Re: [PHP] checking

2002-06-28 Thread Justin French 

try empty()

if(empty($lastname))
{
$badvalue = 1;
}

if(empty($firstname))
{
$badvalue = 1;
}

if(!$badvalue)
{
// insert
}


I'd really advise using 1/0 or TRUE/FALSE instead of yes/no for values like
$insert, because the if statements are a lot quicker to write:

if($value) { ... } or if(!$value) { ... }

rather than

if($value == "yes") { ... } or if($value == "no") { ... }


read this whole page:
http://www.php.net/manual/en/language.types.boolean.php
and
http://www.php.net/manual/en/function.empty.php


Regards,

Justin French






on 28/06/02 4:20 PM, Martin Towell ([EMAIL PROTECTED]) wrote:

> see if isset() works for you
> 
> -Original Message-
> From: Leo [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, June 27, 2002 6:42 PM
> To: php.net
> Subject: [PHP] checking
> 
> 
> I have a form and I don't want to insert recording with blank value.
> I put:
> if ($lastname="") {
> $insert="no"
> }
> if ($insert="no"){
> do not insert;
> else
> insert;
> }
> my probleme is in some case $lastname="" is true and other case is false.
> I tried with $lastname=" " but no change. how can I check if a varible is
> empty or not?
> 
> leo
> 
> 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Adding GD libraries after compile

2002-06-28 Thread Jason Wong 

On Friday 28 June 2002 15:03, PHPCoder wrote:
> Hi
> I have a working PHP build on my webserver, but it seems it was compiled
> without support for gd or pdflib and a couple of others.
> Since rebuilding PHP requires a rebuild of apache as well, I really
> don't want to go that route unless 100% essential.
> So, is there a way I can add these libs now without recompiling?
> If not, what is the safest and easiest way for me to get apache php and
> mysql running again without major upsets.

If you're using PHP as an Apache module then recompiling PHP does not mean you 
have to recompile Apache as well. Maybe including some information on your 
setup will enable others to ascertain what your best options are.

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *

/*
Root nameservers are out of sync
*/


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] HTML formatting

2002-06-28 Thread BB 

I have assembled a rich text html editor for the web and the code returned
can be quite horrid.

When pasteing from word (as our client wants to), the code returned looks
something like this:





In Waste Management:


Who collects my waste?

Collection Authority

District Councils


Who deals with disposal?

Disposal Authority

County Council


Who plans for the provision of waste sites?

Planning Authority

County Council


Who \'polices\' the waste sites? 

Regulation Authority
 

Environment Agency

Which is grossly OTT.

I would like to extract all the data from a tag and put back in the buts i
want; i.e, get rid of all properies except things like colspan and rowspan,
etc.

I wrote this simple routine to take out ALL the properties but this mucks up
a lot!

$str = preg_replace("/]*)>/i","\\1",$str);
$str = preg_replace("/]*>)/i","\\1",$str);
$str = preg_replace("/]*)>/i","\\1",$str);

can anyone help?



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Adding GD libraries after compile

2002-06-28 Thread Justin French 

I've just done a little reading on dl(), and it would appear that I can
dynamically load the GD lib at run time.

Although it isn't really clear to me exactly how this is done, given that I
have the gd-1.8.4 directory in my doc root (although I haven't compiled it
as yet).



bool dl ( string library)

Loads the PHP extension given by the parameter library. The library
parameter is only the filename of the extension to load which also depends
on your platform. For example, the sockets extension (if compiled as a
shared module, not the default!) would be called sockets.so on unix
platforms whereas it is called php_sockets.dll on the windows platform.



If string library is just the file name (eg gd.so), then I don't see how I
can specify the directory which I'm storing the gd.so file AFTER I've
compiled it.

Does this mean that the gd.so library would have to be placed inside the
extension_dir as specified by php.ini?

This pretty much rules me out, since I'm on a shared server, and won't be
granted access to this directory.  Unless I could use ini_set to set the
extension directory.


Has any one got some sample code of how all this might string together?


Justin French


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] securing an 'includes' dir

2002-06-28 Thread Nick Wilson 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi all
I'm setting up a site for a client and his host refuses to create (or
allow me to) a directory outside of the http root.

How might I make an 'includes' dir inside the http root and stop users
being able to browse it?

Many thanks
- -- 
Nick Wilson //  www.explodingnet.com



-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)

iD8DBQE9HB1gHpvrrTa6L5oRApLKAJ40mAA4IZ1NUXnM8WIOZeqpY6pfGQCgl46y
Frz+dRz/FyOCSvXdXl9MytE=
=AAVD
-END PGP SIGNATURE-

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] securing an 'includes' dir

2002-06-28 Thread Jason Wong 

On Friday 28 June 2002 16:25, Nick Wilson wrote:
> Hi all
> I'm setting up a site for a client and his host refuses to create (or
> allow me to) a directory outside of the http root.
>
> How might I make an 'includes' dir inside the http root and stop users
> being able to browse it?

If using Apache, you would set a directive to deny all access to that 
directory.

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *

/*
"How many people work here?"
"Oh, about half."
*/


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] securing an 'includes' dir

2002-06-28 Thread Brian McGarvie 

and using IIS use windows security

> -Original Message-
> From: Jason Wong [mailto:[EMAIL PROTECTED]]
> Sent: 28 June 2002 9:31 AM
> To: [EMAIL PROTECTED]
> Subject: Re: [PHP] securing an 'includes' dir
> 
> 
> On Friday 28 June 2002 16:25, Nick Wilson wrote:
> > Hi all
> > I'm setting up a site for a client and his host refuses to 
> create (or
> > allow me to) a directory outside of the http root.
> >
> > How might I make an 'includes' dir inside the http root and 
> stop users
> > being able to browse it?
> 
> If using Apache, you would set a directive to deny all access to that 
> directory.
> 
> -- 
> Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
> Open Source Software Systems Integrators
> * Web Design & Hosting * Internet & Intranet Applications 
> Development *
> 
> /*
>   "How many people work here?"
>   "Oh, about half."
> */
> 
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 
> 

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] securing an 'includes' dir

2002-06-28 Thread Nick Wilson 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1


* and then Jason Wong declared
> If using Apache, you would set a directive to deny all access to that 
> directory.

Gotcha. Can you domonstrate?

Cheers...
- -- 
Nick Wilson //  www.explodingnet.com



-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)

iD8DBQE9HCDsHpvrrTa6L5oRAuufAJ0apB2jZgTfjQdoCZXIUS6PeN4qrwCgrYdX
8owgJn47S1DUJtr+ys8shTI=
=1p01
-END PGP SIGNATURE-

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] securing an 'includes' dir

2002-06-28 Thread Justin French 

Assuming you have Apache/Unix (don't know about any other set-ups), I do the
following.

1. Name all included files .inc I do this for many reasons, but mainly to
help me know which are executables, and which are includes.  It also helps
with step 3.

2. I always keep them in a separate dir to the rest of my code, eg /inc/

3. Include a .htaccess file in the /inc/ directory (or further up towards
your docroot with the following:


Order Allow,Deny
Deny from all


Basically, it denies direct (http) access to all *.inc files.  This means
the only way you can use/view/execute .inc files is by things like include()
in another php script.  I believe that Apache spits out a 500 error page if
you try to access something.inc via the URL.


4. In addition (and a small deterrent in itself if step 3 is unavailable), I
include a blank or redirecting index.html file in the /inc/ directory, so
that they can't view the directory listing at all.


An additional security measure might be to ensure that only certain scripts
can access the inc files, but I haven't gone that far yet :)

I'm unsure how well this prevents other users on the server from accessing
the files though.


Unfortunately this will require the admin to allow you to use htaccess files
in your on disk hierarchy, or possibly requesting him/her to make the
changes needed themselves.


Justin French




on 28/06/02 6:25 PM, Nick Wilson ([EMAIL PROTECTED]) wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> Hi all
> I'm setting up a site for a client and his host refuses to create (or
> allow me to) a directory outside of the http root.
> 
> How might I make an 'includes' dir inside the http root and stop users
> being able to browse it?
> 
> Many thanks
> - -- 
> Nick Wilson //  www.explodingnet.com
> 
> 
> 
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.0.6 (GNU/Linux)
> 
> iD8DBQE9HB1gHpvrrTa6L5oRApLKAJ40mAA4IZ1NUXnM8WIOZeqpY6pfGQCgl46y
> Frz+dRz/FyOCSvXdXl9MytE=
> =AAVD
> -END PGP SIGNATURE-


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] session vars and frames

2002-06-28 Thread Wilbert Enserink 

hi all,


I'm registering if people are logged in. The login page is situated in the mainFrame.
Now in my leftFrame I want to put the status (i.e. "you are logged in as .")

When people are succesfully logged in I register their name as 
session_register('session_loginname');
I then refresh the leftFrame. 
In the page to be displayed in the leftFrame  I put:

 


However, my leftFrame page keeps on displaying "you are not a member" So I was 
wondering: is there something with sessionvariables and frames which I don't know??
If anybody has any ideas I would be happy to hear them.


regards

Wilbert


-
Pas de Deux
Van Mierisstraat 25
2526 NM Den Haag
tel 070 4450855
fax 070 4450852
http://www.pdd.nl
[EMAIL PROTECTED]
-

Re: [PHP] securing an 'includes' dir

2002-06-28 Thread Dan Hardiker 

> 1. Name all included files .inc I do this for many reasons, but mainly
> to help me know which are executables, and which are includes.  It also
> helps with step 3.

Just for an added layer of security (incase step 3 isnt effective due to
mis-configuration or what have you), name them .inc.php and at the top of
the code put something like this (eg: filename == mysql.inc.php):

if ($SCRIPT_NAME=="/inc/mysql.inc.php")
  die("you shouldnt be talking to me!");

or if your really clever - you could throw a 404: not found or a 301:
access denied.

This also means that your script will be relatively harmless and the PHP
code would never be divulged. If it was in a .inc file alone, then if the
..htaccess wasnt being effective (or it was accidentally uploaded to an
alternate location) then it would be completely exposed.

> 3. Include a .htaccess file in the /inc/ directory (or further up
> towards your docroot with the following:
>
> 
> Order Allow,Deny
> Deny from all
> 

Change the first line to  in order to fit this more
secure procedure.

-- 
Dan Hardiker [[EMAIL PROTECTED]]
ADAM Software & Systems Engineer
First Creative Ltd



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] OOP and xml_set_element_handler

2002-06-28 Thread phpsurf 

have a look to the function xml_set_object in the doc:

http://www.php.net/manual/en/function.xml-set-object.php


> -Original Message-
> From: Christof Rath [mailto:[EMAIL PROTECTED]]
> Sent: jeudi 27 juin 2002 23:19
> To: [EMAIL PROTECTED]
> Subject: [PHP] OOP and xml_set_element_handler
> 
> 
> 
> Is it possible to call xml_set_element_handler() with a class 
> function like:
> xml_set_element_handler($parser, $this->startElement, $this->endElement);
> 
> thx Christof Rath
> 
> 
> 
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 
 
__
ifrance.com, l'email gratuit le plus complet de l'Internet !
vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP...
http://www.ifrance.com/_reloc/email.emailif



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session vars and frames

2002-06-28 Thread Justin French 

Are you passing the session ID around in the URL, or in cookies?

Justin French


on 28/06/02 6:28 PM, Wilbert Enserink ([EMAIL PROTECTED]) wrote:

> hi all,
> 
> 
> I'm registering if people are logged in. The login page is situated in the
> mainFrame.
> Now in my leftFrame I want to put the status (i.e. "you are logged in as
> .")
> 
> When people are succesfully logged in I register their name as
> session_register('session_loginname');
> I then refresh the leftFrame.
> In the page to be displayed in the leftFrame  I put:
> 
>  {
> echo "you are not a member";
> }
> else
> {
> echo "login: $session_loginname";
> }
> ?>
> 
> 
> However, my leftFrame page keeps on displaying "you are not a member" So I was
> wondering: is there something with sessionvariables and frames which I don't
> know??
> If anybody has any ideas I would be happy to hear them.
> 
> 
> regards
> 
> Wilbert
> 
> 
> -
> Pas de Deux
> Van Mierisstraat 25
> 2526 NM Den Haag
> tel 070 4450855
> fax 070 4450852
> http://www.pdd.nl
> [EMAIL PROTECTED]
> -


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] securing an 'includes' dir

2002-06-28 Thread Jason Wong 

On Friday 28 June 2002 16:40, Nick Wilson wrote:
> * and then Jason Wong declared
>
> > If using Apache, you would set a directive to deny all access to that
> > directory.
>
> Gotcha. Can you domonstrate?

 
   Deny from All
 

Remember this is only safe from browsers. PHP itself can still access those 
files.

Combining this with all the other suggestions would make it pretty secure. 

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *

/*
The trouble with doing something right the first time is that nobody
appreciates how difficult it was.
*/


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] How can I write in a loop??

2002-06-28 Thread sunny AT wde 


my bad. I edited to strip out some of the html and left that in there
by mistake.

the code works as i said, but only to write the first time ti loops,
and doesn't add in anything after. 

sunny

--- Martin Towell <[EMAIL PROTECTED]> wrote:
> Is this a direct copy of what you've got? If so, line 11 shouldn't
> be there
> 
> -Original Message-
> From: sunny AT wde [mailto:[EMAIL PROTECTED]]
> Sent: Friday, June 28, 2002 1:24 PM
> To: [EMAIL PROTECTED]
> Subject: [PHP] How can I write in a loop??
> 
> 
> Hi all,
> 
> would be very greatful if someone could hlp. Basically I want to
> extract information from Mysql, and then write it to a file.
> 
> I can write state pieces of text, but having trouble with writing
> when the information comes out in a while loop. This is what I
> hhave
> so far:
> 
> 
> $result=mysql_query("SELECT topicid  FROM $topicdb limit 50");
> 
> $file_name = "topics.html"; 
> $file_pointer = fopen($file_name, "w"); 
> 
>   while ($r = mysql_fetch_array($result)) {
>   extract($r);
>   
>  $the_text = "$topicid";  
>  fwrite($file_pointer, $the_text);
>   ";
>   }
>  
> fclose($file_pointer); 
> print "data written to file successfuly";
> 
> 
> but that doesn't seem to work, it only writes the first time, and
> doesn't add the rest of the loops. anyone help please?
> 
> sunny 
> 
> 
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 


__
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] fread() function do not read first two lines

2002-06-28 Thread adi 

Hi!
Why fread() function do not read first two lines in a file?

I have a chrates.php file :



   Title here!
   
   






   
   


PS.rates.php is:

 '6.5596',
'ADP' => '183.180',
'AED' => '3.6725',
'AFA' => '4750.00',
'ALL' => '143.840',
'ANG' => '1.7800',
'AON' => '5.8956',
.
'ZAR' => '7.8350',
'ZMK' => '2780.00',
'ZWD' => '550.000',
'DUMMY', ''
);
?>

tx

Re: [PHP] How can I write in a loop??

2002-06-28 Thread Jason Wong 

On Friday 28 June 2002 17:31, sunny AT wde wrote:
> my bad. I edited to strip out some of the html and left that in there
> by mistake.
>
> the code works as i said, but only to write the first time ti loops,
> and doesn't add in anything after.

I would suggest posting your full code. Unless it's very large. In which case 
you should debug by starting with a simple loop. get it working, then build 
on it:

  while ($r = mysql_fetch_array($result)) {
print_r($r);
  }

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *

/*
As flies to wanton boys are we to the gods; they kill us for their sport.
-- Shakespeare, "King Lear"
*/


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Help: Constants

2002-06-28 Thread S.P. Telgenhof Oude Koehorst 

Hi,

Maybe it's already discussed here, but PHP is generating errors of undefined
constants. These constants are defined in my scripts. Als the superglobal
$_ENV is empty.

Can anyone tell what's wrong here?

I'm using a W2K server, with Apache 1.3.26 and PHP 4.2.1

Thanks in advance,

S. Telgenhof



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Sessions - Invalid argument(22)

2002-06-28 Thread Tom Vrana 

Hi everybody,

I just encountered a very strange problem - I'm running Apache 2.0.36 + 
PHP 4.2.1 - for couple months already. Yesterday I upgraded my system - 
SuSE 7.3 to 8.0. Apache and PHP was left untoeched, but sessions stopped 
working  no files are saved to the temporary directory - and I get 
this message whe debugging:

Warning: open(/tmp/sess_4a16ecf3a438538a71530971c6ccf2bb, O_RDWR) 
failed: Invalid argument (22) in Unknown on line 0

Just in case you wonder, access rights are OK

Can anybody help pls ? I'm desperate

Tom


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] [mail] quetion

2002-06-28 Thread Evan 

What is best:
1) calling n-times the function mail() [with n = numer of emails] or
2) calling 1 time mail() and use CC
?
Or it it is the same thing?

Thanks,
Evan



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Web Printing

2002-06-28 Thread Neal Dewing 

Hi all,

Just wondering if anyone came across this "problem" before:

When I print a document directly from my browser, it comes out with the
title on
the top right , page number of the top left, address on the bottom left and
date on the bottom right, Page Headers and Footers

Using IE I can set the page headers and footers under the page setup option.

Header: &w&bPage &p of &P
Footer: &u&b&d

I need some way of disabling / changing this as my clients print reports
that need a proper printout. I need to change it using css / vbscript /
JavaScript ???

Anyone ever worked with this function? I know its not PHP related but im
sure someone came across the problem.

Thanks
Neal


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session vars and frames

2002-06-28 Thread W. Enserink 

hmmm, i'm not passing anything around, at least not on purpose.


Wilbert


- Original Message -
From: "Justin French" <[EMAIL PROTECTED]>
To: "php" <[EMAIL PROTECTED]>
Sent: Friday, June 28, 2002 11:14 AM
Subject: Re: [PHP] session vars and frames


> Are you passing the session ID around in the URL, or in cookies?
>
> Justin French
>
>
> on 28/06/02 6:28 PM, Wilbert Enserink ([EMAIL PROTECTED]) wrote:
>
> > hi all,
> >
> >
> > I'm registering if people are logged in. The login page is situated in
the
> > mainFrame.
> > Now in my leftFrame I want to put the status (i.e. "you are logged in as
> > .")
> >
> > When people are succesfully logged in I register their name as
> > session_register('session_loginname');
> > I then refresh the leftFrame.
> > In the page to be displayed in the leftFrame  I put:
> >
> >  > {
> > echo "you are not a member";
> > }
> > else
> > {
> > echo "login: $session_loginname";
> > }
> > ?>
> >
> >
> > However, my leftFrame page keeps on displaying "you are not a member" So
I was
> > wondering: is there something with sessionvariables and frames which I
don't
> > know??
> > If anybody has any ideas I would be happy to hear them.
> >
> >
> > regards
> >
> > Wilbert
> >
> >
> > -
> > Pas de Deux
> > Van Mierisstraat 25
> > 2526 NM Den Haag
> > tel 070 4450855
> > fax 070 4450852
> > http://www.pdd.nl
> > [EMAIL PROTECTED]
> > -
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php

- 
Pas de Deux 
Van Mierisstraat 25 
2526 NM Den Haag 
tel 070 4450855 
fax 070 4450852 
http://www.pdd.nl 
[EMAIL PROTECTED] 
-

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: problems compiling php-4.2.1 / solaris 2.6

2002-06-28 Thread Neil M 

Neil M wrote:
> problems compiling php-4.2.1 / solaris 2.6
> --
> 
> [root@sunnsr02] 240 /tmp > cd /export/php-4.2.1
> [root@sunnsr02] 241 /export/php-4.2.1 > make
> Making all in Zend
> /bin/sh ../libtool --silent --mode=compile gcc -DHAVE_CONFIG_H -I. -I. 
> -I../main-D_POSIX_PTHREAD_SEMANTICS -I../TSRM  -g -O2 
> -prefer-non-pic -static -c -o zend_language_parser.lo `test -f 
> zend_language_parser.c || echo './'`zend_language_parser.c
> In file included from zend_compile.h:24,
>  from zend_language_parser.c:147:
> zend.h:55: unix.h: No such file or directory
> *** Error code 1
> make: Fatal error: Command failed for target `zend_language_parser.lo'
> Current working directory /export/php-4.2.1/Zend
> *** Error code 1
> make: Fatal error: Command failed for target `all-recursive'
> 
> Any comments suggestions appreciated
> 
> Neil
> 

I did not get a solution , except for downgrading php to 4.1.2

Cheers

neil


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: New Newsgroups

2002-06-28 Thread JJ Harrison 

I am on the newsgroups.

visit PHP.net look a little bit and you will find the link to the news
server.

"Peter" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Does anyone else out there use Outlook Express to get the posts from this
> newsgroup?
> Yesterday a dialog popped up to say there were new newsgroups (php.docs.de
> etc), I acknowledged this but the same message came up again just now!
> Did this happen to anyone else or was it just me?!
>
>
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Web Printing

2002-06-28 Thread Brian McGarvie 

and this relates to PHP how...?

> -Original Message-
> From: Neal Dewing [mailto:[EMAIL PROTECTED]]
> Sent: 28 June 2002 9:01 AM
> To: [EMAIL PROTECTED]
> Subject: [PHP] Web Printing
> 
> 
> Hi all,
> 
> Just wondering if anyone came across this "problem" before:
> 
> When I print a document directly from my browser, it comes 
> out with the
> title on
> the top right , page number of the top left, address on the 
> bottom left and
> date on the bottom right, Page Headers and Footers
> 
> Using IE I can set the page headers and footers under the 
> page setup option.
> 
> Header: &w&bPage &p of &P
> Footer: &u&b&d
> 
> I need some way of disabling / changing this as my clients 
> print reports
> that need a proper printout. I need to change it using css / 
> vbscript /
> JavaScript ???
> 
> Anyone ever worked with this function? I know its not PHP 
> related but im
> sure someone came across the problem.
> 
> Thanks
> Neal
> 
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 
> 

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Searching within a range

2002-06-28 Thread Bård Tommy Nilsen 



I want to search within a result from a query
A specific range (price)

For example.


I want to display only the articles that cost between 0-50


Can anyone help me out ?


Regards
Bård Tommy 

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Incrementing a table cell

2002-06-28 Thread JJ Harrison 

what is the best way to increment a mySQL table cell?

is there a increment function or do I need to increment it in php?





-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Incrementing a table cell

2002-06-28 Thread Marek Kilimajer 

you can use:

UPDATE column SET column + 1 WHERE condition

JJ Harrison wrote:

>what is the best way to increment a mySQL table cell?
>
>is there a increment function or do I need to increment it in php?
>
>
>
>
>
>  
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Incrementing a table cell

2002-06-28 Thread John S. Huggins 


Table fubar
ID, SomeNumber

1 456
2 123
3 3
4 4589

$query = "UPDATE fubar SET SomeNumber = SomeNumber+1 WHERE ID = 2;

Result

Table fubar
ID, SomeNumber

1 456
2 124
3 3
4 4589

On Fri, 28 Jun 2002, JJ Harrison wrote:

>-what is the best way to increment a mySQL table cell?
>-
>-is there a increment function or do I need to increment it in php?
>-
>-
>-
>-
>-
>--- 
>-PHP General Mailing List (http://www.php.net/)
>-To unsubscribe, visit: http://www.php.net/unsub.php
>-

**

John Huggins
VANet

[EMAIL PROTECTED]
http://www.va.net/

**


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Adding GD libraries after compile

2002-06-28 Thread Marek Kilimajer 

Yes, you are ruled out, unless you can convice your administrator to 
include it.
Extensions are pure machine code, so if anybody could load his/her own 
extension,
he/she could easily gain http server priviledges.

Justin French wrote:

>I've just done a little reading on dl(), and it would appear that I can
>dynamically load the GD lib at run time.
>
>Although it isn't really clear to me exactly how this is done, given that I
>have the gd-1.8.4 directory in my doc root (although I haven't compiled it
>as yet).
>
>
>
>bool dl ( string library)
>
>Loads the PHP extension given by the parameter library. The library
>parameter is only the filename of the extension to load which also depends
>on your platform. For example, the sockets extension (if compiled as a
>shared module, not the default!) would be called sockets.so on unix
>platforms whereas it is called php_sockets.dll on the windows platform.
>
>
>
>If string library is just the file name (eg gd.so), then I don't see how I
>can specify the directory which I'm storing the gd.so file AFTER I've
>compiled it.
>
>Does this mean that the gd.so library would have to be placed inside the
>extension_dir as specified by php.ini?
>
>This pretty much rules me out, since I'm on a shared server, and won't be
>granted access to this directory.  Unless I could use ini_set to set the
>extension directory.
>
>
>Has any one got some sample code of how all this might string together?
>
>
>Justin French
>
>
>  
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Incrementing a table cell

2002-06-28 Thread JJ Harrison 

Thanks
"Jj Harrison" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> what is the best way to increment a mySQL table cell?
>
> is there a increment function or do I need to increment it in php?
>
>
>
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: HTML formatting

2002-06-28 Thread liljim 

Hello,

I wrote this function:

!is", "",
$var);
 $var = preg_replace("!!is", "", $var);
 $var = str_replace("", "", $var);
 $var = str_replace("", "", $var);
 $var = str_replace("", "", $var);
 $var = str_replace("", "", $var);

 return $var;
}

$variable = CleanUpHtml($variable);
echo $variable;

?>

And it outputs:





In Waste Management:


Who collects my waste?

Collection Authority

District Councils


Who deals with disposal?

Disposal Authority

County Council


Who plans for the provision of waste sites?

Planning Authority

County Council


Who \'polices\' the waste sites? 

Regulation Authority
 

Environment Agency

Which I guess is what you were wanting? :)

James

"Bb" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I have assembled a rich text html editor for the web and the code returned
> can be quite horrid.
>
> When pasteing from word (as our client wants to), the code returned looks
> something like this:
>
> 
>
> 
> 
> In Waste Management:
> 
> 
> Who collects my waste?
> 
> Collection Authority
> 
> District Councils
> 
> 
> Who deals with disposal?
> 
> Disposal Authority
> 
> County Council
> 
> 
> Who plans for the provision of waste sites?
> 
> Planning Authority
> 
> County Council
> 
> 
> Who \'polices\' the waste sites? 
> 
> Regulation Authority
>  
> 
> Environment Agency
>
> Which is grossly OTT.
>
> I would like to extract all the data from a tag and put back in the buts i
> want; i.e, get rid of all properies except things like colspan and
rowspan,
> etc.
>
> I wrote this simple routine to take out ALL the properties but this mucks
up
> a lot!
>
> $str = preg_replace("/]*)>/i","\\1",$str);
> $str = preg_replace("/]*>)/i","\\1",$str);
> $str = preg_replace("/]*)>/i"," bordercolor='#66' cellpadding=3 cellspacing=0>\\1",$str);
>
> can anyone help?
>
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: HTML formatting

2002-06-28 Thread liljim 

Actually, I just threw in this amendment:

function CleanUpHtml($var)
{

 $var = preg_replace("!!is", "",
$var);
 $var = preg_replace("!!is", "", $var);
 $var = str_replace("", "", $var);
 $var = str_replace("", "", $var);
 $var = str_replace("", "", $var);
 $var = str_replace("", "", $var);

 preg_match_all("!<(/?t.*?)>!is", $var, $output);

 if (count($output[0]) > 0)
 {
  for($i=0; $ihttp://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Why isn't this working?

2002-06-28 Thread JJ Harrison 

Here is my code:

$query = "UPDATE poll_options SET votes + 1";
mysql_query($query);

All where conditions have were removed to try and fix the problem



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: PHP does not work??

2002-06-28 Thread Scott Fletcher 

Not a problem, I can make some code modification.  Sometime it is better to
do it now and not have so much headache later on when more features are
being added.

Scott
"Kondwani Spike Mkandawire" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I forgot to point out another disadvantage of turning on register_globals
> apart from that of security is that when you are sending a page with a
> form to the same page, e.g:
>
> 
>
> there is a tendency to lose info..  E.g.
> If you are sending text separated by spaces you only manage to
> send the first word this can be overcome by using the
> htmlspecialchars('value') method to evaluate value...
>
> turning on globals is to make the coding easier but has a
> good deal of disadvantages...
>
> Spike...
> "Scott Fletcher" <[EMAIL PROTECTED]> wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Um, alright, I'll just leave the code in the hyperlink the way it is.
It
> is
> > not possible to use the "" or post of some sort for the hyperlink.
> > "" will work with the submit button where we can use post or
hidden.
> > Hyperlink meant words or sentences that have underline underneath it,
when
> > clicked will go to a different webpage.
> >
> > Thanks,
> >  Scott
> >
> > "Erik Price" <[EMAIL PROTECTED]> wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > >
> > > On Wednesday, June 26, 2002, at 02:56  PM, Scott Fletcher wrote:
> > >
> > > > I tried that and it worked.  I have
> > > > one question, what about the hyperlink?  People will see the option
in
> > > > the
> > > > hyperlink.  You know.  Is there a way around it to hid that in the
> > > > hyperlink?
> > >
> > > If by "hyperlink" you mean the URL in the URL bar of their browser,
> > > correct -- people will see it.  That GET data is part of the URL, sort
> > > of.
> > >
> > > Most browsers will not display POST data to their users (easily) but
> > > it's never truly "hidden" from view.  Any data that your users are
> > > sending to you, whether it's GET, POST, or COOKIE, is data that they
can
> > > see.
> > >
> > >
> > > Erik
> > >
> > >
> > >
> > > 
> > >
> > > Erik Price
> > > Web Developer Temp
> > > Media Lab, H.H. Brown
> > > [EMAIL PROTECTED]
> > >
> >
> >
>
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: PHP does not work??

2002-06-28 Thread Scott Fletcher 

Not a problem!  I can make some adjustment to the $user_detail['']
(session_id()) to make it work as $_SESSION[''].

Scott
"Erik Price" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>
> On Wednesday, June 26, 2002, at 02:37  PM, Scott Fletcher wrote:
>
> > I didn't know that.  Thanks for the info.  I think it would be best
> > that I
> > not use php.ini.
>
> On the contrary, I think it would be best if you read through it and
> read about it at http://www.php.net/manual/en/configuration.php .
> Putting it off will only cause you trouble in the long run.
>
> > I can write the script to register the variable.  What would be a demo
> > script that would work?  I'm having a little trouble understanding that
> > on
> > the php.net website.  Most of the script that use global variables came
> > from
> > hyperlinks.  I have no form method like "post" or "get".
>
> If it doesn't have "post" or "get", then your data is probably in the
> $_GET array.  But you should always use the "method" attribute of the
> "form" tag.
>
> > I have one website that use session.  Like session_start(),
> > session_register(), etc.  How would this be affected and what is the
> > work
> > around to this one.
>
> You now refer to a session variable as $_SESSION['variablename'].
>
>
> Erik
>
>
>
>
> 
>
> Erik Price
> Web Developer Temp
> Media Lab, H.H. Brown
> [EMAIL PROTECTED]
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] securing an 'includes' dir

2002-06-28 Thread Erik Price 


On Friday, June 28, 2002, at 04:25  AM, Nick Wilson wrote:

> How might I make an 'includes' dir inside the http root and stop users
> being able to browse it?

chmod go-rwx dirname

But this will probably stop the web server from reading the file.

Perhaps the administrators can provide a script (SUID) that allows a 
user to change the group association of the file to that of the web 
server?  Yet without making the user a part of the group itself, 
otherwise all users would be able to see all of these files...


Erik






Erik Price
Web Developer Temp
Media Lab, H.H. Brown
[EMAIL PROTECTED]


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP and OOP

2002-06-28 Thread Barýþ 

"Jesper Brunholm" <[EMAIL PROTECTED]> wrote:
"Do you have any documentation on this? - I'm
getting quite used to read and hear the very
opposite."

i downloaded several docs on the net about slow
execution when classes are used,  but sorry, i'm on a
public-shared computer now and can't reach these
downloaded docs. i found them making a search for
php+oop on google. 

and the other friend who asked "why use oop?": you can
find very nice explanations by making the search
above... 

also i decided to use oop, any way, and also a
template system which will really slow down execution.
but it will be really professional, won't it? ;) 
thanks..

__
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] checking

2002-06-28 Thread Erik Price 


On Thursday, June 27, 2002, at 04:41  AM, Leo wrote:

> I have a form and I don't want to insert recording with blank value.
> I put:
> if ($lastname="") {
> $insert="no"
> }
> if ($insert="no"){
> do not insert;
> else
> insert;
> }
> my probleme is in some case $lastname="" is true and other case is 
> false.
> I tried with $lastname=" " but no change. how can I check if a varible 
> is
> empty or not?

http://www.php.net/empty






Erik Price
Web Developer Temp
Media Lab, H.H. Brown
[EMAIL PROTECTED]


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] checking

2002-06-28 Thread Analysis & Solutions 

On Thu, Jun 27, 2002 at 11:41:45AM +0300, Leo wrote:

> if ($lastname="") {

Notice, you put "=" rather than "==" here and at the next if statement.  
So, that'll throw things off.  You may have been retyping this example, 
but that's not a good idea because of typos.  Always copy/paste or insert 
the code directly.


> $insert="no"
> }
> if ($insert="no"){
> do not insert;
> else
> insert;
> }

It's often a good idea to do a trim($lastname) on things like names
before evaluating an "if empty($lastname)" statement.

--Dan

-- 
   PHP classes that make web design easier
SQL Solution  |   Layout Solution   |  Form Solution
sqlsolution.info  | layoutsolution.info |  formsolution.info
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Keeping "Secrets" in PHP Files

2002-06-28 Thread Jonathan Rosenberg 

The recent thread on security has prompted me to think about
security in a shared server environment.  I want to see if my
understanding is correct ...

Let's say I am in a shared server environment & the provider does
NOT have safe_mode turned on.  In that case, it seems to me that
it is "insecure" to keep "secrets" (e.g., DB passwords) in a PHP
file that is executed by the server.

I say this because any other users of that shared host can read
the PHP file & obtain the secret.  There does not seem to be any
way around this (once again, I am assuming safe_mode is NOT
turned on).

Am I correct?

--
JR


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Why isn't this working?

2002-06-28 Thread Jason Wong 

On Friday 28 June 2002 21:05, JJ Harrison wrote:

Please think of a more descriptive subject.

> Here is my code:
>
> $query = "UPDATE poll_options SET votes + 1";
> mysql_query($query);
>
> All where conditions have were removed to try and fix the problem

How isn't it working?

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *

/*
Fairy Tale, n.:
A horror story to prepare children for the newspapers.
*/


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Searching within a range

2002-06-28 Thread Jason Wong 

On Friday 28 June 2002 19:15, Bård Tommy Nilsen wrote:
> I want to search within a result from a query

Did you really mean that, or did you mean you want a query which returns 
results within ...

> A specific range (price)

? If the latter then ...

> For example.
>
>
> I want to display only the articles that cost between 0-50>

select * from table where price > 0 AND price < 50;

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *

/*
Barach's Rule:
An alcoholic is a person who drinks more than his own physician.
*/


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Web Printing

2002-06-28 Thread Jason Wong 

On Friday 28 June 2002 19:13, Brian McGarvie wrote:
> and this relates to PHP how...?

Don't tempt them, people _do_ come up with the most oblique of reasons why 
their question is related to php.

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *

/*
Celebrate Hannibal Day this year.  Take an elephant to lunch.
*/


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Keeping "Secrets" in PHP Files

2002-06-28 Thread Erik Price 


On Friday, June 28, 2002, at 09:30  AM, Jonathan Rosenberg wrote:

> Let's say I am in a shared server environment & the provider does
> NOT have safe_mode turned on.  In that case, it seems to me that
> it is "insecure" to keep "secrets" (e.g., DB passwords) in a PHP
> file that is executed by the server.
>
> I say this because any other users of that shared host can read
> the PHP file & obtain the secret.  There does not seem to be any
> way around this (once again, I am assuming safe_mode is NOT
> turned on).

Think about it in terms of the permissions on the file.  The people who 
can read this file are explicitly defined in your permissions.

The catch-22 is that the web server is usually not run as root, so it 
doens't automatically get to see your files -- you need to give it 
permission to read them just as you would any other user.  In a shared 
system, if you give "others" permission to read the file, the web server 
user can now read the file, but so can everyone else.

However, if there were some way for you to change the group association 
of the file to, say, the "websecret" group, and then you could close off 
the read permissons of "others" on that file.  As long as the web server 
is a member of "websecret", and you grant read permissions to the group 
for that file, then the web server can read it.

The trick is that in order to change the file's group association to 
"websecret", you probably need to be either root or a member of 
"websecret", unless the system admins have provided some kind of script 
that does this on your behalf.  Which means that anyone else who has 
this ability can read the file too (since they are a member of 
"websecret").

It's tough.  Shared hosting security is a difficult issue.




Erik






Erik Price
Web Developer Temp
Media Lab, H.H. Brown
[EMAIL PROTECTED]


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] [mail] quetion

2002-06-28 Thread Jason Wong 

On Friday 28 June 2002 18:59, Evan wrote:
> What is best:
> 1) calling n-times the function mail() [with n = numer of emails] or
> 2) calling 1 time mail() and use CC
> ?
> Or it it is the same thing?

1) will send mail out n times
2) will send mail out once, but everyone gets to see who the other recipients 
are. You may want to consider using Bcc. However your MTA may impose a limit 
on the number of recipients that can in placed in Cc/Bcc.

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *

/*
Blinding speed can compensate for a lot of deficiencies.
-- David Nichols
*/


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Why isn't this working?

2002-06-28 Thread Cal Evans 

Have you tried:
$query = "UPDATE poll_options SET votes = votes + 1";

*
* Cal Evans
* Journeyman Programmer
* Techno-Mage
* http://www.calevans.com
*
 

-Original Message-
From: JJ Harrison [mailto:[EMAIL PROTECTED]]
Sent: Friday, June 28, 2002 8:05 AM
To: [EMAIL PROTECTED]
Subject: [PHP] Why isn't this working?


Here is my code:

$query = "UPDATE poll_options SET votes + 1";
mysql_query($query);

All where conditions have were removed to try and fix the problem



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Web Printing

2002-06-28 Thread Jay Blanchard 

[snip]
He said...
> Anyone ever worked with this function? I know its not PHP
> related but im
> sure someone came across the problem.

Ya'll said
> and this relates to PHP how...?

Don't tempt them, people _do_ come up with the most oblique of reasons why
their question is related to php.
[/snip]

Hmmm, let's see...sometimes we output HTML with PHP? Nah, that couldn't be
it. :) At least he acknowledged it wasn't PHP related, he's just looking for
some help.

As far as the problem that he is encountering, no, it is not controllable
through HTML, CSS, JavaScript, or any other scriptable method (I have had
this same need in the past). Not unless you want to obtain the IE dev kit
and make your own version of IE. Which would be a giant pain it the a$$.

HTH! Have a great Friday...

Jay



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] checking

2002-06-28 Thread Matt Schroebel 

> if ($lastname="") {
> $insert="no"
> }

Even though you should use either empty() or isset(), you'd have a parse error if you 
wrote that as:
if (""=$lastname) {
   $insert="no"
}

It takes a little time to learn to write the test 'backwards' but if you do the php 
parser will help and catch your single = typo when you really wanted a compare ==.  I 
call that defensive programming.  

Another thing I do in my defensive programming tool kit is to use fuzzy compares to 
trap errors. For instance, say you're writing an application to maintain a price list 
for products, and are validating that the price.  You could write the validation to 
check for == 0, and output an error in that case.  But it's more defensive to check 
for <= 0, that way if data gets corrupted somehow, you'll find out about it sooner 
rather than later.  

I also write my applications to validate the data on retrieval from the database, as 
well as when the user to requesting update.  If you do that, any corruption of the 
data will be seen by the user even when inquiring on items. So again problems are 
found sooner rather than later.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] [mail] quetion

2002-06-28 Thread Jason Wong 

On Friday 28 June 2002 21:40, Jason Wong wrote:
> On Friday 28 June 2002 18:59, Evan wrote:
> > What is best:
> > 1) calling n-times the function mail() [with n = numer of emails] or
> > 2) calling 1 time mail() and use CC
> > ?
> > Or it it is the same thing?
>
> 1) will send mail out n times
> 2) will send mail out once, but everyone gets to see who the other
> recipients are. You may want to consider using Bcc. However your MTA may
> impose a limit on the number of recipients that can in placed in Cc/Bcc.

Just to clarify (2), 'will send out mail once', meaning PHP will have a single 
transaction with your mail sending mechanism (be it sendmail or smtp). The 
actual MTA will of course send out as many mails as there are recipients.

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *

/*
operation failed because: there is no message for this error (#1014)
*/


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] htaccess authenticate

2002-06-28 Thread adi 

I have a website with .htaccess authenticate.
I want to get htaccess username and password and use them in .php page. Is this 
possible?

mypage.php:

RE: [PHP] Keeping "Secrets" in PHP Files

2002-06-28 Thread Jonathan Rosenberg 

Thanks for the reply.  But changing the ground read permission of
the PHP files wouldn't help, either, would it?  Because the other
users who have web sites can just create a PHP file that reads my
PHP files from one of their pages (which would be running in
group "websecret").

Seems like this just opens up the same hole.  Yes?

> -Original Message-
> From: Erik Price [mailto:[EMAIL PROTECTED]]
> Sent: Friday, June 28, 2002 9:43 AM
> To: Jonathan Rosenberg
> Cc: php-list
> Subject: Re: [PHP] Keeping "Secrets" in PHP Files
>
>
>
> On Friday, June 28, 2002, at 09:30  AM, Jonathan
> Rosenberg wrote:
>
> > Let's say I am in a shared server environment & the
> provider does
> > NOT have safe_mode turned on.  In that case, it
> seems to me that
> > it is "insecure" to keep "secrets" (e.g., DB
> passwords) in a PHP
> > file that is executed by the server.
> >
> > I say this because any other users of that shared
> host can read
> > the PHP file & obtain the secret.  There does not
> seem to be any
> > way around this (once again, I am assuming safe_mode is NOT
> > turned on).
>
> Think about it in terms of the permissions on the
> file.  The people who
> can read this file are explicitly defined in your permissions.
>
> The catch-22 is that the web server is usually not run
> as root, so it
> doens't automatically get to see your files -- you
> need to give it
> permission to read them just as you would any other
> user.  In a shared
> system, if you give "others" permission to read the
> file, the web server
> user can now read the file, but so can everyone else.
>
> However, if there were some way for you to change the
> group association
> of the file to, say, the "websecret" group, and then
> you could close off
> the read permissons of "others" on that file.  As long
> as the web server
> is a member of "websecret", and you grant read
> permissions to the group
> for that file, then the web server can read it.
>
> The trick is that in order to change the file's group
> association to
> "websecret", you probably need to be either root or a
> member of
> "websecret", unless the system admins have provided
> some kind of script
> that does this on your behalf.  Which means that
> anyone else who has
> this ability can read the file too (since they are a member of
> "websecret").
>
> It's tough.  Shared hosting security is a difficult issue.
>
>
>
>
> Erik
>
>
>
>
> 
>
> Erik Price
> Web Developer Temp
> Media Lab, H.H. Brown
> [EMAIL PROTECTED]
>


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Web Printing

2002-06-28 Thread Brian McGarvie 

I did pass on a link to hime from the M$ website with some VB Script that 'appears' to 
do what is wantec.. whither it works or not is another matter :)

> -Original Message-
> From: Jay Blanchard [mailto:[EMAIL PROTECTED]]
> Sent: 28 June 2002 2:45 PM
> To: [EMAIL PROTECTED]
> Subject: RE: [PHP] Web Printing
> 
> 
> [snip]
> He said...
> > Anyone ever worked with this function? I know its not PHP
> > related but im
> > sure someone came across the problem.
> 
> Ya'll said
> > and this relates to PHP how...?
> 
> Don't tempt them, people _do_ come up with the most oblique 
> of reasons why
> their question is related to php.
> [/snip]
> 
> Hmmm, let's see...sometimes we output HTML with PHP? Nah, 
> that couldn't be
> it. :) At least he acknowledged it wasn't PHP related, he's 
> just looking for
> some help.
> 
> As far as the problem that he is encountering, no, it is not 
> controllable
> through HTML, CSS, JavaScript, or any other scriptable method 
> (I have had
> this same need in the past). Not unless you want to obtain 
> the IE dev kit
> and make your own version of IE. Which would be a giant pain 
> it the a$$.
> 
> HTH! Have a great Friday...
> 
> Jay
> 
> 
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 
> 

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: HTML formatting

2002-06-28 Thread BB 

THANKS!!!

great help! :oP

"Liljim" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Actually, I just threw in this amendment:
>
> function CleanUpHtml($var)
> {
>
>  $var = preg_replace("!!is", "",
> $var);
>  $var = preg_replace("!!is", " bordercolor='#66' cellpadding=3 cellspacing=0>", $var);
>  $var = str_replace("", "", $var);
>  $var = str_replace("", "", $var);
>  $var = str_replace("", "", $var);
>  $var = str_replace("", "", $var);
>
>  preg_match_all("!<(/?t.*?)>!is", $var, $output);
>
>  if (count($output[0]) > 0)
>  {
>   for($i=0; $i   {
>$var = str_replace($output[0][$i], strtolower($output[0][$i]), $var);
>   }
>  }
>
>  return $var;
> }
>
> and now all of the table tags are lowercase. Much nicer.
>
> -J
>
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Keeping "Secrets" in PHP Files

2002-06-28 Thread 1LT John W. Holmes 

From: "Jonathan Rosenberg" <[EMAIL PROTECTED]>
> Let's say I am in a shared server environment & the provider does
> NOT have safe_mode turned on.  In that case, it seems to me that
> it is "insecure" to keep "secrets" (e.g., DB passwords) in a PHP
> file that is executed by the server.
>
> I say this because any other users of that shared host can read
> the PHP file & obtain the secret.  There does not seem to be any
> way around this (once again, I am assuming safe_mode is NOT
> turned on).
>
> Am I correct?

Yep. If Apache and PHP can access a file, either directly through the web,
or through an include()/require(), etc, then anyone on your machine can
access that file. All PHP scripts run as the same user, the Apache user, so
the system can't tell the difference between your script including a file,
and someone else's script including a file.

I thought we covered this about a week ago?

---John Holmes...


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] More on removing item from cart

2002-06-28 Thread Vicki 

Thanks to Jason and ³Sp² for the tip on ³print_r². After all the books I¹ve read, and 
all the 
scrounging through the manual, I¹m amazed I missed that one. It¹s VERY helpful!

Thanks for your comments Dan. I¹ve actually spent quite some time trying to rework the 
cart because 
I agree that the way it¹s written now is strange. However, I hit a wall trying to 
rework it, and 
decided to go back to the same wall I¹ve been banging my head against all week.

I think you understand most of the process with one clarification. When the user 
unchecks a checkbox 
to remove an article from the cart, they click a ³save² button (which triggers the 
if($save) part of 
the script). The ³checkout² button triggers a separate process that¹s not really 
involved here. The 
show_cart page is only showing the articles added to the cart and refreshing the cart 
when articles 
are removed ­ and of course setting the session variables for the cart.

I¹ve included the information you requested at the bottom of this message, showing the 
contents of 
the $cart and $checkbox arrays at various stages. The relevant code from the show_cart 
page is this:

 if($new)  //new item selected
  {
if(!session_is_registered("cart"))
{
  $cart = array();
  session_register("cart");
  $article_qty = 0;
  session_register("article_qty");
  $total_words = 0;  
  session_register("total_words");
}
   if($cart[$new])
 $cart[$new]++;
else 
  $cart[$new] = "1";

   }
   
  if($save)  //save button clicked
  {
   foreach($cart as $artID => $value)
   {
  if(!isset($yes))
unset($cart[$artID]);
  else 
$cart[$artID] = $$artID;
}
  }

I know the ³foreach² part under if($save) is all wrong. It seems to me that it should 
be possible to 
write some sort of loop that says ³if the artID (key) for an element in the cart array 
doesn¹t match 
an artID in the checkbox array, then unset the element with that artID from the cart 
array.² OR 
³only display those elements in the cart array for which an element exists in the 
checkbox array 
that has the same key.²

I¹ve tried a bunch of different ways to do this with no success. I¹m not even sure you 
can work with 
two arrays in this way in PHP. Couldn¹t you do something like

if ($checkbox[$artID] == $cart[$artID]))
 { then those are the elements that make up the array $cart }

I haven¹t been able to figure this part out. Aargh! Perhaps something is patently 
obvious in this 
code to PHPers. If so, I truly welcome your suggestions, and Dan I really appreciate 
your looking at 
this so closely. 

Exasperated, Vicki

PS when I use print_r to display the contents of the arrays, I see a "1" after the 
array contents. I 
have no idea what that refers to. Any ideas?
___
Here's the code you requested. This is from the View Source window so hopefully you 
can see what's 
going on more clearly.  The first sample is when two new articles have been added to 
the cart. I've 
included the array info and the relevant html.


 Cart Array at top of show_cart page: Array
(
[3] => 1
[1] => 1
)
1
 Checkbox Array at top of show_cart page: 1
 Cart Array after "if($save)": Array
(
[3] => 1
[1] => 2
)
1
 Checkbox Array after "if($save)": 1
//
//
//HTML header info deleted here . . .
//
// 
   Welcome, User!
  
  http://127.0.0.1/ifiosx/checkout.php";>
 

  
  
  

 
 
Article
Word Count
 

Q & A
235
 

The Photos We 
Keep
300
 
    
Number of Articles = 2
   535
 
 

   To remove an article from your order, 
   uncheck the box to the left of the title 
   and click on the "Save Changes" button.

  




___
The arrays after "save" button has been clicked (but checkboxes left checked). The 
keys are the 
correct artID for the articles chosen. 

 Cart Array at top of show_cart page: Array
(
[1] => 1
[3] => 1
)
1

 Checkbox Array at top of show_cart page: Array
(
[1] => yes
[3] => yes
)
1

 Cart Array after "if($save)": Array
(
[1] => 
[3] => 
)
1

 Checkbox Array after "if($save)": Array
(
[1] => yes
[3] => yes
)
1
__
The arrays after the checkbox for the article with artID==3 has been unchecked. This 
results in the 
cart being emptied entirely and the result "There are no items in your cart."

 Cart Array at top of show_cart page: Array
(
[1] => 
[3] => 
)
1

 Checkbox Array at top of show_cart page: Array
(
[1] => yes
)
1

 Cart Array after "if($save)": Array
(
)
1

 Checkbox Array after "if($save)": Array
(
[1] => yes
)
1

-- 
PHP General Mailing List (http

Re: [PHP] Web Printing

2002-06-28 Thread Joshua Alexander 

>Don't tempt them, people _do_ come up with the most oblique of reasons why
>their question is related to php.

According to the Discordian Law of Fives, their questions share with 
PHP (and everything else) a relation to 5. So you always have that.

-Josh

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Searching within a range

2002-06-28 Thread 1LT John W. Holmes 

>I want to search within a result from a query
>A specific range (price)

If that's what you really want, then you need to save the results of your
first query into a table that you can re-query at a later date. Run a cron
job to delete old tables.

If your query is:

SELECT * FROM main WHERE price BETWEEN 0 AND 50;

Then you would use

CREATE TABLE temp_random_name SELECT * FROM main WHERE price BETWEEN 0 AND
50;

And when you need to re-query, select from 'temp_table_name'

uniqid will come in handy for making table names. www.php.net/uniqid. Note
that you don't want to create a mysql temporary table, i.e. CREATE TEMPORARY
TABLE ..., because that table will be removed at the end of the connection,
i.e. the end of the script. So it won't be available for the next script to
re-query from.

---John Holmes...


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Searching within a range

2002-06-28 Thread 1LT John W. Holmes 

From: "Jason Wong" <[EMAIL PROTECTED]>
> select * from table where price > 0 AND price < 50;

SELECT * FROM table WHERE price BETWEEN 0 AND 50;

Same thing, easier to read (assuming MySQL, don't know if it works on
others).

---John Holmes...


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Keeping "Secrets" in PHP Files

2002-06-28 Thread Brian McGarvie 

This is a problem that affects many webhosts... the issue is more of trusting other 
users who have shell access to the server in question... I have been trying to help a 
hosting company address this issue, but short of dissallowing shell/ssh access their 
is no way to stop another user logging into the shell and browser other peoples 
files... If I am wrong then I would like to be enlightened!

Which is is hy the company above only give out ssh accounts to users with valid 
reasons for needing ssh access.

> -Original Message-
> From: Jonathan Rosenberg [mailto:[EMAIL PROTECTED]]
> Sent: 28 June 2002 2:52 PM
> To: Erik Price
> Cc: php-list
> Subject: RE: [PHP] Keeping "Secrets" in PHP Files
> 
> 
> Thanks for the reply.  But changing the ground read permission of
> the PHP files wouldn't help, either, would it?  Because the other
> users who have web sites can just create a PHP file that reads my
> PHP files from one of their pages (which would be running in
> group "websecret").
> 
> Seems like this just opens up the same hole.  Yes?
> 
> > -Original Message-
> > From: Erik Price [mailto:[EMAIL PROTECTED]]
> > Sent: Friday, June 28, 2002 9:43 AM
> > To: Jonathan Rosenberg
> > Cc: php-list
> > Subject: Re: [PHP] Keeping "Secrets" in PHP Files
> >
> >
> >
> > On Friday, June 28, 2002, at 09:30  AM, Jonathan
> > Rosenberg wrote:
> >
> > > Let's say I am in a shared server environment & the
> > provider does
> > > NOT have safe_mode turned on.  In that case, it
> > seems to me that
> > > it is "insecure" to keep "secrets" (e.g., DB
> > passwords) in a PHP
> > > file that is executed by the server.
> > >
> > > I say this because any other users of that shared
> > host can read
> > > the PHP file & obtain the secret.  There does not
> > seem to be any
> > > way around this (once again, I am assuming safe_mode is NOT
> > > turned on).
> >
> > Think about it in terms of the permissions on the
> > file.  The people who
> > can read this file are explicitly defined in your permissions.
> >
> > The catch-22 is that the web server is usually not run
> > as root, so it
> > doens't automatically get to see your files -- you
> > need to give it
> > permission to read them just as you would any other
> > user.  In a shared
> > system, if you give "others" permission to read the
> > file, the web server
> > user can now read the file, but so can everyone else.
> >
> > However, if there were some way for you to change the
> > group association
> > of the file to, say, the "websecret" group, and then
> > you could close off
> > the read permissons of "others" on that file.  As long
> > as the web server
> > is a member of "websecret", and you grant read
> > permissions to the group
> > for that file, then the web server can read it.
> >
> > The trick is that in order to change the file's group
> > association to
> > "websecret", you probably need to be either root or a
> > member of
> > "websecret", unless the system admins have provided
> > some kind of script
> > that does this on your behalf.  Which means that
> > anyone else who has
> > this ability can read the file too (since they are a member of
> > "websecret").
> >
> > It's tough.  Shared hosting security is a difficult issue.
> >
> >
> >
> >
> > Erik
> >
> >
> >
> >
> > 
> >
> > Erik Price
> > Web Developer Temp
> > Media Lab, H.H. Brown
> > [EMAIL PROTECTED]
> >
> 
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 
> 

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Keeping "Secrets" in PHP Files

2002-06-28 Thread 1LT John W. Holmes 

> Thanks for the reply.  But changing the ground read permission of
> the PHP files wouldn't help, either, would it?  Because the other
> users who have web sites can just create a PHP file that reads my
> PHP files from one of their pages (which would be running in
> group "websecret").
>
> Seems like this just opens up the same hole.  Yes?

Yep. If your PHP script can read the file, then any PHP script can read it.
They all run as the same user. Again, this is assuming safe_mode is off. I
think there are some things you can run along with PHP (maybe only in CGI
mode) that'll stop this kind of thing from happening, though. I just don't
know what they are...Sudo or something like that 

---John Holmes...


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP with online cedit card processing

2002-06-28 Thread Analysis & Solutions 

Howdy Boys and Girls:

On Fri, Jun 28, 2002 at 03:26:01PM -0400, Mark McCulligh wrote:
>
> I like Versign but the cost is very high.  

I use Verisign through Wells Fargo.  Signing up through WF gets a 
reduced rate.  $45/mo, $0.16/trans (incl auth fee).  Discount rate 
fluctuates depending on the average charge during the month.

There was a better deal when I was doing the research, but they changed
it when I signed up.  Kind of lame.  But, it works.

--Dan

-- 
   PHP classes that make web design easier
SQL Solution  |   Layout Solution   |  Form Solution
sqlsolution.info  | layoutsolution.info |  formsolution.info
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Help adding variables from MySQL query

2002-06-28 Thread Analysis & Solutions 

Dear Mr News:

On Fri, Jun 28, 2002 at 12:41:56PM -0700, news.php.net wrote:
> I'd like to add all values for $purchase_price that are returned, 
> how do I do this?
>
> $result = mysql_query("SELECT purchase_price FROM assets where
> order_number='$order_number' ORDER BY $desc");

$total = 0;

> while(list($purchase_price) = mysql_fetch_row($result)) {
   $total = $total + $purchase_price;
}

That works if you want to process each row as you go along AND get a 
total.  You could also go straight for the total in the query if you 
don't need line by line processing:

SELECT sum(purchase_price) as totl FROM assets GROUP BY order_number
where order_number='$order_number';

--Dan

-- 
   PHP classes that make web design easier
SQL Solution  |   Layout Solution   |  Form Solution
sqlsolution.info  | layoutsolution.info |  formsolution.info
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] SESSION's from common computers

2002-06-28 Thread César Aracena 

Hi all.
 
I have a question about sessions… which is the best way to close a
session if one it’s opened for a certain user and then this user changes
to another computer? I guess that I could manage with session_start_time
and session_end_time fields in the DB, and tell the script to see if the
opened session hasn’t been closed… then close it and open a new one.
 
Does this make any sense? Is there a better way to do this? I want to
know this because many users actually use cyber-coffees computers to
access web sites and I’ve seen them leaving their chair with the windows
still opened and changing to another pc.
 
Thanks in advance,
 
  Cesar Aracena
CE / MCSE+I
Neuquen, Argentina
+54.299.6356688
+54.299.4466621

Re: [PHP] Re: Drop connection, keep running?

2002-06-28 Thread Joshua Alexander 

This sounds like the right track to me... the script has to finish 
for the page to stop loading, yes? So exec("your_other_script &"); 
and be done with it, yes?

>I have never heard of someone wanting to do this, but you might want 
>to look into methods of executing shell commands in the background, 
>which seems like it should be possible. Basically, you're wanting to


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Keeping "Secrets" in PHP Files

2002-06-28 Thread Peter J. Schoenster 

On 28 Jun 2002 at 17:54, Jonathan Rosenberg wrote:

> -Original Message-
> > From: 1LT John W. Holmes [mailto:[EMAIL PROTECTED]]
> > Subject: Re: [PHP] Keeping "Secrets" in PHP Files
> 
> > With shell access, you can't see each others
> > files.  This is where the permissions come into
> > play, because you are logged into the box as a
> > specific user, you can only access  your files.
> > If I change the permissions
> > on my files, you can't see them.
> 
> I've been thinking some more about the issue of keeping PHP
> source files secure in a shared hosting environment.  I've now
> convinced myself that there is simply no way to protect these
> files, even if safe_mode is turned on, as long as other users can have
> telnet (or ssh) access to the box.

snip

> I hope wrong.  Can anyone find the hole in my reasoning?

Yeah, you are assuming an environment that does not necessarily have to be. Why must 
one Apache server serve all users? Simply because that's the easiest 
way to do right out of the box?  You have 2 scenarios as I see it:

1. Your own box -- no troubles other than the obvious
2. Virtual Server - One Apache for all users ... seems insecure
3. Virtual Server - One Apache for EACH user ... seems quite secure and experience 
confirms.


> http://www.freevsd.org/

> freeVSD is an advanced web-hosting platform for ISPs, educational
> institutions and other large organisations. It allows multiple Virtual
> Servers to be created on a single hosting server, each with a truly
> separate and secure web-hosting environment. This reduces an ISP's
> hardware outlay and also lowers the cost of support due to delegated
> administration. 
> 
> Distributed under the GPL, freeVSD comes complete with a documented
> administration protocol and an open-source web-based administration
> system. 

That pretty much describes the server I've used at the company once known as iserver 
which was bought by Verio and Verio used much of their website but 
renamed it to viaverio.com (was iserver.com). It looks like they've done the same 
thing with Oracle. The above people have done it with Linux. I've only used 
iserver for 7 years now at 3 different companies but that freeVSD really looks good.

If someone is using Joe's 4.95 a month hosting solution ...well, what the heck do they 
expect. 

Peter






-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] SESSION's from common computers

2002-06-28 Thread John Holmes 

You really can't do anything besides saying that after X minutes, well,
you were idle, so restart your session. Once you send them the page, you
don't know if they are reading it or have left the table. All you can do
is decide on the next request whether too much time has passed.

As for the new computer, they'll have to start a new session there
automatically, because they won't have the same cookie matching the
session ID from the first computer.

---John Holmes...

> -Original Message-
> From: César Aracena [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, June 29, 2002 1:24 AM
> To: PHP General List
> Subject: [PHP] SESSION's from common computers
> 
> Hi all.
> 
> I have a question about sessions… which is the best way to close a
> session if one it’s opened for a certain user and then this user
changes
> to another computer? I guess that I could manage with
session_start_time
> and session_end_time fields in the DB, and tell the script to see if
the
> opened session hasn’t been closed… then close it and open a new one.
> 
> Does this make any sense? Is there a better way to do this? I want to
> know this because many users actually use cyber-coffees computers to
> access web sites and I’ve seen them leaving their chair with the
windows
> still opened and changing to another pc.
> 
> Thanks in advance,
> 
>   Cesar Aracena
> CE / MCSE+I
> Neuquen, Argentina
> +54.299.6356688
> +54.299.4466621
> 


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP with online cedit card processing

2002-06-28 Thread Purushotham Komaravolu 

have  look at www.yaga.com


- Original Message - 
From: "Analysis & Solutions" <[EMAIL PROTECTED]>
To: "PHP List" <[EMAIL PROTECTED]>
Sent: Friday, June 28, 2002 10:12 PM
Subject: Re: [PHP] PHP with online cedit card processing


> Howdy Boys and Girls:
> 
> On Fri, Jun 28, 2002 at 03:26:01PM -0400, Mark McCulligh wrote:
> >
> > I like Versign but the cost is very high.  
> 
> I use Verisign through Wells Fargo.  Signing up through WF gets a 
> reduced rate.  $45/mo, $0.16/trans (incl auth fee).  Discount rate 
> fluctuates depending on the average charge during the month.
> 
> There was a better deal when I was doing the research, but they changed
> it when I signed up.  Kind of lame.  But, it works.
> 
> --Dan
> 
> -- 
>PHP classes that make web design easier
> SQL Solution  |   Layout Solution   |  Form Solution
> sqlsolution.info  | layoutsolution.info |  formsolution.info
>  T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
>  4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] SESSION's from common computers

2002-06-28 Thread César Aracena 

Got it but... What happens if someone else grabs the computer that my
user was sitting at 2 minutes before, leaving the window opened and
after he grabs the new machine open a new session... isn't PHP capable
of determining that the same user is trying to open a 2nd session no
matter what the cookie tells it? I mean by his username.

C.

> -Original Message-
> From: John Holmes [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, June 29, 2002 2:36 AM
> To: 'César Aracena'; 'PHP General List'
> Subject: RE: [PHP] SESSION's from common computers
> 
> You really can't do anything besides saying that after X minutes,
well,
> you were idle, so restart your session. Once you send them the page,
you
> don't know if they are reading it or have left the table. All you can
do
> is decide on the next request whether too much time has passed.
> 
> As for the new computer, they'll have to start a new session there
> automatically, because they won't have the same cookie matching the
> session ID from the first computer.
> 
> ---John Holmes...
> 
> > -Original Message-
> > From: César Aracena [mailto:[EMAIL PROTECTED]]
> > Sent: Saturday, June 29, 2002 1:24 AM
> > To: PHP General List
> > Subject: [PHP] SESSION's from common computers
> >
> > Hi all.
> >
> > I have a question about sessions… which is the best way to close a
> > session if one it’s opened for a certain user and then this user
> changes
> > to another computer? I guess that I could manage with
> session_start_time
> > and session_end_time fields in the DB, and tell the script to see if
> the
> > opened session hasn’t been closed… then close it and open a new one.
> >
> > Does this make any sense? Is there a better way to do this? I want
to
> > know this because many users actually use cyber-coffees computers to
> > access web sites and I’ve seen them leaving their chair with the
> windows
> > still opened and changing to another pc.
> >
> > Thanks in advance,
> >
> >   Cesar Aracena
> > CE / MCSE+I
> > Neuquen, Argentina
> > +54.299.6356688
> > +54.299.4466621
> >
> 
> 
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] SESSION's from common computers

2002-06-28 Thread John Holmes 

You don't have any way of telling if the user switched. You just receive
a request for a web page and the browser sends any cookies it has. 

If the user even decides to log in as themselves, you can see if a
cookie/session was sent and delete that cookie/session before you let
the other person log in.

---John Holmes...

> -Original Message-
> From: César Aracena [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, June 29, 2002 2:11 AM
> To: 'PHP General List'
> Subject: RE: [PHP] SESSION's from common computers
> 
> Got it but... What happens if someone else grabs the computer that my
> user was sitting at 2 minutes before, leaving the window opened and
> after he grabs the new machine open a new session... isn't PHP capable
> of determining that the same user is trying to open a 2nd session no
> matter what the cookie tells it? I mean by his username.
> 
> C.
> 
> > -Original Message-
> > From: John Holmes [mailto:[EMAIL PROTECTED]]
> > Sent: Saturday, June 29, 2002 2:36 AM
> > To: 'César Aracena'; 'PHP General List'
> > Subject: RE: [PHP] SESSION's from common computers
> >
> > You really can't do anything besides saying that after X minutes,
> well,
> > you were idle, so restart your session. Once you send them the page,
> you
> > don't know if they are reading it or have left the table. All you
can
> do
> > is decide on the next request whether too much time has passed.
> >
> > As for the new computer, they'll have to start a new session there
> > automatically, because they won't have the same cookie matching the
> > session ID from the first computer.
> >
> > ---John Holmes...
> >
> > > -Original Message-
> > > From: César Aracena [mailto:[EMAIL PROTECTED]]
> > > Sent: Saturday, June 29, 2002 1:24 AM
> > > To: PHP General List
> > > Subject: [PHP] SESSION's from common computers
> > >
> > > Hi all.
> > >
> > > I have a question about sessions… which is the best way to close a
> > > session if one it’s opened for a certain user and then this user
> > changes
> > > to another computer? I guess that I could manage with
> > session_start_time
> > > and session_end_time fields in the DB, and tell the script to see
if
> > the
> > > opened session hasn’t been closed… then close it and open a new
one.
> > >
> > > Does this make any sense? Is there a better way to do this? I want
> to
> > > know this because many users actually use cyber-coffees computers
to
> > > access web sites and I’ve seen them leaving their chair with the
> > windows
> > > still opened and changing to another pc.
> > >
> > > Thanks in advance,
> > >
> > >   Cesar Aracena
> > > CE / MCSE+I
> > > Neuquen, Argentina
> > > +54.299.6356688
> > > +54.299.4466621
> > >
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> 
> 
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php