
but none describe a way to do this in PHP......any ideas?
PHP or any other language do not do anything. The Web server
authentication module performs the authentication dialog and pass it to
the scripts of any language through the environment variable LOGON_USER.
All you need to do is to call GetEnv("LOGON_USER");
--
Regards,
Manuel Lemos
Metastorage - Data object relational mapping layer generator
http://www.metastorage.net/
PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/
--- End Message ---
--- Begin Message ---
hi...
this might not be a php question but might still provide interest...
I'm working on a project, and need to know if there's anyone who's a guru
with Web Server/Client interactions. Basically, I'm trying to get a much
better/deeper understanding of the HTTP protocols defining the information
that is sent/transfered between the web server/client browser apps.
I'm interested in understanding what the various information is that gets
transfered between the apps, as well as understanding what information can
be spoofed/altered on the client side, as it goes back to the server.
I know you can get the querystring information from the
get/put/request/etc... I'm more interested in any other information that
gets transferred as potentially part of the header structure, like machine
id, mac address, date/time, etc.... I'm interested in whether this can be
spoofed/altered, and potentially rendered invalid by a 'man in the middle'
type of attack.
Searching google isn't getting me what i really want!!
So, if you have the skills/expertise in this area, and you're willing to
talk to me for a few minutes, I'd appreciate it. As stated, the underlying
reason for the questions is to get a better understanding of 'man in the
middle attacks' as this applies to web server apps.
Thanks
bruce
[EMAIL PROTECTED]
--- End Message ---
--- Begin Message ---
I find the LiveHTTPHeaders extension for firefox to be very good for
this kind of thing.
http://livehttpheaders.mozdev.org/
It gives you a realistic (as opposed to theoretical) view of exactly
what is being sent between the browser and the server. Networking
details that you listed like the mac address are handled in the
networking layer rather than by the browser, you probably also want to
look up TCP/IP headers.
David
bruce wrote:
hi...
this might not be a php question but might still provide interest...
I'm working on a project, and need to know if there's anyone who's a guru
with Web Server/Client interactions. Basically, I'm trying to get a much
better/deeper understanding of the HTTP protocols defining the information
that is sent/transfered between the web server/client browser apps.
I'm interested in understanding what the various information is that gets
transfered between the apps, as well as understanding what information can
be spoofed/altered on the client side, as it goes back to the server.
I know you can get the querystring information from the
get/put/request/etc... I'm more interested in any other information that
gets transferred as potentially part of the header structure, like machine
id, mac address, date/time, etc.... I'm interested in whether this can be
spoofed/altered, and potentially rendered invalid by a 'man in the middle'
type of attack.
Searching google isn't getting me what i really want!!
So, if you have the skills/expertise in this area, and you're willing to
talk to me for a few minutes, I'd appreciate it. As stated, the underlying
reason for the questions is to get a better understanding of 'man in the
middle attacks' as this applies to web server apps.
Thanks
bruce
[EMAIL PROTECTED]
--- End Message ---
--- Begin Message ---
On Wed, Nov 23, 2005 at 04:53:50PM -0800, bruce wrote:
> hi...
>
> this might not be a php question but might still provide interest...
>
> I'm working on a project, and need to know if there's anyone who's a guru
> with Web Server/Client interactions. Basically, I'm trying to get a much
> better/deeper understanding of the HTTP protocols defining the information
> that is sent/transfered between the web server/client browser apps.
I'd probably recomend this book:
http://www.amazon.com/gp/product/0672324547/103-9975129-7570262
Curt.
--
cat .signature: No such file or directory
--- End Message ---
