Re: [PHP] Re: How to understand this Warning?

2004-08-18 Thread Curt Zirzow 
* Thus wrote Labunski with modifications:





Curt
-- 
First, let me assure you that this is not one of those shady pyramid schemes
you've been hearing about.  No, sir.  Our model is the trapezoid!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] MySql DATABASE creation date

2004-08-18 Thread Kevin 
Is there any way to find out MySql DATABASE creation date using PHP and
MySql functions?

-- 
Kevin

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: How to understand this Warning?

2004-08-18 Thread Jason Wong 
On Wednesday 18 August 2004 10:26, Labunski wrote:
> Hi,
>
> > note the "2" in that message. You are prob. resetting the readdir()
>
> parameter in the script somewhere
> No, as far as I can see, I'm not resetting the readdir().. but..
>
> > You loop twice throu the same dir?
>
> Yes I do.

Why? I don't understand your logic. Remove the outer while-loop, note that it 
encloses most of the code including the line:

  closedir($handle);

So on the second iteration of the outer while-loop $handle is gone and hence 
your error message.

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
--
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
--
/*
Pure drivel tends to drive ordinary drivel off the TV screen.
*/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] ftp_connect returns false

2004-08-18 Thread Jason Wong 
On Wednesday 18 August 2004 09:06, DBW wrote:
> Just wondering if someone has some suggestions here.
>
> Using ftp_connect($server, $port) returns a false on the server I am trying
> to use.  Doesn't matter which server I am trying to connect to.  According
> to the provider, ftp from the server is allowed and php is compiled with
> --enable-ftp
>
> Any ideas/suggestions on what the issue may be?

Have you enabled FULL error reporting? Are you getting any errors?

Is the server you're connecting to using a non-standard port? If not just 
leave out $port, or make pretty damn sure it's 21.

Do you have shell access to the server? If so you can try using the command 
line 'ftp' to see whether you can connect to the ftpserver.

Are you positive that the host allows FTP out of the webserver (the machine 
not the program) to a remote ftpserver? Make sure the host knows what you're 
trying to do and that they know what they're doing.

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
--
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
--
/*
How's it going in those MODULAR LOVE UNITS??
*/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] I need unique max number

2004-08-18 Thread Pieter from SA 
Hi all

I have data in one field in a database, all is numbers that can be
duplicated.

200, 200, 100, 50, 30.

i need to get all data from this field, terminate the duplicates and get the
max nuber that is not a duplicate, in the numbers above that would be 100.

I had a look at array_unique, but i'm not sure if this is the right function
for this.

Thanks in advance.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] I need unique max number

2004-08-18 Thread Ni Shurong 
> Hi all
> 
> I have data in one field in a database, all is numbers that can be
> duplicated.
> 
> 200, 200, 100, 50, 30.
> 
> i need to get all data from this field, terminate the duplicates and get the
> max nuber that is not a duplicate, in the numbers above that would be 100.
> 
> I had a look at array_unique, but i'm not sure if this is the right function
> for this.
> 
> Thanks in advance.
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php

use array_unique will get 200, 100, 50, 30.

you shoule write a custom function :)


Ni Shurong <[EMAIL PROTECTED]>

MAIL : [EMAIL PROTECTED]
QQ   : 412844
MSN  : [EMAIL PROTECTED]
BLOG : http://blog.njmars.com/myhan/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: php question

2004-08-18 Thread Torsten Roehr 
"Michael Crane" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> hello,
> I have a webpage which includes a frame containing a table made of 24
> tds which in turn contain little images. When the mouse clicks on a
> little image the appropriate larger image is loaded into an adjacent
frame.
> Can somebody point me in the direction to do this in php without frames
> please ?
>
> I've been looking most of the day but I can't see it.
>
> regards
>
> mick

Hi Mick,

you have to append the file name of the bigger version to your links as a
parameter:

big
picture 1
big
picture 2
big
picture 3

Exchange name_of_the_big_file1/2/3 with the file names of the big image
versions. Then at the point where you want to show the big image include
this code:

';
}
?>

Of course you may have to alter the src attribute if your pictures are not
in the same directory.


Hope this helps, regards.

Torsten Roehr

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: I need unique max number

2004-08-18 Thread Torsten Roehr 
"Pieter From Sa" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Hi all
>
> I have data in one field in a database, all is numbers that can be
> duplicated.
>
> 200, 200, 100, 50, 30.
>
> i need to get all data from this field, terminate the duplicates and get
the
> max nuber that is not a duplicate, in the numbers above that would be 100.
>
> I had a look at array_unique, but i'm not sure if this is the right
function
> for this.
>
> Thanks in advance.

Hi,

setup your array starting with the highest values:

$array = array(200, 200, 100, 50, 30);

Then use array_count_values($array). This will give you an associative array
where the key is the former value and the value is the number of the
occurrences. In your case this would be:

array(200 => 2, 100 => 1, 50 => 1, 30 => 1);

Then loop through the array with foreach() and check each element for the
value 1. When you have found the first array element with a value of 1 exit
from the loop with break.

Hope this works for you.

Regards, Torsten Roehr

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] I need unique max number

2004-08-18 Thread Torsten Roehr 
"Ni Shurong" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> > Hi all
> >
> > I have data in one field in a database, all is numbers that can be
> > duplicated.
> >
> > 200, 200, 100, 50, 30.
> >
> > i need to get all data from this field, terminate the duplicates and get
the
> > max nuber that is not a duplicate, in the numbers above that would be
100.
> >
> > I had a look at array_unique, but i'm not sure if this is the right
function
> > for this.
> >
> > Thanks in advance.
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
>
> use array_unique will get 200, 100, 50, 30.
>
> you shoule write a custom function :)


Hi Ni,

he needs to ignore duplicate values so array_unique() won't help.

Regards, Torsten

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Reg Exp.

2004-08-18 Thread Jay 
Hi!
Why can´t i get this code to work:
$html = $_POST["htmlIn"];
$patterns[0] = "//";
$patterns[1] = "//";
$patterns[2] = "/align=\"left\"/";
$replacements[0] = "";
$replacements[1] = "";
$replacements[2] = " style=\"text-align:left;\"";
$xhtml = preg_replace($patterns, $replacements, $html);
Thanx In Advance
Jay
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] I need unique max number

2004-08-18 Thread Ni Shurong 
> "Ni Shurong" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]
> > > Hi all
> > >
> > > I have data in one field in a database, all is numbers that can be
> > > duplicated.
> > >
> > > 200, 200, 100, 50, 30.
> > >
> > > i need to get all data from this field, terminate the duplicates and get
> the
> > > max nuber that is not a duplicate, in the numbers above that would be
> 100.
> > >
> > > I had a look at array_unique, but i'm not sure if this is the right
> function
> > > for this.
> > >
> > > Thanks in advance.
> > >
> > > --
> > > PHP General Mailing List (http://www.php.net/)
> > > To unsubscribe, visit: http://www.php.net/unsub.php
> >
> > use array_unique will get 200, 100, 50, 30.
> >
> > you shoule write a custom function :)
> 
> 
> Hi Ni,
> 
> he needs to ignore duplicate values so array_unique() won't help.
> 
> Regards, Torsten
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php

Hi Torsten,

I got it :)   
But I didn't express clearly. 

your method is good ! :)

Regards


Ni Shurong <[EMAIL PROTECTED]>

MAIL : [EMAIL PROTECTED]
QQ   : 412844
MSN  : [EMAIL PROTECTED]
BLOG : http://blog.njmars.com/myhan/


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Reg Exp.

2004-08-18 Thread Ni Shurong 
> Hi!
> 
> Why can? i get this code to work:
> $html = $_POST["htmlIn"];
> 
> $patterns[0] = "//";
> $patterns[1] = "//";
$patterns[1] = "/<\/strike>/";
> $patterns[2] = "/align=\"left\"/";
> 
> $replacements[0] = "";
> $replacements[1] = "";
> $replacements[2] = " style=\"text-align:left;\"";
> 
> $xhtml = preg_replace($patterns, $replacements, $html);
> 
> Thanx In Advance
> Jay
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php




Ni Shurong <[EMAIL PROTECTED]>

MAIL : [EMAIL PROTECTED]
QQ   : 412844
MSN  : [EMAIL PROTECTED]
BLOG : http://blog.njmars.com/myhan/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Reg Exp.

2004-08-18 Thread Wudi 
On Wed, 18 Aug 2004 10:42:54 +0200
Jay <[EMAIL PROTECTED]> wrote:

> Hi!
> 
> Why can? i get this code to work:
> $html = $_POST["htmlIn"];
> 
> $patterns[0] = "//";
> $patterns[1] = "//";
> $patterns[2] = "/align=\"left\"/";
> 
> $replacements[0] = "";
> $replacements[1] = "";
> $replacements[2] = " style=\"text-align:left;\"";
> 
> $xhtml = preg_replace($patterns, $replacements, $html);


$patterns[1] = "/<\/strike>/";

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Reg Exp.

2004-08-18 Thread John Legg 
To start with try replacing:

$patterns[1] = "//";

with

$patterns[1] = "/<\/strike>/";

Rgds

John

---




Hi!

Why can´t i get this code to work:
$html = $_POST["htmlIn"];

$patterns[0] = "//";
$patterns[1] = "//";
$patterns[2] = "/align=\"left\"/";

$replacements[0] = "";
$replacements[1] = "";
$replacements[2] = " style=\"text-align:left;\"";

$xhtml = preg_replace($patterns, $replacements, $html);

Thanx In Advance
Jay

Re: [PHP] Reg Exp.

2004-08-18 Thread Jay 
Ni Shurong wrote:
>>Hi!
>>
>>Why can? i get this code to work:
>>$html = $_POST["htmlIn"];
>>
>>$patterns[0] = "//";
>>$patterns[1] = "//";
> 
> $patterns[1] = "/<\/strike>/";
> 
>>$patterns[2] = "/align=\"left\"/";
>>
>>$replacements[0] = "";
>>$replacements[1] = "";
>>$replacements[2] = " style=\"text-align:left;\"";
>>
>>$xhtml = preg_replace($patterns, $replacements, $html);
>>
>>Thanx In Advance
>>Jay
>>
>>-- 
>>PHP General Mailing List (http://www.php.net/)
>>To unsubscribe, visit: http://www.php.net/unsub.php
> 
> 
> 
> 
> 
> Ni Shurong <[EMAIL PROTECTED]>
> 
> MAIL : [EMAIL PROTECTED]
> QQ   : 412844
> MSN  : [EMAIL PROTECTED]
> BLOG : http://blog.njmars.com/myhan/

Thanx, but there seems to be problems with the patterns[2] and
replacements[2].

Thanx In Advance
Sleepy

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Reg Exp.

2004-08-18 Thread Jay 
Ni Shurong wrote:

>>Hi!
>>
>>Why can? i get this code to work:
>>$html = $_POST["htmlIn"];
>>
>>$patterns[0] = "//";
>>$patterns[1] = "//";
> 
> $patterns[1] = "/<\/strike>/";
> 
>>$patterns[2] = "/align=\"left\"/";
>>
>>$replacements[0] = "";
>>$replacements[1] = "";
>>$replacements[2] = " style=\"text-align:left;\"";
>>
>>$xhtml = preg_replace($patterns, $replacements, $html);
>>
>>Thanx In Advance
>>Jay
>>
>>-- 
>>PHP General Mailing List (http://www.php.net/)
>>To unsubscribe, visit: http://www.php.net/unsub.php
> 
> 
> 
> 
> 
> Ni Shurong <[EMAIL PROTECTED]>
> 
> MAIL : [EMAIL PROTECTED]
> QQ   : 412844
> MSN  : [EMAIL PROTECTED]
> BLOG : http://blog.njmars.com/myhan/
Thanx, but there seems to be problems with the patterns[2] and
replacements[2].

Thanx In Advance
Sleepy

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Reg Exp.

2004-08-18 Thread Jay 
Wudi wrote:

> On Wed, 18 Aug 2004 10:42:54 +0200
> Jay <[EMAIL PROTECTED]> wrote:
> 
> 
>>Hi!
>>
>>Why can? i get this code to work:
>>$html = $_POST["htmlIn"];
>>
>>$patterns[0] = "//";
>>$patterns[1] = "//";
>>$patterns[2] = "/align=\"left\"/";
>>
>>$replacements[0] = "";
>>$replacements[1] = "";
>>$replacements[2] = " style=\"text-align:left;\"";
>>
>>$xhtml = preg_replace($patterns, $replacements, $html);
> 
> 
> 
> $patterns[1] = "/<\/strike>/";
Thanx, but there seems to be problems with the patterns[2] and
replacements[2].

Thanx In Advance
Sleepy

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] bytecode interpreter in GD

2004-08-18 Thread tibyke 
hi,

i enabled bytecode interpreter and some other rendering/hinting settings in freetype, 
recompiled and installed freetype (2.1.9),
ttf fonts just as good as they do in M$.

the problem is when using this lib from php thru gd, the text is still garbled when 
antialiasing is off.

the question is: anyone has managed to get php (gd?) to use freetype bytecode 
interpeter features?

regards,
tibyke

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] [PHP-GEN] Check Boxes

2004-08-18 Thread balwantsingh 
balwantsingh wrote:
> can somebody advise me
> i want to use checkboxes on my website, i want that if user selects some
> checkboxes (there will be more than 20 checkboxes), checkbox's value will
be
> stored in variables and than SELECT query command will be run using these
> variables through PHP.  but my problem is that in SELECT query command
after
> each column name comma (,) is required and if i use the same than it is
> displaying  "You have an error in your SQL syntax near 'FROM form' at line
> 1"

i am using following coding

$a1 = $_POST['ch1'];
$a2 = $_POST['ch2'];
$a3 = $_POST['ch3'];

if ($a1 or $a2 or $a3) {
$query = "SELECT $a1, $a2, $a3 FROM form";
[EMAIL PROTECTED] ($query);
}
Enter_Date
Opening_Units
Unit_Consumed



balwant

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Move_uploaded_file()

2004-08-18 Thread [EMAIL PROTECTED] 
Thanks for the explaination!!

That was the problem.  One of the directories in the path did not have
execute permissions.

/T

on 8/17/04 7:58, Jason Wong at [EMAIL PROTECTED] wrote:

> Please do not top post.
> 
> On Tuesday 17 August 2004 19:31, [EMAIL PROTECTED] wrote:
> 
>> How do you do that exactly - sorry for the stupid question - but the perms
>> for [Œabsolute_path¹]/ is already rwxrw-rw-.
>> 
>> Let me know if you are referring to a different way to set permissions...
> 
> 1) What is the real name of your destination directory? I have been assuming
> that "[Œabsolute_path¹]" is a substitution for the real path. If
> "[Œabsolute_path¹]" is indeed your path then I suggest that you rename it to
> use just alphanumerals.
> 
> 2) The webserver must have 'x' permission for every parent directory of the
> destination directory and must have 'wx' for the destination directory
> itself.
> 
> To test and to convince yourself that move_uploaded_file() is working (or
> otherwise) use /tmp as the destination directory.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Reg Exp.

2004-08-18 Thread John Holmes 
Jay wrote:
Why can´t i get this code to work:
$html = $_POST["htmlIn"];
$patterns[0] = "//";
$patterns[1] = "//";
$patterns[2] = "/align=\"left\"/";
$replacements[0] = "";
$replacements[1] = "";
$replacements[2] = " style=\"text-align:left;\"";
$xhtml = preg_replace($patterns, $replacements, $html);
Why are you using regular expressions? You're not replacing a pattern, 
you're replacing a constant. Use str_replace().

$xhtml = 
str_replace(array('','','align="left"'),array('','','style="text-align:left"'),$html);

--
---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] .htaccess

2004-08-18 Thread Václav Slováček 
hi,
i would like to ask what happens when a user is downloading a large file  
from apache server and i modify the .htaccess file affecting the folder  
where is the file beeing downloaded by the user. For example i rewrite the  
list of ips allowed to access the file/folder and i remove the user's ip.  
Will the tranfer be interrupted or not? Is there any other way how to  
interupt the transfer? Thank you for help.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] .thaccess

2004-08-18 Thread Václav Slováček 
hi,

i would like to ask what happens when a user is downloading a large file  
from apache server and i modify the .htaccess file affecting the folder
 where is the file beeing downloaded by the user. For example i rewrite  
the list of ips allowed to access the file/folder and i remove the
user's ip. Will the tranfer be interrupted or not? Is there any other way  
how to interupt the transfer? Thank you for help.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] .htaccess

2004-08-18 Thread Jay Blanchard 
[snip]
i would like to ask what happens when a user is downloading a large file  
 from apache server and i modify the .htaccess file affecting the folder  
where is the file beeing downloaded by the user. For example i rewrite the  
list of ips allowed to access the file/folder and i remove the user's ip.  
Will the tranfer be interrupted or not? Is there any other way how to  
interupt the transfer? Thank you for help.
[/snip]

a. It shouldn't interrupt the connection as the connection does not need to be 
re-established during the download process.
2. This is an excellent question for an Apache mailing list.
III. Please do not send things twice.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] debugging messages in popup windows

2004-08-18 Thread Jad Madi 
guys, I'm working on a project, and running a php debug script while
testing the script,
How can I make the debug messages(including error and warning) appears
only in popup window? and update automaticly when clicking on another
link

Thanks in advance

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] debugging messages in popup windows

2004-08-18 Thread Jay Blanchard 
[snip]
guys, I'm working on a project, and running a php debug script while
testing the script,
How can I make the debug messages(including error and warning) appears
only in popup window? and update automaticly when clicking on another
link
[/snip]

JavaScript

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] .htaccess

2004-08-18 Thread John Nichel 
Václav Slováček wrote:
hi,
i would like to ask what happens when a user is downloading a large 
file  from apache server and i modify the .htaccess file affecting the 
folder  where is the file beeing downloaded by the user. For example i 
rewrite the  list of ips allowed to access the file/folder and i remove 
the user's ip.  Will the tranfer be interrupted or not? Is there any 
other way how to  interupt the transfer? Thank you for help.

http://httpd.apache.org/lists.html
--
John C. Nichel
ÜberGeek
KegWorks.com
716.856.9675
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] OO Theory Question

2004-08-18 Thread Ricardo Cezar 
Probably it’s a dumb question, but I’m new to OO Programming, so...

How can I store the instance of the class in the session

Thanks,
Rics


"Thomas Goyne" <[EMAIL PROTECTED]> escreveu na mensagem
news:[EMAIL PROTECTED]
> On Tue, 17 Aug 2004 12:25:42 -0600, Jed R. Brubaker <[EMAIL PROTECTED]>
> wrote:
>
> > The real reason for having the login class like this is to eliminate
> > database calls. I thought I could have one session variable that said yo
> > uwere logged in, but then the database calls would still have to be made
> > on
> > each page.
> >
> > Thanks for the idea - any others?
> >
> >
>
> Just store the instance of the class in the session.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] debugging messages in popup windows

2004-08-18 Thread Jay Blanchard 
[snip]
i'm not talking about How to make the popup window
I want to know how can I make the popup window track page errors and
display it
thats it :-)
[/snip]

At the risk of repeating myself.JavaScript. PHP is server-side,
JavaScript is client-side where the action needs to take place. PHP does
not have facilities for communicating between two (or more) open
browsers.


On Wed, 18 Aug 2004 07:46:41 -0500, Jay Blanchard
<[EMAIL PROTECTED]> wrote:
> [snip]
> 
> 
> guys, I'm working on a project, and running a php debug script while
> testing the script,
> How can I make the debug messages(including error and warning) appears
> only in popup window? and update automaticly when clicking on another
> link
> [/snip]
> 
> JavaScript
> 


-- 
http://www.jadmadi.net/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: php question

2004-08-18 Thread michael crane 
Torsten Roehr wrote:
"Michael Crane" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
hello,
I have a webpage which includes a frame containing a table made of 24
tds which in turn contain little images. When the mouse clicks on a
little image the appropriate larger image is loaded into an adjacent
frame.
Can somebody point me in the direction to do this in php without frames
please ?
I've been looking most of the day but I can't see it.
regards
mick

Hi Mick,
you have to append the file name of the bigger version to your links as a
parameter:
big
picture 1
big
picture 2
big
picture 3
Exchange name_of_the_big_file1/2/3 with the file names of the big image
versions. Then at the point where you want to show the big image include
this code:

$image = basename($_GET['image']);
echo '';
}
?>
Of course you may have to alter the src attribute if your pictures are not
in the same directory.
Hope this helps, regards.
Torsten Roehr
This looks hopeful thanks. Something like this is in the ( don't know 
what bird that is .?) o'reilly book but I couldn't get it to return 
anything. what you write is more informational. I will try.
many thanks.
otherwise I think I can "include" the table in every page that is linked 
to. which is what I think people do. It's hard to guess when the source 
is invisible :)
Just started with php.

cheers
mick
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] OO Theory Question

2004-08-18 Thread Torsten Roehr 
"Ricardo Cezar" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Probably it’s a dumb question, but I’m new to OO Programming, so...
>
> How can I store the instance of the class in the session
>
> Thanks,
> Rics

That's no different to storing any other variable into the session:

$_SESSION['object'] =& $object;

(You don't need the ampersand in PHP5.)

Regards, Torsten Roehr

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Save Dialog Box

2004-08-18 Thread PHP Junkie 
Ave,

I'm working on creating a File Manager for my Company, in PHP & MySQL.
I had a question

The File Manager allows authenticated users to download & upload various
types of files from the available Zones. What I basically do is specify a
link to the Original file stored on the server so that the user can click on
the filename in the File Manager and download it.

What is happening is, depending on what type of a file it is... Instead of
giving a "Save Dialog Box", the file opens up in it's supported software.
For example.. If it's a text file... The file opens in notepad when you
click on the link on the webpage... Or if it's a PDF, it opens the Adobe
Acrobat Reader.

I understand why it does that and that it will do this.
But is there a way to alter it? What I want to do is, irrespective of the
File Format, I want the Save Dialog Box to appear, so that the user can
download the file on his system.

Thanks.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Object Fatal Error?

2004-08-18 Thread Dan Joseph 
Howdy,

 

I am getting a PHP Fatal error (below).  I've tried calling the method with
both $sql->getRow and SQL::getRow.  I checked the SQL, its fine.  Could
someone tell me what I've done wrong??

 

couple errors:

 

[Wed Aug 18 09:59:05 2004] [error] PHP Fatal error:  Call to a member
function on a non-object in /usr/local/apache/htdocs-cna/index.php on line
72

 

[Wed Aug 18 09:59:05 2004] [error] PHP Warning:  Unknown(): Your script
possibly relies on a session side-effect which existed until PHP 4.2.3.
Please be advised that the session extension does not consider global
variables as a source of data, unless register_globals is enabled. You can
disable this functionality and this warning by setting session.bug_compat_42
or session.bug_compat_warn to off, respectively. in Unknown on line 0

 

Code:

include( $_SERVER['DOCUMENT_ROOT'] . "/include/sql.class.php" );

 

$sql  = new SQL();

 

$sess->fix_sessions( user_id( $_POST["uid"] ) );

 

function user_id( $u_name )

{

72:$u_res = SQL::getRow( "SELECT uID FROM tblUser WHERE
uUsername = '$u_name'" );

 

return $u_res["uID"];

}

 

I put a 72 in front of line 72.

 

Here is the relevant class code:

 

 

class SQL

{

function getRow( $sql )

{

$results = mysql_query( $sql,
DB::connect() );



if ( $results == false )

{

$this->error =
mysql_error();



return false;

}



$rows = mysql_num_rows( $results );



if ( $rows == 0 )

{

$this->error = "No rows
returned.";



return false;

}



$data = mysql_fetch_array( $results );



return $data;

}

}

 

-Dan Joseph

[PHP] preg_match question

2004-08-18 Thread Nicklas Bondesson 
Hello,

How do I find an exact match of a string with preg_match?

Example:

String1:  www.test.com/
String2: www.test.com/somepage.php?param1=true

How do you write the regexp to only return String1 and not String2 when you
match against "www.test.com" ??

Thanks in advance.

Nicke

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] tpl editor

2004-08-18 Thread Naty 
Hello!
I'm using eclipse and phpeclipse to manage my php project, but still I have
problems trying to edit for example tpl files. Threre is some possible way
to see this files in a graphic way with eclipse, like for example macromedia
dreamweaver ?
Regards

Natalia

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mail() on *nix using ssmtp or an external smtp server?

2004-08-18 Thread Markus Mayer 
I've been trying further to get ssmtp working with apache/php in a chrooted 
envrionment and have had some success on Linux, so I'm sharing it with 
everyone else.  I've also come to understand quite well how the mail() 
function is implemented in php too, and actually it's quite simple.

All directories that I speak of below are relative to the new root directory 
in the chrooted environment.

First thing is ssmtp expects to find its config files in /etc/ssmtp/, so that 
needs to be created inside the chrooted environment.  The real killer for 
this whole thing however, and seemingly where everything was falling over, is 
that I had to put ssmtp in the /usr/sbin/ directory.  For reasons that 
totally illude me, if ssmtp is in the /bin directory or anywhere else, mail() 
fails!?!?!  The php.ini file needs to be in the usual /usr/local/lib/ 
location, and the sendmail parameter in the php.ini file needs to be set to 
"/usr/sbin/ssmtp -t".  Do not try any other flags, otherwise mail() fails.  
The attempts I've made today have brought results and are reproducible.  This 
also works in a normal (that is not chrooted) environment.  

The demanded location of the ssmtp binary is by far the most bizarre thing I 
have had in this whole exercise, and I would appreciate it if someone else 
might be able to take the time to confirm my findings.  What I also don't 
understand is that if I have ssmtp in the /bin directory (or anywhere else 
for that matter) and invoke it from the command line in a chrooted 
environment, it works happily.  It also worked happily when I wrote my own 
short C program that emulated what is done in the PHP mail delivery 
procedures.  For what ever reason, it just refused to work through PHP if it 
was anywhere other than /usr/sbin/ssmtp.

So ssmtp in a chrooted environment, provided it's in /usr/sbin/, works well on 
a Linux box, but on AIX machines, it still fails completely and I don't yet 
know why.  As I have done this time, if I have any success, I will post to 
the list so other people can know.  If anyone else has some success with this 
on AIX, I would greatly appreciate knowing about it.

best regards
Markus

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mail() on *nix using ssmtp or an external smtp server?

2004-08-18 Thread Markus Mayer 
Just an addennum to my previous post 10 minutes ago:
For ssmtp to work with apache/php in a chrooted environment, some kind of 
shell needs to be present in the /bin directory.  This seems to be a 
limitation of PHP rather than some kind of deficiency with ssmtp.  This in 
itself is a kind of security risk since one of the main reasons of putting 
things in a chrooted jail is to minimise as much as possible the scope for an 
attacker to do anything if they do make it into the machine.

best regards
Markus

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] preg_match question

2004-08-18 Thread John Legg 
Try using a pattern set to the following:

$pattern = "/^www.test.com$/";

and refer to: http://uk.php.net/manual/en/reference.pcre.pattern.syntax.php

Rgds

John

---


Hello,

How do I find an exact match of a string with preg_match?

Example:

String1:  www.test.com/
String2: www.test.com/somepage.php?param1=true

How do you write the regexp to only return String1 and not String2 when 
you
match against "www.test.com" ??

Thanks in advance.

Nicke

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] preg_match question

2004-08-18 Thread Matt M. 
On Wed, 18 Aug 2004 17:16:24 +0200, Nicklas Bondesson <[EMAIL PROTECTED]> wrote:
> Hello,
> 
> How do I find an exact match of a string with preg_match?
> 
> Example:
> 
> String1:  www.test.com/
> String2: www.test.com/somepage.php?param1=true
> 
> How do you write the regexp to only return String1 and not String2 when you
> match against "www.test.com" ??

$pattern = '/^www\.test\.com\/$/';

preg_match($pattern, YOUR STRING)

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] preg_match question

2004-08-18 Thread Nicklas Bondesson 
Is it clever to use word boundary here? "/b"?

Nicke 



From: John Legg [mailto:[EMAIL PROTECTED] 
Sent: den 18 augusti 2004 18:02
To: "Nicklas Bondesson"
Cc: [EMAIL PROTECTED]
Subject: Re: [PHP] preg_match question


Try using a pattern set to the following:

$pattern = "/^www.test.com$/";

and refer to: http://uk.php.net/manual/en/reference.pcre.pattern.syntax.php

Rgds

John

---

 
Hello,

How do I find an exact match of a string with preg_match?

Example:

String1:  www.test.com/
String2: www.test.com/somepage.php?param1=true

How do you write the regexp to only return String1 and not String2 when 
you
match against "www.test.com" ??

Thanks in advance.

Nicke

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] preg_match question

2004-08-18 Thread John Legg 
Hi Nicke

Difficult to say without knowing exactly what you are trying to achieve.  If you are 
just comparing two strings for 'exactness' then it would probably be better to just do 
a direct string comparison (without regex).  Regex's are generally more expensive 
operations.

One thing you should do is escape the "." portion of the URL you are comparing.  As 
"." matches any character except newline.  So it should be: $pattern = 
"/^www\.test\.com$/";

If you tell me what you are trying to achieve, I might be able to advise further.

Rgds

John

---






Is it clever to use word boundary here? "/b"?

Nicke 



From: John Legg [mailto:[EMAIL PROTECTED] 
Sent: den 18 augusti 2004 18:02
To: "Nicklas Bondesson"
Cc: [EMAIL PROTECTED]
Subject: Re: [PHP] preg_match question


Try using a pattern set to the following:

$pattern = "/^www.test.com$/";

and refer to: 
http://uk.php.net/manual/en/reference.pcre.pattern.syntax.php

Rgds

John

---

 
Hello,

How do I find an exact match of a string with preg_match?

Example:

String1:  www.test.com/
String2: www.test.com/somepage.php?param1=true

How do you write the regexp to only return String1 and not String2 when 
you
match against "www.test.com" ??

Thanks in advance.

Nicke

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] preg_match question

2004-08-18 Thread Nicklas Bondesson 
Actually I think I got it working now (without escaping the ".").

If I run into trouble I will post again.

Thanks!

Nicke 



From: John Legg [mailto:[EMAIL PROTECTED] 
Sent: den 18 augusti 2004 18:15
To: "Nicklas Bondesson"
Cc: [EMAIL PROTECTED]
Subject: RE: [PHP] preg_match question


Hi Nicke
 
Difficult to say without knowing exactly what you are trying to achieve.  If
you are just comparing two strings for 'exactness' then it would probably be
better to just do a direct string comparison (without regex).  Regex's are
generally more expensive operations.
 
One thing you should do is escape the "." portion of the URL you are
comparing.  As "." matches any character except newline.  So it should be:
$pattern = "/^www\.test\.com$/";
 
If you tell me what you are trying to achieve, I might be able to advise
further.
 
Rgds
 
John
 
---
 

 
 
 
Is it clever to use word boundary here? "/b"?

Nicke 



From: John Legg [mailto:[EMAIL PROTECTED]
 ] 
Sent: den 18 augusti 2004 18:02
To: "Nicklas Bondesson"
Cc: [EMAIL PROTECTED]
 
Subject: Re: [PHP] preg_match question


Try using a pattern set to the following:

$pattern = "/^www.test.com$/";

and refer to: 
http://uk.php.net/manual/en/reference.pcre.pattern.syntax.php

Rgds

John

---


Hello,

How do I find an exact match of a string with preg_match?

Example:

String1:  www.test.com/
String2: www.test.com/somepage.php?param1=true

How do you write the regexp to only return String1 and not String2 when 
you
match against "www.test.com" ??

Thanks in advance.

Nicke

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] PHP HTML text editor issues...

2004-08-18 Thread Tim Traver 
Hi all,
ok, I've made my own version of a file manager complete with a text editor, 
and I'm having troubles figuring out some issues.

I present the text to be edited retrieved from a file in a textarea box for 
a user to edit, and then POST that to my PHP application, which then saves 
it to disk.

I have found it to break when the text file has intentional backslashes in 
it. For instance, if you are editing a perl script, there are a lot of 
times where you need lots of backslashes in a row.

Does the POST data get urlencoded as it is coming in to the program, and 
then PHP unencodes it to put it in the variable ? It seems that there is 
some kind of translation.

I've tried to use addslashes and stripslashes to prevent some of the 
clobbering of the text, but it doesn't seem to be working. If I don't do 
anything, it looks like PHP (or HTML) backslashes all quotes...

I just want to get the EXACT text that is in the textarea to be saved to 
disk...

Here is an example of a line that gets clobbered :
 $value =~ tr/\0//d;
I read the file in from disk using file_get_contents. Does that do any 
translation ???

Any help would be appreciated,
Tim.


SimpleNet's Back !
http://www.simplenet.com

Re: [PHP] tpl editor

2004-08-18 Thread Robby Russell 
On Wed, 2004-08-18 at 08:26, Naty wrote:
> Hello!
> I'm using eclipse and phpeclipse to manage my php project, but still I have
> problems trying to edit for example tpl files. Threre is some possible way
> to see this files in a graphic way with eclipse, like for example macromedia
> dreamweaver ?
> Regards
> 
> Natalia

I haven't used eclipse myself, but I don't believe that it is a WYSIWYG
editor..which Dreamweaver is. I am under the impression that all you can
do with eclipse is edit the php files in the standard code view. 

-Robby

-- 
/***
* Robby Russell | Owner.Developer.Geek
* PLANET ARGON  | www.planetargon.com
* Portland, OR  | [EMAIL PROTECTED]
* 503.351.4730  | blog.planetargon.com
* PHP/PostgreSQL Hosting & Development
/



signature.asc
Description: This is a digitally signed message part

Re: [PHP] PHP HTML text editor issues...

2004-08-18 Thread Jason Davidson 
Do you have magic quotes turned on in your php ini file?

Jason

Tim Traver <[EMAIL PROTECTED]> wrote: 
> 
> Hi all,
> 
> ok, I've made my own version of a file manager complete with a text editor, 
> and I'm having troubles figuring out some issues.
> 
> I present the text to be edited retrieved from a file in a textarea box for 
> a user to edit, and then POST that to my PHP application, which then saves 
> it to disk.
> 
> I have found it to break when the text file has intentional backslashes in 
> it. For instance, if you are editing a perl script, there are a lot of 
> times where you need lots of backslashes in a row.
> 
> Does the POST data get urlencoded as it is coming in to the program, and 
> then PHP unencodes it to put it in the variable ? It seems that there is 
> some kind of translation.
> 
> I've tried to use addslashes and stripslashes to prevent some of the 
> clobbering of the text, but it doesn't seem to be working. If I don't do 
> anything, it looks like PHP (or HTML) backslashes all quotes...
> 
> I just want to get the EXACT text that is in the textarea to be saved to 
> disk...
> 
> Here is an example of a line that gets clobbered :
> 
>   $value =~ tr/\0//d;
> 
> I read the file in from disk using file_get_contents. Does that do any 
> translation ???
> 
> Any help would be appreciated,
> 
> Tim.
> 
> 
> 
> 
> 
> SimpleNet's Back !
> http://www.simplenet.com
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] preg_match question

2004-08-18 Thread Curt Zirzow 
* Thus wrote Nicklas Bondesson:
> Actually I think I got it working now (without escaping the ".").

cause . is any character

wwwatestbcom  will get matched as well.



Curt
-- 
First, let me assure you that this is not one of those shady pyramid schemes
you've been hearing about.  No, sir.  Our model is the trapezoid!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP HTML text editor issues...

2004-08-18 Thread Tim Traver 
No, magic quotes are turned off...
Tim.
At 09:44 AM 8/18/2004, Jason Davidson wrote:
Do you have magic quotes turned on in your php ini file?
Jason
Tim Traver <[EMAIL PROTECTED]> wrote:
>
> Hi all,
>
> ok, I've made my own version of a file manager complete with a text 
editor,
> and I'm having troubles figuring out some issues.
>
> I present the text to be edited retrieved from a file in a textarea box 
for
> a user to edit, and then POST that to my PHP application, which then saves
> it to disk.
>
> I have found it to break when the text file has intentional backslashes in
> it. For instance, if you are editing a perl script, there are a lot of
> times where you need lots of backslashes in a row.
>
> Does the POST data get urlencoded as it is coming in to the program, and
> then PHP unencodes it to put it in the variable ? It seems that there is
> some kind of translation.
>
> I've tried to use addslashes and stripslashes to prevent some of the
> clobbering of the text, but it doesn't seem to be working. If I don't do
> anything, it looks like PHP (or HTML) backslashes all quotes...
>
> I just want to get the EXACT text that is in the textarea to be saved to
> disk...
>
> Here is an example of a line that gets clobbered :
>
>   $value =~ tr/\0//d;
>
> I read the file in from disk using file_get_contents. Does that do any
> translation ???
>
> Any help would be appreciated,
>
> Tim.
>
>
>
>
>
> SimpleNet's Back !
> http://www.simplenet.com
>

SimpleNet's Back !
http://www.simplenet.com

Re: [PHP] PHP HTML text editor issues...

2004-08-18 Thread Curt Zirzow 
* Thus wrote Tim Traver:
> Hi all,
> 
> ok, I've made my own version of a file manager complete with a text editor, 
> and I'm having troubles figuring out some issues.
> ...
> 
> I've tried to use addslashes and stripslashes to prevent some of the 
> clobbering of the text, but it doesn't seem to be working. If I don't do 
> anything, it looks like PHP (or HTML) backslashes all quotes...
> 
> I just want to get the EXACT text that is in the textarea to be saved to 
> disk...
> 
> Here is an example of a line that gets clobbered :
> 
>  $value =~ tr/\0//d;
> 
> I read the file in from disk using file_get_contents. Does that do any 
> translation ???

file_get_contents doesn't do any filtering. The issue your you're
probably running into is that magic_quotes_gpc is set to On.  This
will addslashes to all your data by default.  Two options:

  1. Turn it off.
  2. apply strip_slashes() to the string before writing to disk


Curt
-- 
First, let me assure you that this is not one of those shady pyramid schemes
you've been hearing about.  No, sir.  Our model is the trapezoid!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[no subject]

2004-08-18 Thread Justin Patrin 
ek" <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED]
In-Reply-To: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
References: <[EMAIL PROTECTED]>
Subject: Re: [PHP] .thaccess

On Wed, 18 Aug 2004 14:00:10 +0200, V=C3=A1clav Slov=C3=A1=C4=8Dek <[EMAIL PROTECTED]
san.net> wrote:
>=20
> hi,
>=20
> i would like to ask what happens when a user is downloading a large file
>  from apache server and i modify the .htaccess file affecting the folder
>   where is the file beeing downloaded by the user. For example i rewrite
> the list of ips allowed to access the file/folder and i remove the
> user's ip. Will the tranfer be interrupted or not? Is there any other way
> how to interupt the transfer? Thank you for help.
>=20

No, it will not be interrupted. The .htaccess is read at the
*beginning* of a request only.

--=20
DB_DataObject_FormBuilder - The database at your fingertips
http://pear.php.net/package/DB_DataObject_FormBuilder

paperCrane --Justin Patrin--

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] OO Theory Question

2004-08-18 Thread Justin Patrin 
On Wed, 18 Aug 2004 11:03:47 -0300, Ricardo Cezar <[EMAIL PROTECTED]> wrote:
> Probably it's a dumb question, but I'm new to OO Programming, so...
> 
> How can I store the instance of the class in the session
> 

I answered this a long time ago in this thread. Did you not get my mail?

> Thanks,
> Rics
> 
> "Thomas Goyne" <[EMAIL PROTECTED]> escreveu na mensagem
> news:[EMAIL PROTECTED]
> 
> 
> > On Tue, 17 Aug 2004 12:25:42 -0600, Jed R. Brubaker <[EMAIL PROTECTED]>
> > wrote:
> >
> > > The real reason for having the login class like this is to eliminate
> > > database calls. I thought I could have one session variable that said yo
> > > uwere logged in, but then the database calls would still have to be made
> > > on
> > > each page.
> > >
> > > Thanks for the idea - any others?
> > >
> > >
> >
> > Just store the instance of the class in the session.
> 

-- 
DB_DataObject_FormBuilder - The database at your fingertips
http://pear.php.net/package/DB_DataObject_FormBuilder

paperCrane --Justin Patrin--

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] WAS: PHP HTML text editor issues... NOW:{Magic Quotes}

2004-08-18 Thread Kevin Rosenthal 
HI Jason, 

OK, I am real new to all this so please bare with me. Can you explain what
the Magic Quotes do? 

Thanks,
Kevin

-Original Message-
From: Jason Davidson [mailto:[EMAIL PROTECTED] 
Do you have magic quotes turned on in your php ini file?

Jason

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Securing Forms???

2004-08-18 Thread Gerard Samuel 
Chris Shiflett wrote:
You might find these resources helpful:
http://education.nyphp.org/phundamentals/PH_spoofed_submission.php
http://shiflett.org/talks/oscon2004/php-security/36
Hope that helps.
Just wanted to chime in to the list and to Chris.
I've been mulling the example in the second link since last we talked 
about this, and I modified the example to make an even safer example 
(IMHO).  The idea of using the plain "token" in the form, and using it 
to compare with the session wasn't sitting well with me for some reason 
(maybe bad karma in the air or something), so I borrowed an idea from a 
previous article you wrote on session hijacking, by utilising a "private 
key".
The goal, is so that one cannot really determine what the comparison 
token can be by looking at the hidden field value of "token".
Comments are welcome...

---

session_start();
$some_hidden_key = 'abcde...';
if (isset($_POST['message']))
{
if ($_POST['token'] . $some_hidden_key === $_SESSION['token'])
{
$message =
htmlentities($_POST['message']);
$fp = fopen('./safer.txt', 'a');
fwrite($fp, "$message");
fclose($fp);
}
}
$token = md5(uniqid(rand(), true));
$_SESSION['token'] = $token . $some_hidden_key;
?>






--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] mkdir() permissions

2004-08-18 Thread Percy Cabello 
Hi

I am new to PHP and I'm trying that my script checks if a directory exists and
if not, it should create it. I'm doing it with mkdir() but it returns this
error message:

Warning: mkdir(0): Permission denied in /xx on line 32

I wonder what kind of permissions should I set. This should be doable by any
visitor.

Thanks for your help.

Percy





__
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
http://promotions.yahoo.com/new_mail 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP HTML text editor issues...

2004-08-18 Thread Justin Patrin 
On Wed, 18 Aug 2004 17:17:26 +, Curt Zirzow
<[EMAIL PROTECTED]> wrote:
> * Thus wrote Tim Traver:
> > Hi all,
> >
> > ok, I've made my own version of a file manager complete with a text editor,
> > and I'm having troubles figuring out some issues.
> > ...
> >
> > I've tried to use addslashes and stripslashes to prevent some of the
> > clobbering of the text, but it doesn't seem to be working. If I don't do
> > anything, it looks like PHP (or HTML) backslashes all quotes...
> >
> > I just want to get the EXACT text that is in the textarea to be saved to
> > disk...
> >
> > Here is an example of a line that gets clobbered :
> >
> >  $value =~ tr/\0//d;
> >
> > I read the file in from disk using file_get_contents. Does that do any
> > translation ???
> 
> file_get_contents doesn't do any filtering. The issue your you're
> probably running into is that magic_quotes_gpc is set to On.  This
> will addslashes to all your data by default.  Two options:
> 
>   1. Turn it off.
>   2. apply strip_slashes() to the string before writing to disk
> 

Don't you mean magic_quotes_runtime?

-- 
DB_DataObject_FormBuilder - The database at your fingertips
http://pear.php.net/package/DB_DataObject_FormBuilder

paperCrane --Justin Patrin--

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] WAS: PHP HTML text editor issues... NOW:{Magic Quotes}

2004-08-18 Thread Robby Russell 
On Wed, 2004-08-18 at 10:16, Kevin Rosenthal wrote:
> HI Jason, 
> 
> OK, I am real new to all this so please bare with me. Can you explain what
> the Magic Quotes do? 
> 
> Thanks,
> Kevin

http://us4.php.net/manual/en/function.get-magic-quotes-gpc.php

-- 
/***
* Robby Russell | Owner.Developer.Geek
* PLANET ARGON  | www.planetargon.com
* Portland, OR  | [EMAIL PROTECTED]
* 503.351.4730  | blog.planetargon.com
* PHP/PostgreSQL Hosting & Development
/



signature.asc
Description: This is a digitally signed message part

Re: [PHP] preg_match question

2004-08-18 Thread John Holmes 
Nicklas Bondesson wrote:
How do I find an exact match of a string with preg_match?
Example:
String1:  www.test.com/
String2: www.test.com/somepage.php?param1=true
How do you write the regexp to only return String1 and not String2 when you
match against "www.test.com" ??
I've heard == works well. Or strcmp(), etc...
--
---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP HTML text editor issues...

2004-08-18 Thread Tim Traver 
Darnit if the php.ini file that I was looking at was the wrong one...
looks like turning the magic quotes off in the correct php.ini file worked...
thanks,
Tim.
At 10:17 AM 8/18/2004, Curt Zirzow wrote:
* Thus wrote Tim Traver:
> Hi all,
>
> ok, I've made my own version of a file manager complete with a text 
editor,
> and I'm having troubles figuring out some issues.
> ...
>
> I've tried to use addslashes and stripslashes to prevent some of the
> clobbering of the text, but it doesn't seem to be working. If I don't do
> anything, it looks like PHP (or HTML) backslashes all quotes...
>
> I just want to get the EXACT text that is in the textarea to be saved to
> disk...
>
> Here is an example of a line that gets clobbered :
>
>  $value =~ tr/\0//d;
>
> I read the file in from disk using file_get_contents. Does that do any
> translation ???

file_get_contents doesn't do any filtering. The issue your you're
probably running into is that magic_quotes_gpc is set to On.  This
will addslashes to all your data by default.  Two options:
  1. Turn it off.
  2. apply strip_slashes() to the string before writing to disk
Curt
--
First, let me assure you that this is not one of those shady pyramid schemes
you've been hearing about.  No, sir.  Our model is the trapezoid!
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

SimpleNet's Back !
http://www.simplenet.com

Re: [PHP] PHP HTML text editor issues...

2004-08-18 Thread Curt Zirzow 
* Thus wrote Justin Patrin:
> On Wed, 18 Aug 2004 17:17:26 +, Curt Zirzow
> <[EMAIL PROTECTED]> wrote:
> > * Thus wrote Tim Traver:
> > >
> > > I just want to get the EXACT text that is in the textarea to be saved to
> > > disk...
> > >
> > > Here is an example of a line that gets clobbered :
> > >
> > >  $value =~ tr/\0//d;
> > >
> > > I read the file in from disk using file_get_contents. Does that do any
> > > translation ???
> > 
> > file_get_contents doesn't do any filtering. The issue your you're
> > probably running into is that magic_quotes_gpc is set to On.  This
> > will addslashes to all your data by default.  Two options:
> > 
> >   1. Turn it off.
> >   2. apply strip_slashes() to the string before writing to disk
> > 
> 
> Don't you mean magic_quotes_runtime?

No. gpc is for data that is posted, if magic_quotes_gpc is on
$_POST['textfield'] will have \\0.  

when magic_quotes_runtime is on, it effects results from things like
SQL and exec().


Curt
-- 
First, let me assure you that this is not one of those shady pyramid schemes
you've been hearing about.  No, sir.  Our model is the trapezoid!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] membership via folders

2004-08-18 Thread Mag 
Hi,
I have searched for this kind of an app on hotscritps
and also at phpclsases, I have found a couple that
come close and am confused which one to download, this
is my requirment:

1.Visitor joins (and becomes a member), a folder is
created just for him (i have done this)

2.He is allowed to upload upto x.xx mb of files

3.He can download his files and should have a kind of
file manager to see what he has there

I can write the above myself, but the above is quite
"normal" and I am sure many people must have had a
requirement close to this so if possible I would like
to avoid writing this from scratch...maybe modifying
some existing apps?

Any recommendations? resources? links?

Thanks,
Mag

=
--
- The faulty interface lies between the chair and the keyboard.
- Creativity is great, but plagiarism is faster!
- Smile, everyone loves a moron. :-)



__
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
http://promotions.yahoo.com/new_mail 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Cannot Load DLLs (WinXP, Apache 2, PHP 5)

2004-08-18 Thread Chris Jenkinson 
Hi,
I can't get PHP to load php_mysql.dll, required to use the mysql_*() 
functions.

I have tried a variety of values for extension_dir, including 
"C:/php/ext", "C:\php\ext", "C:\php\", "./ext/", "ext/". I have copied 
php_mysql to all these directories, but it is not loading it.

PHP is stored in C:/php, and works perfectly apart from not finding the 
MySQL dll file.

If you could advise me for how to get PHP to load this DLL, I would be 
very grateful!

Cheers,
Chris
--
Chris Jenkinson
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mkdir() permissions

2004-08-18 Thread Matthew Sims 
> Hi
>
> I am new to PHP and I'm trying that my script checks if a directory exists
> and
> if not, it should create it. I'm doing it with mkdir() but it returns this
> error message:
>
> Warning: mkdir(0): Permission denied in /xx on line 32
>
> I wonder what kind of permissions should I set. This should be doable by
> any
> visitor.
>
> Thanks for your help.
>
> Percy

It you're trying to do this through a web server, then permissions need to
be set with the web server. Directories and files need to be owned by the
whatever UID the web server runs as (nobody, www, etc).

If you're running it through a stand alone script, well then, if you don't
own the directory or you're not root, that's probably the problem.



-- 
--Matthew Sims
--

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Cannot Load DLLs (WinXP, Apache 2, PHP 5)

2004-08-18 Thread John Holmes 
Chris Jenkinson wrote:
I can't get PHP to load php_mysql.dll, required to use the mysql_*() 
functions.

I have tried a variety of values for extension_dir, including 
"C:/php/ext", "C:\php\ext", "C:\php\", "./ext/", "ext/". I have copied 
php_mysql to all these directories, but it is not loading it.

PHP is stored in C:/php, and works perfectly apart from not finding the 
MySQL dll file.

If you could advise me for how to get PHP to load this DLL, I would be 
very grateful!
This was just disussed a few days ago. Copy the libmysql.dll file **that 
comes with PHP5** into the windows/system32/ directory.

--
---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] PHP/PearDB works on commandline but not via http....

2004-08-18 Thread pw 
Hello,
I have an interesting problem with PostgreSQL
via PearDB and PHP 4.3.3 .
I have a php page that opens a remote connection
to a Postgres database, performs a query, lists
the results and then closes the connection.
If I run the php from the command line the
connection and query work fine. Php dumps
a nice web page with all the data that I am asking for.
If I serve the same php page via apache
from the same machine, php fails to open
the database connection and thus the page
fails to fill out. PearDB is installed and working
since
if(DB::iserror($db))
  
detects the error.

Anyone have any ideas?
Thanks,
Peter
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP/PearDB works on commandline but not via http....

2004-08-18 Thread Justin Patrin 
On Wed, 18 Aug 2004 12:53:25 -0700, pw <[EMAIL PROTECTED]> wrote:
> Hello,
> 
> I have an interesting problem with PostgreSQL
> via PearDB and PHP 4.3.3 .
> 
> I have a php page that opens a remote connection
> to a Postgres database, performs a query, lists
> the results and then closes the connection.
> 
> If I run the php from the command line the
> connection and query work fine. Php dumps
> a nice web page with all the data that I am asking for.
> 
> If I serve the same php page via apache
> from the same machine, php fails to open
> the database connection and thus the page
> fails to fill out. PearDB is installed and working
> since
> 
> if(DB::iserror($db))
> 
> detects the error.
> 
> Anyone have any ideas?
> 

Can't help you unless you give us an error...

-- 
DB_DataObject_FormBuilder - The database at your fingertips
http://pear.php.net/package/DB_DataObject_FormBuilder

paperCrane --Justin Patrin--

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Weather php SDK for weather - Historical, current and forecast

2004-08-18 Thread Eugene Voznesensky 

I am looking for sources for weather information and found the site

http://www.nws.noaa.gov/forecasts/xml/

Is there any way to get historical weather data via a PHP Script or any available SDK?

Re: [PHP] PHP/PearDB works on commandline but not via http....

2004-08-18 Thread Matthew Sims 
> On Wed, 18 Aug 2004 12:53:25 -0700, pw <[EMAIL PROTECTED]> wrote:
>> Hello,
>>
>> I have an interesting problem with PostgreSQL
>> via PearDB and PHP 4.3.3 .
>>
>> I have a php page that opens a remote connection
>> to a Postgres database, performs a query, lists
>> the results and then closes the connection.
>>
>> If I run the php from the command line the
>> connection and query work fine. Php dumps
>> a nice web page with all the data that I am asking for.
>>
>> If I serve the same php page via apache
>> from the same machine, php fails to open
>> the database connection and thus the page
>> fails to fill out. PearDB is installed and working
>> since
>>
>> if(DB::iserror($db))
>>
>> detects the error.
>>
>> Anyone have any ideas?
>>
>
> Can't help you unless you give us an error...
>

And check to see that PostgreSQL is accepting network connections rather
than localhost. Is it listening to a port?

-- 
--Matthew Sims
--

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP/PearDB works on commandline but not via http....

2004-08-18 Thread pw 

Justin Patrin wrote:

Can't help you unless you give us an error...
There's no error.
DB_Error::toString()
returns the following.
[: message="" code=0 mode= level= prefix="" info=""]
Peter
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Securing Forms???

2004-08-18 Thread Peter Brodersen 
On Fri, 13 Aug 2004 12:39:07 -0700 (PDT), in php.general
[EMAIL PROTECTED] (Chris Shiflett) wrote:

>http://shiflett.org/talks/oscon2004/php-security/36

$token = md5(uniqid(rand(), true));

.. is a pretty bad idea, since the output could include quotes,
newlines, low-ascii-characters, thereby messing up the form.

$token = md5(uniqid(rand() ));
ought to be sufficient - and works with PHP4 :)

-- 
- Peter Brodersen

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP/PearDB works on commandline but not via http....

2004-08-18 Thread pw 

Matthew Sims wrote:
And check to see that PostgreSQL is accepting network connections rather
than localhost. Is it listening to a port?
Connecting remotely to postgres via the command line:
psql -h nnn.nnn.nnn.nnn database_name -p 5432 -U user -W
works fine.
Like I wrote before, if I run the same script from the command line
with the same php build...
ie:
cmd_line/> php  db_test.php
the script works fine and retrieves data fromt he database.
If I try to serve the same php page via apache it
can't connect, thus no $db object is returned from
$db=DB::connect("pgsql://yada:[EMAIL PROTECTED]/databasename");
I've tried running the php as various users including apache from
the command line and it continues to work fine there. So, it's not
a user permissions thing.
Peter
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Support dbase problems

2004-08-18 Thread Bernardo 
Hello:
I have a RedHat 9 linux distribution and y have already install the httpd and the php 
and it works well, but i have to install the dbase support (httpd + php + dbase). I 
was found a rpm packages for this support (php-dbase x.x-i386.rpm and php-common 
x.x-i386.rpm) but it doesn't work, i have a command not found error in the code whe i 
try to call dbase_open().  I already try to compile the httpd and the php package with 
the same results. ¿ What should i do ?
Best Regards
_
Bernardo Zerda Rodriguez
Ingeniero de Sistemas
Telintel
Bogota-Colombia
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] OO Theory Question

2004-08-18 Thread Kevin Waterson 
This one time, at band camp, Justin Patrin <[EMAIL PROTECTED]> wrote:

> On Wed, 18 Aug 2004 11:03:47 -0300, Ricardo Cezar <[EMAIL PROTECTED]> wrote:
> > Probably it's a dumb question, but I'm new to OO Programming, so...
> > 
> > How can I store the instance of the class in the session
> > 
> 
> I answered this a long time ago in this thread. Did you not get my mail?

http://www.phpro.org/sessions.php


-- 
 __  
(_ \ 
 _) )            
|  /  / _  ) / _  | / ___) / _  )
| |  ( (/ / ( ( | |( (___ ( (/ / 
|_|   \) \_||_| \) \)
Kevin Waterson
Port Macquarie, Australia

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] form items lost their values when start using sessions

2004-08-18 Thread Leticia Campos 
Why since I put session_start();  in my php code the input items lost values
previously entered if user goes back to the form page?

Leticia Campos
IT Programming

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] form items lost their values when start using sessions

2004-08-18 Thread Matt M. 
On Wed, 18 Aug 2004 14:35:19 -0700, Leticia Campos
<[EMAIL PROTECTED]> wrote:
> Why since I put session_start();  in my php code the input items lost values
> previously entered if user goes back to the form page?

might have something to do with session.cache_limiter , get rid of it
and see if you still have the problem.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Delete a file after it has been downloaded?

2004-08-18 Thread Yngve 
Hi!

I wonder if it´s possible (and how) to delete a file after it has been
downloaded, without running anything on the server except for the PHP page
which the user gets the file from.

If it is not possible, i wonder how i could create a script which deletes
all files in a directory which are more than 5 hours old?

Best regards, Yngve

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Securing Forms???

2004-08-18 Thread John Holmes 
Peter Brodersen wrote:
http://shiflett.org/talks/oscon2004/php-security/36
$token = md5(uniqid(rand(), true));
.. is a pretty bad idea, since the output could include quotes,
newlines, low-ascii-characters, thereby messing up the form.
How do you figure that? md5() only returns 0-9 and a-f characters.
$token = md5(uniqid(rand() ));
ought to be sufficient - and works with PHP4 :)
Using entropy with uniqid() simply returns a more unique value to md5(), 
so what's the difference.

--
---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Modifying this PHP-based sourceforge.net web proxy

2004-08-18 Thread news.php.net 
Attached is an awesome web proxy, which totally meets my needs, but I need
it to be transparent.  I need anyone accessing the computer that this is on
to be automatically proxy-ed to a URL, but then let them navigate through
the links just fine.  I also do not want them to see the banner that's
displayed by default.

This script was designed for people to be able to bypass blocked websites
from work, by going through this proxy, but I need it because one DMZ on our
firewall cannot access the other DMZ where the web server is, and they need
to be able to.

This script works fine in my testing, but I do not know enough about PHP yet
to be able to modify it on my own.

I tried changing the "$this->url" on line 202, which set the script up to
browse that URL fine, but none of the links.  It always displayed only the
home page.  I need an initial URL, but then allow it to be changed when
people click on a link.

Can anyone help?  Thanks a million!

  - Adam


begin 666 poxy-0.3.zip
M4$L#!!0(`)%2U3"1+O>D[0$``&($```-:F%V87-C><^\-HGF&0C "#IK'"YRD&;E9TA7C^0\AE;XMUG<_3Y\^>_[B
MY:O7;]Z^&[__<';^\>+RZM/[EMAIL PROTECTED]/+T'G4H>L\ZM!9AGXOT2Q6
MA#,@[EMAIL PROTECTED]:'9NO_>KWP-F,5Q<*F%S5'@;[EMAIL PROTECTED])C88 @(.+%/?8I9JC)S
M]CRW0M4$=L5:C+&RNU$)CC,D3A4D[O [EMAIL PROTECTED]"[P^2V!UY3;Y[2()
[EMAIL PROTECTED],0]<-SM72NS70L>ZQ5FRL\%7]]%1OW*1Y5IK](C]=Q\"$LA.6RY:5'^
M;N>N:V(>PZWJ$S!PP9.-U>/*P]'&:H-K+#>,`BLM6$UJ;LN+=F/T?$54*1MN
M^Y)0E$J[V=N9QKK$2AE_TL<4VX"<.#R7DYDSV]^Y*HUU^A]4$S(S?G&\Q O;
M%"4TMB5Q0L?4PQDXM?7&^:[&E G]6T0U-C;*T_#?:(5$:[EMAIL PROTECTED]@P(\2+
MG:*B.45L62J+%,\WXB1&(L[.D5+8-&[EMAIL PROTECTED],BT\_]',HP11B:[EMAIL PROTECTED],$
M% [EMAIL PROTECTED](QTK,.-4['LL&P``JT<```L```!,24-%3E-%+G1X=)U<77/;R+%]
M7M;E?YC2BZ4J6EE[;SYVE=HJ2J9L)K*DD)0=O04DAR)B$& [EMAIL PROTECTED]><[ID!
M0%).;C;9M45B>KI[^N-T3T,__&#PS\?;!_-Q=#N:#&_,_DM*:ZZ+.ETD%$@,SSA?G6'G\G]__;&9VL\VLN<^2A1V8:9U6
MUOSTTX\#<[EMAIL PROTECTED]>OOOIQS\:\S [EMAIL PROTECTED]:[`KRESFQMN4FK
[EMAIL PROTECTED])OC3+U%5E.J]!#\_.P5&9),N*%[L\IQI^4$7=ES;9S#,KFC&SM0W4G%D5
MI=F ?^."2OCOTKKT*5ZJ1,\+.5S"J3C7E9%R1=5^NB=-#4
M!A:!)[EMAIL PROTECTED]:;&Q?MUK!MN1;U' =E4N[,*\*EN:ML
MLCP_,^:QJ,TBR47>G?'LR %XIAT.LBC.U7Z^KFUN7J#?K4V^42>BW,[EMAIL PROTECTED]
MJ]*N;%E2)*C!'^2 %MKO;4OP`#'OL,-Q[MR!&;;/-JEH'OW>.GG6HV[92#6&[EMAIL PROTECTED];R(6^U'MBA`9<+Y5.HY":W+\IR4/[EMAIL PROTECTED]
M7B+A94&BCJ2A;.ZYN)XOW;!MK=N)[EMAIL PROTECTED]: CCB)RX-8P##VV"62#G
M,"X)634=_"V%1/&(Q*OM,8.!&[EMAIL PROTECTED]"N[=;[EMAIL PROTECTED]:U#QOM]T[?
MGT&-<'UO,:W4];).H5MJRLF7F7V"XTM.=)+%?5(<=,X:5'\G24H.M+VCYWR8
M.6B*AV(3GIU$5H1B+PX)[EMAIL PROTECTED]&>P?V]]C '0O VYNJ8=NPKK7#P3C;1Y
M`0(ED]1.]A0)N[D()S+N6B87B@"IQ&A\OK'#8'Q[8>0EV(K844C^W+' R:9YD`VSBI6([EMAIL PROTECTED](``#:2;:K-WAB6U>2@(+E7/.);#>0?=IABVQ5:V /Y'=L!U! 
MC59(,:*"D#^W_+YB,H8-,NQ*7'DNTJ7PL&3<+%5LI+A@&$R><-?$ZSYF5TJ2
MYLOT.5W69,L40/8
MMK2$Z,V2P I(J?&45.DXD&+01#5O^/V>6MY"4<.J(#X$Y?\),/I[0!M?ST:3
MSU,SO/[EMAIL PROTECTED]/XQGX[O;J;F^F^#'^\?Q[<>!^3">SB;CRP=^)0]^OOLPOAY?
M#?F!BO#CN2"M8\C*6Z=H'7(HZ'DIRF\^7A!+X@"!TA+JB"[EMAIL PROTECTED]:<+1
MNLB8?ERR\Y!X`]0*]3?1!-JH8XI270: ?1R(G*OZ3^Z5PQ/ ;@O](40)OHD2
M2-IHB4$!)"+"0D]$FGFB'BY;!W(X'(M<:&PJ8K>^(A$2!K/I,XX.QB9DE/U&
MYBQY^<7[>2K<0'ILK ][W7GK[I VVZ([EMAIL PROTECTED]"[$"H1 ,_FWK<2$:QPR^
M9$"A"@K-DAF\M4Z>J+?33PB9B TKZ'D05W!+`?V+K";HYQY%3=,'#O9?YPIB
M>3[FI+W_"='JB%'>>XJ$OF2Y!'@0MW'F!)GE1!QGB-C_K%"B\-HE#GO-3SJ"
M"OP4K-H@:S43;Q<7>%Q=652R4,(,V"?+"9A'%T!4.I\X,3\ $[H"*[''B$
M)^0081$:BDU["8!A`_.+G#A])5ORC"5!2'Q-*\F9YL#D^KVP]RG"H]T2J>52
MTB"0D;VY!:R7> 91C_!\!J5^53!DHKF5-5$ZB3GN$])2E'-9V) FWITKX$EV
M_TGE&["=)_3&=3 /#[H-RHFVTUS\98,440.WP1>1`FR#FGF4N=NFB[JH7:;[
M(PQ)G(!Y/AAY.199DFZ@&O =\,&%^6;[EMAIL PROTECTED]"
M4_!HL-_3=2YD-$(EEMF=\*C%(Q60S)W-L0US'<2+M G0EPH[FQJS!1>Z^H-%
MB#0AV/F-0"0K<,R*\IK'Y[EMAIL PROTECTED];M5F.]A4HGXW0/K8;XZDF:D7\!W4/HGQWOR4B&/(%3\/
MI:[EMAIL PROTECTED]:6)D?L"*F2C5$PBVM047>U7R-S(!/.B](X/*U
MX+6RBKE?/G.:"RG;7FST)ZQ$9"&]P18K5E$=_(6XD?AM$JHB&#=3F/AG6BX;
M,K2EU^!"P =!!XNS`/KC$00XD,/&!(H""B^UY2.%!1M?9<(LA>@3-( @C.#;
MJBQ5H318^1([EMAIL PROTECTED]<&5:>Y98O>J7"(;EXPA4EZ"OY09H.39
M`%+1O+UIY7E1([EMAIL PROTECTED]()Q2:HY$P40K^D]=+IU,"[EMAIL PROTECTED]"<
MQ!5G)K9 I'D:B[,Z4!K.AY/UH$7H$VG/(.WH?:&3K1*4H
MT"&.^%>=EMK649)[U,[/!/#/?"]&GMYHDT)Z?C[91-.5;1MGD8H6"(20`0\D
M*"6-L[Z;(VIB32IK%#>]ZJH#S5ML9LS)2>**'.2D94P450JB;/ )'W86SDB+
MXPXNP,,-5/W,0JZB6[1]4D^8V$A<=L 6F73&&[EMAIL PROTECTED] =W.V
[EMAIL PROTECTED],[EMAIL PROTECTED](TZ6M.DKI-PD)+V,HX$W#9 ]2E-B82RTJ\*
M@T4%2D$/ S2H_?V'[W%H R`"=<^HT"**TED6AW!1](`:N2
ME?8I*9=($V(&6&1>F,A#WVV&I8/6W02YE79_%>.H5Y9D*D*H5GM1D*VK?"LZ
[EMAIL PROTECTED]:> YRX,#FLM!4>SEQ1&$.TW6VH1O?9-.>TXL2.2'55Y
MJ_ABGWB!VMDN8BWFCL(%$7RBZSF+<**E;.KBA)EF8_VC9 *EYO(-"]#5&SQYZ.I&[EMAIL PROTECTED]
MG%>2X$_?1_C[8NQ+(%6HIMN E-Z?,8,5\W^R31-:[CC&15U)#")Z.Y*A^[UI
M<,%WPL5[(X#K-;R%^,!NG/B.-G4U*N21J
M*A+!4A([EMAIL PROTECTED]/XSW8RGF=ILUNB:(^42_\%5LH+9@>;1D`NM=>VW@'DJCU!)3$
MON);>7S_C#JG(2C1Y^C_["A>/P4OS']U%(O7#"W-J0>-'JW"5P"MS]UR3AXA
M[%V#O2(WL8QTY9(,[.0:YP+>\=?(VFI827\R)W)E"$79=] ]"2T)R8HD$%FL
M6KCLWWNSB-P`VB0:(.M[Z*;4EI&9UO.0.N9Z"

Re: [PHP] Weather php SDK for weather - Historical, current and forecast

2004-08-18 Thread Gerard Samuel 
Eugene Voznesensky wrote:
I am looking for sources for weather information and found the site
http://www.nws.noaa.gov/forecasts/xml/
Is there any way to get historical weather data via a PHP Script or any available SDK?

Take a look at http://www.weather.com/services/xmloap.html
Unfortunately they dont provide historical, only current/forcast data...
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Delete a file after it has been downloaded?

2004-08-18 Thread John Holmes 
Yngve wrote:
I wonder if it´s possible (and how) to delete a file after it has been
downloaded, without running anything on the server except for the PHP page
which the user gets the file from.
unlink()
You need a middle man script to manage the download and delete the file. 
The script receives the request, send the appropriate file headers, uses 
readfile() to send the file data, then deletes the file with unlink().

If it is not possible, i wonder how i could create a script which deletes
all files in a directory which are more than 5 hours old?
opendir() and readdir() to loop through the file and 
filectime()/filemtime()/fileatime() to get the age of the file 
(depending on how you define 5 hours old).

You could also just make a system() call to the command line to delete 
the files or just have something run by cron.

--
---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Delete a file after it has been downloaded?

2004-08-18 Thread Matt M. 
On Wed, 18 Aug 2004 23:56:57 +0200, Yngve <[EMAIL PROTECTED]> wrote:
> Hi!
> 
> I wonder if it´s possible (and how) to delete a file after it has been
> downloaded, without running anything on the server except for the PHP page
> which the user gets the file from.
> 
> If it is not possible, i wonder how i could create a script which deletes
> all files in a directory which are more than 5 hours old?

http://us3.php.net/unlink

or something like this

define(FILE_DIRECTORY , path to your directory);
define(DELETE_TIME , 18000); //5 hours

$current_time = time();
// Open a known directory, and proceed to read its contents
if (is_dir(FILE_DIRECTORY)) {
   if ($dh = opendir(FILE_DIRECTORY)) {
   while (($file = readdir($dh)) !== false) {  
 
if (is_file(FILE_DIRECTORY.$file) ) {
$file_time = filectime ( FILE_DIRECTORY.$file 
);
if ($current_time - $file_time > DELETE_TIME ) 
{
unlink(FILE_DIRECTORY.$file);
}   
}
   }
   closedir($dh);
   }
}

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Securing Forms???

2004-08-18 Thread Peter Brodersen 
On Wed, 18 Aug 2004 17:59:34 -0700, in php.general
[EMAIL PROTECTED] (John Holmes) wrote:

>> $token = md5(uniqid(rand(), true));
>> 
>> .. is a pretty bad idea, since the output could include quotes,
>> newlines, low-ascii-characters, thereby messing up the form.
>How do you figure that? md5() only returns 0-9 and a-f characters.

From the manual: http://php.net/md5
string md5 ( string str [, bool raw_output])
"If the optional raw_output is set to TRUE, then the md5 digest is
instead returned in raw binary format with a length of 16."

raw_output is set to true, meaning that md5() will not just return a
hexdump of the digest, but a raw binary format, which could contain
quotes and other special characters. There's about 6% probability of
md5 returning (at least) one double quote for a random input :)

>> $token = md5(uniqid(rand() ));
>> ought to be sufficient - and works with PHP4 :)
>Using entropy with uniqid() simply returns a more unique value to md5(), 
>so what's the difference.

Err... the only difference is that I removed the second argument,
making md5() return a simple hex-encoded string.

-- 
- Peter Brodersen

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: preg_match question

2004-08-18 Thread Chris Jenkinson 
Nicklas Bondesson wrote:
How do I find an exact match of a string with preg_match?
Example:
String1:  www.test.com/
String2: www.test.com/somepage.php?param1=true
How do you write the regexp to only return String1 and not String2 when you
match against "www.test.com" ??
You should use the ^ and $ characters which signify the start and the 
end of the string respectively.

For example:
$matched = preg_match('/^www\.test\.com$/', $string);
For more information look at the Pattern Syntax page:
 --> http://php.net/manual/en/reference.pcre.pattern.syntax.php
Chris
--
Chris Jenkinson
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Modifying this PHP-based sourceforge.net web proxy

2004-08-18 Thread Curt Zirzow 
* Thus wrote news.php.net:
> Attached is an awesome web proxy, which totally meets my needs, but I need
> it to be transparent.  I need anyone accessing the computer that this is on
> to be automatically proxy-ed to a URL, but then let them navigate through
> the links just fine.  I also do not want them to see the banner that's
> displayed by default.

- I need money to by myself some good books.
- dont use php.net as your name.
- dont attach files.
- dont send zip files.

Curt
-- 
First, let me assure you that this is not one of those shady pyramid schemes
you've been hearing about.  No, sir.  Our model is the trapezoid!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Securing Forms???

2004-08-18 Thread Chris Shiflett 
--- Peter Brodersen <[EMAIL PROTECTED]> wrote:
> > http://shiflett.org/talks/oscon2004/php-security/36
> 
> $token = md5(uniqid(rand(), true));
> 
> .. is a pretty bad idea, since the output could include quotes,
> newlines, low-ascii-characters, thereby messing up the form.

That's incorrect. An MD5 is a hexadecimal number.

Chris

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Securing Forms???

2004-08-18 Thread Peter Brodersen 
On Wed, 18 Aug 2004 15:26:34 -0700 (PDT), in php.general
[EMAIL PROTECTED] (Chris Shiflett) wrote:

>> $token = md5(uniqid(rand(), true));
>> .. is a pretty bad idea, since the output could include quotes,
>> newlines, low-ascii-characters, thereby messing up the form.
>That's incorrect. An MD5 is a hexadecimal number.

Ah, damn you, parenthesis :)

I read it as:
md5(uniqid(rand()), true);

My bad - sorry!

-- 
- Peter Brodersen

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Securing Forms???

2004-08-18 Thread Curt Zirzow 
* Thus wrote Peter Brodersen:
> On Wed, 18 Aug 2004 17:59:34 -0700, in php.general
> [EMAIL PROTECTED] (John Holmes) wrote:
> 
> >> $token = md5(uniqid(rand(), true));
> >> 
> >> .. is a pretty bad idea, since the output could include quotes,
> >> newlines, low-ascii-characters, thereby messing up the form.
> >How do you figure that? md5() only returns 0-9 and a-f characters.
>... 
> 
> >> $token = md5(uniqid(rand() ));
> >> ought to be sufficient - and works with PHP4 :)
> >Using entropy with uniqid() simply returns a more unique value to md5(), 
> >so what's the difference.
> 
> Err... the only difference is that I removed the second argument,
> making md5() return a simple hex-encoded string.

The second argument was to uniqid().


Curt
-- 
First, let me assure you that this is not one of those shady pyramid schemes
you've been hearing about.  No, sir.  Our model is the trapezoid!

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Securing Forms???

2004-08-18 Thread Jennifer Goodie 
> >> $token = md5(uniqid(rand(), true)); 
> >> 
> >> .. is a pretty bad idea, since the output could include quotes, 
> >> newlines, low-ascii-characters, thereby messing up the form. 
> >How do you figure that? md5() only returns 0-9 and a-f characters. 
> 
> From the manual: http://php.net/md5 
> string md5 ( string str [, bool raw_output]) 
> "If the optional raw_output is set to TRUE, then the md5 digest is 
> instead returned in raw binary format with a length of 16." 

The true is the second argument (more_entropy) for uniqid.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Securing Forms???

2004-08-18 Thread Chris Shiflett 
--- Peter Brodersen <[EMAIL PROTECTED]> wrote:
> raw_output is set to true, meaning that md5() will not just return a
> hexdump of the digest, but a raw binary format, which could contain
> quotes and other special characters.

I see your mistake now. That second argument is for the uniqid() function.
Have another look and pay close attention to parentheses. :-)

Chris

=
Chris Shiflett - http://shiflett.org/

PHP Security - O'Reilly
 Coming Fall 2004
HTTP Developer's Handbook - Sams
 http://httphandbook.org/
PHP Community Site
 http://phpcommunity.org/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Fw: Greetings.

2004-08-18 Thread Research 
 I dont need to report bugs as i didnt see any.
All i need is some info regarding the following request.
 
Can i see CPU ID / STORAGE ID with php or javascript, or both combined.
I realy need this, please reply ASAP if you can help me, at least give me some hope 
for it.
 

  Best wishes,
 --
 Pop Mihai Sergiu
 POP SERVICE ELECTRONIC HQ
 Internet solutionist & developement
 Address   : Str. Calea Severilului, Bl 317 a.b.
 Address2 : 1100, DOLJ, Craiova, Romania
 E-mail  : [EMAIL PROTECTED]
 Url  : Http://www.popservice.ro 
 Phone : +(40) - 251 483 627
 Fax : +(40) - 251 418 773
 Mobile : +(40) - 744 391 110
 Prefered languages : RO / EN
 --
 This mail is scanned and proven not to contain any viruses.
 --


- Original Message - 
From: "Gabor Hojtsy" <[EMAIL PROTECTED]>
To: "Research" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, August 18, 2004 10:46 PM
Subject: Re: Greetings.


> Hm, you are not reporting a bug, but asking a support question. Please 
> ask support questions at [EMAIL PROTECTED]
> 
> Regards,
> Gabor Hojtsy
>

Re: [PHP] Securing Forms???

2004-08-18 Thread Peter Brodersen 
On Wed, 18 Aug 2004 15:57:26 -0700 (PDT), in php.general
[EMAIL PROTECTED] (Chris Shiflett) wrote:

>I see your mistake now. That second argument is for the uniqid() function.
>Have another look and pay close attention to parentheses. :-)

"My arch enemy, Parenthesis, we meet again. And I can see that you
have grown stronger since our last encounter!"

-- 
- Peter Brodersen

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Securing Forms???

2004-08-18 Thread Michal Migurski 
> >> $token = md5(uniqid(rand(), true));
> >>
> >> .. is a pretty bad idea, since the output could include quotes,
> >> newlines, low-ascii-characters, thereby messing up the form.
> >How do you figure that? md5() only returns 0-9 and a-f characters.
>
> From the manual: http://php.net/md5
> string md5 ( string str [, bool raw_output])
> "If the optional raw_output is set to TRUE, then the md5 digest is
> instead returned in raw binary format with a length of 16."

"true" is an argument to uniqid(), in that snippet:
string uniqid ( [string prefix [, bool more_entropy]])

You would run the risk of messing up the form with (sound of pipe organ)
*excessive entropy*.

-
michal migurski- contact info and pgp key:
sf/cahttp://mike.teczno.com/contact.html

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Securing Forms???

2004-08-18 Thread John Holmes 
Peter Brodersen wrote:
$token = md5(uniqid(rand(), true));
.. is a pretty bad idea, since the output could include quotes,
newlines, low-ascii-characters, thereby messing up the form.
How do you figure that? md5() only returns 0-9 and a-f characters.

From the manual: http://php.net/md5
string md5 ( string str [, bool raw_output])
"If the optional raw_output is set to TRUE, then the md5 digest is
instead returned in raw binary format with a length of 16."
That "true" is the second parameter to uniqid(), not md5().
--
---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Securing Forms???

2004-08-18 Thread Chris Shiflett 
--- Gerard Samuel <[EMAIL PROTECTED]> wrote:
> > http://education.nyphp.org/phundamentals/PH_spoofed_submission.php
> > 
> > http://shiflett.org/talks/oscon2004/php-security/36
> > 
> > Hope that helps.
> > 
> 
> Just wanted to chime in to the list and to Chris.

Hi. :-)

> I've been mulling the example in the second link since last we
> talked about this, and I modified the example to make an even
> safer example (IMHO). The idea of using the plain "token" in the
> form, and using it to compare with the session wasn't sitting
> well with me for some reason (maybe bad karma in the air or
> something), so I borrowed an idea from a previous article you
> wrote on session hijacking, by utilising a "private key".

The idea, although presented a bit differently, is the same.

> The goal, is so that one cannot really determine what the
> comparison token can be by looking at the hidden field value
> of "token".

Before I comment on your code, I think it's worth pointing out that the
risk this method attempts to mitigate is a spoofing of the form. This can
come in many forms, but here are two examples:

1. Bad guy uses a CSRF attack on good guy. Thus, good guy submits a form
of the attacker's choosing (a forged HTTP request). This method
complicates such an attack, because the attacker won't know the token.
This is sometimes called a "shared secret," because the token is known by
the user and the server - third parties have a difficult time compromising
this (SSL can mitigate the concern for man-in-the-middle attacks).

2. Bad guy uses the application and wants to submit the form without using
the form you provide. This method complicates this, because without at
least receiving the form you provide once, there is no way to collect the
token. Your data filtering on the server side should take care of the
rest.

> Comments are welcome...
> 
> ---
>  
> session_start();
> 
> $some_hidden_key = 'abcde...';
> 
> if (isset($_POST['message']))
> {
>  if ($_POST['token'] . $some_hidden_key === $_SESSION['token'])
>  {
>  $message =
>  htmlentities($_POST['message']);
>  $fp = fopen('./safer.txt', 'a');
>  fwrite($fp, "$message");
>  fclose($fp);
>  }
> }
> 
> $token = md5(uniqid(rand(), true));
> $_SESSION['token'] = $token . $some_hidden_key;
> 
> ?>
> 
>  action="">
>  value="" />
> 
> 
> 
> 
> 

This doesn't provide any benefit that I can see, but I'm ready to admit
that I might be missing something. If the token is captured, the
conditional statement can still be bypassed, because the value of
$some_hidden_key isn't necessary for this at all.

Anyway, I'm a bit rushed, and I'll be happy to have a better look later if
this doesn't make sense, or if it seems like I'm wrong. :-)

Chris

=
Chris Shiflett - http://shiflett.org/

PHP Security - O'Reilly
 Coming Fall 2004
HTTP Developer's Handbook - Sams
 http://httphandbook.org/
PHP Community Site
 http://phpcommunity.org/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Securing Forms???

2004-08-18 Thread Gerard Samuel 
Peter Brodersen wrote:
On Wed, 18 Aug 2004 17:59:34 -0700, in php.general
[EMAIL PROTECTED] (John Holmes) wrote:

$token = md5(uniqid(rand(), true));
.. is a pretty bad idea, since the output could include quotes,
newlines, low-ascii-characters, thereby messing up the form.
How do you figure that? md5() only returns 0-9 and a-f characters.

From the manual: http://php.net/md5
string md5 ( string str [, bool raw_output])
"If the optional raw_output is set to TRUE, then the md5 digest is
instead returned in raw binary format with a length of 16."
Double check the example that I originally provided.
--
md5( uniqid(rand(), true) )
--
Im not using the "raw_output" option of md5()
md5( uniqid(rand(), true) )
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Securing Forms???

2004-08-18 Thread Gerard Samuel 
Chris Shiflett wrote:
This doesn't provide any benefit that I can see, but I'm ready to admit
that I might be missing something. If the token is captured, the
conditional statement can still be bypassed, because the value of
$some_hidden_key isn't necessary for this at all.
Anyway, I'm a bit rushed, and I'll be happy to have a better look later if
this doesn't make sense, or if it seems like I'm wrong. :-)

The idea was just that, an idea.  I was trying to play out 
mechanics/scenarios in my head, before blindingly changing my code to 
suit this "secure" method.
But thats for the conversation...

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Modifying this PHP-based sourceforge.net web proxy

2004-08-18 Thread Hannes Magnusson 
On Wed, 18 Aug 2004 14:59:20 -0700
[EMAIL PROTECTED] (News.Php.Net) wrote:

> Attached is an awesome web proxy, which totally meets my needs, but I need
> it to be transparent.  I need anyone accessing the computer that this is on
> to be automatically proxy-ed to a URL, but then let them navigate through
> the links just fine.  I also do not want them to see the banner that's
> displayed by default.
> 
> This script was designed for people to be able to bypass blocked websites
> from work, by going through this proxy, but I need it because one DMZ on our
> firewall cannot access the other DMZ where the web server is, and they need
> to be able to.
> 
> This script works fine in my testing, but I do not know enough about PHP yet
> to be able to modify it on my own.
> 
> I tried changing the "$this->url" on line 202, which set the script up to
> browse that URL fine, but none of the links.  It always displayed only the
> home page.  I need an initial URL, but then allow it to be changed when
> people click on a link.
> 
> Can anyone help?  Thanks a million!
> 
>   - Adam
[snip some crap attachment]
Sure, the author of this unit can help you, doubt anyone here can/want to/will.
Doesnt it seem logical to you mailing the author instead of this mail list?
-Hannes

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Please have a look at my function

2004-08-18 Thread Mag 
Hello,
I dont know regex very well but I am using one below
that I modified from the web:

** Start code**

function RStripHeader($string) {
  return eregi_replace('', '', $string);
}

$the_file = "something.html";
$content = RStripHeader(file_get_contents($the_file));
$fhandle = fopen($the_file, "w");
fwrite($fhandle,$content);
fclose($fhandle);
echo "Done ".$the_file."";

** End code***

Basically what I am trying to do above is:
open a file
delete everything that starts with
 
and ends with 

eg: 
it will delete everything below including 
"" and ""

 all this will be deleted! 



Its working great for 1 file, but when I put it into a
for loop to handle multiple filesit takes ages for
10 files and sometimes just "hangs".

please help.

Thanks,
Mag

=
--
- The faulty interface lies between the chair and the keyboard.
- Creativity is great, but plagiarism is faster!
- Smile, everyone loves a moron. :-)



___
Do you Yahoo!?
Express yourself with Y! Messenger! Free. Download now. 
http://messenger.yahoo.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP/PearDB works on commandline but not via http....

2004-08-18 Thread Justin Patrin 
On Wed, 18 Aug 2004 14:23:49 -0700, pw <[EMAIL PROTECTED]> wrote:
> 
> 
> Matthew Sims wrote:
> >
> > And check to see that PostgreSQL is accepting network connections rather
> > than localhost. Is it listening to a port?
> >
> 
> Connecting remotely to postgres via the command line:
> 
> psql -h nnn.nnn.nnn.nnn database_name -p 5432 -U user -W
> 
> works fine.
> 
> Like I wrote before, if I run the same script from the command line
> with the same php build...
> ie:
> cmd_line/> php  db_test.php
> 
> the script works fine and retrieves data fromt he database.
> 
> If I try to serve the same php page via apache it
> can't connect, thus no $db object is returned from
> $db=DB::connect("pgsql://yada:[EMAIL PROTECTED]/databasename");
> 
> I've tried running the php as various users including apache from
> the command line and it continues to work fine there. So, it's not
> a user permissions thing.
> 

Did you try:
if(PEAR::isError($db)) {
  echo $db->getMessage().' '.$db->getUserInfo();
}

It's probably because:
1) the postgres the module isn't in the PHP that apache is using
2) the postgres module isn't loaded in the PHP that apache is using
3) the postgres module in the PHP that apache is using is connecting
via a socket instead of a port (or vice-versa)

-- 
DB_DataObject_FormBuilder - The database at your fingertips
http://pear.php.net/package/DB_DataObject_FormBuilder

paperCrane --Justin Patrin--

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] ftp_connect returns false

2004-08-18 Thread DBW 
Jason,
Thank you for the reply.
Have you enabled FULL error reporting? Are you getting any errors?
Here are the couple of lines of interest:
$connection = ftp_connect($server, $port);
$loggedOn = ftp_login($connection, $user, $password);
$systype = ftp_systype($connection);
The error that comes out is:
Warning: ftp_login() expects parameter 1 to be resource, boolean given in 
/directory/here/public_html/ftp/index.php on line 108

Warning: ftp_systype() expects parameter 1 to be resource, boolean given in 
/directory/here/public_html/ftp/index.php on line 109

Those correspond to the last two lines of the above code.
Is the server you're connecting to using a non-standard port? If not just
leave out $port, or make pretty damn sure it's 21.
That is set to 21 anyway, but fair enough point.
Do you have shell access to the server? If so you can try using the command
line 'ftp' to see whether you can connect to the ftpserver.
No, wish I did ;-(
Are you positive that the host allows FTP out of the webserver (the machine
not the program) to a remote ftpserver? Make sure the host knows what you're
trying to do and that they know what they're doing.
They have told me on two occasions when I asked them that it was allowed to 
ftp from the server to others.  I am actually trying to ftp to the same 
server anyway.

Catch ya,
DBW
Melbourne   | http://ozreef.org/
Australia   | [EMAIL PROTECTED]
--
When the only tool you own is a hammer, every problem begins to resemble a nail.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Securing Forms???

2004-08-18 Thread Nobody Special 
On Fri, 13 Aug 2004 18:57:24 -0400, Gerard Samuel
<[EMAIL PROTECTED]> wrote:
> Chris Shiflett wrote:
> > You might find these resources helpful:
> >
> > http://education.nyphp.org/phundamentals/PH_spoofed_submission.php
> >
> > http://shiflett.org/talks/oscon2004/php-security/36
> >
> > Hope that helps.
> >
> 
> Thanks.  These are doable..
> 

With curl I can automate pretty much any web site, you can't tell the
difference between it and somebody using a browser.   You are better
off worrying about sanatizing the incoming data then securing the
form.   Let your session handling and login stuff take care of that.


-- 
Use Linux.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Securing Forms???

2004-08-18 Thread John Holmes 
Nobody Special wrote:
With curl I can automate pretty much any web site, you can't tell the
difference between it and somebody using a browser.   You are better
off worrying about sanatizing the incoming data then securing the
form.   Let your session handling and login stuff take care of that.
This isn't about sanitizing data. This is about making a user 
unknowingly make a request to another site.

Yes, you can automate things with cURL, but the requests are coming from 
 your server, not the user you're trying to abuse. You could simulate 
their cookies, but you'd have to get them first, which isn't always easy 
or possible. With a CSRF attack, you have the user make the request and 
send their cookies, data, whatever, without them even knowing it.

--
---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

  1   2   >