I think you cannot directly position the input tag itself, but rather
you should create a div around the input tag and position that div
greets
Zoltán Németh
2007. 04. 20, péntek keltezéssel 22.33-kor rwhartung ezt írta:
> Hi all,
>I have an internal project where I need to position input tex
The OP said he wants MACs for the machines on his local LAN. In that
case I don't think he would have meet the things you said.
greets
Zoltán Németh
2007. 04. 21, szombat keltezéssel 07.49-kor Satyam ezt írta:
> Don't bother, if you manage to get a MAC, it won't be that of the client
> machine i
I'm sorry, I missed that, you are right, unless there are subnets within the
company, several offices in distant locations.
Satyam
- Original Message -
From: "Zoltán Németh" <[EMAIL PROTECTED]>
To: "Satyam" <[EMAIL PROTECTED]>
Cc: "Nathaniel Hall" <[EMAIL PROTECTED]>;
Sent: Saturday
> -Message d'origine-
> De : Matthew Powell [mailto:[EMAIL PROTECTED]
> Envoyé : vendredi 20 avril 2007 18:57
> À : php-general@lists.php.net
> Objet : Re: [PHP] Session with microtime
>
> Panquekas wrote:
> > On 20/04/07, Panquekas <[EMAIL PROTECTED]> wrote:
>
>
>
> > I'm sorry, my
When coding I think it is better to turn error_reporting to E_ALL and
try to write code that emits no notices.
Of course there might be some notices left, which you decide not to care
about, in production notices should be turned off then
greets
Zoltán Németh
2007. 04. 21, szombat keltezéssel 10
Should I care? Is it considered bad practice to just turn them off?
""Zoltán Németh"" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> When coding I think it is better to turn error_reporting to E_ALL and
> try to write code that emits no notices.
>
> Of course there might be some
On Fri, April 20, 2007 10:27 am, dan1 wrote:
I would simply like the script to be executed, when passed as a
symlink as
argument, instead of a hardlink.
The problem is that when I specify the script to be executed
(ecardbounce.php) as being a symlink, in the /etc/aliases like this:
ecard-bounce:
> -Message d'origine-
> De : Ross [mailto:[EMAIL PROTECTED]
> Envoyé : samedi 21 avril 2007 11:18
> À : php-general@lists.php.net
> Objet : Re: [PHP] should I be looking to eliminate all notices?
>
> Should I care? Is it considered bad practice to just turn them off?
>
>
Yes you sho
2007. 04. 21, szombat keltezéssel 10.17-kor Ross ezt írta:
> Should I care? Is it considered bad practice to just turn them off?
some people consider it bad practice, yes
I personally wouldn't say it is bad practice, but I am sure that in many
cases notices can help finding bugs in your code. So
> -Message d'origine-
> De : Dotan Cohen [mailto:[EMAIL PROTECTED]
> Envoyé : samedi 21 avril 2007 03:08
> À : php php
> Objet : [PHP] Preventing SQL Injection/ Cross Site Scripting
>
> I've got a comments form that I'd like to harden against SQL Injection
> / XSS attacks. The data is
On 21/04/07, Leonard Burton <[EMAIL PROTECTED]> wrote:
Hi Dotan,
Why not use mysql_escape_string()?
I use mysql_real_escape_string() as the second to last function in there.
Dotan Cohen
http://dotancohen.com/eng/army_pictures.php
http://lyricslist.com/lyrics/artist_albums/575/7a3.html
--
P
On 21/04/07, Tim <[EMAIL PROTECTED]> wrote:
> -Message d'origine-
> De : Dotan Cohen [mailto:[EMAIL PROTECTED]
> Envoyé : samedi 21 avril 2007 03:08
> À : php php
> Objet : [PHP] Preventing SQL Injection/ Cross Site Scripting
>
> I've got a comments form that I'd like to harden against
On 4/21/07, blackwater dev <[EMAIL PROTECTED]> wrote:
I need to allow a user to upload a file. Once the file is up, I need to
then move it to another server and wsync it to our webclusters. What's the
best way to do this with php? I don't really want php issuing root
commands. I've considered
2007. 04. 21, szombat keltezéssel 13.20-kor Dotan Cohen ezt írta:
> On 21/04/07, Tim <[EMAIL PROTECTED]> wrote:
> >
> >
> > > -Message d'origine-
> > > De : Dotan Cohen [mailto:[EMAIL PROTECTED]
> > > Envoyé : samedi 21 avril 2007 03:08
> > > À : php php
> > > Objet : [PHP] Preventing SQL I
Hi,
In my web application, end user is able to load images (png, jpeg, gif,..)
into database.
I would like to know how can i detect automatically the type of image (pnd,
jpeg,...) ?
i do not want to check the extension because this is easily faked... just by
renaming it.
Does it exist a techniqu
On 4/21/07, Alain Roger <[EMAIL PROTECTED]> wrote:
Hi,
In my web application, end user is able to load images (png, jpeg, gif,..)
into database.
I would like to know how can i detect automatically the type of image (pnd,
jpeg,...) ?
i do not want to check the extension because this is easily fak
On 4/18/07, Richard Lynch <[EMAIL PROTECTED]> wrote:
On Tue, April 17, 2007 1:40 am, Christian Haensel wrote:
> Whenever I see people put their code up for review, I realize they
> mostly
> use print instead of echo, while I am using echo 99% of the time.
> Actually,
> I can't even remember when
On Apr 21, 2007, at 5:45 AM, Alain Roger wrote:
Hi,
In my web application, end user is able to load images (png, jpeg,
gif,..)
into database.
I would like to know how can i detect automatically the type of
image (pnd,
jpeg,...) ?
i do not want to check the extension because this is easil
Tijnema ! wrote:
On 4/18/07, Richard Lynch <[EMAIL PROTECTED]> wrote:
On Tue, April 17, 2007 1:40 am, Christian Haensel wrote:
> Whenever I see people put their code up for review, I realize they
> mostly
> use print instead of echo, while I am using echo 99% of the time.
> Actually,
> I can't e
On Apr 21, 2007, at 4:01 AM, Ross wrote:
A quick one this morning.
When coding should I be trying to code so there are no notices or
is it ok
to turn them off.
If you don't mind writing code that contains errors, notices are
errors. Not serious, but it's not that hard to write code in
On Friday 20 April 2007 23:38, Edward Vermillion wrote:
> On Apr 20, 2007, at 4:09 PM, Richard Lynch wrote:
> > On Fri, April 20, 2007 3:59 pm, Edward Vermillion wrote:
> >> On Apr 20, 2007, at 3:10 PM, Daniel Brown wrote:
> >>>You're exactly right, Richard. MacOS is based on BSD.
> >>
> >> An
Alain Roger escreveu:
Hi,
In my web application, end user is able to load images (png, jpeg, gif,..)
into database.
I would like to know how can i detect automatically the type of image (pnd,
jpeg,...) ?
i do not want to check the extension because this is easily faked...
just by
renaming it.
On Apr 21, 2007, at 7:39 AM, Børge Holen wrote:
On Friday 20 April 2007 23:38, Edward Vermillion wrote:
On Apr 20, 2007, at 4:09 PM, Richard Lynch wrote:
On Fri, April 20, 2007 3:59 pm, Edward Vermillion wrote:
On Apr 20, 2007, at 3:10 PM, Daniel Brown wrote:
You're exactly right, Richar
At 11:56 AM -0500 4/20/07, Matthew Powell wrote:
Panquekas wrote:
On 20/04/07, Panquekas <[EMAIL PROTECTED]> wrote:
I'm sorry, my mistake. What I tried to say is that the session_start() was
on the top of the page, and the if( ) block was after that and the login
script was even after t
header('Location: edit_property.php?property_id=.'$property_id'.');
t: 0131 553 3935 | m:07816 996 930 | [EMAIL PROTECTED] |
http://www:blue-fly.co.uk
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
At 4:08 AM +0300 4/21/07, Dotan Cohen wrote:
I've got a comments form that I'd like to harden against SQL Injection
/ XSS attacks. The data is stored in UTF-8 in a mysql database. I
currently parse the data as such:
I highly recommend "Essential PHP Security" by Chris Shiflett -- he
covers tho
Dotan Cohen wrote:
> > I recommend you dig deeper into that xss page you might even
> > find a script that filters xss.
>
> Obviously I keep missing it.
You might find these examples useful:
http://phpsecurity.org/code/ch01-3
http://phpsecurity.org/code/ch01-4
Hope that helps.
Chris
--
Chris
I really have to agree here. I have gone through a mature open source project
over the last month or so, and removed EVERY notice. It honestly took all of
about 2 hours to actually fix the notices. It really isn't hard to eliminate
them, and if you are coding something the may be released, yo
Hi sorry not really a php question.. but using it in a php script :)
I want to list the date and time a file was created so I want someting
like..
Apr 21 18:57 monkey.txt
Ive been playing around with the LS options but I dont know what flags I
need.
Closest I could get was..
ls -g -o -t m
How can I do something like this in the same while statement. This does not
work
while (list(,$possible) = each($possiblefields) list(,$possibleview) =
each($possiblefieldsdiscription)){
}
Richard Lynch wrote:
On Thu, April 19, 2007 10:28 pm, Myron Turner wrote:
that should be necessary at this time. For instance, if it's
necessary
to pass in CGI parameters at the same time as sending out a file,
the
parameters can be tacked onto a query string and they will be packed
into b
On 21/04/07, tedd <[EMAIL PROTECTED]> wrote:
At 4:08 AM +0300 4/21/07, Dotan Cohen wrote:
>I've got a comments form that I'd like to harden against SQL Injection
>/ XSS attacks. The data is stored in UTF-8 in a mysql database. I
>currently parse the data as such:
I highly recommend "Essential PH
On 21/04/07, Chris Shiflett <[EMAIL PROTECTED]> wrote:
Dotan Cohen wrote:
> > I recommend you dig deeper into that xss page you might even
> > find a script that filters xss.
>
> Obviously I keep missing it.
You might find these examples useful:
http://phpsecurity.org/code/ch01-3
http://phpsecu
On 4/21/07, Richard Kurth <[EMAIL PROTECTED]> wrote:
How can I do something like this in the same while statement. This does not
work
while (list(,$possible) = each($possiblefields) list(,$possibleview) =
each($possiblefieldsdiscription)){
}
What about using && ?
while (list(,$possible) = e
Ross wrote:
header('Location: edit_property.php?property_id=.'$property_id'.');
You read the manual to learn basic PHP syntax.
header('Location: edit_property.php?property_id='.
urlencode($property_id));
Also, technically the URL given in a location header should be absolute
On 4/21/07, Richard Kurth <[EMAIL PROTECTED]> wrote:
> How can I do something like this in the same while statement. This
> does not work while (list(,$possible) = each($possiblefields)
> list(,$possibleview) = each($possiblefieldsdiscription)){
> }
>
What about using && ?
while (list(,$poss
On 4/21/07, Richard Kurth <[EMAIL PROTECTED]> wrote:
On 4/21/07, Richard Kurth <[EMAIL PROTECTED]> wrote:
> How can I do something like this in the same while statement. This
> does not work while (list(,$possible) = each($possiblefields)
> list(,$possibleview) = each($possiblefieldsdiscription)
On 4/21/07, Richard Kurth <[EMAIL PROTECTED]> wrote:
>
> On 4/21/07, Richard Kurth <[EMAIL PROTECTED]> wrote:
> > How can I do something like this in the same while statement. This
> > does not work while (list(,$possible) = each($possiblefields)
> > list(,$possibleview) = each($possiblefieldsdis
On 4/21/07, Richard Kurth <[EMAIL PROTECTED]> wrote:
On 4/21/07, Richard Kurth <[EMAIL PROTECTED]> wrote:
>
> On 4/21/07, Richard Kurth <[EMAIL PROTECTED]> wrote:
> > How can I do something like this in the same while statement. This
> > does not work while (list(,$possible) = each($possiblefiel
-Original Message-
From: Tijnema ! [mailto:[EMAIL PROTECTED]
Sent: Saturday, April 21, 2007 1:13 PM
To: Richard Kurth
Cc: php-general@lists.php.net
Subject: Re: [PHP] Do two lists in a while statement
On 4/21/07, Richard Kurth <[EMAIL PROTECTED]> wrote:
>
> On 4/21/07, Richard Kurth <[
On 4/21/07, Richard Kurth <[EMAIL PROTECTED]> wrote:
-Original Message-
From: Tijnema ! [mailto:[EMAIL PROTECTED]
Sent: Saturday, April 21, 2007 1:13 PM
To: Richard Kurth
Cc: php-general@lists.php.net
Subject: Re: [PHP] Do two lists in a while statement
On 4/21/07, Richard Kurth <[EMAI
Dotan Cohen wrote:
> One note, I remove semicolons from the user input to thrart SQL
> injection as they can be used to terminate an SQL query and are
> very uncommon in regular speech. However, htmlspecialchars()
> and htmlentities add semicolons when converting. Is this
> dangerous, ie, can this
Hi People,
I would like to gather Informations from an USB
Device, to display the transmitted data on a web
interface.
As I read the docs, I found the direct IO functions,
but as i read thru the function descriptions, they
where only meant for direct file access.
Is there a possebility to collec
On 4/21/07, Stut <[EMAIL PROTECTED]> wrote:
Tijnema ! wrote:
> On 4/18/07, Richard Lynch <[EMAIL PROTECTED]> wrote:
>> On Tue, April 17, 2007 1:40 am, Christian Haensel wrote:
>> > Whenever I see people put their code up for review, I realize they
>> > mostly
>> > use print instead of echo, while
Tijnema ! wrote:
On 4/21/07, Stut <[EMAIL PROTECTED]> wrote:
Tijnema ! wrote:
> There is a difference, echo is slightly faster.
> code used for benchmark:
> $start = microtime(TRUE);
> for ($i=0; $i<10; ++$i) { print "ABC"; }
> echo sprintf("With print ($i): %0.3f\n",microtime(TRUE) - $star
On 4/21/07, Stut <[EMAIL PROTECTED]> wrote:
Tijnema ! wrote:
> On 4/21/07, Stut <[EMAIL PROTECTED]> wrote:
>> Tijnema ! wrote:
>> > There is a difference, echo is slightly faster.
>> > code used for benchmark:
>> > > > $start = microtime(TRUE);
>> > for ($i=0; $i<10; ++$i) { print "ABC"; }
>>
Tijnema ! wrote:
But what else would you use a lot in your code?
all commonly used things (like while, if, echo, etc) are just (nearly)
as fast as their alternatives (for, print, etc).
Other functions (like file/stream) might be some performance
difference, but you probably use this only a few ti
On 4/22/07, Stut <[EMAIL PROTECTED]> wrote:
Tijnema ! wrote:
> But what else would you use a lot in your code?
> all commonly used things (like while, if, echo, etc) are just (nearly)
> as fast as their alternatives (for, print, etc).
> Other functions (like file/stream) might be some performance
Tijnema ! wrote:
On 4/22/07, Stut <[EMAIL PROTECTED]> wrote:
Tijnema ! wrote:
> But what else would you use a lot in your code?
> all commonly used things (like while, if, echo, etc) are just (nearly)
> as fast as their alternatives (for, print, etc).
> Other functions (like file/stream) might b
I've always gone by the rule that if you're making software that other
people will see or use, make it clean.
Sometimes I'll "cheat" and stick a @ symbol in front of a line to shut
up errors and warnings for that particular line, but usually I only do
that for speed optimization. (ie. if it's i
Richard Kurth wrote:
On 4/21/07, Richard Kurth <[EMAIL PROTECTED]> wrote:
On 4/21/07, Richard Kurth <[EMAIL PROTECTED]> wrote:
How can I do something like this in the same while statement. This
does not work while (list(,$possible) = each($possiblefields)
list(,$possibleview) = each($possiblef
I know this is not a PHP problem it is a Browser problem but I need a
workaround to make this work. So I can finishing my php script
Using this to select the file and path
My problem I Internet explore this will produce
C:\directory\directory\uploaded.file
But it FireFox,Nets
On Apr 21, 2007, at 6:35 PM, Justin Frim wrote:
I've always gone by the rule that if you're making software that
other people will see or use, make it clean.
Sometimes I'll "cheat" and stick a @ symbol in front of a line to
shut up errors and warnings for that particular line, but usually I
Richard Kurth-2 wrote:
>
> I know this is not a PHP problem it is a Browser problem but I need a
> workaround to make this work. So I can finishing my php script
> Using this to select the file and path
>
>
>
>
>
>
>
> My problem I Internet explore this will produce
> C:\
Justin Frim wrote:
Richard Lynch wrote:
On Thu, April 19, 2007 10:28 pm, Myron Turner wrote:
that should be necessary at this time. For instance, if it's
necessary
to pass in CGI parameters at the same time as sending out a file,
the
parameters can be tacked onto a query string and they wi
On Sat, April 21, 2007 1:23 pm, Richard Kurth wrote:
> How can I do something like this in the same while statement. This
> does not
> work
> while (list(,$possible) = each($possiblefields) list(,$possibleview)
> =
> each($possiblefieldsdiscription)){
> }
>
If you know for sure that there is a
On Sat, April 21, 2007 8:54 am, Ross wrote:
> header('Location: edit_property.php?property_id=.'$property_id'.');
"Location: edit_property.php?property_id=$property_id"
However, you should be using a complete URI in Location: to be within
HTTP spec.
--
Some people have a "gift" link here.
Know
On Sat, April 21, 2007 5:20 pm, Tijnema ! wrote:
> But what else would you use a lot in your code?
> all commonly used things (like while, if, echo, etc) are just (nearly)
> as fast as their alternatives (for, print, etc).
> Other functions (like file/stream) might be some performance
> difference,
On Sat, April 21, 2007 4:01 am, Ross wrote:
> A quick one this morning.
>
> When coding should I be trying to code so there are no notices or is
> it ok
> to turn them off.
>
> I don't really want to do a isset check for every index I have.
[dorothy voice]
Do you want to write good code, or bad c
On Sat, April 21, 2007 1:18 pm, [EMAIL PROTECTED] wrote:
> Hi sorry not really a php question.. but using it in a php script :)
>
> I want to list the date and time a file was created so I want someting
> like..
>
> Apr 21 18:57 monkey.txt
>
> Ive been playing around with the LS options but I dont
On Sat, April 21, 2007 6:35 pm, Justin Frim wrote:
> Sometimes I'll "cheat" and stick a @ symbol in front of a line to shut
> up errors and warnings for that particular line, but usually I only do
> that for speed optimization. (ie. if it's in a short loop that cycles
> many times).
I don't think
On Sat, April 21, 2007 2:06 am, Sascha Braun wrote:
> I would like to gather Informations from an USB
> Device, to display the transmitted data on a web
> interface.
>
> As I read the docs, I found the direct IO functions,
> but as i read thru the function descriptions, they
> where only meant for
On Fri, April 20, 2007 10:33 pm, rwhartung wrote:
>I have an internal project where I need to position input text
> boxes
> to simulate a desktop app that i am replacing. Can I define a
> stylesheet with absolute positioning for s. If so do the calls
> to class="..." or index="..." work in pl
On Fri, April 20, 2007 8:08 pm, Dotan Cohen wrote:
> I've got a comments form that I'd like to harden against SQL Injection
> / XSS attacks. The data is stored in UTF-8 in a mysql database. I
> currently parse the data as such:
> After seeing this:
> http://ha.ckers.org/xss.html
> and another simi
On Fri, April 20, 2007 5:11 pm, Tijnema ! wrote:
> So you end up with a big useless array? How big is the chance that
> there are 2 files modified at the same time? 0.1? or is it
> 0.01?
Well, the OP *said* he had multiple files with the same mtime, and
asked why he was only getting on
On Fri, April 20, 2007 5:11 pm, blackwater dev wrote:
> I need to allow a user to upload a file. Once the file is up, I need
> to
> then move it to another server and wsync it to our webclusters.
> What's the
> best way to do this with php? I don't really want php issuing root
> commands. I've c
On Sat, April 21, 2007 5:20 am, Dotan Cohen wrote:
> Although I can semicolons and the like, greater than and less than
> signs I want to keep as there are some rather witty people from the
> Mathematics faculty who will be using the comments. I'll str_replace()
> them to > and < however.
Store th
-- or maybe it's just the PCRE extension
-- or quite likely I have got something wrong
Hello members,
I'm hoping you could enlighten me.
Using error_reporting = E_ALL | E_STRICT, I tested the
following statements:
warning
preg_match('#\\\#','any-string');
preg_match('##','any-string');
On Sat, April 21, 2007 1:32 pm, Justin Frim wrote:
> I'm a little lost here though... how can it be possible to put data
> into
> the URI as well as the POST body? The request is originating from the
> user-agent, not the server. Regardless though, the real problem with
> this proposed hack is ho
$mydata->timestamp = "20070419162123";
echo date('Y-m-d', $mydata->timestamp);
result: 2038-01-18
?? What is wrong?? Should be 2007-04-19?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
On Sat, April 21, 2007 10:56 pm, Myron Turner wrote:
> trick for you.You use the Perl script in the action attribute of
> your form. The Perl script saves the entire posted output to a file,
> then it sends back a page which uses Javascript to redirect back to
> the
> php script, where you can
On Fri, April 20, 2007 5:38 pm, Thufir wrote:
> Richard Lynch l-i-e.com> writes:
>
>>
>> On Fri, April 20, 2007 2:05 pm, Thufir wrote:
>>
>> Please tell me that's not your real name...
> [...]
>
> It's the name I use on the internet.
That's fine. You can even go by that name in RL if you want.
On Fri, April 20, 2007 3:00 pm, Nathaniel Hall wrote:
> I am attempting to find the MAC address of systems visiting my page
> from
> the local LAN. I have tried several things, but it appears it will
> not
> let me run system commands. For example, running system("arp 192.168.200.254"); echo $MA
On Sun, April 22, 2007 1:05 am, John Taylor-Johnston wrote:
> $mydata->timestamp = "20070419162123";
>
> echo date('Y-m-d', $mydata->timestamp);
>
>
> result: 2038-01-18
>
> ?? What is wrong?? Should be 2007-04-19?
date() takes a Unix timestamp as its input.
Unix timestamps are measured as number
On Sun, April 22, 2007 12:54 am, [EMAIL PROTECTED] wrote:
> -- or maybe it's just the PCRE extension
> -- or quite likely I have got something wrong
>
> Hello members,
>I'm hoping you could enlighten me.
>
> Using error_reporting = E_ALL | E_STRICT, I tested the
> following statements:
PHP int
It is actually a generated timestamp in MySQL.
timestamp(14)
Now what? I was hoping to avoid:
|echo substr(|$mydata->timestamp|, 0, 8);
John
|Richard Lynch wrote:
On Sun, April 22, 2007 1:05 am, John Taylor-Johnston wrote:
$mydata->timestamp = "20070419162123";
echo date('Y-m-d', $mydata-
76 matches
Mail list logo
